Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- KERNEL_SECURITY_CHECK_FAILURE (139)
- A kernel component has corrupted a critical data structure. The corruption
- could potentially allow a malicious user to gain control of this machine.
- Arguments:
- Arg1: 0000000000000000, A stack-based buffer has been overrun.
- Arg2: 0000000000000000, Address of the trap frame for the exception that caused the bugcheck
- Arg3: 0000000000000000, Address of the exception record for the exception that caused the bugcheck
- Arg4: fffff08e27ea6e00, Reserved
- Debugging Details:
- ------------------
- KEY_VALUES_STRING: 1
- STACKHASH_ANALYSIS: 1
- TIMELINE_ANALYSIS: 1
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- BUILD_VERSION_STRING: 10.0.17134.590 (WinBuild.160101.0800)
- DUMP_FILE_ATTRIBUTES: 0x8
- Kernel Generated Triage Dump
- DUMP_TYPE: 2
- BUGCHECK_P1: 0
- BUGCHECK_P2: 0
- BUGCHECK_P3: 0
- BUGCHECK_P4: fffff08e27ea6e00
- TRAP_FRAME: fffff80236dae800 -- (.trap 0xfffff80236dae800)
- Unable to read trap frame at fffff802`36dae800
- EXCEPTION_RECORD: 0000000000000001 -- (.exr 0x1)
- Cannot read Exception record @ 0000000000000001
- CPU_COUNT: c
- CPU_MHZ: d42
- CPU_VENDOR: AuthenticAMD
- CPU_FAMILY: 17
- CPU_MODEL: 8
- CPU_STEPPING: 2
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: 0x139
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- ANALYSIS_SESSION_HOST: PC-JOEY
- ANALYSIS_SESSION_TIME: 02-24-2019 19:25:37.0091
- ANALYSIS_VERSION: 10.0.17763.132 amd64fre
- LAST_CONTROL_TRANSFER: from fffff80236bb769b to fffff80236baf0c0
- STACK_TEXT:
- fffff08e`27ea6678 fffff802`36bb769b : 00000000`00000139 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
- fffff08e`27ea6680 fffff802`36bb796d : fffff802`36df6000 fffff802`36a05000 00058218`00953000 00000000`00000000 : nt!guard_icall_handler+0x1b
- fffff08e`27ea66b0 fffff802`36ac3b36 : fffff08e`27ea67e0 fffff08e`27ea6ca0 00000000`00000000 fffff08e`27ea75b8 : nt!RtlpExecuteHandlerForException+0xd
- fffff08e`27ea66e0 fffff802`36ac5633 : fffff08e`27ea75b8 fffff08e`27ea7300 fffff08e`27ea75b8 00000000`00000000 : nt!RtlDispatchException+0x416
- fffff08e`27ea6dd0 fffff802`36bbfd42 : 00000000`00000001 0f0f0f0f`0f0f0f0f fffff802`36dae800 fffff803`9c782ca2 : nt!KiDispatchException+0x1f3
- fffff08e`27ea7480 fffff802`36bbc49c : ffffb701`2af7ef08 fffff802`36a49ae5 00000000`00017e5e fffff802`36a4a4d2 : nt!KiExceptionDispatch+0xc2
- fffff08e`27ea7660 fffff802`36bb772d : fffff802`36a854a0 00000000`00000000 fffff08e`27ea7a10 fffff802`36dae840 : nt!KiGeneralProtectionFault+0x2dc
- fffff08e`27ea77f8 fffff802`36a854a0 : 00000000`00000000 fffff08e`27ea7a10 fffff802`36dae840 fffff802`36aa2348 : nt!guard_dispatch_icall+0x2d
- fffff08e`27ea7800 fffff802`36a8350e : fffff802`36db0808 00000000`00000000 fffff08e`27ea7a10 fffff803`9c783e00 : nt!PpmCheckStart+0x120
- fffff08e`27ea78c0 fffff802`36a44367 : 00000000`00000000 ffffde87`67f48640 ffffde87`67f48640 fffff802`36aa1e93 : nt!PpmCheckPeriodicStart+0x3e
- fffff08e`27ea7910 fffff802`36a439bb : 00000000`00000018 00000000`00000000 00000000`003291a2 00000000`00000019 : nt!KiExecuteAllDpcs+0x2e7
- fffff08e`27ea7a50 fffff802`36bb27fa : ffffffff`00000000 ffffb701`2af79180 00000000`00000000 ffffb701`2af89300 : nt!KiRetireDpcList+0x1db
- fffff08e`27ea7c60 00000000`00000000 : fffff08e`27ea8000 fffff08e`27ea2000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
- THREAD_SHA1_HASH_MOD_FUNC: c5cd3bf3d0961ae8e5d660ecda0c2c7ee3e98819
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2696c68ae86c4041a25a774f6650237f7575da7c
- THREAD_SHA1_HASH_MOD: fe34192f63d13620a8987d294372ee74d699cfee
- FOLLOWUP_IP:
- nt!guard_icall_handler+1b
- fffff802`36bb769b 90 nop
- FAULT_INSTR_CODE: ccccc390
- SYMBOL_STACK_INDEX: 1
- SYMBOL_NAME: nt!guard_icall_handler+1b
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 5c5a45ab
- IMAGE_VERSION: 10.0.17134.590
- STACK_COMMAND: .thread ; .cxr ; kb
- BUCKET_ID_FUNC_OFFSET: 1b
- FAILURE_BUCKET_ID: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_handler
- BUCKET_ID: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_handler
- PRIMARY_PROBLEM_CLASS: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_handler
- TARGET_TIME: 2019-02-24T19:09:45.000Z
- OSBUILD: 17134
- OSSERVICEPACK: 590
- SERVICEPACK_NUMBER: 0
- OS_REVISION: 0
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- OSPLATFORM_TYPE: x64
- OSNAME: Windows 10
- OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
- OS_LOCALE:
- USER_LCID: 0
- OSBUILD_TIMESTAMP: 2019-02-05 21:25:47
- BUILDDATESTAMP_STR: 160101.0800
- BUILDLAB_STR: WinBuild
- BUILDOSVER_STR: 10.0.17134.590
- ANALYSIS_SESSION_ELAPSED_TIME: cc5
- ANALYSIS_SOURCE: KM
- FAILURE_ID_HASH_STRING: km:0x139_0_legacy_gs_violation_nt!guard_icall_handler
- FAILURE_ID_HASH: {9ac18088-8c91-40fd-01fb-5255bc467cba}
- Followup: MachineOwner
- ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement