Il mio problema è che tutte le volte che provo a fare una installazione di un qualsiasi aggiornamento windows ( e sembra solo in quel caso? ), la macchina mi si blocca con una schermata blu. In rete ho reperito alcune info ed ho usato windbg che mi da dei riferimenti in merito al file ntoskrnl.exe.
Premetto che ho gia eseguito questa operazione: http://www.azpoint.net/news/Consigli_per_PC_4135.asp
ma senza nessun risultato.
Premetto che in precedenza ho installato il firewall c.o.m.o.d.o. e il crash sembrava dipendere dal .sys utilizzato da esso, quindi l'ho disinstallato ma i crash continuano in riferimento al ntoskrnl.exe.
Cosa posso fare?
questo è il report di windbg:
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\WINDOWS\Minidump\Mini121606-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: C:\WINDOWS\Symbols
Executable search path is:
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805531a0
Debug session time: Sat Dec 16 01:36:25.531 2006 (GMT+1)
System Uptime: 0 days 0:04:42.109
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Loading Kernel Symbols
.................................................. .................................................. ..................................
Loading User Symbols
Loading unloaded module list
............
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, f649f9c7, b99e0a20, 0}
Probably caused by : ntoskrnl.exe ( nt!PipGenerateMadeupNodeName+18 )
Followup: MachineOwner
---------
kd> !analyze -v
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: f649f9c7, The address that the exception occurred at
Arg3: b99e0a20, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - L'istruzione a "0x%08lx" ha fatto riferimento alla memoria a "0x%08lx". La memoria non poteva essere "%s".
FAULTING_IP:
+fffffffff649f9c7
f649f9c7 8a1401 mov dl,byte ptr [ecx+eax]
TRAP_FRAME: b99e0a20 -- (.trap ffffffffb99e0a20)
ErrCode = 00000000
eax=00000000 ebx=f64a5969 ecx=0101e000 edx=804fdeec esi=00002000 edi=0101c000
eip=f649f9c7 esp=b99e0a94 ebp=b99e0aa0 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
f649f9c7 8a1401 mov dl,byte ptr [ecx+eax] ds:0023:0101e000=??
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: WindowsXP-KB912
LOCK_ADDRESS: 80558b60 -- (!locks 80558b60)
Resource @ nt!PiEngineLock (0x80558b60) Available
WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.
WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.
1 total locks
PNP_TRIAGE:
Lock address : 0x80558b60
Thread Count : 0
Thread address: 0x00000000
Thread wait : 0x0
LAST_CONTROL_TRANSFER: from f64a1877 to f649f9c7
STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
b99e0aa0 f64a1877 0101c000 0000001e f64a5969 0xf649f9c7
b99e0af4 f64a1987 82482cf8 01000000 01000218 0xf64a1877
b99e0b58 f64a1a80 82482cf8 e16d9970 81c845e0 0xf64a1987
b99e0b78 805c4f73 000000a4 82482cf8 00000001 0xf64a1a80
b99e0cc4 805c5bcc 00e9d60c 001f03ff 00000000 nt!PipGenerateMadeupNodeName+0x18
b99e0d3c 8053c808 00e9d60c 001f03ff 00000000 nt!IopSetupArbiterAndTranslators+0x2d4
b99e0d64 7c91eb94 badb0d00 00e9d244 b9837d98 nt!ObpPushStackInfo+0x75
b99e0d70 b9837d98 b9837dcc 00000000 00000000 0x7c91eb94
b99e0d74 b9837dcc 00000000 00000000 00000000 0xb9837d98
b99e0d78 00000000 00000000 00000000 00000000 0xb9837dcc
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!PipGenerateMadeupNodeName+18
805c4f73 ?? ???
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nt!PipGenerateMadeupNodeName+18
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 41107b0c
FAILURE_BUCKET_ID: 0x8E_nt!PipGenerateMadeupNodeName+18
BUCKET_ID: 0x8E_nt!PipGenerateMadeupNodeName+18
Followup: MachineOwner
---------
Grazie per l'attenzione.
Rispondi quotando
