Guest User

Untitled

a guest
Aug 3rd, 2017
154
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.68 KB | None | 0 0
  1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4. Auto Dump Analyzer by gardenman
  5. Time to debug file(s): 00 hours and 04 minutes and 40 seconds
  6.  
  7. ========================================================================
  8. =================== Dump File: 080317-4906-01.dmp ====================
  9. ========================================================================
  10. Mini Kernel Dump File: Only registers and stack trace are available
  11. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  12. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  13. Built by: 14393.0.amd64fre.rs1_release.160715-1616
  14. Kernel base = 0xfffff801`b3a13000 PsLoadedModuleList = 0xfffff801`b3d18060
  15. Debug session time: Thu Aug 3 16:17:27.127 2017 (UTC - 4:00)
  16. System Uptime: 0 days 0:00:19.802
  17.  
  18. BugCheck D1, {fffffadbb3a4ccdc, 2, 8, fffffadbb3a4ccdc}
  19. *** WARNING: Unable to verify timestamp for win32k.sys
  20. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  21. Probably caused by : memory_corruption
  22. Followup: memory_corruption
  23.  
  24. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  25. An attempt was made to access a pageable (or completely invalid) address at an
  26. interrupt request level (IRQL) that is too high. This is usually
  27. caused by drivers using improper addresses.
  28. If kernel debugger is available get stack backtrace.
  29.  
  30. Arguments:
  31. Arg1: fffffadbb3a4ccdc, memory referenced
  32. Arg2: 0000000000000002, IRQL
  33. Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
  34. Arg4: fffffadbb3a4ccdc, address which referenced memory
  35.  
  36. Debugging Details:
  37. DUMP_CLASS: 1
  38. DUMP_QUALIFIER: 400
  39. BUILD_VERSION_STRING: 10.0.14393.0 (rs1_release.160715-1616)
  40. SYSTEM_SKU: SKU
  41. BIOS_VENDOR: American Megatrends Inc.
  42. BIOS_VERSION: 3401
  43. BIOS_DATE: 01/25/2017
  44. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  45. BASEBOARD_PRODUCT: Z170-A
  46. BASEBOARD_VERSION: Rev 1.xx
  47. DUMP_TYPE: 2
  48. READ_ADDRESS: fffff801b3dba338: Unable to get MiVisibleState
  49. fffffadbb3a4ccdc
  50. CURRENT_IRQL: 2
  51. FAULTING_IP:
  52. +0
  53. fffffadb`b3a4ccdc ?? ???
  54. CPU_COUNT: 4
  55. CPU_MHZ: db0
  56. CPU_VENDOR: GenuineIntel
  57. CPU_FAMILY: 6
  58. CPU_MODEL: 5e
  59. CPU_STEPPING: 3
  60. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  61. CUSTOMER_CRASH_COUNT: 1
  62. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  63. BUGCHECK_STR: AV
  64.  
  65. PROCESS_NAME: System
  66.  
  67. TRAP_FRAME: ffffb400ccff74d0 -- (.trap 0xffffb400ccff74d0)
  68. NOTE: The trap frame does not contain all registers.
  69. Some register values may be zeroed or incorrect.
  70. rax=0000000000000000 rbx=0000000000000000 rcx=ffffb400ccff7620
  71. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
  72. rip=fffffadbb3a4ccdc rsp=ffffb400ccff7660 rbp=0000000000000000
  73. r8=0000000000000000 r9=0000000000000000 r10=000000000000000b
  74. r11=ffffc68fcd745c58 r12=0000000000000000 r13=0000000000000000
  75. r14=0000000000000000 r15=0000000000000000
  76. iopl=0 nv up ei ng nz na pe nc
  77. fffffadb`b3a4ccdc ?? ???
  78. Resetting default scope
  79. LAST_CONTROL_TRANSFER: from fffff801b3b68129 to fffff801b3b5cf90
  80. FAILED_INSTRUCTION_ADDRESS:
  81. +0
  82. fffffadb`b3a4ccdc ?? ???
  83. STACK_TEXT:
  84. ffffb400`ccff7388 fffff801`b3b68129 : 00000000`0000000a fffffadb`b3a4ccdc 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
  85. ffffb400`ccff7390 fffff801`b3b66707 : fffff801`b3d55180 fffff801`b3b6237f 00000000`0413f7df ffffc68f`cd35f040 : nt!KiBugCheckDispatch+0x69
  86. ffffb400`ccff74d0 fffffadb`b3a4ccdc : 00000000`00000000 00000000`00000001 00000000`00006a00 ffffc68f`ce2879a0 : nt!KiPageFault+0x247
  87. ffffb400`ccff7660 00000000`00000000 : 00000000`00000001 00000000`00006a00 ffffc68f`ce2879a0 ffffb2da`0066f000 : 0xfffffadb`b3a4ccdc
  88. STACK_COMMAND: kb
  89. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  90. fffff801b3a57bd9 - nt!MiUnlinkFreeOrZeroedPage+29
  91. [ fa:ea ]
  92. fffff801b3afdcd9 - nt!MiReplacePageTablePage+5d (+0xa6100)
  93. [ fa:ea ]
  94. fffff801b3b0433e - nt!RemoveListEntryPte+32 (+0x6665)
  95. [ f6:b2 ]
  96. fffff801b3b211de - nt!MiPurgeZeroList+6e (+0x1cea0)
  97. [ fa:ea ]
  98. 4 errors : !nt (fffff801b3a57bd9-fffff801b3b211de)
  99. MODULE_NAME: memory_corruption
  100.  
  101. IMAGE_NAME: memory_corruption
  102.  
  103. FOLLOWUP_NAME: memory_corruption
  104. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  105. MEMORY_CORRUPTOR: LARGE
  106. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  107. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  108. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  109. TARGET_TIME: 2017-08-03T20:17:27.000Z
  110. OSBUILD: 14393
  111. OSSERVICEPACK: 0
  112. SERVICEPACK_NUMBER: 0
  113. OS_REVISION: 0
  114. SUITE_MASK: 784
  115. PRODUCT_TYPE: 1
  116. OSPLATFORM_TYPE: x64
  117. OSNAME: Windows 10
  118. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  119. USER_LCID: 0
  120. OSBUILD_TIMESTAMP: 2016-07-15 22:16:17
  121. BUILDDATESTAMP_STR: 160715-1616
  122. BUILDLAB_STR: rs1_release
  123. BUILDOSVER_STR: 10.0.14393.0
  124. ANALYSIS_SESSION_ELAPSED_TIME: 2abc
  125. ANALYSIS_SOURCE: KM
  126. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  127. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  128. Followup: memory_corruption
  129.  
  130. ========================================================================
  131. ============================== Drivers ===============================
  132. ========================================================================
  133. Image path: \SystemRoot\System32\drivers\e1i63x64.sys
  134. Image name: e1i63x64.sys
  135. Possible Info Link: http://www.carrona.org/drivers/driver.php?id=e1i63x64.sys
  136. Timestamp: Fri Mar 4 2016
  137.  
  138. Unloaded modules:
  139. fffff802`52ce0000 fffff802`52d1c000 WUDFRd.sys
  140. fffff802`516b0000 fffff802`516bf000 dump_storpor
  141. fffff802`516f0000 fffff802`51714000 dump_storahc
  142. fffff802`51740000 fffff802`5175d000 dump_dumpfve
  143. fffff802`51d40000 fffff802`51d53000 dam.sys
  144. fffff802`506b0000 fffff802`506c0000 WdBoot.sys
  145. fffff802`515c0000 fffff802`515cf000 hwpolicy.sys
  146.  
  147. ========================================================================
  148. ============================== BIOS INFO =============================
  149. ========================================================================
  150. [SMBIOS Data Tables v3.0]
  151. [DMI Version - 0]
  152. [2.0 Calling Convention - No]
  153. [Table Size - 4359 bytes]
  154. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  155. Vendor American Megatrends Inc.
  156. BIOS Version 3401
  157. BIOS Starting Address Segment f000
  158. BIOS Release Date 01/25/2017
  159. BIOS ROM Size 1000000
  160. BIOS Characteristics
  161. 07: - PCI Supported
  162. 10: - APM Supported
  163. 11: - Upgradeable FLASH BIOS
  164. 12: - BIOS Shadowing Supported
  165. 15: - CD-Boot Supported
  166. 16: - Selectable Boot Supported
  167. 17: - BIOS ROM Socketed
  168. 19: - EDD Supported
  169. 23: - 1.2MB Floppy Supported
  170. 24: - 720KB Floppy Supported
  171. 25: - 2.88MB Floppy Supported
  172. 26: - Print Screen Device Supported
  173. 27: - Keyboard Services Supported
  174. 28: - Serial Services Supported
  175. 29: - Printer Services Supported
  176. 32: - BIOS Vendor Reserved
  177. BIOS Characteristic Extensions
  178. 00: - ACPI Supported
  179. 01: - USB Legacy Supported
  180. 08: - BIOS Boot Specification Supported
  181. 10: - Specification Reserved
  182. 11: - Specification Reserved
  183. BIOS Major Revision 5
  184. BIOS Minor Revision 12
  185. EC Firmware Major Revision 255
  186. EC Firmware Minor Revision 255
  187. [System Information (Type 1) - Length 27 - Handle 0001h]
  188. Manufacturer System manufacturer
  189. Product Name System Product Name
  190. Version System Version
  191. UUID 00000000-0000-0000-0000-000000000000
  192. Wakeup Type Power Switch
  193. SKUNumber SKU
  194. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  195. Manufacturer ASUSTeK COMPUTER INC.
  196. Product Z170-A
  197. Version Rev 1.xx
  198. Feature Flags 09h
  199. 1644700168: - ?ÿU?ì?ì¡H.b3Å?Eü3ÀW?}?Eô?Eø?ÿu
  200. ¸@
  201. 1644700208: - ?ÿU?ì?ì¡H.b3Å?Eü3ÀW?}?Eô?Eø?ÿu
  202. ¸@
  203. Location Default string
  204. Chassis Handle 0003h
  205. Board Type 0ah - Processor/Memory Module
  206. Number of Child Handles 0
  207. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  208. Manufacturer Default string
  209. Chassis Type Desktop
  210. Version Default string
  211. Bootup State Safe
  212. Power Supply State Safe
  213. Thermal State Safe
  214. Security Status None
  215. OEM Defined 0
  216. Height 0U
  217. Number of Power Cords 1
  218. Number of Contained Elements 0
  219. Contained Element Size 3
  220. [Onboard Devices Information (Type 10) - Length 6 - Handle 0028h]
  221. Number of Devices 1
  222. 01: Type Video [enabled]
  223. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  224. Number of Strings 4
  225. 1 Default string
  226. 2 Default string
  227. 3 ORC
  228. 4 Default string
  229. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  230. [Physical Memory Array (Type 16) - Length 23 - Handle 0045h]
  231. Location 03h - SystemBoard/Motherboard
  232. Use 03h - System Memory
  233. Memory Error Correction 03h - None
  234. Maximum Capacity 67108864KB
  235. Number of Memory Devices 4
  236. [Memory Device (Type 17) - Length 40 - Handle 0046h]
  237. Physical Memory Array Handle 0045h
  238. Total Width 0 bits
  239. Data Width 0 bits
  240. Form Factor 02h - Unknown
  241. Device Locator ChannelA-DIMM1
  242. Bank Locator BANK 0
  243. Memory Type 02h - Unknown
  244. Type Detail 0000h -
  245. Speed 0MHz
  246. [Memory Device (Type 17) - Length 40 - Handle 0047h]
  247. Physical Memory Array Handle 0045h
  248. Total Width 64 bits
  249. Data Width 64 bits
  250. Size 8192MB
  251. Form Factor 09h - DIMM
  252. Device Locator ChannelA-DIMM2
  253. Bank Locator BANK 1
  254. Memory Type 1ah - Specification Reserved
  255. Type Detail 0080h - Synchronous
  256. Speed 2133MHz
  257. Manufacturer G-Skill
  258. Part Number F4-2133C15-8GRR
  259. [Memory Device (Type 17) - Length 40 - Handle 0048h]
  260. Physical Memory Array Handle 0045h
  261. Total Width 0 bits
  262. Data Width 0 bits
  263. Form Factor 02h - Unknown
  264. Device Locator ChannelB-DIMM1
  265. Bank Locator BANK 2
  266. Memory Type 02h - Unknown
  267. Type Detail 0000h -
  268. Speed 0MHz
  269. [Memory Device (Type 17) - Length 40 - Handle 0049h]
  270. Physical Memory Array Handle 0045h
  271. Total Width 64 bits
  272. Data Width 64 bits
  273. Size 8192MB
  274. Form Factor 09h - DIMM
  275. Device Locator ChannelB-DIMM2
  276. Bank Locator BANK 3
  277. Memory Type 1ah - Specification Reserved
  278. Type Detail 0080h - Synchronous
  279. Speed 2133MHz
  280. Manufacturer G-Skill
  281. Part Number F4-2133C15-8GRR
  282. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004ah]
  283. Starting Address 00000000h
  284. Ending Address 00ffffffh
  285. Memory Array Handle 0045h
  286. Partition Width 02
  287. [Cache Information (Type 7) - Length 19 - Handle 004bh]
  288. Socket Designation L1 Cache
  289. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  290. Maximum Cache Size 0100h - 256K
  291. Installed Size 0100h - 256K
  292. Supported SRAM Type 0020h - Synchronous
  293. Current SRAM Type 0020h - Synchronous
  294. Cache Speed 0ns
  295. Error Correction Type ParitySingle-Bit ECC
  296. System Cache Type Unified
  297. Associativity 8-way Set-Associative
  298. [Cache Information (Type 7) - Length 19 - Handle 004ch]
  299. Socket Designation L2 Cache
  300. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  301. Maximum Cache Size 0400h - 1024K
  302. Installed Size 0400h - 1024K
  303. Supported SRAM Type 0020h - Synchronous
  304. Current SRAM Type 0020h - Synchronous
  305. Cache Speed 0ns
  306. Error Correction Type Multi-Bit ECC
  307. System Cache Type Unified
  308. Associativity 4-way Set-Associative
  309. [Cache Information (Type 7) - Length 19 - Handle 004dh]
  310. Socket Designation L3 Cache
  311. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  312. Maximum Cache Size 1800h - 6144K
  313. Installed Size 1800h - 6144K
  314. Supported SRAM Type 0020h - Synchronous
  315. Current SRAM Type 0020h - Synchronous
  316. Cache Speed 0ns
  317. Error Correction Type Specification Reserved
  318. System Cache Type Unified
  319. Associativity Specification Reserved
  320. [Processor Information (Type 4) - Length 48 - Handle 004eh]
  321. Socket Designation LGA1151
  322. Processor Type Central Processor
  323. Processor Family cdh - Specification Reserved
  324. Processor Manufacturer Intel(R) Corporation
  325. Processor ID e3060500fffbebbf
  326. Processor Version Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
  327. Processor Voltage 8bh - 1.1V
  328. External Clock 100MHz
  329. Max Speed 8300MHz
  330. Current Speed 3500MHz
  331. Status Enabled Populated
  332. Processor Upgrade Other
  333. L1 Cache Handle 004bh
  334. L2 Cache Handle 004ch
  335. L3 Cache Handle 004dh
  336. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004fh]
  337. Starting Address 00000000h
  338. Ending Address 007fffffh
  339. Memory Device Handle 0047h
  340. Mem Array Mapped Adr Handle 004ah
  341. Interleave Position 01
  342. Interleave Data Depth 02
  343. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0050h]
  344. Starting Address 00800000h
  345. Ending Address 00ffffffh
  346. Memory Device Handle 0049h
  347. Mem Array Mapped Adr Handle 004ah
  348. Interleave Position 02
  349. Interleave Data Depth 02
  350.  
  351. ========================================================================
  352. =================== Dump File: 080317-4453-01.dmp ====================
  353. ========================================================================
  354. Mini Kernel Dump File: Only registers and stack trace are available
  355. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  356. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  357. Built by: 14393.0.amd64fre.rs1_release.160715-1616
  358. Kernel base = 0xfffff803`d2a1f000 PsLoadedModuleList = 0xfffff803`d2d24060
  359. Debug session time: Thu Aug 3 16:18:48.030 2017 (UTC - 4:00)
  360. System Uptime: 0 days 0:00:27.726
  361.  
  362. BugCheck D1, {fffffd03d2b6c74a, 2, 8, fffffd03d2b6c74a}
  363. Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+247 )
  364. Followup: MachineOwner
  365.  
  366. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  367. An attempt was made to access a pageable (or completely invalid) address at an
  368. interrupt request level (IRQL) that is too high. This is usually
  369. caused by drivers using improper addresses.
  370. If kernel debugger is available get stack backtrace.
  371.  
  372. Arguments:
  373. Arg1: fffffd03d2b6c74a, memory referenced
  374. Arg2: 0000000000000002, IRQL
  375. Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
  376. Arg4: fffffd03d2b6c74a, address which referenced memory
  377.  
  378. Debugging Details:
  379. DUMP_CLASS: 1
  380. DUMP_QUALIFIER: 400
  381. BUILD_VERSION_STRING: 10.0.14393.0 (rs1_release.160715-1616)
  382. SYSTEM_SKU: SKU
  383. BIOS_VENDOR: American Megatrends Inc.
  384. BIOS_VERSION: 3401
  385. BIOS_DATE: 01/25/2017
  386. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  387. BASEBOARD_PRODUCT: Z170-A
  388. BASEBOARD_VERSION: Rev 1.xx
  389. DUMP_TYPE: 2
  390. READ_ADDRESS: fffff803d2dc6338: Unable to get MiVisibleState
  391. fffffd03d2b6c74a
  392. CURRENT_IRQL: 2
  393. FAULTING_IP:
  394. +0
  395. fffffd03`d2b6c74a ?? ???
  396. CPU_COUNT: 4
  397. CPU_MHZ: db0
  398. CPU_VENDOR: GenuineIntel
  399. CPU_FAMILY: 6
  400. CPU_MODEL: 5e
  401. CPU_STEPPING: 3
  402. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  403. CUSTOMER_CRASH_COUNT: 1
  404. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  405. BUGCHECK_STR: AV
  406.  
  407. PROCESS_NAME: conhost.exe
  408.  
  409. TRAP_FRAME: ffffc5811ce5c510 -- (.trap 0xffffc5811ce5c510)
  410. NOTE: The trap frame does not contain all registers.
  411. Some register values may be zeroed or incorrect.
  412. rax=000000da57fdd000 rbx=0000000000000000 rcx=ffffc5811ce5c660
  413. rdx=00000000000000da rsi=0000000000000000 rdi=0000000000000000
  414. rip=fffffd03d2b6c74a rsp=ffffc5811ce5c6a0 rbp=ffffc5811ce5c720
  415. r8=0000000000000000 r9=0000000000000000 r10=000000000000000c
  416. r11=ffff878c275d5a9c r12=0000000000000000 r13=0000000000000000
  417. r14=0000000000000000 r15=0000000000000000
  418. iopl=0 nv up ei ng nz na pe nc
  419. fffffd03`d2b6c74a ?? ???
  420. Resetting default scope
  421. LAST_CONTROL_TRANSFER: from fffff803d2b74129 to fffff803d2b68f90
  422. FAILED_INSTRUCTION_ADDRESS:
  423. +0
  424. fffffd03`d2b6c74a ?? ???
  425. STACK_TEXT:
  426. ffffc581`1ce5c3c8 fffff803`d2b74129 : 00000000`0000000a fffffd03`d2b6c74a 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
  427. ffffc581`1ce5c3d0 fffff803`d2b72707 : fffff803`d2d61180 fffff803`d2b6e37f 00000000`05b1c234 ffff878c`29e02800 : nt!KiBugCheckDispatch+0x69
  428. ffffc581`1ce5c510 fffffd03`d2b6c74a : ffff878c`29885800 00000000`000000aa ffffc53b`00000000 ffffc53b`8005c100 : nt!KiPageFault+0x247
  429. ffffc581`1ce5c6a0 ffff878c`29885800 : 00000000`000000aa ffffc53b`00000000 ffffc53b`8005c100 00000000`00000000 : 0xfffffd03`d2b6c74a
  430. ffffc581`1ce5c6a8 00000000`000000aa : ffffc53b`00000000 ffffc53b`8005c100 00000000`00000000 00001f80`00b600a6 : 0xffff878c`29885800
  431. ffffc581`1ce5c6b0 ffffc53b`00000000 : ffffc53b`8005c100 00000000`00000000 00001f80`00b600a6 00000000`00000086 : 0xaa
  432. ffffc581`1ce5c6b8 ffffc53b`8005c100 : 00000000`00000000 00001f80`00b600a6 00000000`00000086 ffffc53b`81c00820 : 0xffffc53b`00000000
  433. ffffc581`1ce5c6c0 00000000`00000000 : 00001f80`00b600a6 00000000`00000086 ffffc53b`81c00820 00000000`00000000 : 0xffffc53b`8005c100
  434. STACK_COMMAND: kb
  435. THREAD_SHA1_HASH_MOD_FUNC: bf99962f16aee8a6a536cfcc5454c0cd4db15ac9
  436. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 3fc3928ee7b2857c7b0acb22199e00ab7dceb90c
  437. THREAD_SHA1_HASH_MOD: 2a7ca9d3ab5386d53fea7498e1d81b9c4a4c036b
  438. FOLLOWUP_IP:
  439. nt!KiPageFault+247
  440. fffff803`d2b72707 33c0 xor eax,eax
  441. FAULT_INSTR_CODE: ffb0c033
  442. SYMBOL_STACK_INDEX: 2
  443. SYMBOL_NAME: nt!KiPageFault+247
  444. FOLLOWUP_NAME: MachineOwner
  445. MODULE_NAME: nt
  446.  
  447. IMAGE_NAME: ntkrnlmp.exe
  448.  
  449. DEBUG_FLR_IMAGE_TIMESTAMP: 578998f1
  450. IMAGE_VERSION: 10.0.14393.0
  451. BUCKET_ID_FUNC_OFFSET: 247
  452. FAILURE_BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
  453. BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
  454. PRIMARY_PROBLEM_CLASS: AV_CODE_AV_BAD_IP_nt!KiPageFault
  455. TARGET_TIME: 2017-08-03T20:18:48.000Z
  456. OSBUILD: 14393
  457. OSSERVICEPACK: 0
  458. SERVICEPACK_NUMBER: 0
  459. OS_REVISION: 0
  460. SUITE_MASK: 784
  461. PRODUCT_TYPE: 1
  462. OSPLATFORM_TYPE: x64
  463. OSNAME: Windows 10
  464. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  465. USER_LCID: 0
  466. OSBUILD_TIMESTAMP: 2016-07-15 22:16:17
  467. BUILDDATESTAMP_STR: 160715-1616
  468. BUILDLAB_STR: rs1_release
  469. BUILDOSVER_STR: 10.0.14393.0
  470. ANALYSIS_SESSION_ELAPSED_TIME: 9b6
  471. ANALYSIS_SOURCE: KM
  472. FAILURE_ID_HASH_STRING: km:av_code_av_bad_ip_nt!kipagefault
  473. FAILURE_ID_HASH: {73cd60cc-83fa-6b76-df08-1961c31d7403}
  474. Followup: MachineOwner
  475.  
  476. ========================================================================
  477. =================== Dump File: 080317-4609-01.dmp ====================
  478. ========================================================================
  479. Mini Kernel Dump File: Only registers and stack trace are available
  480. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  481. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  482. Built by: 14393.0.amd64fre.rs1_release.160715-1616
  483. Kernel base = 0xfffff802`9f400000 PsLoadedModuleList = 0xfffff802`9f705060
  484. Debug session time: Thu Aug 3 16:15:36.781 2017 (UTC - 4:00)
  485. System Uptime: 0 days 0:00:10.455
  486.  
  487. BugCheck D1, {ffffffff9f439cdc, 2, 8, ffffffff9f439cdc}
  488. Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+247 )
  489. Followup: MachineOwner
  490.  
  491. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  492. An attempt was made to access a pageable (or completely invalid) address at an
  493. interrupt request level (IRQL) that is too high. This is usually
  494. caused by drivers using improper addresses.
  495. If kernel debugger is available get stack backtrace.
  496.  
  497. Arguments:
  498. Arg1: ffffffff9f439cdc, memory referenced
  499. Arg2: 0000000000000002, IRQL
  500. Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
  501. Arg4: ffffffff9f439cdc, address which referenced memory
  502.  
  503. Debugging Details:
  504. DUMP_CLASS: 1
  505. DUMP_QUALIFIER: 400
  506. BUILD_VERSION_STRING: 10.0.14393.0 (rs1_release.160715-1616)
  507. SYSTEM_SKU: SKU
  508. BIOS_VENDOR: American Megatrends Inc.
  509. BIOS_VERSION: 3401
  510. BIOS_DATE: 01/25/2017
  511. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  512. BASEBOARD_PRODUCT: Z170-A
  513. BASEBOARD_VERSION: Rev 1.xx
  514. DUMP_TYPE: 2
  515. READ_ADDRESS: fffff8029f7a7338: Unable to get MiVisibleState
  516. ffffffff9f439cdc
  517. CURRENT_IRQL: 2
  518. FAULTING_IP:
  519. +0
  520. ffffffff`9f439cdc ?? ???
  521. CPU_COUNT: 4
  522. CPU_MHZ: db0
  523. CPU_VENDOR: GenuineIntel
  524. CPU_FAMILY: 6
  525. CPU_MODEL: 5e
  526. CPU_STEPPING: 3
  527. CPU_MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  528. CUSTOMER_CRASH_COUNT: 1
  529. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  530. BUGCHECK_STR: AV
  531.  
  532. PROCESS_NAME: msoobe.exe
  533.  
  534. TRAP_FRAME: ffffb1802182d390 -- (.trap 0xffffb1802182d390)
  535. NOTE: The trap frame does not contain all registers.
  536. Some register values may be zeroed or incorrect.
  537. rax=0000003c2903e000 rbx=0000000000000000 rcx=ffffb1802182d4e0
  538. rdx=000000000000003c rsi=0000000000000000 rdi=0000000000000000
  539. rip=ffffffff9f439cdc rsp=ffffb1802182d520 rbp=0000000000000000
  540. r8=0000000000000002 r9=0000000000000000 r10=0000000000000009
  541. r11=ffffa18de4ba40e4 r12=0000000000000000 r13=0000000000000000
  542. r14=0000000000000000 r15=0000000000000000
  543. iopl=0 nv up ei ng nz na po nc
  544. ffffffff`9f439cdc ?? ???
  545. Resetting default scope
  546. LAST_CONTROL_TRANSFER: from fffff8029f555129 to fffff8029f549f90
  547. FAILED_INSTRUCTION_ADDRESS:
  548. +0
  549. ffffffff`9f439cdc ?? ???
  550. STACK_TEXT:
  551. ffffb180`2182d248 fffff802`9f555129 : 00000000`0000000a ffffffff`9f439cdc 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
  552. ffffb180`2182d250 fffff802`9f553707 : fffff802`9f742180 fffff802`9f54f37f 00000000`022d288e ffffa18d`eac0a080 : nt!KiBugCheckDispatch+0x69
  553. ffffb180`2182d390 ffffffff`9f439cdc : ffffb180`00000000 fffff80f`00000000 00000000`00000000 ffffa18d`eac0a450 : nt!KiPageFault+0x247
  554. ffffb180`2182d520 ffffb180`00000000 : fffff80f`00000000 00000000`00000000 ffffa18d`eac0a450 ffffb180`2182d6e8 : 0xffffffff`9f439cdc
  555. ffffb180`2182d528 fffff80f`00000000 : 00000000`00000000 ffffa18d`eac0a450 ffffb180`2182d6e8 ffffb180`21829000 : 0xffffb180`00000000
  556. ffffb180`2182d530 00000000`00000000 : ffffa18d`eac0a450 ffffb180`2182d6e8 ffffb180`21829000 ffffa18d`00000000 : 0xfffff80f`00000000
  557. STACK_COMMAND: kb
  558. THREAD_SHA1_HASH_MOD_FUNC: bf99962f16aee8a6a536cfcc5454c0cd4db15ac9
  559. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 3fc3928ee7b2857c7b0acb22199e00ab7dceb90c
  560. THREAD_SHA1_HASH_MOD: 2a7ca9d3ab5386d53fea7498e1d81b9c4a4c036b
  561. FOLLOWUP_IP:
  562. nt!KiPageFault+247
  563. fffff802`9f553707 33c0 xor eax,eax
  564. FAULT_INSTR_CODE: ffb0c033
  565. SYMBOL_STACK_INDEX: 2
  566. SYMBOL_NAME: nt!KiPageFault+247
  567. FOLLOWUP_NAME: MachineOwner
  568. MODULE_NAME: nt
  569.  
  570. IMAGE_NAME: ntkrnlmp.exe
  571.  
  572. DEBUG_FLR_IMAGE_TIMESTAMP: 578998f1
  573. IMAGE_VERSION: 10.0.14393.0
  574. BUCKET_ID_FUNC_OFFSET: 247
  575. FAILURE_BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
  576. BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
  577. PRIMARY_PROBLEM_CLASS: AV_CODE_AV_BAD_IP_nt!KiPageFault
  578. TARGET_TIME: 2017-08-03T20:15:36.000Z
  579. OSBUILD: 14393
  580. OSSERVICEPACK: 0
  581. SERVICEPACK_NUMBER: 0
  582. OS_REVISION: 0
  583. SUITE_MASK: 784
  584. PRODUCT_TYPE: 1
  585. OSPLATFORM_TYPE: x64
  586. OSNAME: Windows 10
  587. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  588. USER_LCID: 0
  589. OSBUILD_TIMESTAMP: 2016-07-15 22:16:17
  590. BUILDDATESTAMP_STR: 160715-1616
  591. BUILDLAB_STR: rs1_release
  592. BUILDOSVER_STR: 10.0.14393.0
  593. ANALYSIS_SESSION_ELAPSED_TIME: 9da
  594. ANALYSIS_SOURCE: KM
  595. FAILURE_ID_HASH_STRING: km:av_code_av_bad_ip_nt!kipagefault
  596. FAILURE_ID_HASH: {73cd60cc-83fa-6b76-df08-1961c31d7403}
  597. Followup: MachineOwner
Advertisement
Add Comment
Please, Sign In to add comment