************* Symbol Path validation summary **************Response

1.  
2. ************* Symbol Path validation summary **************
3. Response Time (ms) Location
4. Deferred SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
5. Deferred .sympath srv*c:\MyServerSymbols*http://msdl.microsoft.com/download/symbols
6.  
7. Microsoft (R) Windows Debugger Version 10.0.10240.9 AMD64
8. Copyright (c) Microsoft Corporation. All rights reserved.
9.  
10.  
11. Loading Dump File [C:\Users\James\Desktop\091615-26828-01.dmp]
12. Mini Kernel Dump File: Only registers and stack trace are available
13.  
14.  
15. ************* Symbol Path validation summary **************
16. Response Time (ms) Location
17. Deferred SRV*C:\symbols*http://msdl.microsoft.com/download/symbols
18. Deferred .sympath srv*c:\MyServerSymbols*http://msdl.microsoft.com/download/symbols
19. Symbol search path is: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols;.sympath srv*c:\MyServerSymbols*http://msdl.microsoft.com/download/symbols
20. Executable search path is:
21. No .natvis files found at C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\Visualizers.
22. Windows 10 Kernel Version 10240 MP (4 procs) Free x64
23. Product: WinNt, suite: TerminalServer SingleUserTS
24. Built by: 10240.16463.amd64fre.th1.150819-1946
25. Machine Name:
26. Kernel base = 0xfffff802`e301f000 PsLoadedModuleList = 0xfffff802`e3344030
27. Debug session time: Wed Sep 16 15:00:18.917 2015 (UTC + 12:00)
28. System Uptime: 2 days 7:30:43.713
29. Loading Kernel Symbols
30. .
31.  
32. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
33. Run !sym noisy before .reload to track down problems loading symbols.
34.  
35. ..............................................................
36. ................................................................
37. ..............................................................
38. Loading User Symbols
39. ERROR: FindPlugIns 8007007b
40. ERROR: Some plugins may not be available [8007007b]
41. *******************************************************************************
42. * *
43. * Bugcheck Analysis *
44. * *
45. *******************************************************************************
46.  
47. Use !analyze -v to get detailed debugging information.
48.  
49. BugCheck 139, {3, ffffd000269ccbe0, ffffd000269ccb38, 0}
50.  
51. Probably caused by : ntkrnlmp.exe ( nt!KiFastFailDispatch+d0 )
52.  
53. Followup: MachineOwner
54. ---------
55.  
56. 3: kd> !analyze -v
57. ERROR: FindPlugIns 8007007b
58. ERROR: Some plugins may not be available [8007007b]
59. *******************************************************************************
60. * *
61. * Bugcheck Analysis *
62. * *
63. *******************************************************************************
64.  
65. KERNEL_SECURITY_CHECK_FAILURE (139)
66. A kernel component has corrupted a critical data structure. The corruption
67. could potentially allow a malicious user to gain control of this machine.
68. Arguments:
69. Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
70. Arg2: ffffd000269ccbe0, Address of the trap frame for the exception that caused the bugcheck
71. Arg3: ffffd000269ccb38, Address of the exception record for the exception that caused the bugcheck
72. Arg4: 0000000000000000, Reserved
73.  
74. Debugging Details:
75. ------------------
76.  
77.  
78. SYSTEM_SKU: F0D08PA#ABG
79.  
80. SYSTEM_VERSION: 0881100000305E00000620100
81.  
82. BIOS_DATE: 11/13/2014
83.  
84. BASEBOARD_PRODUCT: 216C
85.  
86. BASEBOARD_VERSION: 30.25
87.  
88. BUGCHECK_P1: 3
89.  
90. BUGCHECK_P2: ffffd000269ccbe0
91.  
92. BUGCHECK_P3: ffffd000269ccb38
93.  
94. BUGCHECK_P4: 0
95.  
96. TRAP_FRAME: ffffd000269ccbe0 -- (.trap 0xffffd000269ccbe0)
97. NOTE: The trap frame does not contain all registers.
98. Some register values may be zeroed or incorrect.
99. rax=ffffe00135e00000 rbx=0000000000000000 rcx=0000000000000003
100. rdx=ffffe00135edd758 rsi=0000000000000000 rdi=0000000000000000
101. rip=fffff802e31ba138 rsp=ffffd000269ccd78 rbp=0000000000000002
102. r8=ffffe00135edd758 r9=0000000000000000 r10=ffffe0011ca9a4b0
103. r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
104. r14=0000000000000000 r15=0000000000000000
105. iopl=0 nv up ei pl nz ac po cy
106. nt! ?? ::FNODOBFM::`string'+0x3e338:
107. fffff802`e31ba138 cd29 int 29h
108. Resetting default scope
109.  
110. EXCEPTION_RECORD: ffffd000269ccb38 -- (.exr 0xffffd000269ccb38)
111. ExceptionAddress: fffff802e31ba138 (nt! ?? ::FNODOBFM::`string'+0x000000000003e338)
112. ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
113. ExceptionFlags: 00000001
114. NumberParameters: 1
115. Parameter[0]: 0000000000000003
116. Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
117.  
118. CPU_COUNT: 4
119.  
120. CPU_MHZ: 830
121.  
122. CPU_VENDOR: AuthenticAMD
123.  
124. CPU_FAMILY: 15
125.  
126. CPU_MODEL: 13
127.  
128. CPU_STEPPING: 1
129.  
130. CUSTOMER_CRASH_COUNT: 1
131.  
132. DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
133.  
134. BUGCHECK_STR: 0x139
135.  
136. PROCESS_NAME: MsMpEng.exe
137.  
138. CURRENT_IRQL: 2
139.  
140. ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
141.  
142. EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
143.  
144. EXCEPTION_PARAMETER1: 0000000000000003
145.  
146. ANALYSIS_VERSION: 10.0.10240.9 amd64fre
147.  
148. LAST_CONTROL_TRANSFER: from fffff802e3177ba9 to fffff802e316d240
149.  
150. STACK_TEXT:
151. ffffd000`269cc8b8 fffff802`e3177ba9 : 00000000`00000139 00000000`00000003 ffffd000`269ccbe0 ffffd000`269ccb38 : nt!KeBugCheckEx
152. ffffd000`269cc8c0 fffff802`e3177ed0 : 00000000`00000038 ffffe001`23080000 00001f80`0010000f 0053002b`002b0010 : nt!KiBugCheckDispatch+0x69
153. ffffd000`269cca00 fffff802`e31770f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
154. ffffd000`269ccbe0 fffff802`e31ba138 : fffff802`e30cad64 ffffe001`00400602 00000000`00000000 ffffd000`269cce50 : nt!KiRaiseSecurityCheckFailure+0xf4
155. ffffd000`269ccd78 fffff802`e30cad64 : ffffe001`00400602 00000000`00000000 ffffd000`269cce50 fffff802`e3872372 : nt! ?? ::FNODOBFM::`string'+0x3e338
156. ffffd000`269ccd80 fffff802`e326b92c : ffffe001`35edd6c0 ffffe001`1ca9a760 00000000`0000001a 00000000`00000008 : nt!KeInsertQueueApc+0x74
157. ffffd000`269ccde0 fffff802`e326bafa : 00000000`00304a02 ffffd000`269ccf18 00000000`01020007 00000000`00000028 : nt!EtwpQueueStackWalkApc+0xf8
158. ffffd000`269cce50 fffff802`e31b9797 : 00000000`00000000 00000000`00000000 00000000`00000028 ffffd000`269ccf18 : nt!EtwpStackTraceDispatcher+0x116
159. ffffd000`269cce80 fffff802`e3172250 : 00000000`00000002 0000005f`4444cbbc ffffe001`35edd6c0 ffffe001`35edd7c0 : nt! ?? ::FNODOBFM::`string'+0x3d997
160. ffffd000`269ccf10 00000000`00000000 : ffffd000`269ccfe0 fffff802`e31703d3 ffffe001`35edd6c0 fffff802`e3172240 : nt!SwapContext+0x320
161.  
162.  
163. STACK_COMMAND: kb
164.  
165. FOLLOWUP_IP:
166. nt!KiFastFailDispatch+d0
167. fffff802`e3177ed0 c644242000 mov byte ptr [rsp+20h],0
168.  
169. SYMBOL_STACK_INDEX: 2
170.  
171. SYMBOL_NAME: nt!KiFastFailDispatch+d0
172.  
173. FOLLOWUP_NAME: MachineOwner
174.  
175. MODULE_NAME: nt
176.  
177. IMAGE_NAME: ntkrnlmp.exe
178.  
179. DEBUG_FLR_IMAGE_TIMESTAMP: 55d5626b
180.  
181. IMAGE_VERSION: 10.0.10240.16463
182.  
183. BUCKET_ID_FUNC_OFFSET: d0
184.  
185. FAILURE_BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
186.  
187. BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
188.  
189. PRIMARY_PROBLEM_CLASS: 0x139_3_nt!KiFastFailDispatch
190.  
191. ANALYSIS_SOURCE: KM
192.  
193. FAILURE_ID_HASH_STRING: km:0x139_3_nt!kifastfaildispatch
194.  
195. FAILURE_ID_HASH: {36173680-6f08-995f-065a-3d368c996911}
196.  
197. Followup: MachineOwner
198. ---------