API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 17th, 2017
379
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.67 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4. Auto Dump Analyzer by gardenman
  5. Time to debug file(s): 00 hours and 04 minutes and 44 seconds
  6.  
  7. ============================= SYSTEM INFO ==============================
  8. VERSION: 2.0
  9. PRODUCT_NAME: MS-7972
  10. MANUFACTURER: MSI
  11.  
  12. =========================== BRIEF BIOS INFO ============================
  13. DATE: 04/18/2017
  14. VERSION: C.B0
  15. VENDOR: American Megatrends Inc.
  16.  
  17. =========================== MOTHERBOARD INFO ===========================
  18. VERSION: 2.0
  19. PRODUCT: B150M MORTAR (MS-7972)
  20. MANUFACTURER: MSI
  21.  
  22. =============================== CPU INFO ===============================
  23. Processor Version: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
  24. MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: A6'00000000 (cache) A6'00000000 (init)
  25. STEPPING: 3
  26. MODEL: 5e
  27. FAMILY: 6
  28. VENDOR: GenuineIntel
  29. MHZ: 2712
  30. COUNT: 4
  31.  
  32. =============================== OS INFO ================================
  33. BUILDOSVER: 10.0.15063.540
  34. BUILDLAB: WinBuild
  35. BUILDDATESTAMP: 160101.0800
  36. BUILD_TIMESTAMP: 2017-07-31 21:23:25
  37. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  38. NAME: Windows 10
  39. PLATFORM_TYPE: x64
  40. SERVICEPACK: 540
  41. BUILD: 15063
  42. BUILD_VERSION: 10.0.15063.540 (WinBuild.160101.0800)
  43. Product: WinNt, suite: TerminalServer SingleUserTS
  44.  
  45. If you see multiple OS versions listed above it's likely because the
  46. dump files were created at different times and Windows has updated to
  47. a new version. This is normal. The same goes for BIOS Versions/Dates.
  48.  
  49. ========================================================================
  50. ==================== Dump File: 081717-4578-01.dmp =====================
  51. ========================================================================
  52. Mini Kernel Dump File: Only registers and stack trace are available
  53. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  54. Kernel base = 0xfffff802`1801f000 PsLoadedModuleList = 0xfffff802`1836b5c0
  55. Debug session time: Wed Aug 16 19:10:38.919 2017 (UTC - 4:00)
  56. System Uptime: 0 days 3:21:08.560
  57.  
  58. BugCheck 1E, {ffffffffc0000005, fffff802184c409d, 0, 2c}
  59. *** WARNING: Unable to verify timestamp for rzpnk.sys
  60. *** ERROR: Module load completed but symbols could not be loaded for rzpnk.sys
  61. Probably caused by : rzpnk.sys ( rzpnk+75dd )
  62. Followup: MachineOwner
  63.  
  64. KMODE_EXCEPTION_NOT_HANDLED (1e)
  65. This is a very common bugcheck. Usually the exception address pinpoints
  66. the driver/function that caused the problem. Always note this address
  67. as well as the link date of the driver/image that contains this address.
  68.  
  69. Arguments:
  70. Arg1: ffffffffc0000005, The exception code that was not handled
  71. Arg2: fffff802184c409d, The address that the exception occurred at
  72. Arg3: 0000000000000000, Parameter 0 of the exception
  73. Arg4: 000000000000002c, Parameter 1 of the exception
  74.  
  75. Debugging Details:
  76. DUMP_CLASS: 1
  77. DUMP_QUALIFIER: 400
  78. DUMP_TYPE: 2
  79. DUMP_FILE_ATTRIBUTES: 0x8
  80. Kernel Generated Triage Dump
  81. READ_ADDRESS: fffff80218400358: Unable to get MiVisibleState
  82. 000000000000002c
  83. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  84. FAULTING_IP:
  85. nt!ObpCreateHandle+39d
  86. fffff802`184c409d 0fb6472c movzx eax,byte ptr [rdi+2Ch]
  87. EXCEPTION_PARAMETER2: 000000000000002c
  88. BUGCHECK_STR: 0x1E_c0000005_R
  89. CUSTOMER_CRASH_COUNT: 1
  90. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  91.  
  92. PROCESS_NAME: RazerIngameEng
  93.  
  94. CURRENT_IRQL: 0
  95. EXCEPTION_RECORD: ffff8000872bf470 -- (.exr 0xffff8000872bf470)
  96. ExceptionAddress: 000000000000002c
  97. ExceptionCode: 00000002
  98. ExceptionFlags: 00000000
  99. NumberParameters: 1052889216
  100. Parameter[0]: 0000000000000000
  101. Parameter[1]: 0000000000000000
  102. Parameter[2]: 0000000000000000
  103. Parameter[3]: 0000000000000000
  104. Parameter[4]: 0000000000000000
  105. Parameter[5]: 0000000000000000
  106. Parameter[6]: 0000000000000000
  107. Parameter[7]: 0000000000000000
  108. Parameter[8]: 0000000000000000
  109. Parameter[9]: 0000000000000000
  110. Parameter[10]: 0000000000000000
  111. Parameter[11]: 0000000000000000
  112. Parameter[12]: 0000000000000000
  113. Parameter[13]: fffff80218194e57
  114. Parameter[14]: ffff8000872bf510
  115. LAST_CONTROL_TRANSFER: from fffff80218049b7c to fffff8021818b560
  116. STACK_TEXT:
  117. ffff8000`872bec68 fffff802`18049b7c : 00000000`0000001e ffffffff`c0000005 fffff802`184c409d 00000000`00000000 : nt!KeBugCheckEx
  118. ffff8000`872bec70 fffff802`1819698e : ffff8000`872bf470 00000000`00000000 00000000`00000000 ffff9582`3c3ea000 : nt!KiDispatchException+0x23c
  119. ffff8000`872bf320 fffff802`18194e57 : ffff8000`872bf510 00000000`00000018 ffff8000`86514340 fffff802`1829e4b0 : nt!KiExceptionDispatch+0xce
  120. ffff8000`872bf500 fffff802`184c409d : ffff9582`384bdf20 ffff8000`872bf7b0 ffff8000`872bf9e0 ffff8000`872bf7b0 : nt!KiPageFault+0x217
  121. ffff8000`872bf690 fffff802`184c9a2d : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`02000000 : nt!ObpCreateHandle+0x39d
  122. ffff8000`872bf8d0 fffff802`1854aca3 : 00000000`000003e9 00000000`00000000 95823ec1`d080ae23 ffff9582`3ec1d080 : nt!PsOpenProcess+0x28d
  123. ffff8000`872bfbe0 fffff802`18196413 : 00000000`0000148c fffff802`1818ee95 ffffad00`161c8d80 fffff802`1818ccc1 : nt!NtOpenProcess+0x23
  124. ffff8000`872bfc20 fffff802`1818e740 : fffff802`ee3d75dd ffff8000`872bfdd0 00000000`00000018 00000000`0000148c : nt!KiSystemServiceCopyEnd+0x13
  125. ffff8000`872bfdb8 fffff802`ee3d75dd : ffff8000`872bfdd0 00000000`00000018 00000000`0000148c 00000000`00000000 : nt!KiServiceLinkage
  126. ffff8000`872bfdc0 ffff8000`872bfdd0 : 00000000`00000018 00000000`0000148c 00000000`00000000 ffff9582`3d812080 : rzpnk+0x75dd
  127. ffff8000`872bfdc8 00000000`00000018 : 00000000`0000148c 00000000`00000000 ffff9582`3d812080 fffff802`181195d2 : 0xffff8000`872bfdd0
  128. ffff8000`872bfdd0 00000000`0000148c : 00000000`00000000 ffff9582`3d812080 fffff802`181195d2 00000000`00001fe4 : 0x18
  129. ffff8000`872bfdd8 00000000`00000000 : ffff9582`3d812080 fffff802`181195d2 00000000`00001fe4 00000000`00000000 : 0x148c
  130. STACK_COMMAND: kb
  131. THREAD_SHA1_HASH_MOD_FUNC: 244f7bca8696bfd926172f7bd4c34384e6d18e41
  132. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: c9f5e496e13ed80261f595cc31b8f2babdafcba8
  133. THREAD_SHA1_HASH_MOD: 6db1e298ca85b026daf7b61e7ad9c7692f4e315a
  134. FOLLOWUP_IP:
  135. rzpnk+75dd
  136. fffff802`ee3d75dd ?? ???
  137. SYMBOL_STACK_INDEX: 9
  138. SYMBOL_NAME: rzpnk+75dd
  139. FOLLOWUP_NAME: MachineOwner
  140. MODULE_NAME: rzpnk
  141.  
  142. IMAGE_NAME: rzpnk.sys
  143.  
  144. DEBUG_FLR_IMAGE_TIMESTAMP: 596bba87
  145. BUCKET_ID_FUNC_OFFSET: 75dd
  146. FAILURE_BUCKET_ID: 0x1E_c0000005_R_rzpnk!unknown_function
  147. BUCKET_ID: 0x1E_c0000005_R_rzpnk!unknown_function
  148. PRIMARY_PROBLEM_CLASS: 0x1E_c0000005_R_rzpnk!unknown_function
  149. TARGET_TIME: 2017-08-16T23:10:38.000Z
  150. SUITE_MASK: 272
  151. PRODUCT_TYPE: 1
  152. USER_LCID: 0
  153. FAILURE_ID_HASH_STRING: km:0x1e_c0000005_r_rzpnk!unknown_function
  154. FAILURE_ID_HASH: {d94a098a-232a-5c83-5609-ce31e35363c9}
  155. Followup: MachineOwner
  156.  
  157. ========================================================================
  158. ========================== 3RD PARTY DRIVERS ===========================
  159. ============================ Sorted by Date ============================
  160. ========================================================================
  161. Image path: ndisrfl.sys
  162. Image name: ndisrfl.sys
  163. Info Link : http://www.carrona.org/drivers/driver.php?id=ndisrfl.sys
  164. ADA Info : Intel(R) Technology Access Filter Driver
  165. Timestamp : Thu Jul 9 2015
  166.  
  167. Image path: TeeDriverW8x64.sys
  168. Image name: TeeDriverW8x64.sys
  169. Info Link : http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
  170. ADA Info : IntelĀ® Management Engine Interface
  171. Timestamp : Thu Sep 15 2016
  172.  
  173. Image path: rzendpt.sys
  174. Image name: rzendpt.sys
  175. Info Link : http://www.carrona.org/drivers/driver.php?id=rzendpt.sys
  176. ADA Info : Razer RzEndPt driver https://www.razerzone.com/
  177. Timestamp : Wed Oct 26 2016
  178.  
  179. Image path: rzudd.sys
  180. Image name: rzudd.sys
  181. Info Link : http://www.carrona.org/drivers/driver.php?id=rzudd.sys
  182. ADA Info : Razer Rzudd Engine Driver https://www.razerzone.com/
  183. Timestamp : Wed Oct 26 2016
  184.  
  185. Image path: nvvhci.sys
  186. Image name: nvvhci.sys
  187. Info Link : http://www.carrona.org/drivers/driver.php?id=nvvhci.sys
  188. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  189. Timestamp : Tue Dec 27 2016
  190.  
  191. Image path: nvvad64v.sys
  192. Image name: nvvad64v.sys
  193. Info Link : http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
  194. ADA Info : Nvidia Virtual Audio Driver http://www.nvidia.com/
  195. Timestamp : Wed Apr 5 2017
  196.  
  197. Image path: nvhda64v.sys
  198. Image name: nvhda64v.sys
  199. Info Link : http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
  200. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  201. Timestamp : Tue May 16 2017
  202.  
  203. Image path: rt640x64.sys
  204. Image name: rt640x64.sys
  205. Info Link : http://www.carrona.org/drivers/driver.php?id=rt640x64.sys
  206. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver http://www.realtek.com.tw
  207. Timestamp : Fri May 26 2017
  208.  
  209. Image path: aswbidsdrivera.sys
  210. Image name: aswbidsdrivera.sys
  211. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbidsdrivera.sys
  212. ADA Info : Avast IDS Application Activity Monitor Driver http://www.avast.com/
  213. Timestamp : Tue Jun 6 2017
  214.  
  215. Image path: aswbidsha.sys
  216. Image name: aswbidsha.sys
  217. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbidsha.sys
  218. ADA Info : Avast Antivirus http://www.avast.com/
  219. Timestamp : Tue Jun 6 2017
  220.  
  221. Image path: aswbloga.sys
  222. Image name: aswbloga.sys
  223. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbloga.sys
  224. ADA Info : Avast Antivirus http://www.avast.com/
  225. Timestamp : Tue Jun 6 2017
  226.  
  227. Image path: aswbuniva.sys
  228. Image name: aswbuniva.sys
  229. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbuniva.sys
  230. ADA Info : Avast Antivirus http://www.avast.com/
  231. Timestamp : Tue Jun 6 2017
  232.  
  233. Image path: SCDEmu.SYS
  234. Image name: SCDEmu.SYS
  235. Info Link : http://www.carrona.org/drivers/driver.php?id=SCDEmu.SYS
  236. Timestamp : Tue Jun 6 2017
  237.  
  238. Image path: nvlddmkm.sys
  239. Image name: nvlddmkm.sys
  240. Info Link : http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
  241. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  242. Timestamp : Wed Jun 7 2017
  243.  
  244. Image path: aswRdr2.sys
  245. Image name: aswRdr2.sys
  246. Info Link : http://www.carrona.org/drivers/driver.php?id=aswRdr2.sys
  247. ADA Info : Avast Antivirus http://www.avast.com/
  248. Timestamp : Mon Jun 19 2017
  249.  
  250. Image path: aswRvrt.sys
  251. Image name: aswRvrt.sys
  252. Info Link : http://www.carrona.org/drivers/driver.php?id=aswRvrt.sys
  253. ADA Info : Avast Antivirus http://www.avast.com/
  254. Timestamp : Mon Jun 19 2017
  255.  
  256. Image path: aswSnx.sys
  257. Image name: aswSnx.sys
  258. Info Link : http://www.carrona.org/drivers/driver.php?id=aswSnx.sys
  259. ADA Info : Avast Antivirus http://www.avast.com/
  260. Timestamp : Mon Jun 19 2017
  261.  
  262. Image path: aswStm.sys
  263. Image name: aswStm.sys
  264. Info Link : http://www.carrona.org/drivers/driver.php?id=aswStm.sys
  265. ADA Info : Avast Antivirus http://www.avast.com/
  266. Timestamp : Mon Jun 19 2017
  267.  
  268. Image path: aswMonFlt.sys
  269. Image name: aswMonFlt.sys
  270. Info Link : http://www.carrona.org/drivers/driver.php?id=aswMonFlt.sys
  271. ADA Info : Avast Antivirus http://www.avast.com/
  272. Timestamp : Thu Jun 22 2017
  273.  
  274. Image path: aswSP.sys
  275. Image name: aswSP.sys
  276. Info Link : http://www.carrona.org/drivers/driver.php?id=aswSP.sys
  277. ADA Info : Avast Antivirus http://www.avast.com/
  278. Timestamp : Thu Jun 22 2017
  279.  
  280. Image path: aswVmm.sys
  281. Image name: aswVmm.sys
  282. Info Link : http://www.carrona.org/drivers/driver.php?id=aswVmm.sys
  283. ADA Info : Avast Antivirus http://www.avast.com/
  284. Timestamp : Thu Jun 29 2017
  285.  
  286. Image path: rzpnk.sys
  287. Image name: rzpnk.sys
  288. Info Link : http://www.carrona.org/drivers/driver.php?id=rzpnk.sys
  289. ADA Info : Razer Overlay Support https://www.razerzone.com/
  290. Timestamp : Sun Jul 16 2017
  291.  
  292. Image path: rzpmgrk.sys
  293. Image name: rzpmgrk.sys
  294. Info Link : http://www.carrona.org/drivers/driver.php?id=rzpmgrk.sys
  295. ADA Info : Razer Overlay Support https://www.razerzone.com/
  296. Timestamp : Tue Jul 18 2017
  297.  
  298. Image path: RTKVHD64.sys
  299. Image name: RTKVHD64.sys
  300. Info Link : http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
  301. ADA Info : Realtek Audio Driver system driver http://www.realtek.com.tw
  302. Timestamp : Wed Jul 19 2017
  303.  
  304. ========================================================================
  305. ========================== MICROSOFT DRIVERS ===========================
  306. ========================================================================
  307. ACPI.sys ACPI Driver for NT (Microsoft)
  308. acpiex.sys ACPIEx Driver (Microsoft)
  309. acpipagr.sys ACPI Processor Aggregator Device Driver
  310. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  311. ahcache.sys Application Compatibility Cache (Microsoft)
  312. BasicDisplay.sys Basic Display driver (Microsoft)
  313. BasicRender.sys Basic Render driver (Microsoft)
  314. Beep.SYS BEEP driver (Microsoft)
  315. BOOTVID.dll VGA Boot Driver (Microsoft)
  316. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  317. cdd.dll Canonical Display Driver (Microsoft)
  318. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  319. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  320. CI.dll Code Integrity Module (Microsoft)
  321. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  322. CLFS.SYS Common Log File System Driver (Microsoft)
  323. clipsp.sys CLIP Service (Microsoft)
  324. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  325. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  326. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  327. condrv.sys Console Driver (Microsoft)
  328. crashdmp.sys Crash Dump Driver
  329. csc.sys Windows Client Side Caching Driver
  330. dfsc.sys DFS Namespace Client Driver (Microsoft)
  331. disk.sys PnP Disk Driver (Microsoft)
  332. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  333. dump_dumpfve.sys Bitlocker Drive Encryption Crashdump Filter
  334. dump_storahci.sys MS AHCI Storport Miniport Driver
  335. dump_storport.sys Provides disk access during crash dump file generation (Microsoft)
  336. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  337. dxgmms2.sys DirectX Graphics MMS
  338. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  339. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  340. fileinfo.sys FileInfo Filter Driver (Microsoft)
  341. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  342. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  343. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  344. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  345. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  346. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  347. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  348. HIDCLASS.SYS Hid Class Library
  349. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  350. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  351. HTTP.sys HTTP Protocol Stack (Microsoft)
  352. intelpep.sys Intel Power Engine Plugin (Microsoft)
  353. intelppm.sys Processor Device Driver (Microsoft)
  354. iorate.sys I/O rate control Filter (Microsoft)
  355. kbdclass.sys Keyboard Class Driver (Microsoft)
  356. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  357. kdcom.dll Kernel Debugger HW Extension DLL (Microsoft)
  358. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  359. ks.sys Kernal CSA Library (Microsoft)
  360. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  361. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  362. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  363. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  364. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  365. mcupdate.dll Media Center Update (Microsoft)
  366. mmcss.sys MMCSS Driver (Microsoft)
  367. monitor.sys Monitor Driver (Microsoft)
  368. mouclass.sys Mouse Class Driver (Microsoft)
  369. mouhid.sys HID Mouse Filter Driver (Microsoft)
  370. mountmgr.sys Mount Point Manager (Microsoft)
  371. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  372. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  373. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  374. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  375. Msfs.SYS Mailslot driver (Microsoft)
  376. msisadrv.sys ISA Driver (Microsoft)
  377. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  378. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  379. mssmbios.sys System Management BIOS driver (Microsoft)
  380. mup.sys Multiple UNC Provider driver (Microsoft)
  381. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  382. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  383. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  384. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  385. netbios.sys NetBIOS Interface driver (Microsoft)
  386. netbt.sys MBT Transport driver (Microsoft)
  387. NETIO.SYS Network I/O Subsystem (Microsoft)
  388. Npfs.SYS NPFS driver (Microsoft)
  389. npsvctrig.sys Named pipe service triggers (Microsoft)
  390. nsiproxy.sys NSI Proxy driver (Microsoft)
  391. NTFS.sys NT File System Driver (Microsoft)
  392. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  393. ntosext.sys NTOS Extension Host driver (Microsoft)
  394. Null.SYS NULL Driver (Microsoft)
  395. pacer.sys QoS Packet Scheduler (Microsoft)
  396. partmgr.sys Partition driver (Microsoft)
  397. pci.sys NT Plug and Play PCI Enumerator
  398. pcw.sys Performance Counter Driver (Microsoft)
  399. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  400. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  401. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  402. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  403. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  404. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  405. rdpvideominiport.sys Microsoft RDP Video Miniport driver
  406. rdyboost.sys ReadyBoost Driver (Microsoft)
  407. registry.sys Registry Container driver (Microsoft)
  408. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  409. serenum.sys Serial Port Enumerator
  410. serial.sys Serial Device Driver
  411. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  412. spaceport.sys Storage Spaces driver (Microsoft)
  413. srv.sys Server driver (Microsoft)
  414. srv2.sys Smb 2.0 Server driver (Microsoft)
  415. srvnet.sys Server Network driver (Microsoft)
  416. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  417. storport.sys A storage port driver that is especially suitable for use with high-performance buses, such as fibre channel buses, and RAID adapters. (Microsoft)
  418. storqosflt.sys Storage QoS Filter driver (Microsoft)
  419. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  420. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  421. tcpip.sys TCP/IP Protocol driver (Microsoft)
  422. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  423. TDI.SYS TDI Wrapper driver (Microsoft)
  424. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  425. tm.sys Kernel Transaction Manager driver (Microsoft)
  426. TSDDD.dll Framebuffer Display Driver (Microsoft)
  427. tunnel.sys Microsoft Tunnel Interface Driver
  428. ucx01000.sys USB Controller Extension
  429. umbus.sys User-Mode Bus Enumerator (Microsoft)
  430. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  431. USBD.SYS Universal Serial Bus Driver (Microsoft)
  432. UsbHub3.sys USB3 HUB Driver
  433. USBXHCI.SYS USB XHCI Driver
  434. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  435. vmbkmclr.sys Hyper-V VMBus Root KMCL (Microsoft)
  436. volmgr.sys Volume Manager Driver (Microsoft)
  437. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  438. volsnap.sys Volume Shadow Copy driver (Microsoft)
  439. volume.sys Volume driver (Microsoft)
  440. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  441. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  442. watchdog.sys Watchdog driver (Microsoft)
  443. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  444. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  445. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  446. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  447. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  448. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  449. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  450. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  451. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  452. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  453. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  454. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  455. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  456. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  457. Wof.sys Windows Overlay Filter (Microsoft)
  458. WORKERDD.dll Framebuffer Display Driver
  459. WppRecorder.sys WPP Trace Recorder (Microsoft)
  460.  
  461. Unloaded modules:
  462. fffff802`ee4a0000 fffff802`ee4a7000 NTIOLib_X64.
  463. fffff802`ec570000 fffff802`ec57b000 cldflt.sys
  464. fffff802`ead60000 fffff802`ead6f000 dump_storpor
  465. fffff802`eada0000 fffff802`eadc7000 dump_storahc
  466. fffff802`eadf0000 fffff802`eae0d000 dump_dumpfve
  467. fffff802`ecd00000 fffff802`ecd22000 i8042prt.sys
  468. fffff802`ea8a0000 fffff802`ea8c0000 dam.sys
  469. fffff802`e9dc0000 fffff802`e9dcf000 WdBoot.sys
  470. fffff802`eabe0000 fffff802`eabef000 hwpolicy.sys
  471.  
  472. ========================================================================
  473. ============================== BIOS INFO ===============================
  474. ========================================================================
  475. [SMBIOS Data Tables v3.0]
  476. [DMI Version - 0]
  477. [2.0 Calling Convention - No]
  478. [Table Size - 4068 bytes]
  479. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  480. Vendor American Megatrends Inc.
  481. BIOS Version C.B0
  482. BIOS Starting Address Segment f000
  483. BIOS Release Date 04/18/2017
  484. BIOS ROM Size 1000000
  485. BIOS Characteristics
  486. 07: - PCI Supported
  487. 11: - Upgradeable FLASH BIOS
  488. 12: - BIOS Shadowing Supported
  489. 15: - CD-Boot Supported
  490. 16: - Selectable Boot Supported
  491. 17: - BIOS ROM Socketed
  492. 19: - EDD Supported
  493. 23: - 1.2MB Floppy Supported
  494. 24: - 720KB Floppy Supported
  495. 25: - 2.88MB Floppy Supported
  496. 26: - Print Screen Device Supported
  497. 27: - Keyboard Services Supported
  498. 28: - Serial Services Supported
  499. 29: - Printer Services Supported
  500. 32: - BIOS Vendor Reserved
  501. BIOS Characteristic Extensions
  502. 00: - ACPI Supported
  503. 01: - USB Legacy Supported
  504. 08: - BIOS Boot Specification Supported
  505. 10: - Specification Reserved
  506. 11: - Specification Reserved
  507. BIOS Major Revision 5
  508. BIOS Minor Revision 12
  509. EC Firmware Major Revision 255
  510. EC Firmware Minor Revision 255
  511. [System Information (Type 1) - Length 27 - Handle 0001h]
  512. Manufacturer MSI
  513. Product Name MS-7972
  514. Version 2.0
  515. UUID 00000000-0000-0000-0000-000000000000
  516. Wakeup Type Power Switch
  517. SKUNumber Default string
  518. Family Default string
  519. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  520. Manufacturer MSI
  521. Product B150M MORTAR (MS-7972)
  522. Version 2.0
  523. Feature Flags 09h
  524. Location Default string
  525. Chassis Handle 0003h
  526. Board Type 0ah - Processor/Memory Module
  527. Number of Child Handles 0
  528. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  529. Manufacturer MSI
  530. Chassis Type Desktop
  531. Version 2.0
  532. Bootup State Safe
  533. Power Supply State Safe
  534. Thermal State Safe
  535. Security Status None
  536. OEM Defined 0
  537. Height 0U
  538. Number of Power Cords 1
  539. Number of Contained Elements 0
  540. Contained Element Size 3
  541. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  542. Number of Strings 1
  543. 1 Default string
  544. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  545. [Physical Memory Array (Type 16) - Length 23 - Handle 003ch]
  546. Location 03h - SystemBoard/Motherboard
  547. Use 03h - System Memory
  548. Memory Error Correction 03h - None
  549. Maximum Capacity 67108864KB
  550. Number of Memory Devices 4
  551. [Memory Device (Type 17) - Length 40 - Handle 003dh]
  552. Physical Memory Array Handle 003ch
  553. Total Width 64 bits
  554. Data Width 64 bits
  555. Size 8192MB
  556. Form Factor 09h - DIMM
  557. Device Locator ChannelA-DIMM0
  558. Bank Locator BANK 0
  559. Memory Type 1ah - Specification Reserved
  560. Type Detail 0080h - Synchronous
  561. Speed 2133MHz
  562. Manufacturer Kingston
  563. Part Number KHX2133C13D4/8GX
  564. [Memory Device (Type 17) - Length 40 - Handle 003eh]
  565. Physical Memory Array Handle 003ch
  566. Total Width 0 bits
  567. Data Width 0 bits
  568. Form Factor 02h - Unknown
  569. Device Locator ChannelA-DIMM1
  570. Bank Locator BANK 1
  571. Memory Type 02h - Unknown
  572. Type Detail 0000h -
  573. Speed 0MHz
  574. [Memory Device (Type 17) - Length 40 - Handle 003fh]
  575. Physical Memory Array Handle 003ch
  576. Total Width 0 bits
  577. Data Width 0 bits
  578. Form Factor 02h - Unknown
  579. Device Locator ChannelB-DIMM0
  580. Bank Locator BANK 2
  581. Memory Type 02h - Unknown
  582. Type Detail 0000h -
  583. Speed 0MHz
  584. [Memory Device (Type 17) - Length 40 - Handle 0040h]
  585. Physical Memory Array Handle 003ch
  586. Total Width 0 bits
  587. Data Width 0 bits
  588. Form Factor 02h - Unknown
  589. Device Locator ChannelB-DIMM1
  590. Bank Locator BANK 3
  591. Memory Type 02h - Unknown
  592. Type Detail 0000h -
  593. Speed 0MHz
  594. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0041h]
  595. Starting Address 00000000h
  596. Ending Address 007fffffh
  597. Memory Array Handle 003ch
  598. Partition Width 01
  599. [Cache Information (Type 7) - Length 19 - Handle 0042h]
  600. Socket Designation L1 Cache
  601. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  602. Maximum Cache Size 0100h - 256K
  603. Installed Size 0100h - 256K
  604. Supported SRAM Type 0020h - Synchronous
  605. Current SRAM Type 0020h - Synchronous
  606. Cache Speed 0ns
  607. Error Correction Type ParitySingle-Bit ECC
  608. System Cache Type Unified
  609. Associativity 8-way Set-Associative
  610. [Cache Information (Type 7) - Length 19 - Handle 0043h]
  611. Socket Designation L2 Cache
  612. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  613. Maximum Cache Size 0400h - 1024K
  614. Installed Size 0400h - 1024K
  615. Supported SRAM Type 0020h - Synchronous
  616. Current SRAM Type 0020h - Synchronous
  617. Cache Speed 0ns
  618. Error Correction Type Multi-Bit ECC
  619. System Cache Type Unified
  620. Associativity 4-way Set-Associative
  621. [Cache Information (Type 7) - Length 19 - Handle 0044h]
  622. Socket Designation L3 Cache
  623. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  624. Maximum Cache Size 1800h - 6144K
  625. Installed Size 1800h - 6144K
  626. Supported SRAM Type 0020h - Synchronous
  627. Current SRAM Type 0020h - Synchronous
  628. Cache Speed 0ns
  629. Error Correction Type Specification Reserved
  630. System Cache Type Unified
  631. Associativity Specification Reserved
  632. [Processor Information (Type 4) - Length 48 - Handle 0045h]
  633. Socket Designation U3E1
  634. Processor Type Central Processor
  635. Processor Family cdh - Specification Reserved
  636. Processor Manufacturer Intel(R) Corporation
  637. Processor ID e3060500fffbebbf
  638. Processor Version Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
  639. Processor Voltage 89h - 0.9V
  640. External Clock 100MHz
  641. Max Speed 8300MHz
  642. Current Speed 2700MHz
  643. Status Enabled Populated
  644. Processor Upgrade Other
  645. L1 Cache Handle 0042h
  646. L2 Cache Handle 0043h
  647. L3 Cache Handle 0044h
  648. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0046h]
  649. Starting Address 00000000h
  650. Ending Address 007fffffh
  651. Memory Device Handle 003dh
  652. Mem Array Mapped Adr Handle 0041h
  653. Interleave Position [None]
  654. Interleave Data Depth [None]
  655.  
  656. ========================================================================
  657. ==================== Dump File: 081617-4390-01.dmp =====================
  658. ========================================================================
  659. Mini Kernel Dump File: Only registers and stack trace are available
  660. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  661. Kernel base = 0xfffff802`9a61c000 PsLoadedModuleList = 0xfffff802`9a9685c0
  662. Debug session time: Wed Aug 16 15:25:32.112 2017 (UTC - 4:00)
  663. System Uptime: 0 days 0:06:56.755
  664.  
  665. BugCheck 154, {ffffc101043e1000, ffffad01a9d1e780, 1, 0}
  666. Probably caused by : ntkrnlmp.exe ( nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf )
  667. Followup: MachineOwner
  668.  
  669. UNEXPECTED_STORE_EXCEPTION (154)
  670. The store component caught an unexpected exception.
  671.  
  672. Arguments:
  673. Arg1: ffffc101043e1000, Pointer to the store context or data manager
  674. Arg2: ffffad01a9d1e780, Exception information
  675. Arg3: 0000000000000001, Reserved
  676. Arg4: 0000000000000000, Reserved
  677.  
  678. Debugging Details:
  679. DUMP_CLASS: 1
  680. DUMP_QUALIFIER: 400
  681. DUMP_TYPE: 2
  682. DUMP_FILE_ATTRIBUTES: 0x8
  683. Kernel Generated Triage Dump
  684. EXCEPTION_RECORD: ffffad01a9d1f6c8 -- (.exr 0xffffad01a9d1f6c8)
  685. ExceptionAddress: fffff8029a6f543f (nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0x00000000000000cf)
  686. ExceptionCode: c0000005 (Access violation)
  687. ExceptionFlags: 00000000
  688. NumberParameters: 2
  689. Parameter[0]: 0000000000000000
  690. Parameter[1]: 0000000000000000
  691. Attempt to read from address 0000000000000000
  692. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  693. FAULTING_IP:
  694. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  695. fffff802`9a6f543f 488b08 mov rcx,qword ptr [rax]
  696. FOLLOWUP_IP:
  697. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  698. fffff802`9a6f543f 488b08 mov rcx,qword ptr [rax]
  699. EXCEPTION_PARAMETER1: 0000000000000000
  700. EXCEPTION_PARAMETER2: 0000000000000000
  701. CONTEXT: ffffad01a9d1ef10 -- (.cxr 0xffffad01a9d1ef10)
  702. rax=0000000000000000 rbx=ffffc101043e28b0 rcx=0000000000000000
  703. rdx=fffff8029aa13430 rsi=0000000000000452 rdi=0000000000000000
  704. rip=fffff8029a6f543f rsp=ffffad01a9d1f900 rbp=ffffc101043e1000
  705. r8=ffffc101043e28b0 r9=ffffc101048830e0 r10=ffffc10104883090
  706. r11=00000000ffffffff r12=0000000000001fff r13=00000000ffffffff
  707. r14=ffffc1010355e000 r15=0000000000000000
  708. iopl=0 nv up ei pl zr na po nc
  709. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
  710. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0xcf:
  711. fffff802`9a6f543f 488b08 mov rcx,qword ptr [rax] ds:002b:00000000`00000000=????????????????
  712. Resetting default scope
  713. CUSTOMER_CRASH_COUNT: 1
  714. DEFAULT_BUCKET_ID: NULL_DEREFERENCE
  715.  
  716. PROCESS_NAME: MemCompression
  717.  
  718. CURRENT_IRQL: 0
  719. ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  720. EXCEPTION_CODE_STR: c0000005
  721. READ_ADDRESS: fffff8029a9fd358: Unable to get MiVisibleState
  722. 0000000000000000
  723. BUGCHECK_STR: 0x154_c0000005
  724. LAST_CONTROL_TRANSFER: from fffff8029a6f6d8f to fffff8029a6f543f
  725. STACK_TEXT:
  726. ffffad01`a9d1f900 fffff802`9a6f6d8f : 00000000`00000452 00000000`ffffffff 00000000`ffffffff ffffc101`043e1050 : nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0xcf
  727. ffffad01`a9d1f930 fffff802`9a6ec71a : ffffc101`043e1050 ffffad01`a9d1f9b0 00000000`00000000 ffffc101`00000000 : nt!ST_STORE<SM_TRAITS>::StUnlockAndUnmapRegion+0x7b
  728. ffffad01`a9d1f970 fffff802`9a6ec65e : 00000000`00000008 00000000`00000103 ffffc101`043e1050 ffffc101`00000000 : nt!ST_STORE<SM_TRAITS>::StDmCurrentRegionSet+0x9e
  729. ffffad01`a9d1f9d0 fffff802`9a6e4a60 : ffffc101`043e1000 ffffad01`a9d1fa70 00000000`00000002 fffff802`00000000 : nt!ST_STORE<SM_TRAITS>::StDmInvalidateCurrentRegions+0x32
  730. ffffad01`a9d1fa00 fffff802`9a7362a7 : ffffc101`043e2650 ffffad01`a9d1fb18 ffffad01`a9d1fa71 fffff802`9a6ed33b : nt!ST_STORE<SM_TRAITS>::StWorkItemProcess+0x1d8
  731. ffffad01`a9d1fa50 fffff802`9a6e4394 : ffffc101`043e1000 ffffad01`a9d1fb18 7fffffff`fffffffc ffffc101`00000000 : nt!ST_STORE<SM_TRAITS>::StLazyWorkMgrRunExpiredWork+0xe7
  732. ffffad01`a9d1faa0 fffff802`9a736ff1 : 00000000`00000102 00000000`00000000 00000000`00000000 ffffad01`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStWorker+0x60c
  733. ffffad01`a9d1fb60 fffff802`9a6f8ac7 : ffffc101`043e1000 fffff802`9a78d967 00000000`01301b4a ffffc101`048467c0 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkerThread+0x11
  734. ffffad01`a9d1fb90 fffff802`9a78d9e6 : ffffad01`a6608180 ffffc101`048467c0 fffff802`9a6f8a80 00000000`00000000 : nt!PspSystemThreadStartup+0x47
  735. ffffad01`a9d1fbe0 00000000`00000000 : ffffad01`a9d20000 ffffad01`a9d19000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
  736. THREAD_SHA1_HASH_MOD_FUNC: 14c4240dd99503e3cb69608e4185326668041be8
  737. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 7a972e7709dac97eea6946dc5a55cd6bd78a5ad3
  738. THREAD_SHA1_HASH_MOD: bc100a5647b828107ac4e18055e00abcbe1ec406
  739. FAULT_INSTR_CODE: e8088b48
  740. SYMBOL_STACK_INDEX: 0
  741. SYMBOL_NAME: nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  742. FOLLOWUP_NAME: MachineOwner
  743. MODULE_NAME: nt
  744.  
  745. IMAGE_NAME: ntkrnlmp.exe
  746.  
  747. DEBUG_FLR_IMAGE_TIMESTAMP: 597fd80d
  748. IMAGE_VERSION: 10.0.15063.540
  749. STACK_COMMAND: .cxr 0xffffad01a9d1ef10 ; kb
  750. BUCKET_ID_FUNC_OFFSET: cf
  751. FAILURE_BUCKET_ID: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  752. BUCKET_ID: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  753. PRIMARY_PROBLEM_CLASS: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  754. TARGET_TIME: 2017-08-16T19:25:32.000Z
  755. SUITE_MASK: 272
  756. PRODUCT_TYPE: 1
  757. USER_LCID: 0
  758. FAILURE_ID_HASH_STRING: km:0x154_c0000005_nt!smkm_store_sm_traits_::smstunmapvirtualregion
  759. FAILURE_ID_HASH: {fd3438ee-1856-26ad-cd9b-6e57571ef255}
  760. Followup: MachineOwner
  761.  
  762. ========================================================================
  763. ==================== Dump File: 081517-4593-01.dmp =====================
  764. ========================================================================
  765. Mini Kernel Dump File: Only registers and stack trace are available
  766. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  767. Kernel base = 0xfffff801`83c8d000 PsLoadedModuleList = 0xfffff801`83fd95c0
  768. Debug session time: Tue Aug 15 10:18:37.613 2017 (UTC - 4:00)
  769. System Uptime: 0 days 1:05:35.254
  770.  
  771. BugCheck 139, {3, ffffb500ced7c7b0, ffffb500ced7c708, 0}
  772. Probably caused by : ntkrnlmp.exe ( nt!KiFastFailDispatch+d0 )
  773. Followup: MachineOwner
  774.  
  775. KERNEL_SECURITY_CHECK_FAILURE (139)
  776. A kernel component has corrupted a critical data structure. The corruption
  777. could potentially allow a malicious user to gain control of this machine.
  778.  
  779. Arguments:
  780. Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
  781. Arg2: ffffb500ced7c7b0, Address of the trap frame for the exception that caused the bugcheck
  782. Arg3: ffffb500ced7c708, Address of the exception record for the exception that caused the bugcheck
  783. Arg4: 0000000000000000, Reserved
  784.  
  785. Debugging Details:
  786. DUMP_CLASS: 1
  787. DUMP_QUALIFIER: 400
  788. DUMP_TYPE: 2
  789. DUMP_FILE_ATTRIBUTES: 0x8
  790. Kernel Generated Triage Dump
  791. TRAP_FRAME: ffffb500ced7c7b0 -- (.trap 0xffffb500ced7c7b0)
  792. NOTE: The trap frame does not contain all registers.
  793. Some register values may be zeroed or incorrect.
  794. rax=ffffd789f0691158 rbx=0000000000000000 rcx=0000000000000003
  795. rdx=ffffb500cc68ca80 rsi=0000000000000000 rdi=0000000000000000
  796. rip=fffff80183e266d2 rsp=ffffb500ced7c940 rbp=fffff80182cb1180
  797. r8=0000000000000000 r9=0000000000000000 r10=ffffd789ebe01800
  798. r11=ffffa10df75be1c0 r12=0000000000000000 r13=0000000000000000
  799. r14=0000000000000000 r15=0000000000000000
  800. iopl=0 nv up ei ng nz na pe cy
  801. nt!KiTryUnwaitThread+0x12aac2:
  802. fffff801`83e266d2 cd29 int 29h
  803. Resetting default scope
  804. EXCEPTION_RECORD: ffffb500ced7c708 -- (.exr 0xffffb500ced7c708)
  805. ExceptionAddress: fffff80183e266d2 (nt!KiTryUnwaitThread+0x000000000012aac2)
  806. ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  807. ExceptionFlags: 00000001
  808. NumberParameters: 1
  809. Parameter[0]: 0000000000000003
  810. Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
  811. CUSTOMER_CRASH_COUNT: 1
  812. DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
  813. BUGCHECK_STR: 0x139
  814.  
  815. PROCESS_NAME: GRW.exe
  816.  
  817. CURRENT_IRQL: 2
  818. ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
  819. EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
  820. EXCEPTION_CODE_STR: c0000409
  821. EXCEPTION_PARAMETER1: 0000000000000003
  822. LAST_CONTROL_TRANSFER: from fffff80183e048a9 to fffff80183df9560
  823. STACK_TEXT:
  824. ffffb500`ced7c488 fffff801`83e048a9 : 00000000`00000139 00000000`00000003 ffffb500`ced7c7b0 ffffb500`ced7c708 : nt!KeBugCheckEx
  825. ffffb500`ced7c490 fffff801`83e04c10 : 00000000`00000000 fffff801`8412eb2e ffffd789`eb8765c0 ffffd789`eeda4a80 : nt!KiBugCheckDispatch+0x69
  826. ffffb500`ced7c5d0 fffff801`83e03bf7 : ffffd789`ef42c7c0 fffff801`82cb1180 fffff801`84086a40 00000000`00000000 : nt!KiFastFailDispatch+0xd0
  827. ffffb500`ced7c7b0 fffff801`83e266d2 : 00000000`00000000 ffffb500`00000000 ffffd789`eccee200 ffffd789`eb2e9c30 : nt!KiRaiseSecurityCheckFailure+0xf7
  828. ffffb500`ced7c940 fffff801`83cfa079 : ffffd789`ef438ee0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiTryUnwaitThread+0x12aac2
  829. ffffb500`ced7c9a0 fffff801`8413d222 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffa10d`f75be1c0 : nt!KeSetEvent+0x129
  830. ffffb500`ced7ca30 fffff801`83e04413 : ffffd789`ef42c7c0 00000001`432b0140 00000000`00000000 ffffd789`ef438ee0 : nt!NtSetEvent+0x92
  831. ffffb500`ced7ca80 00007ffa`9e395564 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  832. 00000000`0b95fd98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`9e395564
  833. STACK_COMMAND: kb
  834. THREAD_SHA1_HASH_MOD_FUNC: 0850ecde5e369a3e165133a2f39695e038b8856c
  835. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 18419179fcfd26f6e62297f58e55cb3dbd37912f
  836. THREAD_SHA1_HASH_MOD: cb5f414824c2521bcc505eaa03e92fa10922dad8
  837. FOLLOWUP_IP:
  838. nt!KiFastFailDispatch+d0
  839. fffff801`83e04c10 c644242000 mov byte ptr [rsp+20h],0
  840. FAULT_INSTR_CODE: 202444c6
  841. SYMBOL_STACK_INDEX: 2
  842. SYMBOL_NAME: nt!KiFastFailDispatch+d0
  843. FOLLOWUP_NAME: MachineOwner
  844. MODULE_NAME: nt
  845.  
  846. IMAGE_NAME: ntkrnlmp.exe
  847.  
  848. DEBUG_FLR_IMAGE_TIMESTAMP: 597fd80d
  849. IMAGE_VERSION: 10.0.15063.540
  850. BUCKET_ID_FUNC_OFFSET: d0
  851. FAILURE_BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
  852. BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
  853. PRIMARY_PROBLEM_CLASS: 0x139_3_nt!KiFastFailDispatch
  854. TARGET_TIME: 2017-08-15T14:18:37.000Z
  855. SUITE_MASK: 272
  856. PRODUCT_TYPE: 1
  857. USER_LCID: 0
  858. FAILURE_ID_HASH_STRING: km:0x139_3_nt!kifastfaildispatch
  859. FAILURE_ID_HASH: {36173680-6f08-995f-065a-3d368c996911}
  860. Followup: MachineOwner
  861.  
  862. ========================================================================
  863. ==================== Dump File: 081617-4343-01.dmp =====================
  864. ========================================================================
  865. Mini Kernel Dump File: Only registers and stack trace are available
  866. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
  867. Kernel base = 0xfffff803`d6280000 PsLoadedModuleList = 0xfffff803`d65cc5c0
  868. Debug session time: Wed Aug 16 15:49:08.186 2017 (UTC - 4:00)
  869. System Uptime: 0 days 0:23:14.827
  870.  
  871. BugCheck 154, {ffff8d08c05b0000, ffffe10040457780, 1, 0}
  872. Probably caused by : ntkrnlmp.exe ( nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf )
  873. Followup: MachineOwner
  874.  
  875. UNEXPECTED_STORE_EXCEPTION (154)
  876. The store component caught an unexpected exception.
  877.  
  878. Arguments:
  879. Arg1: ffff8d08c05b0000, Pointer to the store context or data manager
  880. Arg2: ffffe10040457780, Exception information
  881. Arg3: 0000000000000001, Reserved
  882. Arg4: 0000000000000000, Reserved
  883.  
  884. Debugging Details:
  885. DUMP_CLASS: 1
  886. DUMP_QUALIFIER: 400
  887. DUMP_TYPE: 2
  888. DUMP_FILE_ATTRIBUTES: 0x8
  889. Kernel Generated Triage Dump
  890. EXCEPTION_RECORD: ffffe100404586c8 -- (.exr 0xffffe100404586c8)
  891. ExceptionAddress: fffff803d635943f (nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0x00000000000000cf)
  892. ExceptionCode: c0000005 (Access violation)
  893. ExceptionFlags: 00000000
  894. NumberParameters: 2
  895. Parameter[0]: 0000000000000000
  896. Parameter[1]: 0000000000000000
  897. Attempt to read from address 0000000000000000
  898. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  899. FAULTING_IP:
  900. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  901. fffff803`d635943f 488b08 mov rcx,qword ptr [rax]
  902. FOLLOWUP_IP:
  903. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  904. fffff803`d635943f 488b08 mov rcx,qword ptr [rax]
  905. EXCEPTION_PARAMETER1: 0000000000000000
  906. EXCEPTION_PARAMETER2: 0000000000000000
  907. CONTEXT: ffffe10040457f10 -- (.cxr 0xffffe10040457f10)
  908. rax=0000000000000000 rbx=ffff8d08c05b18b0 rcx=0000000000000000
  909. rdx=fffff803d6677430 rsi=000000000000141c rdi=0000000000000000
  910. rip=fffff803d635943f rsp=ffffe10040458900 rbp=ffff8d08c05b0000
  911. r8=ffff8d08c05b18b0 r9=ffff8d08bffd2b40 r10=ffff8d08bffd2af0
  912. r11=00000000ffffffff r12=0000000000001fff r13=00000000ffffffff
  913. r14=ffff8d08c10b1000 r15=0000000000000000
  914. iopl=0 nv up ei pl zr na po nc
  915. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
  916. nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0xcf:
  917. fffff803`d635943f 488b08 mov rcx,qword ptr [rax] ds:002b:00000000`00000000=????????????????
  918. Resetting default scope
  919. CUSTOMER_CRASH_COUNT: 1
  920. DEFAULT_BUCKET_ID: NULL_DEREFERENCE
  921.  
  922. PROCESS_NAME: MemCompression
  923.  
  924. CURRENT_IRQL: 0
  925. ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  926. EXCEPTION_CODE_STR: c0000005
  927. READ_ADDRESS: fffff803d6661358: Unable to get MiVisibleState
  928. 0000000000000000
  929. BUGCHECK_STR: 0x154_c0000005
  930. LAST_CONTROL_TRANSFER: from fffff803d635ad8f to fffff803d635943f
  931. STACK_TEXT:
  932. ffffe100`40458900 fffff803`d635ad8f : 00000000`0000141c 00000000`ffffffff 00000000`ffffffff ffff8d08`c05b0050 : nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+0xcf
  933. ffffe100`40458930 fffff803`d635071a : ffff8d08`c05b0050 ffffe100`404589b0 00000000`00000000 ffff8d08`00000000 : nt!ST_STORE<SM_TRAITS>::StUnlockAndUnmapRegion+0x7b
  934. ffffe100`40458970 fffff803`d635065e : 00000000`00000008 00000000`00000103 ffff8d08`c05b0050 00000004`00000000 : nt!ST_STORE<SM_TRAITS>::StDmCurrentRegionSet+0x9e
  935. ffffe100`404589d0 fffff803`d6348a60 : ffff8d08`c05b0000 ffffe100`40458a70 00000000`00000002 fffff803`00000000 : nt!ST_STORE<SM_TRAITS>::StDmInvalidateCurrentRegions+0x32
  936. ffffe100`40458a00 fffff803`d639a2a7 : ffff8d08`c05b1650 ffffe100`40458b18 ffffe100`40458a71 fffff803`d635133b : nt!ST_STORE<SM_TRAITS>::StWorkItemProcess+0x1d8
  937. ffffe100`40458a50 fffff803`d6348394 : ffff8d08`c05b0000 ffffe100`40458b18 7fffffff`fffffffc ffff8d08`00000000 : nt!ST_STORE<SM_TRAITS>::StLazyWorkMgrRunExpiredWork+0xe7
  938. ffffe100`40458aa0 fffff803`d639aff1 : 00000000`00000102 00000000`00000000 00000000`00000000 ffffe100`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStWorker+0x60c
  939. ffffe100`40458b60 fffff803`d635cac7 : ffff8d08`c05b0000 fffff803`d63f1967 00000000`00f74a82 ffff8d08`c10287c0 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkerThread+0x11
  940. ffffe100`40458b90 fffff803`d63f19e6 : ffffe100`3ce08180 ffff8d08`c10287c0 fffff803`d635ca80 00000000`00000000 : nt!PspSystemThreadStartup+0x47
  941. ffffe100`40458be0 00000000`00000000 : ffffe100`40459000 ffffe100`40452000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16
  942. THREAD_SHA1_HASH_MOD_FUNC: 14c4240dd99503e3cb69608e4185326668041be8
  943. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 7a972e7709dac97eea6946dc5a55cd6bd78a5ad3
  944. THREAD_SHA1_HASH_MOD: bc100a5647b828107ac4e18055e00abcbe1ec406
  945. FAULT_INSTR_CODE: e8088b48
  946. SYMBOL_STACK_INDEX: 0
  947. SYMBOL_NAME: nt!SMKM_STORE<SM_TRAITS>::SmStUnmapVirtualRegion+cf
  948. FOLLOWUP_NAME: MachineOwner
  949. MODULE_NAME: nt
  950.  
  951. IMAGE_NAME: ntkrnlmp.exe
  952.  
  953. DEBUG_FLR_IMAGE_TIMESTAMP: 597fd80d
  954. IMAGE_VERSION: 10.0.15063.540
  955. STACK_COMMAND: .cxr 0xffffe10040457f10 ; kb
  956. BUCKET_ID_FUNC_OFFSET: cf
  957. FAILURE_BUCKET_ID: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  958. BUCKET_ID: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  959. PRIMARY_PROBLEM_CLASS: 0x154_c0000005_nt!SMKM_STORE_SM_TRAITS_::SmStUnmapVirtualRegion
  960. TARGET_TIME: 2017-08-16T19:49:08.000Z
  961. SUITE_MASK: 272
  962. PRODUCT_TYPE: 1
  963. USER_LCID: 0
  964. FAILURE_ID_HASH_STRING: km:0x154_c0000005_nt!smkm_store_sm_traits_::smstunmapvirtualregion
  965. FAILURE_ID_HASH: {fd3438ee-1856-26ad-cd9b-6e57571ef255}
  966. Followup: MachineOwner
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!