Decoding debugged dump file

Hi Experts.  I installed the MS Debugging tool and the related symbol pack for XP SP2.  I used the GUI and loaded up the dmp file that I have but can't determine what the heck I am looking at or for.  Please help me decode this and offer "constructive" critism so that I can learn from this.  

Thanks Experts!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I'm not sure what you're asking and I haven't really worked with dmp files but I'm guessing you can just look after "Probably caused by". Maybe check here:
The main things to get from a dump is the portion labeled, "Problem caused by..." In this case - ndis.sys.  Ndis.sys is your network driver.  You should update your NIC driver to the latest version, or if you recently did that then roll it back to the previous version.  If neither of those work then you could try running a repair on the OS, or disabling the NIC in the BIOS, or removing if it's a separate card, and installing a new one.  Here's a link to another person with a similar problem.

Good luck and I hope that helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

you can always google all terms :
samiam41Author Commented:
Thanks for the help.  

I saw the portion labeled "Probably caused by" and the NDIS.sys file but hated to assume that was all that could be attained from reading the dump file or jump right on the NDIS.sys and begin solving that if there was something else in play.  I wanted to hear from Experts on how to read and what to take from these dump files.  Thanks for your time and help.

I did google NDIS.sys and saw it related to the network card and I will continue to focus on that.

I am awarding points now.

*** WARNING: Unable to verify timestamp for NDIS.sys
Probably caused by : NDIS.sys ( NDIS!ndisWorkerThread+4b )
Followup: MachineOwner
1: kd> g
       ^ No runnable debuggees error in 'g'
1: kd> !analyze -v
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is
caused by drivers that have corrupted the system pool.  Run the driver
verifier against any new (or suspect) drivers, and if that doesn't turn up
the culprit, then use gflags to enable special pool.
Arg1: ff9d9da5, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 805505a1, address which referenced memory
Debugging Details:
805505a1 894804          mov     dword ptr [eax+4],ecx
LAST_CONTROL_TRANSFER:  from 8056c4ab to 805505a1
f7916b98 8056c4ab 00000000 00000001 e5726854 nt!KiDoubleFaultStack+0x2a21
f7916bbc 8056c606 88c42cd0 00000000 00000000 nt!ObOpenObjectByPointer+0x2e
f7916bf0 80573bd0 00000000 89bfbe70 00000000 nt!NtQueryInformationProcess+0xed7
f7916d4c 805740eb f7916db4 001f03ff 00000000 nt!MmMapViewOfSection+0x153
f7916d80 f7415bd8 f7916db4 001f03ff 00000000 nt!IopGetModeInformation+0x2f
f7916dac 80574128 00000074 00000000 00000000 NDIS!ndisWorkerThread+0x4b
f7916ddc 804ec791 f7415b85 00000000 00000000 nt!NtQueryInformationFile+0x459
f7916e94 00000000 00000000 00000000 00000000 nt!MiDeleteSystemPagableVm+0x280
f7415bd8 ??              ???
SYMBOL_NAME:  NDIS!ndisWorkerThread+4b
FOLLOWUP_NAME:  MachineOwner
FAILURE_BUCKET_ID:  0xC5_2_NDIS!ndisWorkerThread+4b
BUCKET_ID:  0xC5_2_NDIS!ndisWorkerThread+4b
Followup: MachineOwner

Open in new window

samiam41Author Commented:
Great work experts.  After reading your posts, I know what to look for in these dump files and feel much more confident about my analisys.  Thanks everyone!

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows XP

From novice to tech pro — start learning today.