Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.6
- Created by: gardenman
- Time to analyze file(s): 00 hours and 06 minutes and 25 seconds
- ================================ SYSTEM ================================
- MANUFACTURER: MSI
- PRODUCT_NAME: MS-7250
- VERSION: 2.0
- ================================= BIOS =================================
- VENDOR: MS-7250
- VERSION: V3.9
- DATE: 10/04/2007
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: MSI
- PRODUCT: MS-7250
- VERSION: 2.0
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 1024MB 0MHz Manufacturer0 PartNum0
- 1024MB 0MHz Manufacturer1 PartNum1
- 1024MB 0MHz Manufacturer2 PartNum2
- 1024MB 0MHz Manufacturer3 PartNum3
- ================================= CPU ==================================
- Processor Version: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
- COUNT: 2
- MHZ: 3000
- VENDOR: AuthenticAMD
- FAMILY: f
- MODEL: 43
- STEPPING: 3
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 14393.1613.amd64fre.rs1_release_d.170807-1806
- BUILD_VERSION: 10.0.14393.1613 (rs1_release_d.170807-1806)
- BUILD: 14393
- SERVICEPACK: 1613
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS
- BUILD_TIMESTAMP: 2017-08-08 00:56:59
- BUILDDATESTAMP: 170807-1806
- BUILDLAB: rs1_release_d
- BUILDOSVER: 10.0.14393.1613
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in the full BIOS section.
- ========================================================================
- ==================== Dump File: 010818-23187-01.dmp ====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 14393 MP (2 procs) Free x64
- Kernel base = 0xfffff802`06017000 PsLoadedModuleList = 0xfffff802`06315040
- Debug session time: Sun Jan 7 16:17:07.765 2018 (UTC - 5:00)
- System Uptime: 0 days 0:11:12.622
- BugCheck A, {ffff898789e8d2b8, d, 0, fffff8020602ac58}
- Probably caused by : ntkrnlmp.exe ( nt!KiCallInterruptServiceRoutine+138 )
- Followup: MachineOwner
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: ffff898789e8d2b8, memory referenced
- Arg2: 000000000000000d, IRQL
- Arg3: 0000000000000000, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff8020602ac58, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff802063b6338: Unable to get MiVisibleState
- ffff898789e8d2b8
- CURRENT_IRQL: d
- FAULTING_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff802`0602ac58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: AV
- PROCESS_NAME: System
- TRAP_FRAME: ffffa9878b7b27d0 -- (.trap 0xffffa9878b7b27d0)
- Unable to read trap frame at ffffa987`8b7b27d0
- EXCEPTION_RECORD: fffff80072f53f10 -- (.exr 0xfffff80072f53f10)
- ExceptionAddress: ccccccccccc3c032
- ExceptionCode: 8348c033
- ExceptionFlags: ccc328c4
- NumberParameters: -858993460
- Parameter[0]: cccccc0000285be9
- Parameter[1]: cccccccccccccccc
- Parameter[2]: ffde33e828ec8348
- Parameter[3]: 283ee928c48348ff
- Parameter[4]: cccccccccccc0000
- Parameter[5]: cccccccccccccccc
- Parameter[6]: 83485708245c8948
- Parameter[7]: 87d98b48c03320ec
- Parameter[8]: 01f88300005bf705
- Parameter[9]: 005bbb0d8d484b75
- Parameter[10]: fdbfffffddf6e800
- Parameter[11]: 5baa0d8d48ffffff
- Parameter[12]: d08b48c723480000
- Parameter[13]: 3d8348ffffde33e8
- Parameter[14]: 481e740000005ba7
- LAST_CONTROL_TRANSFER: from fffff80206171a29 to fffff802061668a0
- STACK_TEXT:
- ffff9481`ccffac98 fffff802`06171a29 : 00000000`0000000a ffff8987`89e8d2b8 00000000`0000000d 00000000`00000000 : nt!KeBugCheckEx
- ffff9481`ccffaca0 fffff802`06170007 : ffff9481`cc9e7180 fffff802`06037c9c 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- ffff9481`ccffade0 fffff802`0602ac58 : ffff9481`ccffaf01 00000000`00000000 ffffa128`d05bd8d5 00000000`00000000 : nt!KiPageFault+0x247
- ffff9481`ccffaf70 fffff802`06167f1a : ffff9481`cc9fc880 ffffa987`8b7b27d0 00000003`ea508b44 00000000`00000000 : nt!KiCallInterruptServiceRoutine+0x138
- ffff9481`ccffafb0 fffff802`06168367 : 00000000`00000000 fffff800`710bbc28 00000000`00000000 00000000`00000000 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
- ffff9481`cc9fc800 fffff800`72f56792 : fffff800`72f53f10 00000003`ea508b44 ffffa987`8b7b27d0 ffff9481`cc9e7180 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- ffff9481`cc9fc998 fffff800`72f53f10 : 00000003`ea508b44 ffffa987`8b7b27d0 ffff9481`cc9e7180 ffffa987`8ab87370 : amdk8!C1Halt+0x2
- ffff9481`cc9fc9a0 fffff802`06038d63 : 00000000`00000000 00000000`017d7840 ffffa987`8ab87370 00000000`000003ad : amdk8!AcpiCStateIdleExecute+0x20
- ffff9481`cc9fc9d0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PpmIdleExecuteTransition+0x643
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: a5922086b08a6aa89a264f0ecb4b95751619afb4
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 589a51c4c2f194286b11b63f010f110409c046e6
- THREAD_SHA1_HASH_MOD: 41c5e8c353b9837f2d758e7d2417002883880d1e
- FOLLOWUP_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff802`0602ac58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- FAULT_INSTR_CODE: b88b2b48
- SYMBOL_STACK_INDEX: 3
- SYMBOL_NAME: nt!KiCallInterruptServiceRoutine+138
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5989449b
- IMAGE_VERSION: 10.0.14393.1613
- BUCKET_ID_FUNC_OFFSET: 138
- FAILURE_BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- PRIMARY_PROBLEM_CLASS: AV_nt!KiCallInterruptServiceRoutine
- TARGET_TIME: 2018-01-07T21:17:07.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:av_nt!kicallinterruptserviceroutine
- FAILURE_ID_HASH: {49ead8ee-52e2-d680-57c5-6664c364ad42}
- Followup: MachineOwner
- ========================================================================
- ===================== 3RD PARTY DRIVER QUICK LIST ======================
- ========================================================================
- Apr 20 2011 - nvmf6264.sys - NVidia NForce Network driver
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Apr 21 2014 - dump_nvstor.sys - (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- Apr 21 2014 - nvstor.sys - Nvidia SATA driver http://www.nvidia.com/
- Jul 06 2015 - eamonm.sys - ESET Anti-virus monitor https://www.eset.com/
- Jul 06 2015 - edevmon.sys - ESET Smart Security https://www.eset.com/
- Jul 06 2015 - ehdrv.sys - ESET Helper driver https://www.eset.com/
- Jul 06 2015 - epfwwfpr.sys - ESET Smart Security - Personal Firewall driver https://www.eset.com/
- Aug 10 2015 - nvvad64v.sys - Nvidia Virtual Audio Driver http://www.nvidia.com/
- Sep 18 2015 - NvStreamKms.sys - Nvidia Streaming Kernel Service http://www.nvidia.com/
- May 19 2016 - idmwfp.sys - Internet Download Manager WFP driver (Tonec Inc.)
- May 16 2017 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 18 2017 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ========================================================================
- ========================== 3RD PARTY DRIVERS ===========================
- ========================================================================
- Image path: \SystemRoot\System32\drivers\nvmf6264.sys
- Image name: nvmf6264.sys
- Search : https://www.google.com/search?q=nvmf6264.sys
- ADA Info : NVidia NForce Network driver
- Timestamp : Wed Apr 20 2011
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\dump_nvstor.sys
- Image name: dump_nvstor.sys
- Search : https://www.google.com/search?q=dump_nvstor.sys
- ADA Info : (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- Timestamp : Mon Apr 21 2014
- Image path: \SystemRoot\System32\drivers\nvstor.sys
- Image name: nvstor.sys
- Search : https://www.google.com/search?q=nvstor.sys
- ADA Info : Nvidia SATA driver http://www.nvidia.com/
- Timestamp : Mon Apr 21 2014
- Image path: \SystemRoot\system32\DRIVERS\eamonm.sys
- Image name: eamonm.sys
- Search : https://www.google.com/search?q=eamonm.sys
- ADA Info : ESET Anti-virus monitor https://www.eset.com/
- Timestamp : Mon Jul 6 2015
- Image path: \SystemRoot\system32\DRIVERS\edevmon.sys
- Image name: edevmon.sys
- Search : https://www.google.com/search?q=edevmon.sys
- ADA Info : ESET Smart Security https://www.eset.com/
- Timestamp : Mon Jul 6 2015
- Image path: \SystemRoot\system32\DRIVERS\ehdrv.sys
- Image name: ehdrv.sys
- Search : https://www.google.com/search?q=ehdrv.sys
- ADA Info : ESET Helper driver https://www.eset.com/
- Timestamp : Mon Jul 6 2015
- Image path: \SystemRoot\system32\DRIVERS\epfwwfpr.sys
- Image name: epfwwfpr.sys
- Search : https://www.google.com/search?q=epfwwfpr.sys
- ADA Info : ESET Smart Security - Personal Firewall driver https://www.eset.com/
- Timestamp : Mon Jul 6 2015
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio Driver http://www.nvidia.com/
- Timestamp : Mon Aug 10 2015
- Image path: \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
- Image name: NvStreamKms.sys
- Search : https://www.google.com/search?q=NvStreamKms.sys
- ADA Info : Nvidia Streaming Kernel Service http://www.nvidia.com/
- Timestamp : Fri Sep 18 2015
- Image path: \SystemRoot\system32\DRIVERS\idmwfp.sys
- Image name: idmwfp.sys
- Search : https://www.google.com/search?q=idmwfp.sys
- ADA Info : Internet Download Manager WFP driver (Tonec Inc.)
- Timestamp : Thu May 19 2016
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue May 16 2017
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nvaki.inf_amd64_1d1a6251221e8555\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Tue Jul 18 2017
- If any of the above drivers are from Microsoft then please let me know.
- I will have them moved to the Microsoft list on the next update.
- ========================================================================
- ========================== MICROSOFT DRIVERS ===========================
- ========================================================================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- amdk8.sys Processor Device Driver
- atapi.sys ATAPI IDE MiniPort driver (Microsoft)
- ataport.SYS ATAPI Driver Extension (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys Crash Dump Disk Driver
- dump_dumpfve.sys Bitlocker Drive Encryption Crashdump Filter
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- NTFS.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- parport.sys Parallel Port Driver (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pciide.sys Generic PCI IDE Bus Driver (Microsoft)
- PCIIDEX.SYS PCI IDE Bus driver file (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- registry.sys Registry Container driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- TSDDD.dll Framebuffer Display Driver (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- usbohci.sys OHCI USB Miniport Driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WudfPf.sys Windows Driver Foundation - User-mode Driver Framework Platform driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- Unloaded modules:
- fffff800`75da0000 fffff800`75dbc000 EhStorClass.
- fffff800`739c0000 fffff800`739fc000 WUDFRd.sys
- fffff800`739c0000 fffff800`739fc000 WUDFRd.sys
- fffff800`73490000 fffff800`734ac000 EhStorClass.
- fffff800`716e0000 fffff800`716fc000 EhStorClass.
- fffff800`72240000 fffff800`7224f000 dump_storpor
- fffff800`72280000 fffff800`722aa000 dump_nvstor.
- fffff800`722d0000 fffff800`722ed000 dump_dumpfve
- fffff800`72fd0000 fffff800`72ff2000 i8042prt.sys
- fffff800`72ea0000 fffff800`72eb4000 dam.sys
- fffff800`72150000 fffff800`7215f000 hwpolicy.sys
- ========================================================================
- ============================== BIOS INFO ===============================
- ========================================================================
- [SMBIOS Data Tables v2.5]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 1973 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor MS-7250
- BIOS Version V3.9
- BIOS Starting Address Segment f000
- BIOS Release Date 10/04/2007
- BIOS ROM Size 80000
- BIOS Characteristics
- 04: - ISA Supported
- 07: - PCI Supported
- 09: - Plug and Play Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 14: - ESCD Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 30: - CGA/Mono Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 04: - LS120-Boot Supported
- 05: - ATAPI ZIP-Boot Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- BIOS Major Revision 8
- BIOS Minor Revision 14
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer MSI
- Product Name MS-7250
- Version 2.0
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer MSI
- Product MS-7250
- Version 2.0
- Feature Flags 09h
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 21 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 0
- [Processor Information (Type 4) - Length 40 - Handle 0004h]
- Socket Designation CPU 1
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer AMD
- Processor ID 330f0400fffb8b17
- Processor Version AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
- Processor Voltage 8fh - 1.5V
- External Clock 200MHz
- Max Speed 3000MHz
- Current Speed 3016MHz
- Status Enabled Populated
- Processor Upgrade Other
- L1 Cache Handle 0005h
- L2 Cache Handle 0006h
- L3 Cache Handle 0007h
- [Cache Information (Type 7) - Length 19 - Handle 0005h]
- Socket Designation L1-Cache
- Cache Configuration 0280h - Varies Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Data
- Associativity 4-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0006h]
- Socket Designation L2-Cache
- Cache Configuration 0281h - Varies Enabled Int NonSocketed L2
- Maximum Cache Size 0800h - 2048K
- Installed Size 0800h - 2048K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 4-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0007h]
- Socket Designation L3-Cache
- Cache Configuration 0302h - Unknown Disabled Int NonSocketed L3
- Maximum Cache Size 0000h - 0K
- Installed Size 0000h - 0K
- Supported SRAM Type 0002h - Unknown
- Current SRAM Type 0002h - Unknown
- Cache Speed 0ns
- Error Correction Type Unknown
- System Cache Type Unknown
- Associativity Unknown
- [Memory Controller Information (Type 5) - Length 24 - Handle 0008h]
- Error Detecting Method 06h - 64-bit ECC
- Error Correcting Capability 04h - None
- Supported Interleave 03h - One Way Interleave
- Current Interleave 03h - One Way Interleave
- Maximum Memory Module Size 0ah - 1024MB
- Supported Speeds 000ch - 70ns 60ns
- Supported Memory Types 0580h - SIMM DIMM SDRAM
- Memory Module Voltage 3.3V
- Number of Memory Slots 4
- Memory Slot Handle 0009h
- Memory Slot Handle 000ah
- Memory Slot Handle 000bh
- Memory Slot Handle 000ch
- Enabled Err Correcting Caps 04h - None
- [Memory Module Information (Type 6) - Length 12 - Handle 0009h]
- Socket Designation DIMM0
- Bank Connections 05h - 5 0
- Current Speed 5ns
- Current Memory Type 0140h - ECC DIMM
- Installed Size 8ah - 1024 [double bank]
- Enabled Size 8ah - 1024 [double bank]
- Error Status 00h - [No Errors]
- [Memory Module Information (Type 6) - Length 12 - Handle 000ah]
- Socket Designation DIMM1
- Bank Connections 05h - 5 0
- Current Speed 5ns
- Current Memory Type 0140h - ECC DIMM
- Installed Size 8ah - 1024 [double bank]
- Enabled Size 8ah - 1024 [double bank]
- Error Status 00h - [No Errors]
- [Memory Module Information (Type 6) - Length 12 - Handle 000bh]
- Socket Designation DIMM2
- Bank Connections 05h - 5 0
- Current Speed 5ns
- Current Memory Type 0140h - ECC DIMM
- Installed Size 8ah - 1024 [double bank]
- Enabled Size 8ah - 1024 [double bank]
- Error Status 00h - [No Errors]
- [Memory Module Information (Type 6) - Length 12 - Handle 000ch]
- Socket Designation DIMM3
- Bank Connections 05h - 5 0
- Current Speed 5ns
- Current Memory Type 0140h - ECC DIMM
- Installed Size 8ah - 1024 [double bank]
- Enabled Size 8ah - 1024 [double bank]
- Error Status 00h - [No Errors]
- [Onboard Devices Information (Type 10) - Length 6 - Handle 0027h]
- Number of Devices 1
- 01: Type Video [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0028h]
- Number of Strings 1
- [System Configuration Options (Type 12) - Length 5 - Handle 0029h]
- [Physical Memory Array (Type 16) - Length 15 - Handle 002bh]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 8388608KB
- Number of Memory Devices 4
- [Memory Array Mapped Address (Type 19) - Length 15 - Handle 002ch]
- Starting Address 00000000h
- Ending Address 004bffffh
- Memory Array Handle 002bh
- Partition Width 01
- [Memory Device (Type 17) - Length 27 - Handle 002dh]
- Physical Memory Array Handle 002bh
- Total Width 64 bits
- Data Width 72 bits
- Size 1024MB
- Form Factor 09h - DIMM
- Device Locator DIMM0
- Bank Locator BANK0
- Memory Type 13h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 0MHz
- Manufacturer Manufacturer0
- Part Number PartNum0
- [Memory Device Mapped Address (Type 20) - Length 19 - Handle 002eh]
- Starting Address 00000000h
- Ending Address 000fffffh
- Memory Device Handle 002dh
- Mem Array Mapped Adr Handle 002ch
- Partition Row Position 01
- Interleave Position [None]
- Interleave Data Depth [None]
- [Memory Device (Type 17) - Length 27 - Handle 002fh]
- Physical Memory Array Handle 002bh
- Total Width 64 bits
- Data Width 72 bits
- Size 1024MB
- Form Factor 09h - DIMM
- Device Locator DIMM1
- Bank Locator BANK1
- Memory Type 13h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 0MHz
- Manufacturer Manufacturer1
- Part Number PartNum1
- [Memory Device Mapped Address (Type 20) - Length 19 - Handle 0030h]
- Starting Address 00100000h
- Ending Address 001fffffh
- Memory Device Handle 002fh
- Mem Array Mapped Adr Handle 002ch
- Partition Row Position 01
- Interleave Position [None]
- Interleave Data Depth [None]
- [Memory Device (Type 17) - Length 27 - Handle 0031h]
- Physical Memory Array Handle 002bh
- Total Width 64 bits
- Data Width 72 bits
- Size 1024MB
- Form Factor 09h - DIMM
- Device Locator DIMM2
- Bank Locator BANK2
- Memory Type 13h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 0MHz
- Manufacturer Manufacturer2
- Part Number PartNum2
- [Memory Device Mapped Address (Type 20) - Length 19 - Handle 0032h]
- Starting Address 00200000h
- Ending Address 002fffffh
- Memory Device Handle 0031h
- Mem Array Mapped Adr Handle 002ch
- Partition Row Position 01
- Interleave Position [None]
- Interleave Data Depth [None]
- [Memory Device (Type 17) - Length 27 - Handle 0033h]
- Physical Memory Array Handle 002bh
- Total Width 64 bits
- Data Width 72 bits
- Size 1024MB
- Form Factor 09h - DIMM
- Device Locator DIMM3
- Bank Locator BANK3
- Memory Type 13h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 0MHz
- Manufacturer Manufacturer3
- Part Number PartNum3
- [Memory Device Mapped Address (Type 20) - Length 19 - Handle 0034h]
- Starting Address 00300000h
- Ending Address 003fffffh
- Memory Device Handle 0033h
- Mem Array Mapped Adr Handle 002ch
- Partition Row Position 01
- Interleave Position [None]
- Interleave Data Depth [None]
- ========================================================================
- ==================== Dump File: 010818-18703-01.dmp ====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 14393 MP (2 procs) Free x64
- Kernel base = 0xfffff801`39c81000 PsLoadedModuleList = 0xfffff801`39f7f040
- Debug session time: Sun Jan 7 17:56:45.741 2018 (UTC - 5:00)
- System Uptime: 0 days 0:16:30.599
- BugCheck F7, {77b532310502, 57b532310502, ffffa84acdcefafd, 0}
- Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )
- Followup: MachineOwner
- DRIVER_OVERRAN_STACK_BUFFER (f7)
- A driver has overrun a stack-based buffer. This overrun could potentially
- allow a malicious user to gain control of this machine.
- DESCRIPTION
- A driver overran a stack-based buffer (or local variable) in a way that would
- have overwritten the function's return address and jumped back to an arbitrary
- address when the function returned. This is the classic "buffer overrun"
- hacking attack and the system has been brought down to prevent a malicious user
- from gaining complete control of it.
- Do a kb to get a stack backtrace -- the last routine on the stack before the
- buffer overrun handlers and bugcheck call is the one that overran its local
- variable(s).
- Arguments:
- Arg1: 000077b532310502, Actual security check cookie from the stack
- Arg2: 000057b532310502, Expected security check cookie
- Arg3: ffffa84acdcefafd, Complement of the expected security check cookie
- Arg4: 0000000000000000, zero
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- SECURITY_COOKIE: Expected 000057b532310502 found 000077b532310502
- BUGCHECK_STR: 0xF7_ONE_BIT
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- PROCESS_NAME: System
- CURRENT_IRQL: d
- EXCEPTION_RECORD: fffff80042113f10 -- (.exr 0xfffff80042113f10)
- ExceptionAddress: ccccccccccc3c032
- ExceptionCode: 8348c033
- ExceptionFlags: ccc328c4
- NumberParameters: -858993460
- Parameter[0]: cccccc0000285be9
- Parameter[1]: cccccccccccccccc
- Parameter[2]: ffde33e828ec8348
- Parameter[3]: 283ee928c48348ff
- Parameter[4]: cccccccccccc0000
- Parameter[5]: cccccccccccccccc
- Parameter[6]: 83485708245c8948
- Parameter[7]: 87d98b48c03320ec
- Parameter[8]: 01f88300005bf705
- Parameter[9]: 005bbb0d8d484b75
- Parameter[10]: fdbfffffddf6e800
- Parameter[11]: 5baa0d8d48ffffff
- Parameter[12]: d08b48c723480000
- Parameter[13]: 3d8348ffffde33e8
- Parameter[14]: 481e740000005ba7
- TRAP_FRAME: ffffb606b7eec010 -- (.trap 0xffffb606b7eec010)
- Unable to read trap frame at ffffb606`b7eec010
- LAST_CONTROL_TRANSFER: from fffff80139e2e821 to fffff80139dd08a0
- STACK_TEXT:
- fffff801`3b8a7da8 fffff801`39e2e821 : 00000000`000000f7 000077b5`32310502 000057b5`32310502 ffffa84a`cdcefafd : nt!KeBugCheckEx
- fffff801`3b8a7db0 fffff801`39ca1c9c : fffff801`3b899800 00000000`00000000 00000259`65181d00 fffff801`39c5a490 : nt!_report_gsfailure+0x25
- fffff801`3b8a7df0 fffff801`39c0f366 : fffff801`3b899800 fffff801`39c5a3e0 00000000`00000000 00000259`65181d8a : nt!KeClockInterruptNotify+0x13c
- fffff801`3b8a7f40 fffff801`39c94c26 : fffff801`39c5a3e0 00000000`00000008 fffff801`3b8a7f50 00000000`0000000c : hal!HalpTimerClockInterrupt+0x56
- fffff801`3b8a7f70 fffff801`39dd1f1a : fffff801`3b899880 ffffb606`b7eec010 00000005`c423252f 00000000`00000000 : nt!KiCallInterruptServiceRoutine+0x106
- fffff801`3b8a7fb0 fffff801`39dd2367 : ffffb606`00000000 ffffb606`b7885897 00000000`00000000 ffffb606`000000e8 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
- fffff801`3b899800 fffff800`42116792 : fffff800`42113f10 00000005`c423252f ffffb606`b7eec010 fffff801`39fbc180 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- fffff801`3b899998 fffff800`42113f10 : 00000005`c423252f ffffb606`b7eec010 fffff801`39fbc180 ffffb606`b6a74390 : amdk8!C1Halt+0x2
- fffff801`3b8999a0 fffff801`39ca2d63 : 00000000`00000000 00000000`017d7840 ffffb606`b6a74390 00000000`0000002a : amdk8!AcpiCStateIdleExecute+0x20
- fffff801`3b8999d0 fffff801`39ca256a : fffff800`4303c990 0000f7a6`0000f7a6 fffff800`43032510 0000f7a6`0000f7a6 : nt!PpmIdleExecuteTransition+0x643
- fffff801`3b899c40 fffff801`39dd38fc : 00000000`00000000 fffff801`39fbc180 fffff801`3a036940 ffffb606`b5e18580 : nt!PoIdle+0x33a
- fffff801`3b899da0 00000000`00000000 : fffff801`3b89a000 fffff801`3b894000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: bbd0661dd0c012513a4f8287b31a4cb4b2d5f2b8
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 0a87dae11ca1b59edb87a04a41fb5ce6dd3e1ea6
- THREAD_SHA1_HASH_MOD: 5f8f14073349eb608e726013129312238cd9c447
- FOLLOWUP_IP:
- nt!_report_gsfailure+25
- fffff801`39e2e821 cc int 3
- FAULT_INSTR_CODE: 48cccccc
- SYMBOL_STACK_INDEX: 1
- SYMBOL_NAME: nt!_report_gsfailure+25
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5989449b
- IMAGE_VERSION: 10.0.14393.1613
- BUCKET_ID_FUNC_OFFSET: 25
- FAILURE_BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
- BUCKET_ID: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
- PRIMARY_PROBLEM_CLASS: 0xF7_ONE_BIT_MISSING_GSFRAME_nt!_report_gsfailure
- TARGET_TIME: 2018-01-07T22:56:45.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0xf7_one_bit_missing_gsframe_nt!_report_gsfailure
- FAILURE_ID_HASH: {8f84f302-dd0e-1f96-6f9c-0ea31ad59f42}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 010818-18265-01.dmp ====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 14393 MP (2 procs) Free x64
- Kernel base = 0xfffff802`8cc94000 PsLoadedModuleList = 0xfffff802`8cf92040
- Debug session time: Sun Jan 7 17:39:37.296 2018 (UTC - 5:00)
- System Uptime: 0 days 0:07:51.154
- BugCheck A, {fffff8008cc6d490, d, 1, fffff8028cca7c5f}
- Probably caused by : ntkrnlmp.exe ( nt!KiCallInterruptServiceRoutine+13f )
- Followup: MachineOwner
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: fffff8008cc6d490, memory referenced
- Arg2: 000000000000000d, IRQL
- Arg3: 0000000000000001, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff8028cca7c5f, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- WRITE_ADDRESS: fffff8028d033338: Unable to get MiVisibleState
- fffff8008cc6d490
- CURRENT_IRQL: d
- FAULTING_IP:
- nt!KiCallInterruptServiceRoutine+13f
- fffff802`8cca7c5f 49010f add qword ptr [r15],rcx
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: AV
- PROCESS_NAME: System
- TRAP_FRAME: fffff8028e170de0 -- (.trap 0xfffff8028e170de0)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=00000107d6605117 rbx=0000000000000000 rcx=0000000000000de1
- rdx=0000010700000000 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8028cca7c5f rsp=fffff8028e170f70 rbp=fffff8028cfcf180
- r8=fffff8028cfcf180 r9=0000000000000000 r10=fffff8028cf81a50
- r11=fffff8028cdefb4f r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl nz na po nc
- nt!KiCallInterruptServiceRoutine+0x13f:
- fffff802`8cca7c5f 49010f add qword ptr [r15],rcx ds:00000000`00000000=????????????????
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff8028cdeea29 to fffff8028cde38a0
- STACK_TEXT:
- fffff802`8e170c98 fffff802`8cdeea29 : 00000000`0000000a fffff800`8cc6d490 00000000`0000000d 00000000`00000001 : nt!KeBugCheckEx
- fffff802`8e170ca0 fffff802`8cded007 : fffff802`8cfcf180 fffff802`8ccb4c9c fffff802`8e162800 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- fffff802`8e170de0 fffff802`8cca7c5f : fffff802`8cc6d3e0 00000000`00000008 fffff802`8e170f50 00000000`0000000c : nt!KiPageFault+0x247
- fffff802`8e170f70 fffff802`8cde4f1a : fffff802`8e162880 ffff9f01`2f62d7d0 00000002`be1a8753 00000000`00000000 : nt!KiCallInterruptServiceRoutine+0x13f
- fffff802`8e170fb0 fffff802`8cde5367 : 00000000`00000000 00000000`00000003 00000000`00000000 00000000`00000000 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
- fffff802`8e162800 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: 6727dbacf5d52303467364adf8410297e4a50cef
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 56dd9a96d700973a42d2b70cbd2212a9bbe3e112
- THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
- FOLLOWUP_IP:
- nt!KiCallInterruptServiceRoutine+13f
- fffff802`8cca7c5f 49010f add qword ptr [r15],rcx
- FAULT_INSTR_CODE: 4c0f0149
- SYMBOL_STACK_INDEX: 3
- SYMBOL_NAME: nt!KiCallInterruptServiceRoutine+13f
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5989449b
- IMAGE_VERSION: 10.0.14393.1613
- BUCKET_ID_FUNC_OFFSET: 13f
- FAILURE_BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- PRIMARY_PROBLEM_CLASS: AV_nt!KiCallInterruptServiceRoutine
- TARGET_TIME: 2018-01-07T22:39:37.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:av_nt!kicallinterruptserviceroutine
- FAILURE_ID_HASH: {49ead8ee-52e2-d680-57c5-6664c364ad42}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 010818-18218-01.dmp ====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 14393 MP (2 procs) Free x64
- Kernel base = 0xfffff802`19290000 PsLoadedModuleList = 0xfffff802`1958e040
- Debug session time: Sun Jan 7 17:26:05.911 2018 (UTC - 5:00)
- System Uptime: 0 days 0:18:03.770
- BugCheck A, {ffff8f879de8d2b8, d, 0, fffff802192a3c58}
- Probably caused by : ntkrnlmp.exe ( nt!KiCallInterruptServiceRoutine+138 )
- Followup: MachineOwner
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: ffff8f879de8d2b8, memory referenced
- Arg2: 000000000000000d, IRQL
- Arg3: 0000000000000000, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff802192a3c58, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff8021962f338: Unable to get MiVisibleState
- ffff8f879de8d2b8
- CURRENT_IRQL: d
- FAULTING_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff802`192a3c58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: AV
- PROCESS_NAME: System
- TRAP_FRAME: ffffaf879f7f3010 -- (.trap 0xffffaf879f7f3010)
- Unable to read trap frame at ffffaf87`9f7f3010
- EXCEPTION_RECORD: fffff80346733f10 -- (.exr 0xfffff80346733f10)
- ExceptionAddress: ccccccccccc3c032
- ExceptionCode: 8348c033
- ExceptionFlags: ccc328c4
- NumberParameters: -858993460
- Parameter[0]: cccccc0000285be9
- Parameter[1]: cccccccccccccccc
- Parameter[2]: ffde33e828ec8348
- Parameter[3]: 283ee928c48348ff
- Parameter[4]: cccccccccccc0000
- Parameter[5]: cccccccccccccccc
- Parameter[6]: 83485708245c8948
- Parameter[7]: 87d98b48c03320ec
- Parameter[8]: 01f88300005bf705
- Parameter[9]: 005bbb0d8d484b75
- Parameter[10]: fdbfffffddf6e800
- Parameter[11]: 5baa0d8d48ffffff
- Parameter[12]: d08b48c723480000
- Parameter[13]: 3d8348ffffde33e8
- Parameter[14]: 481e740000005ba7
- LAST_CONTROL_TRANSFER: from fffff802193eaa29 to fffff802193df8a0
- STACK_TEXT:
- ffffc281`1b7fec98 fffff802`193eaa29 : 00000000`0000000a ffff8f87`9de8d2b8 00000000`0000000d 00000000`00000000 : nt!KeBugCheckEx
- ffffc281`1b7feca0 fffff802`193e9007 : ffffc281`1b5e8180 fffff802`192b0c9c ffffffff`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- ffffc281`1b7fede0 fffff802`192a3c58 : 00000000`1dbff301 00000000`00000000 ffff49ac`873f2548 00000000`00000000 : nt!KiPageFault+0x247
- ffffc281`1b7fef70 fffff802`193e0f1a : ffffc281`1b5fd880 ffffaf87`9f7f3010 00000006`4ef8f1b0 00000000`00000000 : nt!KiCallInterruptServiceRoutine+0x138
- ffffc281`1b7fefb0 fffff802`193e1367 : 00000000`00000000 fffff803`4593bc28 00000000`00000000 fffff802`192d0035 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
- ffffc281`1b5fd800 fffff803`46736792 : fffff803`46733f10 00000006`4ef8f1b0 ffffaf87`9f7f3010 ffffc281`1b5e8180 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- ffffc281`1b5fd998 fffff803`46733f10 : 00000006`4ef8f1b0 ffffaf87`9f7f3010 ffffc281`1b5e8180 ffffaf87`9f1f62a0 : amdk8!C1Halt+0x2
- ffffc281`1b5fd9a0 fffff802`192b1d63 : 00000000`00000000 00000000`017d7840 ffffaf87`9f1f62a0 00000000`0000002c : amdk8!AcpiCStateIdleExecute+0x20
- ffffc281`1b5fd9d0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PpmIdleExecuteTransition+0x643
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: a5922086b08a6aa89a264f0ecb4b95751619afb4
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 589a51c4c2f194286b11b63f010f110409c046e6
- THREAD_SHA1_HASH_MOD: 41c5e8c353b9837f2d758e7d2417002883880d1e
- FOLLOWUP_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff802`192a3c58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- FAULT_INSTR_CODE: b88b2b48
- SYMBOL_STACK_INDEX: 3
- SYMBOL_NAME: nt!KiCallInterruptServiceRoutine+138
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5989449b
- IMAGE_VERSION: 10.0.14393.1613
- BUCKET_ID_FUNC_OFFSET: 138
- FAILURE_BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- PRIMARY_PROBLEM_CLASS: AV_nt!KiCallInterruptServiceRoutine
- TARGET_TIME: 2018-01-07T22:26:05.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:av_nt!kicallinterruptserviceroutine
- FAILURE_ID_HASH: {49ead8ee-52e2-d680-57c5-6664c364ad42}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 010718-29437-01.dmp ====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 14393 MP (2 procs) Free x64
- Kernel base = 0xfffff800`c161c000 PsLoadedModuleList = 0xfffff800`c191a040
- Debug session time: Sun Jan 7 15:37:16.736 2018 (UTC - 5:00)
- System Uptime: 0 days 1:22:35.111
- BugCheck A, {ffff8d05b048f2b8, d, 0, fffff800c162fc58}
- Probably caused by : ntkrnlmp.exe ( nt!KiCallInterruptServiceRoutine+138 )
- Followup: MachineOwner
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: ffff8d05b048f2b8, memory referenced
- Arg2: 000000000000000d, IRQL
- Arg3: 0000000000000000, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff800c162fc58, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff800c19bb338: Unable to get MiVisibleState
- ffff8d05b048f2b8
- CURRENT_IRQL: d
- FAULTING_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff800`c162fc58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: AV
- PROCESS_NAME: System
- TRAP_FRAME: ffffdc01609c3de0 -- (.trap 0xffffdc01609c3de0)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=00000d71649d75f7 rbx=0000000000000000 rcx=00000d71649d75f7
- rdx=00000d7100000000 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff800c162fc58 rsp=ffffdc01609c3f70 rbp=ffffdc01609aa180
- r8=ffffdc01609aa180 r9=0000000000000001 r10=ffffdc01609b0514
- r11=0000000000000300 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl nz na pe nc
- nt!KiCallInterruptServiceRoutine+0x138:
- fffff800`c162fc58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h] ds:00000000`000000b8=????????????????
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff800c1776a29 to fffff800c176b8a0
- STACK_TEXT:
- ffffdc01`609c3c98 fffff800`c1776a29 : 00000000`0000000a ffff8d05`b048f2b8 00000000`0000000d 00000000`00000000 : nt!KeBugCheckEx
- ffffdc01`609c3ca0 fffff800`c1775007 : ffffdc01`609aa180 fffff800`c163cc9c 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- ffffdc01`609c3de0 fffff800`c162fc58 : ffffdc01`609c3f01 00000000`00000000 ffff2a31`7044a2fa 00000000`00000000 : nt!KiPageFault+0x247
- ffffdc01`609c3f70 fffff800`c176cf1a : ffffdc01`60866880 ffff8d8d`b1b977d0 0000001c`dc230de1 00000000`00000000 : nt!KiCallInterruptServiceRoutine+0x138
- ffffdc01`609c3fb0 fffff800`c176d367 : 00000000`00000000 ffffdc01`609a0000 00000000`00140001 00000000`00000000 : nt!KiInterruptSubDispatchNoLockNoEtw+0xea
- ffffdc01`60866800 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: 6727dbacf5d52303467364adf8410297e4a50cef
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2677bc55260546afccfc761a380feed49e351ae7
- THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
- FOLLOWUP_IP:
- nt!KiCallInterruptServiceRoutine+138
- fffff800`c162fc58 482b8bb8000000 sub rcx,qword ptr [rbx+0B8h]
- FAULT_INSTR_CODE: b88b2b48
- SYMBOL_STACK_INDEX: 3
- SYMBOL_NAME: nt!KiCallInterruptServiceRoutine+138
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5989449b
- IMAGE_VERSION: 10.0.14393.1613
- BUCKET_ID_FUNC_OFFSET: 138
- FAILURE_BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- BUCKET_ID: AV_nt!KiCallInterruptServiceRoutine
- PRIMARY_PROBLEM_CLASS: AV_nt!KiCallInterruptServiceRoutine
- TARGET_TIME: 2018-01-07T20:37:16.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:av_nt!kicallinterruptserviceroutine
- FAILURE_ID_HASH: {49ead8ee-52e2-d680-57c5-6664c364ad42}
- Followup: MachineOwner
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement