BSOD eamon.sys

Discussion in 'ESET Smart Security' started by gonzyone, Dec 2, 2009.

Thread Status:
Not open for further replies.
  1. gonzyone

    gonzyone Registered Member

    Joined:
    Dec 2, 2009
    Posts:
    1
    Hello,

    I'm the beginner in the debugging. I'd like to ask if anyone could check the following minidump and tell me if the BSOD was really raised by eamon.sys?


    Loading Dump File [C:\Program Files\Support Tools\Mini120109-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\windows\symbols*http://msdl.microsoft.com/download/...ls*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp3_gdr.090804-1435
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720
    Debug session time: Tue Dec 1 20:17:26.171 2009 (GMT+1)
    System Uptime: 0 days 0:00:40.843
    Loading Kernel Symbols
    ................................................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 10000050, {bad0b148, 0, 805bb460, 2}

    *** WARNING: Unable to verify timestamp for eamon.sys
    *** ERROR: Module load completed but symbols could not be loaded for eamon.sys

    Could not read faulting driver name
    Probably caused by : eamon.sys ( eamon+4163 )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    PAGE_FAULT_IN_NONPAGED_AREA (50)
    Invalid system memory was referenced. This cannot be protected by try-except,
    it must be protected by a Probe. Typically the address is just plain bad or it
    is pointing at freed memory.
    Arguments:
    Arg1: bad0b148, memory referenced.
    Arg2: 00000000, value 0 = read operation, 1 = write operation.
    Arg3: 805bb460, If non-zero, the instruction address which referenced the bad memory
    address.
    Arg4: 00000002, (reserved)

    Debugging Details:
    ------------------


    Could not read faulting driver name

    READ_ADDRESS: bad0b148

    FAULTING_IP:
    nt!ObpRemoveObjectRoutine+cc
    805bb460 833800 cmp dword ptr [eax],0

    MM_INTERNAL_CODE: 2

    CUSTOMER_CRASH_COUNT: 1

    DEFAULT_BUCKET_ID: DRIVER_FAULT

    BUGCHECK_STR: 0x50

    PROCESS_NAME: ekrn.exe

    LAST_CONTROL_TRANSFER: from 805266da to 805bb460

    STACK_TEXT:
    9a83ec04 805266da e2ed8870 00000000 00000000 nt!ObpRemoveObjectRoutine+0xcc
    9a83ec1c 9afbe163 9afbe18e 00000000 9a83ec9c nt!ObfDereferenceObject+0x4c
    WARNING: Stack unwind information not available. Following frames may be wrong.
    9a83ec5c 80580487 882ec028 00000001 00000000 eamon+0x4163
    9a83ed00 80579274 000001e0 00000000 00000000 nt!IopXxxControlFile+0x255
    9a83ed34 8054162c 000001e0 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
    9a83ed34 7c90e514 000001e0 00000000 00000000 nt!KiFastCallEntry+0xfc
    052cff24 00000000 00000000 00000000 00000000 0x7c90e514


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    eamon+4163
    9afbe163 ?? o_O

    SYMBOL_STACK_INDEX: 2

    SYMBOL_NAME: eamon+4163

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: eamon

    IMAGE_NAME: eamon.sys

    DEBUG_FLR_IMAGE_TIMESTAMP: 49c2200c

    FAILURE_BUCKET_ID: 0x50_BADMEMREF_eamon+4163

    BUCKET_ID: 0x50_BADMEMREF_eamon+4163

    Followup: MachineOwner
    ---------
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    When reporting a problem (especially with BSOD), please always enclose information about the build and OS you use. The current build is 4.0.474.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.