BlueScreen: C:\Users\Steven\AppData\Local\Temp\WER-41605-0.sysdata.xml

Status
Niet open voor verdere reacties.
esteban

esteban

Gebruiker
Lid geworden
26 feb 2005
Berichten
103
Beste allemaal,

Op de laptop van mijn werk krijg ik een blauw scherm + vista start automatisch opnieuw op. Paniek natuurlijk.

Kan er iemand mij helpen? Meer info over deze fout vind je hieronder.

Bedankt!

Steven


Probleemhandtekening:
Gebeurtenisnaam van probleem: BlueScreen
Versie van besturingssysteem: 6.0.6002.2.2.0.256.6
Landinstelling-id: 2067

Aanvullende informatie over dit probleem:
BCCode: 1000008e
BCP1: C0000005
BCP2: 81D307D5
BCP3: A477AA1C
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 256_1

Bestanden die helpen bij het beschrijven van het probleem:
C:\Windows\Minidump\Mini110709-01.dmp
C:\Users\Steven\AppData\Local\Temp\WER-41605-0.sysdata.xml
C:\Users\Steven\AppData\Local\Temp\WER444F.tmp.version.txt

Lees onze privacyverklaring:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0413
 
Je zou nog een poging kunnen doen met het inlezen van het geheugendump-bestand; mogelijk geeft dat nog wat informatie.

Kijk in de map submap MiniDump onder je Windows map (bij jou dus C:\Windows\Minidump) of je daar bestanden tegenkomt. Die kun je dan weer inlezen en analyzeren met Debugging tools for Windows.

Verdere informatie o.a. op bovengenoemde pagina en hier te bekijken, vooral vanaf "Het dumpbestand controleren".

Dus (na installatie Debugging Tools for Windows):
1. Start -> Programma's -> Debugging Tools for Windows (x86) -> WinDbg
2. File -> Open Crashdump
Blader naar het .dmp bestand en die openen.
3. Invullen (of knippen en plakken) op de WinDbg prompt (incl. de '.' aan het begin) en dan Enter:
.sympath SRV*C:\localsymbols*http://msdl.microsoft.com/download/symbols
4. Invullen op de WinDbg prompt: !analyze -v
5. Probeer de uitvoer van 4. te interpreteren. Gebruik Google etc.

NB: Workspace vragen vanuit WinDbg mogen met nee beantwoord worden
Belangrijk: Als je Vista gebruikt dan moet je de snelkoppeling naar WinDbg in Debugging Tools rechtsklikken en kiezen voor "Als Administrator uitvoeren".


Succes,

Tijs.
 
Laatst bewerkt:
Hey Thijs,

Dankje voor de tip, hier is de info die ik krijg:



Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini110709-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x81c42000 PsLoadedModuleList = 0x81d59c70
Debug session time: Sat Nov 7 12:56:20.575 2009 (GMT+1)
System Uptime: 1 days 21:43:50.974
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
...............................................................
................................................................
................................
Loading User Symbols
Loading unloaded module list
..................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 81d307d5, a477aa1c, 0}

*** WARNING: Unable to verify timestamp for ks.sys
*** ERROR: Module load completed but symbols could not be loaded for ks.sys
*** WARNING: Unable to verify timestamp for OEM02Vfx.sys
*** ERROR: Module load completed but symbols could not be loaded for OEM02Vfx.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Probably caused by : ks.sys ( ks+f74e )

Followup: MachineOwner
---------

0: kd> .sympath SRV*C:\localsymbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*C:\localsymbols*http://msdl.microsoft.com/download/symbols
Expanded Symbol search path is: srv*c:\localsymbols*http://msdl.microsoft.com/download/symbols
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 81d307d5, The address that the exception occurred at
Arg3: a477aa1c, Trap Frame
Arg4: 00000000

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

MODULE_NAME: ks

FAULTING_MODULE: 81c42000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 49e01ed7

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - De instructie op 0x%08lx verwijst naar geheugen op 0x%08lx. Een lees- of schrijfbewerking op het geheugen is mislukt: %s.

FAULTING_IP:
nt+ee7d5
81d307d5 891e mov dword ptr [esi],ebx

TRAP_FRAME: a477aa1c -- (.trap 0xffffffffa477aa1c)
ErrCode = 00000002
eax=d7108578 ebx=00720067 ecx=000001ff edx=00000003 esi=006d0061 edi=8468c09c
eip=81d307d5 esp=a477aa90 ebp=a477aac8 iopl=0 nv up ei pl nz ac po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010212
nt+0xee7d5:
81d307d5 891e mov dword ptr [esi],ebx ds:0023:006d0061=????????
Resetting default scope

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x8E

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 81d2f858 to 81d307d5

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
a477aac8 81d2f858 8468c09c 00000001 85f29584 nt+0xee7d5
a477ab34 906b574e bc1849a0 00000000 85f29510 nt+0xed858
a477ab50 906b5703 85f29584 a477aba4 85f29500 ks+0xf74e
a477ab6c 906b58f4 85f29530 a477aba8 906b42e1 ks+0xf703
a477ab78 906b42e1 00000001 00000000 a477abe0 ks+0xf8f4
a477aba8 906b4349 85f29510 85f29500 87a5b330 ks+0xe2e1
a477abbc 906b4376 85f29510 a477abf4 906b5610 ks+0xe349
a477abc8 906b5610 85f29500 85d0a008 87a5f808 ks+0xe376
a477abf4 906b54fd 87a5f808 85d0a008 a477ac1c ks+0xf610
a477ac04 81c86976 87a5f808 85d0a008 87a19968 ks+0xf4fd
a477ac1c 90d0773e 85d0a018 87a198b0 85d0a008 nt+0x44976
a477ac30 81c86976 87a198b0 87a19974 85cec028 OEM02Vfx+0x73e
a477ac48 81e80056 00000000 00000000 85cec010 nt+0x44976
a477ac8c 81e6fe84 85cec028 81c1626c 85cec010 nt+0x23e056
a477aca8 81c86dcc 85cec028 00000000 89a73030 nt+0x22de84
a477acd0 81e7c372 a15b4690 89a73030 00000134 nt+0x44dcc
a477ad14 81e7c06b a15b4690 a15bf268 89c1eba0 nt+0x23a372
a477ad44 81e7c74f 89c1eba0 89a73001 89a73001 nt+0x23a06b
a477ad58 81c8cc7a 00000134 01a1f9b4 776e5e74 nt+0x23a74f
a477ad64 776e5e74 badb0d00 01a1f9ac 00000000 nt+0x4ac7a
a477ad68 badb0d00 01a1f9ac 00000000 00000000 0x776e5e74
a477ad6c 01a1f9ac 00000000 00000000 00000000 0xbadb0d00
a477ad70 00000000 00000000 00000000 00000000 0x1a1f9ac


STACK_COMMAND: kb

FOLLOWUP_IP:
ks+f74e
906b574e ?? ???

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: ks+f74e

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: ks.sys

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------
 
Foutmelding lijkt aan ks.sys gerelateerd te zijn, wat een onderdeel is van DirectX (zie hier).

Dit is een vervelende, want hier kun je DirectX opnieuw downloaden en daarna installeren, maar ik begrijp dat de pc niet eens volledig doorstart momenteel? Het is niet mogelijk om installaties te doen als de pc/laptop in Veilige modus is opgestart, dus lijkt je dat niet te helpen.

Wat je dan zou kunnen doen is kijken wat er gebeurt als je de pc/laptop in Veilige modus opstart (dus herhaaldelijk F8 drukken vlak voor het opstarten van Windows en dan Veilige modus kiezen), en daarna systeembestandsherstel doen: Doe in Veilige modus: [Windows-toets]r toetscombinatie -> sfc /scannow
Met een beetje mazzel is het probleem dan na een herstart verdwenen, en hoef je DirectX niet opnieuw te installeren.

Tijs.
 
Hi Tijs,

De kaptop start volledig door hoor, geen probleem.

Moet ik dan gewoon DirectX opnieuw installeren? Of moet ik het eerst verwijderen?

Groeten,

Esteban
 
[Windows-toets]r toetscombinatie -> sfc /scannow
Met een beetje mazzel is het probleem dan na een herstart verdwenen, en hoef je DirectX niet opnieuw te installeren.

Succes,

Tijs.
 
Was het al aan het installeren, ik krijg dit scherm:
 

Bijlagen

  • cab.jpg
    cab.jpg
    17 KB · Weergaven: 98
Waarom vraag je advies als je gewoon van start gaat? :shocked:

Over je schermafdruk: Ik heb geen idee. Probeer anders de web-variant, die alleen de bestanden ophaalt die effectief nodig zijn bij de installatie.

Tijs.
 
Sorry Tijs, was te snel en te ongeduldig. Mi scusi.

Heb de webvariant gedownload en geïnstalleerd. Krijg wel geen melding met installatie voltooid of resultaatoverzicht of zoiets. Dus ik zal wel zien of het weg is de volgende keer ik opstart.

Grtz
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan