API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 2nd, 2020
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.13 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 00 minutes and 44 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: 8
  8. MHZ: 4200
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 9e
  12. STEPPING: 9
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.900 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 900
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  23. BUILD_TIMESTAMP: 2012-07-06 17:22:33
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.900
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information was not included in the dump file(s). This
  37. can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ======================= Dump #1: ANALYZE VERBOSE =======================
  41. ====================== File: 070220-15390-01.dmp =======================
  42. ========================================================================
  43.  
  44. Mini Kernel Dump File: Only registers and stack trace are available
  45. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  46. Kernel base = 0xfffff800`36e00000 PsLoadedModuleList = 0xfffff800`37248190
  47. Debug session time: Thu Jul 2 07:14:47.554 2020 (UTC - 4:00)
  48. System Uptime: 0 days 0:00:06.267
  49.  
  50. BugCheck 5A, {1, ffffba8f4e9f8c50, ffffce06bf0caa90, ffffffffc0000428}
  51. *************************************************************************
  52. *** Either you specified an unqualified symbol, or your debugger ***
  53. *************************************************************************
  54. Probably caused by : memory_corruption
  55. Followup: memory_corruption
  56.  
  57. CRITICAL_SERVICE_FAILED (5a)
  58.  
  59. Arguments:
  60. Arg1: 0000000000000001
  61. Arg2: ffffba8f4e9f8c50
  62. Arg3: ffffce06bf0caa90
  63. Arg4: ffffffffc0000428
  64.  
  65. Debugging Details:
  66. *************************************************************************
  67. *** Either you specified an unqualified symbol, or your debugger ***
  68. *************************************************************************
  69. DUMP_CLASS: 1
  70. DUMP_QUALIFIER: 400
  71. DUMP_TYPE: 2
  72. BUGCHECK_STR: 0x5A_c0000428
  73. CUSTOMER_CRASH_COUNT: 1
  74. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  75.  
  76. PROCESS_NAME: System
  77.  
  78. CURRENT_IRQL: 0
  79. LAST_CONTROL_TRANSFER: from fffff800375e7113 to fffff80036fc23a0
  80. STACK_TEXT:
  81. ffffef0d`e8207828 fffff800`375e7113 : 00000000`0000005a 00000000`00000001 ffffba8f`4e9f8c50 ffffce06`bf0caa90 : nt!KeBugCheckEx
  82. ffffef0d`e8207830 fffff800`37811f91 : ffffba8f`4effde90 ffffba8f`4effde90 ffffef0d`e8207a80 00000000`00000000 : nt!IopLoadDriver+0xee307
  83. ffffef0d`e8207a10 fffff800`37811182 : fffff800`00000000 ffffce06`bc8e0110 00000000`00000000 fffff800`31fabca0 : nt!IopInitializeSystemDrivers+0x151
  84. ffffef0d`e8207ab0 fffff800`37558ac2 : fffff800`31fabca0 fffff800`31fabca0 fffff800`37558a80 fffff800`31fabca0 : nt!IoInitSystem+0x12
  85. ffffef0d`e8207ae0 fffff800`36f1e135 : ffffba8f`4c6ba040 fffff800`37558a80 fffff800`31fabca0 00000000`00000000 : nt!Phase1Initialization+0x42
  86. ffffef0d`e8207b10 fffff800`36fc99a8 : fffff800`32365180 ffffba8f`4c6ba040 fffff800`36f1e0e0 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  87. ffffef0d`e8207b60 00000000`00000000 : ffffef0d`e8208000 ffffef0d`e8201000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  88. STACK_COMMAND: kb
  89. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  90. fffff80037558a8f-fffff80037558a90 2 bytes - nt!Phase1Initialization+f
  91. [ 48 ff:4c 8b ]
  92. fffff80037558a96-fffff80037558a9a 5 bytes - nt!Phase1Initialization+16 (+0x07)
  93. [ 0f 1f 44 00 00:e8 d5 4d 80 ff ]
  94. 7 errors : !nt (fffff80037558a8f-fffff80037558a9a)
  95. MODULE_NAME: memory_corruption
  96.  
  97. IMAGE_NAME: memory_corruption
  98.  
  99. FOLLOWUP_NAME: memory_corruption
  100. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  101. MEMORY_CORRUPTOR: LARGE
  102. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  103. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  104. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  105. TARGET_TIME: 2020-07-02T11:14:47.000Z
  106. SUITE_MASK: 272
  107. PRODUCT_TYPE: 1
  108. USER_LCID: 0
  109. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  110. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  111. Followup: memory_corruption
  112.  
  113. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  114.  
  115. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  116. Jul 15 2016 - FNETHYRAMAS.SYS - Hybr Ram (FNet Co., Ltd.) http://www.gotofnet.com/
  117. Oct 12 2017 - iaStorA.sys - Intel SATA Storage Device RAID Controller
  118. Jan 09 2020 - ccSetx64.sys - Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  119. Feb 11 2020 - SYMEFASI64.SYS - Symantec Extended File Attributes (SI) https://www.symantec.com/
  120.  
  121. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  122.  
  123. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  124. Image name: PxHlpa64.sys
  125. Search : https://www.google.com/search?q=PxHlpa64.sys
  126. ADA Info : Sonic CD/DVD driver
  127. Timestamp : Mon Oct 17 2011
  128.  
  129. Image path: \SystemRoot\System32\drivers\FNETHYRAMAS.SYS
  130. Image name: FNETHYRAMAS.SYS
  131. Search : https://www.google.com/search?q=FNETHYRAMAS.SYS
  132. ADA Info : Hybr Ram (FNet Co., Ltd.) http://www.gotofnet.com/
  133. Timestamp : Fri Jul 15 2016
  134.  
  135. Image path: \SystemRoot\System32\drivers\iaStorA.sys
  136. Image name: iaStorA.sys
  137. Search : https://www.google.com/search?q=iaStorA.sys
  138. ADA Info : Intel SATA Storage Device RAID Controller
  139. Timestamp : Thu Oct 12 2017
  140.  
  141. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\ccSetx64.sys
  142. Image name: ccSetx64.sys
  143. Search : https://www.google.com/search?q=ccSetx64.sys
  144. ADA Info : Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  145. Timestamp : Thu Jan 9 2020
  146.  
  147. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SYMEFASI64.SYS
  148. Image name: SYMEFASI64.SYS
  149. Search : https://www.google.com/search?q=SYMEFASI64.SYS
  150. ADA Info : Symantec Extended File Attributes (SI) https://www.symantec.com/
  151. Timestamp : Tue Feb 11 2020
  152.  
  153. ====================== Dump #1: MICROSOFT DRIVERS ======================
  154.  
  155. ACPI.sys ACPI Driver for NT (Microsoft)
  156. acpiex.sys ACPIEx Driver (Microsoft)
  157. BOOTVID.dll VGA Boot Driver (Microsoft)
  158. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  159. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  160. CI.dll Code Integrity Module (Microsoft)
  161. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  162. CLFS.SYS Common Log File System Driver (Microsoft)
  163. clipsp.sys CLIP Service (Microsoft)
  164. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  165. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  166. crashdmp.sys Crash Dump driver (Microsoft)
  167. disk.sys PnP Disk Driver (Microsoft)
  168. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  169. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  170. dump_iaStorA.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  171. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  172. fileinfo.sys FileInfo Filter Driver (Microsoft)
  173. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  174. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  175. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  176. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  177. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  178. intelpep.sys Intel Power Engine Plugin (Microsoft)
  179. iorate.sys I/O rate control Filter (Microsoft)
  180. kd.dll Local Kernal Debugger (Microsoft)
  181. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  182. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  183. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  184. mountmgr.sys Mount Point Manager (Microsoft)
  185. msisadrv.sys ISA Driver (Microsoft)
  186. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  187. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  188. mup.sys Multiple UNC Provider driver (Microsoft)
  189. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  190. NETIO.SYS Network I/O Subsystem (Microsoft)
  191. Ntfs.sys NT File System Driver (Microsoft)
  192. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  193. ntosext.sys NTOS Extension Host driver (Microsoft)
  194. partmgr.sys Partition driver (Microsoft)
  195. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  196. pcw.sys Performance Counter Driver (Microsoft)
  197. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  198. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  199. rdyboost.sys ReadyBoost Driver (Microsoft)
  200. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  201. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  202. spaceport.sys Storage Spaces driver (Microsoft)
  203. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  204. tcpip.sys TCP/IP Protocol driver (Microsoft)
  205. tm.sys Kernel Transaction Manager driver (Microsoft)
  206. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  207. volmgr.sys Volume Manager Driver (Microsoft)
  208. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  209. volsnap.sys Volume Shadow Copy driver (Microsoft)
  210. volume.sys Volume driver (Microsoft)
  211. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  212. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  213. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  214. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  215. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  216. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  217. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  218. Wof.sys Windows Overlay Filter (Microsoft)
  219. WppRecorder.sys WPP Trace Recorder (Microsoft)
  220.  
  221. ====================== Dump #1: UNLOADED MODULES =======================
  222.  
  223. fffff800`39030000 fffff800`39039000 MbamElam.sys
  224. fffff800`39020000 fffff800`3902a000 SymELAM.sys
  225. fffff800`3ad00000 fffff800`3ad11000 hwpolicy.sys
  226.  
  227. ====================== Dump #1: BIOS INFORMATION =======================
  228.  
  229. sysinfo: could not find necessary interfaces.
  230. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  231.  
  232. ========================== Dump #1: Extra #1 ===========================
  233.  
  234. 0: kd> !verifier
  235. Verify Flags Level 0x00000000
  236. STANDARD FLAGS:
  237. [X] (0x00000000) Automatic Checks
  238. [ ] (0x00000001) Special pool
  239. [ ] (0x00000002) Force IRQL checking
  240. [ ] (0x00000008) Pool tracking
  241. [ ] (0x00000010) I/O verification
  242. [ ] (0x00000020) Deadlock detection
  243. [ ] (0x00000080) DMA checking
  244. [ ] (0x00000100) Security checks
  245. [ ] (0x00000800) Miscellaneous checks
  246. [ ] (0x00020000) DDI compliance checking
  247. ADDITIONAL FLAGS:
  248. [ ] (0x00000004) Randomized low resources simulation
  249. [ ] (0x00000200) Force pending I/O requests
  250. [ ] (0x00000400) IRP logging
  251. [ ] (0x00002000) Invariant MDL checking for stack
  252. [ ] (0x00004000) Invariant MDL checking for driver
  253. [ ] (0x00008000) Power framework delay fuzzing
  254. [ ] (0x00010000) Port/miniport interface checking
  255. [ ] (0x00040000) Systematic low resources simulation
  256. [ ] (0x00080000) DDI compliance checking (additional)
  257. [ ] (0x00200000) NDIS/WIFI verification
  258. [ ] (0x00800000) Kernel synchronization delay fuzzing
  259. [ ] (0x01000000) VM switch verification
  260. [ ] (0x02000000) Code integrity checks
  261. [X] Indicates flag is enabled
  262. Summary of All Verifier Statistics
  263. RaiseIrqls 0x0
  264. AcquireSpinLocks 0x0
  265. Synch Executions 0x0
  266. Trims 0x0
  267. Pool Allocations Attempted 0x0
  268. Pool Allocations Succeeded 0x0
  269. Pool Allocations Succeeded SpecialPool 0x0
  270. Pool Allocations With NO TAG 0x0
  271. Pool Allocations Failed 0x0
  272. Current paged pool allocations 0x0 for 00000000 bytes
  273. Peak paged pool allocations 0x0 for 00000000 bytes
  274. Current nonpaged pool allocations 0x0 for 00000000 bytes
  275. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  276.  
  277. ========================== Dump #1: Extra #2 ===========================
  278.  
  279. 0: kd> !thread
  280. THREAD ffffba8f4c6ba040 Cid 0004.0008 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
  281. Not impersonating
  282. GetUlongFromAddress: unable to read from fffff8003722ca14
  283. Owning Process ffffba8f4c682040 Image: System
  284. Attached Process N/A Image: N/A
  285. fffff78000000000: Unable to get shared data
  286. Wait Start TickCount 401
  287. Context Switch Count 5753 IdealProcessor: 0
  288. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  289. UserTime 00:00:00.000
  290. KernelTime 00:00:00.000
  291. Win32 Start Address nt!Phase1Initialization (0xfffff80037558a80)
  292. Stack Init ffffef0de8207b90 Current ffffef0de82067a0
  293. Base ffffef0de8208000 Limit ffffef0de8201000 Call 0000000000000000
  294. Priority 31 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  295. Child-SP RetAddr : Args to Child : Call Site
  296. ffffef0d`e8207828 fffff800`375e7113 : 00000000`0000005a 00000000`00000001 ffffba8f`4e9f8c50 ffffce06`bf0caa90 : nt!KeBugCheckEx
  297. ffffef0d`e8207830 fffff800`37811f91 : ffffba8f`4effde90 ffffba8f`4effde90 ffffef0d`e8207a80 00000000`00000000 : nt!IopLoadDriver+0xee307
  298. ffffef0d`e8207a10 fffff800`37811182 : fffff800`00000000 ffffce06`bc8e0110 00000000`00000000 fffff800`31fabca0 : nt!IopInitializeSystemDrivers+0x151
  299. ffffef0d`e8207ab0 fffff800`37558ac2 : fffff800`31fabca0 fffff800`31fabca0 fffff800`37558a80 fffff800`31fabca0 : nt!IoInitSystem+0x12
  300. ffffef0d`e8207ae0 fffff800`36f1e135 : ffffba8f`4c6ba040 fffff800`37558a80 fffff800`31fabca0 00000000`00000000 : nt!Phase1Initialization+0x42
  301. ffffef0d`e8207b10 fffff800`36fc99a8 : fffff800`32365180 ffffba8f`4c6ba040 fffff800`36f1e0e0 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  302. ffffef0d`e8207b60 00000000`00000000 : ffffef0d`e8208000 ffffef0d`e8201000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!