API tools faq
paste
ghf4xylzvred

dump listing

ghf4xylzvred
Dec 23rd, 2015
53
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.83 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.10586.567 AMD64
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4.  
  5. Loading Dump File [C:\Windows\MEMORY.DMP]
  6. Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
  7.  
  8. Symbol search path is: srv*
  9. Executable search path is:
  10. Windows 10 Kernel Version 10586 MP (4 procs) Free x64
  11. Product: WinNt, suite: TerminalServer SingleUserTS
  12. Built by: 10586.17.amd64fre.th2_release.151121-2308
  13. Machine Name:
  14. Kernel base = 0xfffff802`24e1d000 PsLoadedModuleList = 0xfffff802`250fbc70
  15. Debug session time: Thu Dec 24 06:38:48.348 2015 (UTC + 3:00)
  16. System Uptime: 0 days 13:19:07.164
  17. Loading Kernel Symbols
  18. ...............................................................
  19. .........................................................Page 10854a not present in the dump file. Type ".hh dbgerr004" for details
  20. .Page 10856d not present in the dump file. Type ".hh dbgerr004" for details
  21. ..Page 1088fa not present in the dump file. Type ".hh dbgerr004" for details
  22. ....
  23. ............Page 1ca8da not present in the dump file. Type ".hh dbgerr004" for details
  24. .Page 129edc not present in the dump file. Type ".hh dbgerr004" for details
  25. ....................................
  26. Loading User Symbols
  27. PEB is paged out (Peb.Ldr = 00000000`002c8018). Type ".hh dbgerr001" for details
  28. Loading unloaded module list
  29. ....................
  30. *******************************************************************************
  31. * *
  32. * Bugcheck Analysis *
  33. * *
  34. *******************************************************************************
  35.  
  36. Use !analyze -v to get detailed debugging information.
  37.  
  38. BugCheck 3B, {c0000005, fffff800efc10e28, ffffd001e8787260, 0}
  39.  
  40. *** ERROR: Module load completed but symbols could not be loaded for adgnetworkwfpdrv.sys
  41. Page 10854a not present in the dump file. Type ".hh dbgerr004" for details
  42. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  43. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  44. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  45. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  46. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  47. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  48. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  49. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  50. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  51. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  52. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  53. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  54. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  55. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  56. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  57. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  58. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  59. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  60. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  61. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  62. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  63. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  64. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  65. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  66. Probably caused by : NETIO.SYS ( NETIO!StreamInvokeCalloutAndNormalizeAction+60 )
  67.  
  68. Followup: MachineOwner
  69. ---------
  70.  
  71. 2: kd> adgnetworkwfpdrv.sys
  72. ^ No information found error in 'adgnetworkwfpdrv.sys'
  73.  
  74. 2: kd> !analyze -v
  75. *******************************************************************************
  76. * *
  77. * Bugcheck Analysis *
  78. * *
  79. *******************************************************************************
  80.  
  81. SYSTEM_SERVICE_EXCEPTION (3b)
  82. An exception happened while executing a system service routine.
  83. Arguments:
  84. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  85. Arg2: fffff800efc10e28, Address of the instruction which caused the bugcheck
  86. Arg3: ffffd001e8787260, Address of the context record for the exception that caused the bugcheck
  87. Arg4: 0000000000000000, zero.
  88.  
  89. Debugging Details:
  90. ------------------
  91.  
  92. Page 10854a not present in the dump file. Type ".hh dbgerr004" for details
  93. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  94. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  95. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  96. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  97. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  98. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  99. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  100. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  101. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  102. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  103. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  104. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  105. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  106. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  107. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  108. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  109. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  110. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  111. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  112. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  113. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  114. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  115. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  116. Page 1b0 not present in the dump file. Type ".hh dbgerr004" for details
  117.  
  118. DUMP_CLASS: 1
  119.  
  120. DUMP_QUALIFIER: 401
  121.  
  122. ...emptied MB info by me
  123.  
  124. DUMP_TYPE: 1
  125.  
  126. BUGCHECK_P1: c0000005
  127.  
  128. BUGCHECK_P2: fffff800efc10e28
  129.  
  130. BUGCHECK_P3: ffffd001e8787260
  131.  
  132. BUGCHECK_P4: 0
  133.  
  134. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text>
  135.  
  136. FAULTING_IP:
  137. NETIO!StreamInvokeCalloutAndNormalizeAction+60
  138. fffff800`efc10e28 488b7008 mov rsi,qword ptr [rax+8]
  139.  
  140. CONTEXT: ffffd001e8787260 -- (.cxr 0xffffd001e8787260)
  141. rax=0000000000000000 rbx=ffffd001e8787e18 rcx=ffffd001e8787ce0
  142. rdx=0000000000000000 rsi=ffffd001e8788180 rdi=ffffe0019b2f3780
  143. rip=fffff800efc10e28 rsp=ffffd001e8787c80 rbp=ffffd001e8787d09
  144. r8=0000000000000040 r9=0000000000000000 r10=0000000000000000
  145. r11=ffffe0019b2f3780 r12=0000000000000000 r13=0000000000000000
  146. r14=0000000000000158 r15=ffffe0019776b270
  147. iopl=0 nv up ei pl zr na po nc
  148. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
  149. NETIO!StreamInvokeCalloutAndNormalizeAction+0x60:
  150. fffff800`efc10e28 488b7008 mov rsi,qword ptr [rax+8] ds:002b:00000000`00000008=????????????????
  151. Resetting default scope
  152.  
  153. CPU_COUNT: 4
  154.  
  155. CPU_MHZ: c2a
  156.  
  157. CPU_VENDOR: AuthenticAMD
  158.  
  159. CPU_FAMILY: 10
  160.  
  161. CPU_MODEL: 5
  162.  
  163. CPU_STEPPING: 3
  164.  
  165. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  166.  
  167. BUGCHECK_STR: 0x3B
  168.  
  169. PROCESS_NAME: AdguardSvc.exe
  170.  
  171. CURRENT_IRQL: 0
  172.  
  173. ANALYSIS_SESSION_HOST: DESKTOP-XXXXXXXXXXX
  174.  
  175. ANALYSIS_SESSION_TIME: 12-24-2015 06:52:28.0206
  176.  
  177. ANALYSIS_VERSION: 10.0.10586.567 amd64fre
  178.  
  179. LAST_CONTROL_TRANSFER: from fffff800efc10d01 to fffff800efc10e28
  180.  
  181. STACK_TEXT:
  182. ffffd001`e8787c80 fffff800`efc10d01 : ffffe001`9776b270 ffffe001`9b2f3780 00000000`00000000 ffffd001`e8788180 : NETIO!StreamInvokeCalloutAndNormalizeAction+0x60
  183. ffffd001`e8787d60 fffff800`efc0f1ca : ffffe001`937a0014 fffff800`f167cac0 ffffd001`00000000 ffffe001`94461c50 : NETIO!StreamProcessCallout+0x711
  184. ffffd001`e8787ea0 fffff800`efc0e060 : ffffd001`e8780014 ffffe001`94461c50 ffffe001`9793f320 ffffd001`e87886a0 : NETIO!ProcessCallout+0x6ba
  185. ffffd001`e8788010 fffff800`efc0cc0f : 6dbba38f`80c5930a ffffd001`e8788300 00000000`00000000 00000000`00000000 : NETIO!ArbitrateAndEnforce+0x4a0
  186. ffffd001`e8788200 fffff800`efc4ec60 : fffff6e8`00100000 ffffd001`e8788731 ffffe001`939df580 fffff800`efc01ee5 : NETIO!KfdClassify+0x32f
  187. ffffd001`e8788650 fffff800`efc4e6fc : 00000000`00000000 ffffd001`e8788801 00000000`00000158 00000000`00000000 : NETIO!StreamInternalClassify+0x110
  188. ffffd001`e8788780 fffff800`efc4be15 : 00000000`00000014 ffffe001`9793f170 00000000`00000000 ffffe001`97aef2f0 : NETIO!StreamInject+0x214
  189. ffffd001`e8788850 fffff800`eff267dd : ffffe001`9793f170 00000000`00000109 00000000`00000000 ffffe001`00000011 : NETIO!FwppStreamInject+0x135
  190. ffffd001`e87888e0 fffff800`f063630a : ffffe001`938de700 ffffe001`938de848 ffffe001`93f9a0d0 ffffd001`e6d80000 : fwpkclnt!FwpsStreamInjectAsync0+0xfd
  191. ffffd001`e8788940 fffff800`f0637ae5 : ffffe001`97aef2f0 ffffe001`95da3270 ffffd001`e8788a91 00000000`00000000 : adgnetworkwfpdrv+0x630a
  192. ffffd001`e87889d0 fffff802`2521faf6 : ffffe001`975b55b0 ffffd001`e8788a91 00000000`00000000 fffff680`00037ef8 : adgnetworkwfpdrv+0x7ae5
  193. ffffd001`e8788a10 fffff802`25220a98 : ffffe001`970c96f0 ffffe001`95da3270 ffffe001`975b54e0 ffffe001`95da3270 : nt!IopSynchronousServiceTail+0x176
  194. ffffd001`e8788ae0 fffff802`24f69fa3 : 00000000`00000000 00000000`000007ec 00000000`00000001 00000000`06fdf6e8 : nt!NtWriteFile+0x678
  195. ffffd001`e8788bd0 00000000`526221bc : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  196. 00000000`0653f248 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x526221bc
  197.  
  198.  
  199. THREAD_SHA1_HASH_MOD_FUNC: 79befbb4d87ccf797286429df19979ef0f361ff7
  200.  
  201. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b9c5ad8eb97c0c2d9735bbd46284a67f6ae42471
  202.  
  203. THREAD_SHA1_HASH_MOD: 6b873ba2174495954cb6e32224326330d081df7b
  204.  
  205. FOLLOWUP_IP:
  206. NETIO!StreamInvokeCalloutAndNormalizeAction+60
  207. fffff800`efc10e28 488b7008 mov rsi,qword ptr [rax+8]
  208.  
  209. FAULT_INSTR_CODE: 8708b48
  210.  
  211. SYMBOL_STACK_INDEX: 0
  212.  
  213. SYMBOL_NAME: NETIO!StreamInvokeCalloutAndNormalizeAction+60
  214.  
  215. FOLLOWUP_NAME: MachineOwner
  216.  
  217. MODULE_NAME: NETIO
  218.  
  219. IMAGE_NAME: NETIO.SYS
  220.  
  221. DEBUG_FLR_IMAGE_TIMESTAMP: 5632d715
  222.  
  223. STACK_COMMAND: .cxr 0xffffd001e8787260 ; kb
  224.  
  225. BUCKET_ID_FUNC_OFFSET: 60
  226.  
  227. FAILURE_BUCKET_ID: 0x3B_NETIO!StreamInvokeCalloutAndNormalizeAction
  228.  
  229. BUCKET_ID: 0x3B_NETIO!StreamInvokeCalloutAndNormalizeAction
  230.  
  231. PRIMARY_PROBLEM_CLASS: 0x3B_NETIO!StreamInvokeCalloutAndNormalizeAction
  232.  
  233. TARGET_TIME: 2015-12-24T03:38:48.000Z
  234.  
  235. OSBUILD: 10586
  236.  
  237. OSSERVICEPACK: 0
  238.  
  239. SERVICEPACK_NUMBER: 0
  240.  
  241. OS_REVISION: 0
  242.  
  243. SUITE_MASK: 272
  244.  
  245. PRODUCT_TYPE: 1
  246.  
  247. OSPLATFORM_TYPE: x64
  248.  
  249. OSNAME: Windows 10
  250.  
  251. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
  252.  
  253. OS_LOCALE:
  254.  
  255. USER_LCID: 0
  256.  
  257. OSBUILD_TIMESTAMP: 2015-11-22 12:24:24
  258.  
  259. BUILDDATESTAMP_STR: 151121-2308
  260.  
  261. BUILDLAB_STR: th2_release
  262.  
  263. BUILDOSVER_STR: 10.0.10586.17.amd64fre.th2_release.151121-2308
  264.  
  265. ANALYSIS_SESSION_ELAPSED_TIME: 3299
  266.  
  267. ANALYSIS_SOURCE: KM
  268.  
  269. FAILURE_ID_HASH_STRING: km:0x3b_netio!streaminvokecalloutandnormalizeaction
  270.  
  271. FAILURE_ID_HASH: {5c8d1e60-d80c-cb2d-a65a-8d02e5eeeffd}
  272.  
  273. Followup: MachineOwner
  274. ---------
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!