Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- Loading Dump File [C:\Users\MrSoloHD\Desktop\MEMORY.DMP]
- Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.
- Symbol search path is: srv*
- Executable search path is:
- Windows 10 Kernel Version 18362 MP (6 procs) Free x64
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 18362.1.amd64fre.19h1_release.190318-1202
- Machine Name:
- Kernel base = 0xfffff804`3d600000 PsLoadedModuleList = 0xfffff804`3da48190
- Debug session time: Tue Feb 25 14:51:27.673 2020 (UTC - 5:00)
- System Uptime: 0 days 0:36:11.463
- Loading Kernel Symbols
- .......................................Page 200186dca too large to be in the dump file.
- Page 200186dc9 too large to be in the dump file.
- ........................
- ................................................................
- ................................................................
- ...............
- Loading User Symbols
- PEB address is NULL !
- Loading unloaded module list
- ...........
- For analysis of this file, run !analyze -v
- 3: kd> !analyze -v
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff8043dc2a1b1, Address of the instruction which caused the bugcheck
- Arg3: ffffb809c4ca6380, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- ------------------
- KEY_VALUES_STRING: 1
- PROCESSES_ANALYSIS: 1
- SERVICE_ANALYSIS: 1
- STACKHASH_ANALYSIS: 1
- TIMELINE_ANALYSIS: 1
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 401
- BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
- SYSTEM_MANUFACTURER: System manufacturer
- SYSTEM_PRODUCT_NAME: System Product Name
- SYSTEM_SKU: ASUS_MB_CNL
- SYSTEM_VERSION: System Version
- BIOS_VENDOR: American Megatrends Inc.
- BIOS_VERSION: 1401
- BIOS_DATE: 11/26/2019
- BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
- BASEBOARD_PRODUCT: PRIME Z390-A
- BASEBOARD_VERSION: Rev 1.xx
- DUMP_TYPE: 1
- BUGCHECK_P1: c0000005
- BUGCHECK_P2: fffff8043dc2a1b1
- BUGCHECK_P3: ffffb809c4ca6380
- BUGCHECK_P4: 0
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- nt!CmpGetNameControlBlock+c1
- fffff804`3dc2a1b1 3b1e cmp ebx,dword ptr [rsi]
- CONTEXT: ffffb809c4ca6380 -- (.cxr 0xffffb809c4ca6380)
- rax=ffff840a19a4a000 rbx=0000000007b61a95 rcx=00000000a4ae33c8
- rdx=ffff840a19a4ed10 rsi=007200440000006b rdi=0000000000000000
- rip=fffff8043dc2a1b1 rsp=ffffb809c4ca6d70 rbp=0000000000000005
- r8=ffffb809c4ca6d48 r9=ffff840a3278b8fa r10=0000000000000000
- r11=000000000000000a r12=00000000000009a2 r13=ffffb809c4ca7140
- r14=0072004400000063 r15=ffff840a2a17e101
- iopl=0 nv up ei pl nz na pe nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202
- nt!CmpGetNameControlBlock+0xc1:
- fffff804`3dc2a1b1 3b1e cmp ebx,dword ptr [rsi] ds:002b:00720044`0000006b=????????
- Resetting default scope
- BUGCHECK_STR: 0x3B_c0000005
- CPU_COUNT: 6
- CPU_MHZ: c18
- CPU_VENDOR: GenuineIntel
- CPU_FAMILY: 6
- CPU_MODEL: 9e
- CPU_STEPPING: a
- CPU_MICROCODE: 6,9e,a,0 (F,M,S,R) SIG: B4'00000000 (cache) B4'00000000 (init)
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- PROCESS_NAME: Registry
- CURRENT_IRQL: 0
- ANALYSIS_SESSION_HOST: MRSOLOHD
- ANALYSIS_SESSION_TIME: 02-25-2020 14:54:29.0493
- ANALYSIS_VERSION: 10.0.18362.1 amd64fre
- LAST_CONTROL_TRANSFER: from fffff8043dc29db9 to fffff8043dc2a1b1
- STACK_TEXT:
- ffffb809`c4ca6d70 fffff804`3dc29db9 : 00000000`3ceb0005 ffffb809`c4ca7140 00000000`00000001 fffff804`3dc299e5 : nt!CmpGetNameControlBlock+0xc1
- ffffb809`c4ca6dd0 fffff804`3dc28177 : 00000000`3ceba3ca 00000000`07b61a95 ffff840a`29b5a3b0 00000000`00000000 : nt!CmpCreateKeyControlBlock+0x149
- ffffb809`c4ca6e40 fffff804`3dbf240a : ffff840a`29b5a3b0 00000000`00000003 ffffb809`c4ca7038 ffffb809`c4ca70a0 : nt!CmpWalkOneLevel+0x647
- ffffb809`c4ca6f50 fffff804`3dbef474 : ffffb809`0000001c ffffb809`c4ca72a0 ffffb809`c4ca7268 00000000`00000000 : nt!CmpDoParseKey+0x9fa
- ffffb809`c4ca71f0 fffff804`3dbed35f : ffffa60f`c1853320 ffff840a`341a6501 00000000`00000000 00000000`00000001 : nt!CmpParseKey+0x274
- ffffb809`c4ca7410 fffff804`3dbeb7c1 : ffffa60f`c1853300 ffffb809`c4ca7658 00000000`00000040 ffffa60f`9f2f87a0 : nt!ObpLookupObjectName+0x78f
- ffffb809`c4ca75d0 fffff804`3dbf4cdc : 00000000`00000001 00000000`00000000 00000000`00000000 ffffa60f`9f2f87a0 : nt!ObOpenObjectByNameEx+0x201
- ffffb809`c4ca7710 fffff804`3dbf4b5d : 00000064`8f2fee20 ffffb809`c4ca7a80 00000000`00000001 00000000`00000000 : nt!ObOpenObjectByName+0x5c
- ffffb809`c4ca7760 fffff804`3dbf6b7f : 00000000`00000f34 00007ffd`00501802 00000064`8f2fedb0 00000000`00020019 : nt!CmOpenKey+0x29d
- ffffb809`c4ca79c0 fffff804`3d7d334e : ffffa60f`c09b8080 00000242`e0477601 00000000`00000000 ffffa60f`bc5d1860 : nt!NtOpenKeyEx+0xf
- ffffb809`c4ca7a00 00007ffd`64e5e414 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x2b9
- 00000064`8f2fed48 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`64e5e414
- THREAD_SHA1_HASH_MOD_FUNC: 0d76521720d68b325676a51d865688920dcf0638
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 406d2cb7e123d666346d0b736e027ae56a2bb59a
- THREAD_SHA1_HASH_MOD: b28610981796779b4ac02f58898fde25728a775c
- FOLLOWUP_IP:
- nt!CmpGetNameControlBlock+c1
- fffff804`3dc2a1b1 3b1e cmp ebx,dword ptr [rsi]
- FAULT_INSTR_CODE: 840f1e3b
- SYMBOL_STACK_INDEX: 0
- SYMBOL_NAME: nt!CmpGetNameControlBlock+c1
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 4269a790
- STACK_COMMAND: .cxr 0xffffb809c4ca6380 ; kb
- BUCKET_ID_FUNC_OFFSET: c1
- FAILURE_BUCKET_ID: 0x3B_c0000005_nt!CmpGetNameControlBlock
- BUCKET_ID: 0x3B_c0000005_nt!CmpGetNameControlBlock
- PRIMARY_PROBLEM_CLASS: 0x3B_c0000005_nt!CmpGetNameControlBlock
- TARGET_TIME: 2020-02-25T19:51:27.000Z
- OSBUILD: 18362
- OSSERVICEPACK: 0
- SERVICEPACK_NUMBER: 0
- OS_REVISION: 0
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- OSPLATFORM_TYPE: x64
- OSNAME: Windows 10
- OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
- OS_LOCALE:
- USER_LCID: 0
- OSBUILD_TIMESTAMP: 2005-04-22 21:40:32
- BUILDDATESTAMP_STR: 190318-1202
- BUILDLAB_STR: 19h1_release
- BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
- ANALYSIS_SESSION_ELAPSED_TIME: 1256
- ANALYSIS_SOURCE: KM
- FAILURE_ID_HASH_STRING: km:0x3b_c0000005_nt!cmpgetnamecontrolblock
- FAILURE_ID_HASH: {8a5e360a-e831-e203-6a33-02da6bab5e29}
- Followup: MachineOwner
- ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement