Página 1 de 1
Txantxiku
Txantxiku
ZoNeR@
ZoNeR@
Jue 11 Ago, 10:18
Hola:
Mi PC continuamente muestra la temible pantalla azul. He seguido los pasos que se recomendaban aquí usando el Debugging y ahí se puede ver que el probable fallo está en:

Probably caused by : aswMon2.SYS ( aswMon2+1b12 )

Si alguien sabe qué significa le agradecería que me echara una mano.

Os dejo el informe completo:


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS.0\Minidump\Mini123102-03.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805624a0
Debug session time: Tue Dec 31 23:18:15.718 2002 (UTC + 1:00)
System Uptime: 0 days 0:00:25.410
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
.....................................................
Loading User Symbols
Loading unloaded module list
...
Unable to load image aswMon2.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for aswMon2.SYS
*** ERROR: Module load completed but symbols could not be loaded for aswMon2.SYS
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 45890000, f70ac858, 0}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : aswMon2.SYS ( aswMon2+1b12 )

Followup: MachineOwner
---------

0: kd> ! analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 45890000, The address that the exception occurred at
Arg3: f70ac858, Trap Frame
Arg4: 00000000

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************

ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

MODULE_NAME: aswMon2

FAULTING_MODULE: 804d7000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 4e11a56e

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - La instrucci n en "0x%08lx" hace referencia a la memoria en "0x%08lx". La memoria no se puede "%s".

FAULTING_IP:
+699f
45890000 ?? ???

TRAP_FRAME: f70ac858 -- (.trap 0xfffffffff70ac858)
ErrCode = 00000000
eax=00000006 ebx=e20f8008 ecx=0000bb40 edx=e20f800a esi=00000001 edi=86677368
eip=45890000 esp=f70ac8cc ebp=f70ac8e8 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202
45890000 ?? ???
Resetting default scope

CUSTOMER_CRASH_COUNT: 3

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x8E

LAST_CONTROL_TRANSFER: from a88c5b12 to 45890000

STACK_TEXT:
WARNING: Frame IP not in any known module. Following frames may be wrong.
f70ac8c8 a88c5b12 00000001 00000006 41764d6e 0x45890000
f70ac8e8 a88c8cd1 f70ac90c 00677368 85230008 aswMon2+0x1b12
f70ac918 a88ca1d0 00000001 86677338 e20f800e aswMon2+0x4cd1
f70aca28 a88caba2 852301e0 85230008 f70aca5e aswMon2+0x61d0
f70aca60 a88c4a34 86324ad0 85230008 f70acb60 aswMon2+0x6ba2
f70aca70 804e13d9 86324ad0 85230008 85230008 aswMon2+0xa34
f70acb60 8056c063 86744980 00000000 8649fa40 nt+0xa3d9
f70acbd8 8056f2a8 00000000 f70acc18 00000040 nt+0x95063
f70acc2c 8057e41e 00000000 00000000 00000001 nt+0x982a8
f70acca8 8057e4ed 0007defc 00100001 0007dea0 nt+0xa741e
f70acd04 8057e69b 0007defc 00100001 0007dea0 nt+0xa74ed
f70acd44 804dd99f 0007defc 00100001 0007dea0 nt+0xa769b
f70acd64 7c91eb94 badb0d00 0007de7c 00000000 nt+0x699f
f70acd68 badb0d00 0007de7c 00000000 00000000 0x7c91eb94
f70acd6c 0007de7c 00000000 00000000 00000000 0xbadb0d00
f70acd70 00000000 00000000 00000000 00000000 0x7de7c


STACK_COMMAND: kb

FOLLOWUP_IP:
aswMon2+1b12
a88c5b12 ?? ???

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: aswMon2+1b12

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: aswMon2.SYS

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------
WikipediaOfLine
WikipediaOfLine
Avatar de Usuario
alexilou
ZoNeR@ Profesional
ZoNeR@ Profesional
Jue 11 Ago, 11:11
a las buenas:

el archivo que te esta dando error el aswmon2.sys es parte del antivirus Avast, lo mejor es que lo desinstales, te bajes la herramienta de desinstalacion de avast, la ejecutes en modo a prueba de erroes y luego lo vuelvas a instalar su ultima version

saludotes
Txantxiku
Txantxiku
ZoNeR@
ZoNeR@
Jue 11 Ago, 11:30
He desinstalado el Avast. Lo he hecho desde el Panel de Control y aparentemente lo he desinstalado correctamente. Si creéis que es necesario usar la herramienta me lo decís.

En lo referente a instalar la última versión de avast yo creo que era la que estaba usando, por lo que no sé si voy a poder seguir usándolo.

Y este problema ¿lo tendrán todos los que usen avast con XP?

Gracias por vuestra ayuda.
Avatar de Usuario
gohuca
Administrador
Administrador
Vie 12 Ago, 01:11
Si sigues teniendo problemas utiliza la herramienta de desinstalación que te han comentado.

No todos los usuarios de XP tienen que tener ese problema, aunque a veces surgen algunos problemas que se suelen solucionan con las nuevas versiones


Salu2


Gohuca
Página 1 de 1

Volver a Software