API tools faq
paste
Advertisement
Guest User

GardenMan

a guest
May 18th, 2017
374
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.46 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4.  
  5. Loading Dump File [C:\Users\UserName\Desktop\famouz\051617-23812-01.dmp]
  6. Mini Kernel Dump File: Only registers and stack trace are available
  7.  
  8. Symbol search path is: srv*
  9. Executable search path is:
  10. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  11. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  12. Built by: 14393.351.amd64fre.rs1_release_inmarket.161014-1755
  13. Machine Name:
  14. Kernel base = 0xfffff800`63678000 PsLoadedModuleList = 0xfffff800`6397cfc0
  15. Debug session time: Tue May 16 11:21:36.535 2017 (UTC - 4:00)
  16. System Uptime: 0 days 0:18:43.341
  17. Loading Kernel Symbols
  18. ...............................................................
  19. ................................................................
  20. ................................................................
  21. .......
  22. Loading User Symbols
  23. Loading unloaded module list
  24. ...............
  25. *******************************************************************************
  26. * *
  27. * Bugcheck Analysis *
  28. * *
  29. *******************************************************************************
  30.  
  31. Use !analyze -v to get detailed debugging information.
  32.  
  33. BugCheck A, {28, 2, 0, fffff800637fe843}
  34.  
  35. Probably caused by : memory_corruption
  36.  
  37. Followup: memory_corruption
  38. ---------
  39.  
  40. *******************************************************************************
  41. * *
  42. * Bugcheck Analysis *
  43. * *
  44. *******************************************************************************
  45.  
  46. IRQL_NOT_LESS_OR_EQUAL (a)
  47. An attempt was made to access a pageable (or completely invalid) address at an
  48. interrupt request level (IRQL) that is too high. This is usually
  49. caused by drivers using improper addresses.
  50. If a kernel debugger is available get the stack backtrace.
  51. Arguments:
  52. Arg1: 0000000000000028, memory referenced
  53. Arg2: 0000000000000002, IRQL
  54. Arg3: 0000000000000000, bitfield :
  55. bit 0 : value 0 = read operation, 1 = write operation
  56. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  57. Arg4: fffff800637fe843, address which referenced memory
  58.  
  59. Debugging Details:
  60. ------------------
  61.  
  62.  
  63. DUMP_CLASS: 1
  64.  
  65. DUMP_QUALIFIER: 400
  66.  
  67. BUILD_VERSION_STRING: 10.0.14393.351 (rs1_release_inmarket.161014-1755)
  68.  
  69. SYSTEM_MANUFACTURER: ASUSTeK COMPUTER INC.
  70.  
  71. SYSTEM_PRODUCT_NAME: GL553VD
  72.  
  73. SYSTEM_VERSION: 1.0
  74.  
  75. BIOS_VENDOR: American Megatrends Inc.
  76.  
  77. BIOS_VERSION: GL553VD.300
  78.  
  79. BIOS_DATE: 12/16/2016
  80.  
  81. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  82.  
  83. BASEBOARD_PRODUCT: GL553VD
  84.  
  85. BASEBOARD_VERSION: 1.0
  86.  
  87. DUMP_TYPE: 2
  88.  
  89. BUGCHECK_P1: 28
  90.  
  91. BUGCHECK_P2: 2
  92.  
  93. BUGCHECK_P3: 0
  94.  
  95. BUGCHECK_P4: fffff800637fe843
  96.  
  97. READ_ADDRESS: 0000000000000028
  98.  
  99. CURRENT_IRQL: 2
  100.  
  101. FAULTING_IP:
  102. nt! ?? ::FNODOBFM::`string'+2cfa3
  103. fffff800`637fe843 488b4628 mov rax,qword ptr [rsi+28h]
  104.  
  105. CPU_COUNT: 4
  106.  
  107. CPU_MHZ: 9c0
  108.  
  109. CPU_VENDOR: GenuineIntel
  110.  
  111. CPU_FAMILY: 6
  112.  
  113. CPU_MODEL: 9e
  114.  
  115. CPU_STEPPING: 9
  116.  
  117. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 42'00000000 (cache) 42'00000000 (init)
  118.  
  119. CUSTOMER_CRASH_COUNT: 1
  120.  
  121. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  122.  
  123. BUGCHECK_STR: AV
  124.  
  125. PROCESS_NAME: L2.exe
  126.  
  127. ANALYSIS_SESSION_HOST: UserName-PC
  128.  
  129. ANALYSIS_SESSION_TIME: 05-18-2017 10:26:41.0574
  130.  
  131. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
  132.  
  133. TRAP_FRAME: ffff8f007ecdc100 -- (.trap 0xffff8f007ecdc100)
  134. NOTE: The trap frame does not contain all registers.
  135. Some register values may be zeroed or incorrect.
  136. rax=ffffe98000000028 rbx=0000000000000000 rcx=0000000000000000
  137. rdx=ffffe98000000028 rsi=0000000000000000 rdi=0000000000000000
  138. rip=fffff800637fe843 rsp=ffff8f007ecdc290 rbp=0000000000000000
  139. r8=ffffb78e6de88460 r9=0000000000000001 r10=0000000fffffffff
  140. r11=ffffe98000000000 r12=0000000000000000 r13=0000000000000000
  141. r14=0000000000000000 r15=0000000000000000
  142. iopl=0 nv up ei ng nz na po nc
  143. nt! ?? ::FNODOBFM::`string'+0x2cfa3:
  144. fffff800`637fe843 488b4628 mov rax,qword ptr [rsi+28h] ds:00000000`00000028=????????????????
  145. Resetting default scope
  146.  
  147. LAST_CONTROL_TRANSFER: from fffff800637cd529 to fffff800637c23b0
  148.  
  149. STACK_COMMAND: kb
  150.  
  151. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  152. fffff80063785d0e - nt!MiPurgeZeroList+6e
  153. [ fa:e9 ]
  154. fffff800637fe02b - nt! ?? ::FNODOBFM::`string'+2c78b (+0x7831d)
  155. [ fa:e9 ]
  156. fffff800637fe0e0 - nt! ?? ::FNODOBFM::`string'+2c840 (+0xb5)
  157. [ fa:e9 ]
  158. fffff800637fe12e - nt! ?? ::FNODOBFM::`string'+2c88e (+0x4e)
  159. [ fa:e9 ]
  160. fffff800637fe534-fffff800637fe536 3 bytes - nt! ?? ::FNODOBFM::`string'+2cc94 (+0x406)
  161. [ 40 fb f6:c0 eb d7 ]
  162. fffff800637fe562 - nt! ?? ::FNODOBFM::`string'+2ccc2 (+0x2e)
  163. [ fa:e9 ]
  164. fffff800637fe58c-fffff800637fe58e 3 bytes - nt! ?? ::FNODOBFM::`string'+2ccec (+0x2a)
  165. [ 40 fb f6:c0 eb d7 ]
  166. fffff800637fe5ba - nt! ?? ::FNODOBFM::`string'+2cd1a (+0x2e)
  167. [ fa:e9 ]
  168. fffff800637fe91d - nt! ?? ::FNODOBFM::`string'+2d07d (+0x363)
  169. [ fa:e9 ]
  170. fffff800637fe931 - nt! ?? ::FNODOBFM::`string'+2d091 (+0x14)
  171. [ fa:e9 ]
  172. fffff800637fea0a - nt! ?? ::FNODOBFM::`string'+2d16a (+0xd9)
  173. [ fa:e9 ]
  174. fffff800637fea14 - nt! ?? ::FNODOBFM::`string'+2d174 (+0x0a)
  175. [ fa:e9 ]
  176. fffff800637fef77-fffff800637fef79 3 bytes - nt! ?? ::FNODOBFM::`string'+2d6d7 (+0x563)
  177. [ 40 fb f6:c0 eb d7 ]
  178. fffff800637fefd5 - nt! ?? ::FNODOBFM::`string'+2d735 (+0x5e)
  179. [ fa:e9 ]
  180. fffff800638c4387-fffff800638c4389 3 bytes - nt!ExFreePoolWithTag+387
  181. [ 40 fb f6:c0 eb d7 ]
  182. 23 errors : !nt (fffff80063785d0e-fffff800638c4389)
  183.  
  184. MODULE_NAME: memory_corruption
  185.  
  186. IMAGE_NAME: memory_corruption
  187.  
  188. FOLLOWUP_NAME: memory_corruption
  189.  
  190. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  191.  
  192. MEMORY_CORRUPTOR: LARGE
  193.  
  194. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  195.  
  196. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  197.  
  198. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  199.  
  200. TARGET_TIME: 2017-05-16T15:21:36.000Z
  201.  
  202. OSBUILD: 14393
  203.  
  204. OSSERVICEPACK: 351
  205.  
  206. SERVICEPACK_NUMBER: 0
  207.  
  208. OS_REVISION: 0
  209.  
  210. SUITE_MASK: 784
  211.  
  212. PRODUCT_TYPE: 1
  213.  
  214. OSPLATFORM_TYPE: x64
  215.  
  216. OSNAME: Windows 10
  217.  
  218. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  219.  
  220. OS_LOCALE:
  221.  
  222. USER_LCID: 0
  223.  
  224. OSBUILD_TIMESTAMP: 2016-10-14 23:38:38
  225.  
  226. BUILDDATESTAMP_STR: 161014-1755
  227.  
  228. BUILDLAB_STR: rs1_release_inmarket
  229.  
  230. BUILDOSVER_STR: 10.0.14393.351
  231.  
  232. ANALYSIS_SESSION_ELAPSED_TIME: 21ab
  233.  
  234. ANALYSIS_SOURCE: KM
  235.  
  236. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  237.  
  238. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  239.  
  240. Followup: memory_corruption
  241. ---------
  242.  
  243. ===========================================================================================
  244. ===========================================================================================
  245. ===========================================================================================
  246.  
  247.  
  248. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  249. Copyright (c) Microsoft Corporation. All rights reserved.
  250.  
  251.  
  252. Loading Dump File [C:\Users\UserName\Desktop\famouz\051617-24453-01.dmp]
  253. Mini Kernel Dump File: Only registers and stack trace are available
  254.  
  255. Symbol search path is: srv*
  256. Executable search path is:
  257. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  258. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  259. Built by: 14393.351.amd64fre.rs1_release_inmarket.161014-1755
  260. Machine Name:
  261. Kernel base = 0xfffff803`8e20e000 PsLoadedModuleList = 0xfffff803`8e512fc0
  262. Debug session time: Tue May 16 10:25:57.640 2017 (UTC - 4:00)
  263. System Uptime: 0 days 0:50:28.432
  264. Loading Kernel Symbols
  265. .
  266.  
  267. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  268. Run !sym noisy before .reload to track down problems loading symbols.
  269.  
  270. ..............................................................
  271. ................................................................
  272. ................................................................
  273. .......
  274. Loading User Symbols
  275. Loading unloaded module list
  276. ...................
  277. *******************************************************************************
  278. * *
  279. * Bugcheck Analysis *
  280. * *
  281. *******************************************************************************
  282.  
  283. Use !analyze -v to get detailed debugging information.
  284.  
  285. BugCheck A, {28, 2, 0, fffff8038e394843}
  286.  
  287. Probably caused by : memory_corruption
  288.  
  289. Followup: memory_corruption
  290. ---------
  291.  
  292.  
  293. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  294. Copyright (c) Microsoft Corporation. All rights reserved.
  295.  
  296.  
  297. Loading Dump File [C:\Users\UserName\Desktop\famouz\051617-24453-01.dmp]
  298. Mini Kernel Dump File: Only registers and stack trace are available
  299.  
  300. Symbol search path is: srv*
  301. Executable search path is:
  302. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  303. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  304. Built by: 14393.351.amd64fre.rs1_release_inmarket.161014-1755
  305. Machine Name:
  306. Kernel base = 0xfffff803`8e20e000 PsLoadedModuleList = 0xfffff803`8e512fc0
  307. Debug session time: Tue May 16 10:25:57.640 2017 (UTC - 4:00)
  308. System Uptime: 0 days 0:50:28.432
  309. Loading Kernel Symbols
  310. .
  311.  
  312. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  313. Run !sym noisy before .reload to track down problems loading symbols.
  314.  
  315. ..............................................................
  316. ................................................................
  317. ................................................................
  318. .......
  319. Loading User Symbols
  320. Loading unloaded module list
  321. ...................
  322. *******************************************************************************
  323. * *
  324. * Bugcheck Analysis *
  325. * *
  326. *******************************************************************************
  327.  
  328. Use !analyze -v to get detailed debugging information.
  329.  
  330. BugCheck A, {28, 2, 0, fffff8038e394843}
  331.  
  332. Probably caused by : memory_corruption
  333.  
  334. Followup: memory_corruption
  335. ---------
  336.  
  337. ===========================================================================================
  338. ===========================================================================================
  339. ===========================================================================================
  340.  
  341.  
  342. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  343. Copyright (c) Microsoft Corporation. All rights reserved.
  344.  
  345.  
  346. Loading Dump File [C:\Users\UserName\Desktop\famouz\051617-25828-01.dmp]
  347. Mini Kernel Dump File: Only registers and stack trace are available
  348.  
  349. Symbol search path is: srv*
  350. Executable search path is:
  351. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  352. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  353. Built by: 14393.351.amd64fre.rs1_release_inmarket.161014-1755
  354. Machine Name:
  355. Kernel base = 0xfffff802`69e07000 PsLoadedModuleList = 0xfffff802`6a10bfc0
  356. Debug session time: Tue May 16 05:25:37.972 2017 (UTC - 4:00)
  357. System Uptime: 0 days 0:51:49.765
  358. Loading Kernel Symbols
  359. ...............................................................
  360. ................................................................
  361. ................................................................
  362. .......
  363. Loading User Symbols
  364. Loading unloaded module list
  365. ..............
  366. *******************************************************************************
  367. * *
  368. * Bugcheck Analysis *
  369. * *
  370. *******************************************************************************
  371.  
  372. Use !analyze -v to get detailed debugging information.
  373.  
  374. BugCheck A, {28, 2, 0, fffff80269f8d843}
  375.  
  376. Probably caused by : memory_corruption
  377.  
  378. Followup: memory_corruption
  379. ---------
  380.  
  381.  
  382.  
  383.  
  384.  
  385. *******************************************************************************
  386. * *
  387. * Bugcheck Analysis *
  388. * *
  389. *******************************************************************************
  390.  
  391. IRQL_NOT_LESS_OR_EQUAL (a)
  392. An attempt was made to access a pageable (or completely invalid) address at an
  393. interrupt request level (IRQL) that is too high. This is usually
  394. caused by drivers using improper addresses.
  395. If a kernel debugger is available get the stack backtrace.
  396. Arguments:
  397. Arg1: 0000000000000028, memory referenced
  398. Arg2: 0000000000000002, IRQL
  399. Arg3: 0000000000000000, bitfield :
  400. bit 0 : value 0 = read operation, 1 = write operation
  401. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  402. Arg4: fffff80269f8d843, address which referenced memory
  403.  
  404. Debugging Details:
  405. ------------------
  406.  
  407.  
  408. DUMP_CLASS: 1
  409.  
  410. DUMP_QUALIFIER: 400
  411.  
  412. BUILD_VERSION_STRING: 10.0.14393.351 (rs1_release_inmarket.161014-1755)
  413.  
  414. SYSTEM_MANUFACTURER: ASUSTeK COMPUTER INC.
  415.  
  416. SYSTEM_PRODUCT_NAME: GL553VD
  417.  
  418. SYSTEM_VERSION: 1.0
  419.  
  420. BIOS_VENDOR: American Megatrends Inc.
  421.  
  422. BIOS_VERSION: GL553VD.300
  423.  
  424. BIOS_DATE: 12/16/2016
  425.  
  426. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  427.  
  428. BASEBOARD_PRODUCT: GL553VD
  429.  
  430. BASEBOARD_VERSION: 1.0
  431.  
  432. DUMP_TYPE: 2
  433.  
  434. BUGCHECK_P1: 28
  435.  
  436. BUGCHECK_P2: 2
  437.  
  438. BUGCHECK_P3: 0
  439.  
  440. BUGCHECK_P4: fffff80269f8d843
  441.  
  442. READ_ADDRESS: 0000000000000028
  443.  
  444. CURRENT_IRQL: 2
  445.  
  446. FAULTING_IP:
  447. nt! ?? ::FNODOBFM::`string'+2cfa3
  448. fffff802`69f8d843 488b4628 mov rax,qword ptr [rsi+28h]
  449.  
  450. CPU_COUNT: 4
  451.  
  452. CPU_MHZ: 9c0
  453.  
  454. CPU_VENDOR: GenuineIntel
  455.  
  456. CPU_FAMILY: 6
  457.  
  458. CPU_MODEL: 9e
  459.  
  460. CPU_STEPPING: 9
  461.  
  462. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 42'00000000 (cache) 42'00000000 (init)
  463.  
  464. CUSTOMER_CRASH_COUNT: 1
  465.  
  466. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  467.  
  468. BUGCHECK_STR: AV
  469.  
  470. PROCESS_NAME: L2.exe
  471.  
  472. ANALYSIS_SESSION_HOST: UserName-PC
  473.  
  474. ANALYSIS_SESSION_TIME: 05-18-2017 10:34:42.0581
  475.  
  476. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
  477.  
  478. TRAP_FRAME: ffff8c814df32100 -- (.trap 0xffff8c814df32100)
  479. NOTE: The trap frame does not contain all registers.
  480. Some register values may be zeroed or incorrect.
  481. rax=ffffb18000000028 rbx=0000000000000000 rcx=0000000000000000
  482. rdx=ffffb18000000028 rsi=0000000000000000 rdi=0000000000000000
  483. rip=fffff80269f8d843 rsp=ffff8c814df32290 rbp=0000000000000000
  484. r8=ffffd40884a950a0 r9=0000000000000001 r10=0000000fffffffff
  485. r11=ffffb18000000000 r12=0000000000000000 r13=0000000000000000
  486. r14=0000000000000000 r15=0000000000000000
  487. iopl=0 nv up ei ng nz na po nc
  488. nt! ?? ::FNODOBFM::`string'+0x2cfa3:
  489. fffff802`69f8d843 488b4628 mov rax,qword ptr [rsi+28h] ds:00000000`00000028=????????????????
  490. Resetting default scope
  491.  
  492. LAST_CONTROL_TRANSFER: from fffff80269f5c529 to fffff80269f513b0
  493.  
  494. STACK_COMMAND: kb
  495.  
  496. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  497. fffff80269e7695a - nt!MmIsSpecialPoolAddress+e
  498. [ f6:80 ]
  499. fffff80269e769c9 - nt!MmIsSpecialPoolAddress+7d (+0x6f)
  500. [ f6:80 ]
  501. fffff80269f14d0e - nt!MiPurgeZeroList+6e (+0x9e345)
  502. [ fa:b1 ]
  503. fffff80269f8d02b - nt! ?? ::FNODOBFM::`string'+2c78b (+0x7831d)
  504. [ fa:b1 ]
  505. fffff80269f8d0e0 - nt! ?? ::FNODOBFM::`string'+2c840 (+0xb5)
  506. [ fa:b1 ]
  507. fffff80269f8d12e - nt! ?? ::FNODOBFM::`string'+2c88e (+0x4e)
  508. [ fa:b1 ]
  509. fffff80269f8d535-fffff80269f8d536 2 bytes - nt! ?? ::FNODOBFM::`string'+2cc95 (+0x407)
  510. [ fb f6:c0 80 ]
  511. fffff80269f8d562 - nt! ?? ::FNODOBFM::`string'+2ccc2 (+0x2d)
  512. [ fa:b1 ]
  513. fffff80269f8d58d-fffff80269f8d58e 2 bytes - nt! ?? ::FNODOBFM::`string'+2cced (+0x2b)
  514. [ fb f6:c0 80 ]
  515. fffff80269f8d5ba - nt! ?? ::FNODOBFM::`string'+2cd1a (+0x2d)
  516. [ fa:b1 ]
  517. fffff80269f8d91d - nt! ?? ::FNODOBFM::`string'+2d07d (+0x363)
  518. [ fa:b1 ]
  519. fffff80269f8d931 - nt! ?? ::FNODOBFM::`string'+2d091 (+0x14)
  520. [ fa:b1 ]
  521. fffff80269f8da0a - nt! ?? ::FNODOBFM::`string'+2d16a (+0xd9)
  522. [ fa:b1 ]
  523. fffff80269f8da14 - nt! ?? ::FNODOBFM::`string'+2d174 (+0x0a)
  524. [ fa:b1 ]
  525. fffff80269f8df78-fffff80269f8df79 2 bytes - nt! ?? ::FNODOBFM::`string'+2d6d8 (+0x564)
  526. [ fb f6:c0 80 ]
  527. fffff80269f8dfd5 - nt! ?? ::FNODOBFM::`string'+2d735 (+0x5d)
  528. [ fa:b1 ]
  529. 19 errors : !nt (fffff80269e7695a-fffff80269f8dfd5)
  530.  
  531. MODULE_NAME: memory_corruption
  532.  
  533. IMAGE_NAME: memory_corruption
  534.  
  535. FOLLOWUP_NAME: memory_corruption
  536.  
  537. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  538.  
  539. MEMORY_CORRUPTOR: LARGE
  540.  
  541. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  542.  
  543. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  544.  
  545. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  546.  
  547. TARGET_TIME: 2017-05-16T09:25:37.000Z
  548.  
  549. OSBUILD: 14393
  550.  
  551. OSSERVICEPACK: 351
  552.  
  553. SERVICEPACK_NUMBER: 0
  554.  
  555. OS_REVISION: 0
  556.  
  557. SUITE_MASK: 784
  558.  
  559. PRODUCT_TYPE: 1
  560.  
  561. OSPLATFORM_TYPE: x64
  562.  
  563. OSNAME: Windows 10
  564.  
  565. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  566.  
  567. OS_LOCALE:
  568.  
  569. USER_LCID: 0
  570.  
  571. OSBUILD_TIMESTAMP: 2016-10-14 23:38:38
  572.  
  573. BUILDDATESTAMP_STR: 161014-1755
  574.  
  575. BUILDLAB_STR: rs1_release_inmarket
  576.  
  577. BUILDOSVER_STR: 10.0.14393.351
  578.  
  579. ANALYSIS_SESSION_ELAPSED_TIME: 1983
  580.  
  581. ANALYSIS_SOURCE: KM
  582.  
  583. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  584.  
  585. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  586.  
  587. Followup: memory_corruption
  588. ---------
  589.  
  590. ===========================================================================================
  591. ===========================================================================================
  592. ===========================================================================================
  593.  
  594.  
  595. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  596. Copyright (c) Microsoft Corporation. All rights reserved.
  597.  
  598.  
  599. Loading Dump File [C:\Users\UserName\Desktop\famouz\051617-32500-01.dmp]
  600. Mini Kernel Dump File: Only registers and stack trace are available
  601.  
  602. Symbol search path is: srv*
  603. Executable search path is:
  604. Windows 10 Kernel Version 14393 MP (4 procs) Free x64
  605. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  606. Built by: 14393.351.amd64fre.rs1_release_inmarket.161014-1755
  607. Machine Name:
  608. Kernel base = 0xfffff802`7588e000 PsLoadedModuleList = 0xfffff802`75b92fc0
  609. Debug session time: Tue May 16 09:34:13.457 2017 (UTC - 4:00)
  610. System Uptime: 0 days 2:06:34.255
  611. Loading Kernel Symbols
  612. .
  613.  
  614. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
  615. Run !sym noisy before .reload to track down problems loading symbols.
  616.  
  617. ..............................................................
  618. ................................................................
  619. ................................................................
  620. .......
  621. Loading User Symbols
  622. Loading unloaded module list
  623. ..........
  624. *******************************************************************************
  625. * *
  626. * Bugcheck Analysis *
  627. * *
  628. *******************************************************************************
  629.  
  630. Use !analyze -v to get detailed debugging information.
  631.  
  632. BugCheck A, {28, 2, 0, fffff80275a14843}
  633.  
  634. Probably caused by : memory_corruption
  635.  
  636. Followup: memory_corruption
  637. ---------
  638.  
  639.  
  640. *******************************************************************************
  641. * *
  642. * Bugcheck Analysis *
  643. * *
  644. *******************************************************************************
  645.  
  646. IRQL_NOT_LESS_OR_EQUAL (a)
  647. An attempt was made to access a pageable (or completely invalid) address at an
  648. interrupt request level (IRQL) that is too high. This is usually
  649. caused by drivers using improper addresses.
  650. If a kernel debugger is available get the stack backtrace.
  651. Arguments:
  652. Arg1: 0000000000000028, memory referenced
  653. Arg2: 0000000000000002, IRQL
  654. Arg3: 0000000000000000, bitfield :
  655. bit 0 : value 0 = read operation, 1 = write operation
  656. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  657. Arg4: fffff80275a14843, address which referenced memory
  658.  
  659. Debugging Details:
  660. ------------------
  661.  
  662.  
  663. DUMP_CLASS: 1
  664.  
  665. DUMP_QUALIFIER: 400
  666.  
  667. BUILD_VERSION_STRING: 10.0.14393.351 (rs1_release_inmarket.161014-1755)
  668.  
  669. SYSTEM_MANUFACTURER: ASUSTeK COMPUTER INC.
  670.  
  671. SYSTEM_PRODUCT_NAME: GL553VD
  672.  
  673. SYSTEM_VERSION: 1.0
  674.  
  675. BIOS_VENDOR: American Megatrends Inc.
  676.  
  677. BIOS_VERSION: GL553VD.300
  678.  
  679. BIOS_DATE: 12/16/2016
  680.  
  681. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
  682.  
  683. BASEBOARD_PRODUCT: GL553VD
  684.  
  685. BASEBOARD_VERSION: 1.0
  686.  
  687. DUMP_TYPE: 2
  688.  
  689. BUGCHECK_P1: 28
  690.  
  691. BUGCHECK_P2: 2
  692.  
  693. BUGCHECK_P3: 0
  694.  
  695. BUGCHECK_P4: fffff80275a14843
  696.  
  697. READ_ADDRESS: 0000000000000028
  698.  
  699. CURRENT_IRQL: 2
  700.  
  701. FAULTING_IP:
  702. nt! ?? ::FNODOBFM::`string'+2cfa3
  703. fffff802`75a14843 488b4628 mov rax,qword ptr [rsi+28h]
  704.  
  705. CPU_COUNT: 4
  706.  
  707. CPU_MHZ: 9c0
  708.  
  709. CPU_VENDOR: GenuineIntel
  710.  
  711. CPU_FAMILY: 6
  712.  
  713. CPU_MODEL: 9e
  714.  
  715. CPU_STEPPING: 9
  716.  
  717. CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 42'00000000 (cache) 42'00000000 (init)
  718.  
  719. CUSTOMER_CRASH_COUNT: 1
  720.  
  721. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  722.  
  723. BUGCHECK_STR: AV
  724.  
  725. PROCESS_NAME: L2.exe
  726.  
  727. ANALYSIS_SESSION_HOST: UserName-PC
  728.  
  729. ANALYSIS_SESSION_TIME: 05-18-2017 10:37:26.0909
  730.  
  731. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
  732.  
  733. TRAP_FRAME: ffffa70112db2100 -- (.trap 0xffffa70112db2100)
  734. NOTE: The trap frame does not contain all registers.
  735. Some register values may be zeroed or incorrect.
  736. rax=ffff890000000028 rbx=0000000000000000 rcx=0000000000000000
  737. rdx=ffff890000000028 rsi=0000000000000000 rdi=0000000000000000
  738. rip=fffff80275a14843 rsp=ffffa70112db2290 rbp=0000000000000000
  739. r8=ffffd00454a95990 r9=0000000000000001 r10=0000000fffffffff
  740. r11=ffff890000000000 r12=0000000000000000 r13=0000000000000000
  741. r14=0000000000000000 r15=0000000000000000
  742. iopl=0 nv up ei ng nz na po nc
  743. nt! ?? ::FNODOBFM::`string'+0x2cfa3:
  744. fffff802`75a14843 488b4628 mov rax,qword ptr [rsi+28h] ds:00000000`00000028=????????????????
  745. Resetting default scope
  746.  
  747. LAST_CONTROL_TRANSFER: from fffff802759e3529 to fffff802759d83b0
  748.  
  749. STACK_COMMAND: kb
  750.  
  751. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  752. fffff8027599bd0d-fffff8027599bd0e 2 bytes - nt!MiPurgeZeroList+6d
  753. [ 80 fa:00 89 ]
  754. fffff80275a1402a-fffff80275a1402b 2 bytes - nt! ?? ::FNODOBFM::`string'+2c78a (+0x7831d)
  755. [ 80 fa:00 89 ]
  756. fffff80275a140df-fffff80275a140e0 2 bytes - nt! ?? ::FNODOBFM::`string'+2c83f (+0xb5)
  757. [ 80 fa:00 89 ]
  758. fffff80275a1412d-fffff80275a1412e 2 bytes - nt! ?? ::FNODOBFM::`string'+2c88d (+0x4e)
  759. [ 80 fa:00 89 ]
  760. fffff80275a14534-fffff80275a14536 3 bytes - nt! ?? ::FNODOBFM::`string'+2cc94 (+0x407)
  761. [ 40 fb f6:80 5d bb ]
  762. fffff80275a14561-fffff80275a14562 2 bytes - nt! ?? ::FNODOBFM::`string'+2ccc1 (+0x2d)
  763. [ 80 fa:00 89 ]
  764. fffff80275a1458c-fffff80275a1458e 3 bytes - nt! ?? ::FNODOBFM::`string'+2ccec (+0x2b)
  765. [ 40 fb f6:80 5d bb ]
  766. fffff80275a145b9-fffff80275a145ba 2 bytes - nt! ?? ::FNODOBFM::`string'+2cd19 (+0x2d)
  767. [ 80 fa:00 89 ]
  768. fffff80275a1491c-fffff80275a1491d 2 bytes - nt! ?? ::FNODOBFM::`string'+2d07c (+0x363)
  769. [ 80 fa:00 89 ]
  770. fffff80275a14930-fffff80275a14931 2 bytes - nt! ?? ::FNODOBFM::`string'+2d090 (+0x14)
  771. [ 80 fa:00 89 ]
  772. fffff80275a14a09-fffff80275a14a0a 2 bytes - nt! ?? ::FNODOBFM::`string'+2d169 (+0xd9)
  773. [ 80 fa:00 89 ]
  774. fffff80275a14a13-fffff80275a14a14 2 bytes - nt! ?? ::FNODOBFM::`string'+2d173 (+0x0a)
  775. [ 80 fa:00 89 ]
  776. fffff80275a14f77-fffff80275a14f79 3 bytes - nt! ?? ::FNODOBFM::`string'+2d6d7 (+0x564)
  777. [ 40 fb f6:80 5d bb ]
  778. fffff80275a14fd4-fffff80275a14fd5 2 bytes - nt! ?? ::FNODOBFM::`string'+2d734 (+0x5d)
  779. [ 80 fa:00 89 ]
  780. fffff80275ada387-fffff80275ada389 3 bytes - nt!ExFreePoolWithTag+387
  781. [ 40 fb f6:80 5d bb ]
  782. 34 errors : !nt (fffff8027599bd0d-fffff80275ada389)
  783.  
  784. MODULE_NAME: memory_corruption
  785.  
  786. IMAGE_NAME: memory_corruption
  787.  
  788. FOLLOWUP_NAME: memory_corruption
  789.  
  790. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  791.  
  792. MEMORY_CORRUPTOR: LARGE
  793.  
  794. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  795.  
  796. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  797.  
  798. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  799.  
  800. TARGET_TIME: 2017-05-16T13:34:13.000Z
  801.  
  802. OSBUILD: 14393
  803.  
  804. OSSERVICEPACK: 351
  805.  
  806. SERVICEPACK_NUMBER: 0
  807.  
  808. OS_REVISION: 0
  809.  
  810. SUITE_MASK: 784
  811.  
  812. PRODUCT_TYPE: 1
  813.  
  814. OSPLATFORM_TYPE: x64
  815.  
  816. OSNAME: Windows 10
  817.  
  818. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  819.  
  820. OS_LOCALE:
  821.  
  822. USER_LCID: 0
  823.  
  824. OSBUILD_TIMESTAMP: 2016-10-14 23:38:38
  825.  
  826. BUILDDATESTAMP_STR: 161014-1755
  827.  
  828. BUILDLAB_STR: rs1_release_inmarket
  829.  
  830. BUILDOSVER_STR: 10.0.14393.351
  831.  
  832. ANALYSIS_SESSION_ELAPSED_TIME: 2190
  833.  
  834. ANALYSIS_SOURCE: KM
  835.  
  836. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  837.  
  838. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  839.  
  840. Followup: memory_corruption
  841. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!