--> Archiwum Forum
Psycho16 [ Redhead Lover And User ]
BSOD - jak go zaanalizowac
System : Windows 7 64bit
Dzisiaj zaliczylem BSOD.
Po wejsciu do podgladu zdarzen -> dziennik systmeu windows ->system
widze jedynie :
Krytyczne 2010-10-15 18:56:28 Kernel-Power 41 (63)
ze znaczkem X'a ;)
w srodku jest
+ System
- Provider
[ Name] Microsoft-Windows-Kernel-Power
[ Guid] ‹331C3B3A-2005-44C2-AC5E-77220C37D6B4›
EventID 41
Version 2
Level 1
Task 63
Opcode 0
Keywords 0x8000000000000002
- TimeCreated
[ SystemTime] 2010-10-15T16:56:28.262420600Z
EventRecordID 57116
Correlation
- Execution
[ ProcessID] 4
[ ThreadID] 8
Channel System
Computer R580
- Security
[ UserID] S-1-5-18
- EventData
BugcheckCode 59
BugcheckParameter1 0xc0000005
BugcheckParameter2 0xfffff9600020e7a7
BugcheckParameter3 0xfffff880086c0720
BugcheckParameter4 0x0
SleepInProgress false
PowerButtonTimestamp 0
I teraz pytanie - to jest info odnosnie BSOD ? czy nie ? jak nie to gdzie znajde to co bylo na BSOD ? zeby wiedziec z czym mam doczynienia ?
czesip389 [ Mama mi pozwolila ]
Zaaukatualizoj BIOS ; ) Wtedy bedziesz mial info :D
Psycho16 [ Redhead Lover And User ]
Jest zaaktualizowany ;p
Mam rowniez blad i w nim jest informacja
Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x0000003b (0x00000000c0000005, 0xfffff9600020e7a7, 0xfffff880086c0720, 0x0000000000000000). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 101510-22027-01.
Czyli ten jest od bsod'a ?
Plik z zrzutu przerobilem i to jest w nim:
Microsoft (R) Windows Debugger Version 6.10.0003.233 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Adam\Desktop\101510-22027-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`0304a000 PsLoadedModuleList = 0xfffff800`03287e50
Debug session time: Fri Oct 15 18:55:43.400 2010 (GMT+2)
System Uptime: 0 days 8:41:09.602
Loading Kernel Symbols
...............................................................
................................................................
......................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 3B, ‹c0000005, fffff9600020e7a7, fffff880086c0720, 0›
Probably caused by : win32k.sys ( win32k!UnsetRedirectedWindow+6f )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff9600020e7a7, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff880086c0720, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo
FAULTING_IP:
win32k!UnsetRedirectedWindow+6f
fffff960`0020e7a7 214320 and dword ptr [rbx+20h],eax
CONTEXT: fffff880086c0720 -- (.cxr 0xfffff880086c0720)
rax=00000000fffffffe rbx=0000000000000000 rcx=0000000000000000
rdx=000000000000c033 rsi=0000000000000001 rdi=fffff900c21fb220
rip=fffff9600020e7a7 rsp=fffff880086c10f0 rbp=0000000000000000
r8=fffff900c21fb360 r9=0000000000000001 r10=0000000000000000
r11=fffff880086c1180 r12=fffff900c21e81d0 r13=0000000000000000
r14=0000000000000000 r15=00000000002d0666
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
win32k!UnsetRedirectedWindow+0x6f:
fffff960`0020e7a7 214320 and dword ptr [rbx+20h],eax ds:002b:00000000`00000020=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x3B
PROCESS_NAME: WinRAR.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff9600020e7a7
STACK_TEXT:
fffff880`086c10f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!UnsetRedirectedWindow+0x6f
FOLLOWUP_IP:
win32k!UnsetRedirectedWindow+6f
fffff960`0020e7a7 214320 and dword ptr [rbx+20h],eax
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: win32k!UnsetRedirectedWindow+6f
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: win32k
IMAGE_NAME: win32k.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4c7dc13c
STACK_COMMAND: .cxr 0xfffff880086c0720 ; kb
FAILURE_BUCKET_ID: X64_0x3B_win32k!UnsetRedirectedWindow+6f
BUCKET_ID: X64_0x3B_win32k!UnsetRedirectedWindow+6f
Followup: MachineOwner
---------
czesip389 [ Mama mi pozwolila ]
Pomozcie chlopakowi bo ja sie dalej na tym nei znam ;d
Moglem mu tylko poradzic co poradzilem a teraz to niewiem ;/
mirencjum [ operator kursora ]