blinkme323
asked on
Analyzing dump from server crash
Hey everyone,
We recently had a server crash here and I'm in the process of analyzing the dump for a root cause. From what I can tell, it appears that the crash was caused by a faulty driver, but I'm not 100% certain. I have included the dump, if some of you could provide insight / confirmation:
Thanks!
We recently had a server crash here and I'm in the process of analyzing the dump for a root cause. From what I can tell, it appears that the crash was caused by a faulty driver, but I'm not 100% certain. I have included the dump, if some of you could provide insight / confirmation:
Use !analyze -v to get detailed debugging information.
BugCheck D1, {77bb3223, d0000002, 8, 77bb3223}
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
Probably caused by : ntkrpamp.exe ( nt!KiTrap0E+2a7 )
Followup: MachineOwner
---------
7: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 77bb3223, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 77bb3223, address which referenced memory
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
READ_ADDRESS: 77bb3223
CURRENT_IRQL: 2
FAULTING_IP:
+2df952f00eadfdc
77bb3223 ?? ???
PROCESS_NAME: svchost.exe
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
LAST_CONTROL_TRANSFER: from 77bb3223 to 8088c9fb
FAILED_INSTRUCTION_ADDRESS:
+2df952f00eadfdc
77bb3223 ?? ???
STACK_TEXT:
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiTrap0E+2a7
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!KiTrap0E+2a7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4fa27d82
FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
Followup: MachineOwner
---------Thanks!
ASKER
No, this is actually from a full .dmp file that I ran through windbg. The file itself is in excess of 600 mb.
Ok, can you run this command to generate a more complete log from windbg
!analyze -v;r;kv;lmnt;
Post output so we can have a look...thanks
!analyze -v;r;kv;lmnt;
Post output so we can have a look...thanks
Change the setting so it creates small dumps, not fill dumps. Minidumps are good enough. Also wait for 3 or so dumps, and then zip them into one file and attach that. A single dump is usually not really adequate. D1 can be a driver problem.
ASKER
Below is the output from !analyze -v;r;kv;lmnt;
7: kd> !analyze -v;r;kv;lmnt;
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 77bb3223, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 77bb3223, address which referenced memory
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
READ_ADDRESS: 77bb3223
CURRENT_IRQL: 2
FAULTING_IP:
+2df952f00eadfdc
77bb3223 ?? ???
PROCESS_NAME: svchost.exe
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
LAST_CONTROL_TRANSFER: from 77bb3223 to 8088c9fb
FAILED_INSTRUCTION_ADDRESS:
+2df952f00eadfdc
77bb3223 ?? ???
STACK_TEXT:
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiTrap0E+2a7
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!KiTrap0E+2a7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4fa27d82
FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
Followup: MachineOwner
---------
eax=f779713c ebx=d0000002 ecx=00000001 edx=00000005 esi=f7797120 edi=77bb3223
eip=8088c9fb esp=96c73d4c ebp=96c73d64 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt!KiTrap0E+0x2a7:
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0 ds:0023:808a62a0=00000000
ChildEBP RetAddr Args to Child
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7 (FPO: [0,0] TrapFrame @ 96c73d64)
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
start end module name
80800000 80a5a000 nt ntkrpamp.exe Thu May 03 08:43:46 2012 (4FA27D82)
80a5a000 80a86000 hal halmacpi.dll Sat Feb 17 00:48:26 2007 (45D6972A)
95e12000 95e14580 PROCEXP141 PROCEXP141.SYS Thu Apr 15 05:23:35 2010 (4BC6DB17)
b653d000 b6568000 RDPWD RDPWD.SYS Tue May 01 08:45:40 2012 (4F9FDAF4)
b6640000 b664b000 TDTCP TDTCP.SYS Sat Feb 17 00:44:32 2007 (45D69640)
b78a0000 b7904000 srv srv.sys Thu Feb 17 11:58:17 2011 (4D5D53A9)
b7cc4000 b7d15000 HTTP HTTP.sys Wed Apr 14 13:37:09 2010 (4BC5FD45)
b81c5000 b81dd000 clusnet clusnet.sys Sat Feb 17 01:02:57 2007 (45D69A91)
b8255000 b8280500 ino_fltr ino_fltr.sys Thu Oct 18 15:55:21 2007 (4717BA29)
b83fb000 b8410000 Cdfs Cdfs.SYS Sat Feb 17 01:27:08 2007 (45D6A03C)
b86d2000 b86e3000 Fips Fips.SYS Sat Feb 17 01:26:33 2007 (45D6A019)
b8773000 b877d000 Dxapi Dxapi.sys Tue Mar 25 03:06:01 2003 (3E7FFFD9)
b8783000 b87f9000 mrxsmb mrxsmb.sys Wed Jul 06 10:34:54 2011 (4E14728E)
b8821000 b8851000 rdbss rdbss.sys Wed Feb 24 10:54:03 2010 (4B854B9B)
b8851000 b887b000 afd afd.sys Tue Dec 27 09:11:19 2011 (4EF9D207)
b887b000 b88ac000 netbt netbt.sys Sat Feb 17 01:28:57 2007 (45D6A0A9)
b88ac000 b8940000 tcpip tcpip.sys Sat Aug 15 05:53:38 2009 (4A8685A2)
b8940000 b8959000 ipsec ipsec.sys Sat Feb 17 01:29:28 2007 (45D6A0C8)
b89a9000 b89c0000 ClusDisk ClusDisk.sys Sat Feb 17 01:02:55 2007 (45D69A8F)
b8d11000 b8d26000 usbhub usbhub.sys Sat Feb 17 01:13:05 2007 (45D69CF1)
b8de9000 b8e48000 update update.sys Mon Oct 15 06:56:18 2007 (47134752)
b8e48000 b8e7f000 rdpdr rdpdr.sys Sat Feb 17 00:51:00 2007 (45D697C4)
b8e7f000 b8e91000 raspptp raspptp.sys Sat Feb 17 01:29:20 2007 (45D6A0C0)
b8e91000 b8eaa000 ndiswan ndiswan.sys Sat Feb 17 01:29:22 2007 (45D6A0C2)
b8eaa000 b8ebe000 rasl2tp rasl2tp.sys Sat Feb 17 01:29:02 2007 (45D6A0AE)
b8ebe000 b8ee5000 ks ks.sys Sat Feb 17 01:30:40 2007 (45D6A110)
b8ee5000 b8ef9000 redbook redbook.sys Sat Feb 17 01:07:26 2007 (45D69B9E)
b8ef9000 b8f0e000 cdrom cdrom.sys Sat Feb 17 01:07:48 2007 (45D69BB4)
b8f0e000 b8f23000 serial serial.sys Sat Feb 17 01:06:46 2007 (45D69B76)
b8f23000 b8f3f000 VIDEOPRT VIDEOPRT.SYS Sat Feb 17 01:10:30 2007 (45D69C56)
b8f3f000 b8f69000 USBPORT USBPORT.SYS Sat Feb 17 01:12:59 2007 (45D69CEB)
b8f69000 b8fa9000 e1e5132 e1e5132.sys Wed Nov 01 14:23:48 2006 (4548E634)
b8fa9000 b8fbc000 bxnd52x bxnd52x.sys Mon Dec 28 14:56:32 2009 (4B390D70)
b9b23000 b9b2b000 audstub audstub.sys Tue Mar 25 03:09:12 2003 (3E800098)
b9b2b000 b9b31b80 usbehci usbehci.sys Sat Feb 17 01:12:56 2007 (45D69CE8)
b9b33000 b9b38180 usbuhci usbuhci.sys Sat Feb 17 01:13:02 2007 (45D69CEE)
b9b63000 b9b6a000 dxgthk dxgthk.sys Tue Mar 25 03:05:52 2003 (3E7FFFD0)
bab94000 bab9c000 mouhid mouhid.sys Tue Mar 25 03:03:12 2003 (3E7FFF30)
bab9c000 baba3d80 usbccgp usbccgp.sys Sat Feb 17 01:13:08 2007 (45D69CF4)
baba4000 babac000 rasacd rasacd.sys Tue Mar 25 03:11:50 2003 (3E800136)
babac000 babb4000 RDPCDD RDPCDD.sys Tue Mar 25 03:03:05 2003 (3E7FFF29)
bac50000 bac5d000 wanarp wanarp.sys Sat Feb 17 00:59:17 2007 (45D699B5)
bac60000 bac6e000 dump_msas2k3 dump_msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
bac70000 bac7c000 vgapnp vgapnp.sys Sat Feb 17 01:10:30 2007 (45D69C56)
bac80000 bac8cc80 GenericMount GenericMount.sys Mon Jan 18 08:49:10 2010 (4B5466D6)
bac90000 bac9e000 msgpc msgpc.sys Sat Feb 17 00:58:37 2007 (45D6998D)
bacc0000 bacce000 NDProxy NDProxy.SYS Wed Nov 03 09:25:59 2010 (4CD162E7)
bacd0000 bacd9000 mssmbios mssmbios.sys Sat Feb 17 00:59:12 2007 (45D699B0)
bace0000 bace9000 raspti raspti.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bacf0000 bacff000 intelppm intelppm.sys Sat Feb 17 00:48:30 2007 (45D6972E)
bad20000 bad2f000 raspppoe raspppoe.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bad40000 bad4d000 netbios netbios.sys Sat Feb 17 00:58:29 2007 (45D69985)
bad60000 bad6b000 Msfs Msfs.SYS Sat Feb 17 00:50:33 2007 (45D697A9)
bad70000 bad7e000 HIDCLASS HIDCLASS.SYS Tue Mar 25 03:10:17 2003 (3E8000D9)
bad80000 bad8b000 ptilink ptilink.sys Sat Feb 17 01:06:38 2007 (45D69B6E)
bad90000 bad99000 hidusb hidusb.sys Tue Mar 25 03:10:17 2003 (3E8000D9)
bada0000 bada9000 kbdhid kbdhid.sys Sat Feb 17 01:05:42 2007 (45D69B36)
badd0000 baddc000 USBSTOR USBSTOR.SYS Sat Feb 17 01:13:05 2007 (45D69CF1)
badf0000 badf9000 ndistapi ndistapi.sys Fri Jul 08 10:08:19 2011 (4E170F53)
bae98000 baeb7000 Mup Mup.sys Tue Apr 12 15:05:46 2011 (4DA4A28A)
baeb7000 baef6000 NDIS NDIS.sys Sat Feb 17 01:28:49 2007 (45D6A0A1)
baef6000 baf8b000 Ntfs Ntfs.sys Sat Feb 17 01:27:23 2007 (45D6A04B)
baf8b000 bb000000 bxvbdx bxvbdx.sys Wed Jun 30 18:10:57 2010 (4C2BC0F1)
bf800000 bf9d4000 win32k win32k.sys Wed Jun 13 10:42:03 2012 (4FD8A6BB)
bf9d4000 bf9eb000 dxg dxg.sys Sat Feb 17 01:14:39 2007 (45D69D4F)
bf9eb000 bfa36000 ATMFD ATMFD.DLL Tue Feb 15 08:19:22 2011 (4D5A7D5A)
bff40000 bff48000 framebuf framebuf.dll Tue Mar 25 05:46:25 2003 (3E802571)
bff60000 bff7e000 RDPDD RDPDD.dll Sat Feb 17 09:01:19 2007 (45D70AAF)
f7201000 f722d000 dmio dmio.sys Sat Feb 17 01:10:44 2007 (45D69C64)
f722d000 f7254000 ftdisk ftdisk.sys Fri Aug 31 10:37:48 2007 (46D827BC)
f7254000 f72c5000 wdf01000 wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
f72c5000 f7323000 EmcpMpx EmcpMpx.sys Thu Jan 13 12:25:44 2011 (4D2F3598)
f7323000 f733c000 mpio mpio.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f733c000 f7352000 pci pci.sys Sat Feb 17 00:59:03 2007 (45D699A7)
f7352000 f7386000 ACPI ACPI.sys Sat Feb 17 00:58:47 2007 (45D69997)
f7487000 f7490000 WMILIB WMILIB.SYS Tue Mar 25 03:13:00 2003 (3E80017C)
f7497000 f74a6000 isapnp isapnp.sys Sat Feb 17 00:58:57 2007 (45D699A1)
f74a7000 f74b5000 WDFLDR WDFLDR.SYS Mon Jul 13 19:11:25 2009 (4A5BBF1D)
f74b7000 f74c3000 elxplus elxplus.sys Thu Nov 11 12:36:43 2010 (4CDC29AB)
f74c7000 f74d4000 PCIIDEX PCIIDEX.SYS Sat Feb 17 01:07:32 2007 (45D69BA4)
f74d7000 f74e7000 MountMgr MountMgr.sys Sat Feb 17 01:05:35 2007 (45D69B2F)
f74e7000 f74f2000 PartMgr PartMgr.sys Fri Aug 31 11:51:05 2007 (46D838E9)
f74f7000 f7500000 EmcpGpx EmcpGpx.sys Thu Jun 03 01:13:51 2010 (4C073A0F)
f7507000 f7515000 msas2k3 msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
f7517000 f7524000 EmcpDm EmcpDm.sys Wed Dec 01 11:25:34 2010 (4CF676FE)
f7527000 f7537000 disk disk.sys Sat Feb 17 01:07:51 2007 (45D69BB7)
f7537000 f7543000 Dfs Dfs.sys Sat Feb 17 00:51:17 2007 (45D697D5)
f7547000 f7550000 mpspfltr mpspfltr.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f7557000 f7567000 agp440 agp440.sys Sat Feb 17 00:58:53 2007 (45D6999D)
f7567000 f7571000 crcdisk crcdisk.sys Sat Feb 17 01:09:50 2007 (45D69C2E)
f75e7000 f75f1000 mouclass mouclass.sys Tue Mar 25 03:03:09 2003 (3E7FFF2D)
f75f7000 f7602000 kbdclass kbdclass.sys Sat Feb 17 01:05:39 2007 (45D69B33)
f7637000 f7641000 dump_diskdump dump_diskdump.sys Mon Mar 30 07:02:51 2009 (49D0A6DB)
f7647000 f7652000 TDI TDI.SYS Sat Feb 17 01:01:19 2007 (45D69A2F)
f7657000 f7666000 termdd termdd.sys Sat Feb 17 00:44:32 2007 (45D69640)
f7667000 f7670000 watchdog watchdog.sys Sat Feb 17 01:11:45 2007 (45D69CA1)
f7677000 f7681000 serenum serenum.sys Sat Feb 17 01:06:44 2007 (45D69B74)
f7687000 f7694000 Npfs Npfs.SYS Sat Feb 17 00:50:36 2007 (45D697AC)
f76c8000 f76d9000 symmpi symmpi.sys Mon Dec 13 16:03:14 2004 (41BE0392)
f76d9000 f7707000 volsnap volsnap.sys Fri Aug 31 10:38:26 2007 (46D827E2)
f7707000 f770f000 kdcom kdcom.dll Tue Mar 25 03:08:00 2003 (3E800050)
f770f000 f7717000 BOOTVID BOOTVID.dll Tue Mar 25 03:07:58 2003 (3E80004E)
f7717000 f771e000 pciide pciide.sys Tue Mar 25 03:04:46 2003 (3E7FFF8E)
f771f000 f7726000 intelide intelide.sys Sat Feb 17 01:07:32 2007 (45D69BA4)
f7727000 f772e000 dmload dmload.sys Tue Mar 25 03:08:08 2003 (3E800058)
f772f000 f7736000 lamclar lamclar.sys Wed Feb 03 13:09:48 2010 (4B69BBEC)
f7737000 f773e000 lamsymm lamsymm.sys Wed Feb 03 13:12:04 2010 (4B69BC74)
f773f000 f7746000 lamgen lamgen.sys Wed Feb 03 13:10:26 2010 (4B69BC12)
f7747000 f774e000 laminv laminv.sys Wed Feb 03 13:11:22 2010 (4B69BC4A)
f774f000 f7754180 ino_flpy ino_flpy.sys Wed Jun 06 20:14:51 2007 (46674DFB)
f7757000 f775e000 mpdev mpdev.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f77ff000 f7807000 Fs_Rec Fs_Rec.SYS Tue Mar 25 03:08:36 2003 (3E800074)
f7807000 f780e000 Null Null.SYS Tue Mar 25 03:03:05 2003 (3E7FFF29)
f780f000 f7816000 Beep Beep.SYS Tue Mar 25 03:03:04 2003 (3E7FFF28)
f7817000 f781d300 HIDPARSE HIDPARSE.SYS Sat Feb 17 01:12:35 2007 (45D69CD3)
f781f000 f7827000 mnmdd mnmdd.SYS Tue Mar 25 03:07:53 2003 (3E800049)
f7837000 f7897000 EmcpBase EmcpBase.sys Tue Jul 27 01:27:01 2010 (4C4E6E25)
f7897000 f7899980 compbatt compbatt.sys Sat Feb 17 00:58:51 2007 (45D6999B)
f789b000 f789e900 BATTC BATTC.SYS Sat Feb 17 00:58:46 2007 (45D69996)
f7957000 f796a000 CLASSPNP CLASSPNP.SYS Sat Feb 17 01:28:16 2007 (45D6A080)
f796a000 f7987000 atapi atapi.sys Sat Feb 17 01:07:34 2007 (45D69BA6)
f79b5000 f79b68a0 PROCEXP90 PROCEXP90.SYS Sun May 22 19:50:44 2005 (42911AD4)
f79c3000 f79c4280 swenum swenum.sys Sat Feb 17 01:05:56 2007 (45D69B44)
f79c5000 f79c6580 USBD USBD.SYS Tue Mar 25 03:10:39 2003 (3E8000EF)
f79f7000 f79f8ee0 PROCEXP111 PROCEXP111.SYS Mon Apr 14 20:26:09 2008 (4803F621)
f7a03000 f7a04a20 PROCEXP100 PROCEXP100.SYS Tue Sep 26 09:46:39 2006 (45192F3F)
f7a0f000 f7a4f000 storport storport.sys Mon Mar 30 07:02:53 2009 (49D0A6DD)
f7ac8000 f7aef000 KSecDD KSecDD.sys Fri Jun 01 08:47:07 2012 (4FC8B9CB)
f7aef000 f7b0fb00 symsnap symsnap.sys Mon Jun 21 11:37:35 2010 (4C1F873F)
f7b10000 f7b35000 fltMgr fltMgr.sys Sat Feb 17 00:51:08 2007 (45D697CC)
f7b35000 f7b54000 SCSIPORT SCSIPORT.SYS Sat Feb 17 01:28:41 2007 (45D6A099)
f7b54000 f7bdf000 elxstor elxstor.sys Thu Oct 28 15:26:58 2010 (4CC9CE82)
Unloaded modules:
966d4000 966db000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a150000 9a157000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c6c000 99c73000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c2c000 99c33000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c64000 99c6b000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a050000 9a057000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8961000 b8968000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b9b4b000 b9b52000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bab8c000 bab93000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f775f000 f7766000 EmcpClass.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
baca0000 bacae000 imapi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bac60000 bac6c000 vga.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f7637000 f7640000 kbdhid.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8996000 b89a9000 i8042prt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f77f7000 f77ff000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
7: kd> !analyze -v;r;kv;lmnt;
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 77bb3223, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 77bb3223, address which referenced memory
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
READ_ADDRESS: 77bb3223
CURRENT_IRQL: 2
FAULTING_IP:
+2df952f00eadfdc
77bb3223 ?? ???
PROCESS_NAME: svchost.exe
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
LAST_CONTROL_TRANSFER: from 77bb3223 to 8088c9fb
FAILED_INSTRUCTION_ADDRESS:
+2df952f00eadfdc
77bb3223 ?? ???
STACK_TEXT:
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiTrap0E+2a7
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!KiTrap0E+2a7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4fa27d82
FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
Followup: MachineOwner
---------
eax=f779713c ebx=d0000002 ecx=00000001 edx=00000005 esi=f7797120 edi=77bb3223
eip=8088c9fb esp=96c73d4c ebp=96c73d64 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt!KiTrap0E+0x2a7:
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0 ds:0023:808a62a0=00000000
ChildEBP RetAddr Args to Child
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7 (FPO: [0,0] TrapFrame @ 96c73d64)
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
start end module name
80800000 80a5a000 nt ntkrpamp.exe Thu May 03 08:43:46 2012 (4FA27D82)
80a5a000 80a86000 hal halmacpi.dll Sat Feb 17 00:48:26 2007 (45D6972A)
95e12000 95e14580 PROCEXP141 PROCEXP141.SYS Thu Apr 15 05:23:35 2010 (4BC6DB17)
b653d000 b6568000 RDPWD RDPWD.SYS Tue May 01 08:45:40 2012 (4F9FDAF4)
b6640000 b664b000 TDTCP TDTCP.SYS Sat Feb 17 00:44:32 2007 (45D69640)
b78a0000 b7904000 srv srv.sys Thu Feb 17 11:58:17 2011 (4D5D53A9)
b7cc4000 b7d15000 HTTP HTTP.sys Wed Apr 14 13:37:09 2010 (4BC5FD45)
b81c5000 b81dd000 clusnet clusnet.sys Sat Feb 17 01:02:57 2007 (45D69A91)
b8255000 b8280500 ino_fltr ino_fltr.sys Thu Oct 18 15:55:21 2007 (4717BA29)
b83fb000 b8410000 Cdfs Cdfs.SYS Sat Feb 17 01:27:08 2007 (45D6A03C)
b86d2000 b86e3000 Fips Fips.SYS Sat Feb 17 01:26:33 2007 (45D6A019)
b8773000 b877d000 Dxapi Dxapi.sys Tue Mar 25 03:06:01 2003 (3E7FFFD9)
b8783000 b87f9000 mrxsmb mrxsmb.sys Wed Jul 06 10:34:54 2011 (4E14728E)
b8821000 b8851000 rdbss rdbss.sys Wed Feb 24 10:54:03 2010 (4B854B9B)
b8851000 b887b000 afd afd.sys Tue Dec 27 09:11:19 2011 (4EF9D207)
b887b000 b88ac000 netbt netbt.sys Sat Feb 17 01:28:57 2007 (45D6A0A9)
b88ac000 b8940000 tcpip tcpip.sys Sat Aug 15 05:53:38 2009 (4A8685A2)
b8940000 b8959000 ipsec ipsec.sys Sat Feb 17 01:29:28 2007 (45D6A0C8)
b89a9000 b89c0000 ClusDisk ClusDisk.sys Sat Feb 17 01:02:55 2007 (45D69A8F)
b8d11000 b8d26000 usbhub usbhub.sys Sat Feb 17 01:13:05 2007 (45D69CF1)
b8de9000 b8e48000 update update.sys Mon Oct 15 06:56:18 2007 (47134752)
b8e48000 b8e7f000 rdpdr rdpdr.sys Sat Feb 17 00:51:00 2007 (45D697C4)
b8e7f000 b8e91000 raspptp raspptp.sys Sat Feb 17 01:29:20 2007 (45D6A0C0)
b8e91000 b8eaa000 ndiswan ndiswan.sys Sat Feb 17 01:29:22 2007 (45D6A0C2)
b8eaa000 b8ebe000 rasl2tp rasl2tp.sys Sat Feb 17 01:29:02 2007 (45D6A0AE)
b8ebe000 b8ee5000 ks ks.sys Sat Feb 17 01:30:40 2007 (45D6A110)
b8ee5000 b8ef9000 redbook redbook.sys Sat Feb 17 01:07:26 2007 (45D69B9E)
b8ef9000 b8f0e000 cdrom cdrom.sys Sat Feb 17 01:07:48 2007 (45D69BB4)
b8f0e000 b8f23000 serial serial.sys Sat Feb 17 01:06:46 2007 (45D69B76)
b8f23000 b8f3f000 VIDEOPRT VIDEOPRT.SYS Sat Feb 17 01:10:30 2007 (45D69C56)
b8f3f000 b8f69000 USBPORT USBPORT.SYS Sat Feb 17 01:12:59 2007 (45D69CEB)
b8f69000 b8fa9000 e1e5132 e1e5132.sys Wed Nov 01 14:23:48 2006 (4548E634)
b8fa9000 b8fbc000 bxnd52x bxnd52x.sys Mon Dec 28 14:56:32 2009 (4B390D70)
b9b23000 b9b2b000 audstub audstub.sys Tue Mar 25 03:09:12 2003 (3E800098)
b9b2b000 b9b31b80 usbehci usbehci.sys Sat Feb 17 01:12:56 2007 (45D69CE8)
b9b33000 b9b38180 usbuhci usbuhci.sys Sat Feb 17 01:13:02 2007 (45D69CEE)
b9b63000 b9b6a000 dxgthk dxgthk.sys Tue Mar 25 03:05:52 2003 (3E7FFFD0)
bab94000 bab9c000 mouhid mouhid.sys Tue Mar 25 03:03:12 2003 (3E7FFF30)
bab9c000 baba3d80 usbccgp usbccgp.sys Sat Feb 17 01:13:08 2007 (45D69CF4)
baba4000 babac000 rasacd rasacd.sys Tue Mar 25 03:11:50 2003 (3E800136)
babac000 babb4000 RDPCDD RDPCDD.sys Tue Mar 25 03:03:05 2003 (3E7FFF29)
bac50000 bac5d000 wanarp wanarp.sys Sat Feb 17 00:59:17 2007 (45D699B5)
bac60000 bac6e000 dump_msas2k3 dump_msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
bac70000 bac7c000 vgapnp vgapnp.sys Sat Feb 17 01:10:30 2007 (45D69C56)
bac80000 bac8cc80 GenericMount GenericMount.sys Mon Jan 18 08:49:10 2010 (4B5466D6)
bac90000 bac9e000 msgpc msgpc.sys Sat Feb 17 00:58:37 2007 (45D6998D)
bacc0000 bacce000 NDProxy NDProxy.SYS Wed Nov 03 09:25:59 2010 (4CD162E7)
bacd0000 bacd9000 mssmbios mssmbios.sys Sat Feb 17 00:59:12 2007 (45D699B0)
bace0000 bace9000 raspti raspti.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bacf0000 bacff000 intelppm intelppm.sys Sat Feb 17 00:48:30 2007 (45D6972E)
bad20000 bad2f000 raspppoe raspppoe.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bad40000 bad4d000 netbios netbios.sys Sat Feb 17 00:58:29 2007 (45D69985)
bad60000 bad6b000 Msfs Msfs.SYS Sat Feb 17 00:50:33 2007 (45D697A9)
bad70000 bad7e000 HIDCLASS HIDCLASS.SYS Tue Mar 25 03:10:17 2003 (3E8000D9)
bad80000 bad8b000 ptilink ptilink.sys Sat Feb 17 01:06:38 2007 (45D69B6E)
bad90000 bad99000 hidusb hidusb.sys Tue Mar 25 03:10:17 2003 (3E8000D9)
bada0000 bada9000 kbdhid kbdhid.sys Sat Feb 17 01:05:42 2007 (45D69B36)
badd0000 baddc000 USBSTOR USBSTOR.SYS Sat Feb 17 01:13:05 2007 (45D69CF1)
badf0000 badf9000 ndistapi ndistapi.sys Fri Jul 08 10:08:19 2011 (4E170F53)
bae98000 baeb7000 Mup Mup.sys Tue Apr 12 15:05:46 2011 (4DA4A28A)
baeb7000 baef6000 NDIS NDIS.sys Sat Feb 17 01:28:49 2007 (45D6A0A1)
baef6000 baf8b000 Ntfs Ntfs.sys Sat Feb 17 01:27:23 2007 (45D6A04B)
baf8b000 bb000000 bxvbdx bxvbdx.sys Wed Jun 30 18:10:57 2010 (4C2BC0F1)
bf800000 bf9d4000 win32k win32k.sys Wed Jun 13 10:42:03 2012 (4FD8A6BB)
bf9d4000 bf9eb000 dxg dxg.sys Sat Feb 17 01:14:39 2007 (45D69D4F)
bf9eb000 bfa36000 ATMFD ATMFD.DLL Tue Feb 15 08:19:22 2011 (4D5A7D5A)
bff40000 bff48000 framebuf framebuf.dll Tue Mar 25 05:46:25 2003 (3E802571)
bff60000 bff7e000 RDPDD RDPDD.dll Sat Feb 17 09:01:19 2007 (45D70AAF)
f7201000 f722d000 dmio dmio.sys Sat Feb 17 01:10:44 2007 (45D69C64)
f722d000 f7254000 ftdisk ftdisk.sys Fri Aug 31 10:37:48 2007 (46D827BC)
f7254000 f72c5000 wdf01000 wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
f72c5000 f7323000 EmcpMpx EmcpMpx.sys Thu Jan 13 12:25:44 2011 (4D2F3598)
f7323000 f733c000 mpio mpio.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f733c000 f7352000 pci pci.sys Sat Feb 17 00:59:03 2007 (45D699A7)
f7352000 f7386000 ACPI ACPI.sys Sat Feb 17 00:58:47 2007 (45D69997)
f7487000 f7490000 WMILIB WMILIB.SYS Tue Mar 25 03:13:00 2003 (3E80017C)
f7497000 f74a6000 isapnp isapnp.sys Sat Feb 17 00:58:57 2007 (45D699A1)
f74a7000 f74b5000 WDFLDR WDFLDR.SYS Mon Jul 13 19:11:25 2009 (4A5BBF1D)
f74b7000 f74c3000 elxplus elxplus.sys Thu Nov 11 12:36:43 2010 (4CDC29AB)
f74c7000 f74d4000 PCIIDEX PCIIDEX.SYS Sat Feb 17 01:07:32 2007 (45D69BA4)
f74d7000 f74e7000 MountMgr MountMgr.sys Sat Feb 17 01:05:35 2007 (45D69B2F)
f74e7000 f74f2000 PartMgr PartMgr.sys Fri Aug 31 11:51:05 2007 (46D838E9)
f74f7000 f7500000 EmcpGpx EmcpGpx.sys Thu Jun 03 01:13:51 2010 (4C073A0F)
f7507000 f7515000 msas2k3 msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
f7517000 f7524000 EmcpDm EmcpDm.sys Wed Dec 01 11:25:34 2010 (4CF676FE)
f7527000 f7537000 disk disk.sys Sat Feb 17 01:07:51 2007 (45D69BB7)
f7537000 f7543000 Dfs Dfs.sys Sat Feb 17 00:51:17 2007 (45D697D5)
f7547000 f7550000 mpspfltr mpspfltr.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f7557000 f7567000 agp440 agp440.sys Sat Feb 17 00:58:53 2007 (45D6999D)
f7567000 f7571000 crcdisk crcdisk.sys Sat Feb 17 01:09:50 2007 (45D69C2E)
f75e7000 f75f1000 mouclass mouclass.sys Tue Mar 25 03:03:09 2003 (3E7FFF2D)
f75f7000 f7602000 kbdclass kbdclass.sys Sat Feb 17 01:05:39 2007 (45D69B33)
f7637000 f7641000 dump_diskdump dump_diskdump.sys Mon Mar 30 07:02:51 2009 (49D0A6DB)
f7647000 f7652000 TDI TDI.SYS Sat Feb 17 01:01:19 2007 (45D69A2F)
f7657000 f7666000 termdd termdd.sys Sat Feb 17 00:44:32 2007 (45D69640)
f7667000 f7670000 watchdog watchdog.sys Sat Feb 17 01:11:45 2007 (45D69CA1)
f7677000 f7681000 serenum serenum.sys Sat Feb 17 01:06:44 2007 (45D69B74)
f7687000 f7694000 Npfs Npfs.SYS Sat Feb 17 00:50:36 2007 (45D697AC)
f76c8000 f76d9000 symmpi symmpi.sys Mon Dec 13 16:03:14 2004 (41BE0392)
f76d9000 f7707000 volsnap volsnap.sys Fri Aug 31 10:38:26 2007 (46D827E2)
f7707000 f770f000 kdcom kdcom.dll Tue Mar 25 03:08:00 2003 (3E800050)
f770f000 f7717000 BOOTVID BOOTVID.dll Tue Mar 25 03:07:58 2003 (3E80004E)
f7717000 f771e000 pciide pciide.sys Tue Mar 25 03:04:46 2003 (3E7FFF8E)
f771f000 f7726000 intelide intelide.sys Sat Feb 17 01:07:32 2007 (45D69BA4)
f7727000 f772e000 dmload dmload.sys Tue Mar 25 03:08:08 2003 (3E800058)
f772f000 f7736000 lamclar lamclar.sys Wed Feb 03 13:09:48 2010 (4B69BBEC)
f7737000 f773e000 lamsymm lamsymm.sys Wed Feb 03 13:12:04 2010 (4B69BC74)
f773f000 f7746000 lamgen lamgen.sys Wed Feb 03 13:10:26 2010 (4B69BC12)
f7747000 f774e000 laminv laminv.sys Wed Feb 03 13:11:22 2010 (4B69BC4A)
f774f000 f7754180 ino_flpy ino_flpy.sys Wed Jun 06 20:14:51 2007 (46674DFB)
f7757000 f775e000 mpdev mpdev.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f77ff000 f7807000 Fs_Rec Fs_Rec.SYS Tue Mar 25 03:08:36 2003 (3E800074)
f7807000 f780e000 Null Null.SYS Tue Mar 25 03:03:05 2003 (3E7FFF29)
f780f000 f7816000 Beep Beep.SYS Tue Mar 25 03:03:04 2003 (3E7FFF28)
f7817000 f781d300 HIDPARSE HIDPARSE.SYS Sat Feb 17 01:12:35 2007 (45D69CD3)
f781f000 f7827000 mnmdd mnmdd.SYS Tue Mar 25 03:07:53 2003 (3E800049)
f7837000 f7897000 EmcpBase EmcpBase.sys Tue Jul 27 01:27:01 2010 (4C4E6E25)
f7897000 f7899980 compbatt compbatt.sys Sat Feb 17 00:58:51 2007 (45D6999B)
f789b000 f789e900 BATTC BATTC.SYS Sat Feb 17 00:58:46 2007 (45D69996)
f7957000 f796a000 CLASSPNP CLASSPNP.SYS Sat Feb 17 01:28:16 2007 (45D6A080)
f796a000 f7987000 atapi atapi.sys Sat Feb 17 01:07:34 2007 (45D69BA6)
f79b5000 f79b68a0 PROCEXP90 PROCEXP90.SYS Sun May 22 19:50:44 2005 (42911AD4)
f79c3000 f79c4280 swenum swenum.sys Sat Feb 17 01:05:56 2007 (45D69B44)
f79c5000 f79c6580 USBD USBD.SYS Tue Mar 25 03:10:39 2003 (3E8000EF)
f79f7000 f79f8ee0 PROCEXP111 PROCEXP111.SYS Mon Apr 14 20:26:09 2008 (4803F621)
f7a03000 f7a04a20 PROCEXP100 PROCEXP100.SYS Tue Sep 26 09:46:39 2006 (45192F3F)
f7a0f000 f7a4f000 storport storport.sys Mon Mar 30 07:02:53 2009 (49D0A6DD)
f7ac8000 f7aef000 KSecDD KSecDD.sys Fri Jun 01 08:47:07 2012 (4FC8B9CB)
f7aef000 f7b0fb00 symsnap symsnap.sys Mon Jun 21 11:37:35 2010 (4C1F873F)
f7b10000 f7b35000 fltMgr fltMgr.sys Sat Feb 17 00:51:08 2007 (45D697CC)
f7b35000 f7b54000 SCSIPORT SCSIPORT.SYS Sat Feb 17 01:28:41 2007 (45D6A099)
f7b54000 f7bdf000 elxstor elxstor.sys Thu Oct 28 15:26:58 2010 (4CC9CE82)
Unloaded modules:
966d4000 966db000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a150000 9a157000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c6c000 99c73000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c2c000 99c33000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c64000 99c6b000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a050000 9a057000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8961000 b8968000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b9b4b000 b9b52000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bab8c000 bab93000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f775f000 f7766000 EmcpClass.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
baca0000 bacae000 imapi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bac60000 bac6c000 vga.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f7637000 f7640000 kbdhid.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8996000 b89a9000 i8042prt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f77f7000 f77ff000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
7: kd> !analyze -v;r;kv;lmnt;
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 77bb3223, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: 77bb3223, address which referenced memory
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
READ_ADDRESS: 77bb3223
CURRENT_IRQL: 2
FAULTING_IP:
+2df952f00eadfdc
77bb3223 ?? ???
PROCESS_NAME: svchost.exe
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
LAST_CONTROL_TRANSFER: from 77bb3223 to 8088c9fb
FAILED_INSTRUCTION_ADDRESS:
+2df952f00eadfdc
77bb3223 ?? ???
STACK_TEXT:
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiTrap0E+2a7
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!KiTrap0E+2a7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4fa27d82
FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!KiTrap0E+2a7
Followup: MachineOwner
---------
eax=f779713c ebx=d0000002 ecx=00000001 edx=00000005 esi=f7797120 edi=77bb3223
eip=8088c9fb esp=96c73d4c ebp=96c73d64 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt!KiTrap0E+0x2a7:
8088c9fb 833da0628a8000 cmp dword ptr [nt!KiFreezeFlag (808a62a0)],0 ds:0023:808a62a0=00000000
ChildEBP RetAddr Args to Child
96c73d64 77bb3223 badb0d00 00acef1c 00000000 nt!KiTrap0E+0x2a7 (FPO: [0,0] TrapFrame @ 96c73d64)
WARNING: Frame IP not in any known module. Following frames may be wrong.
00acef10 00000000 00000000 00000000 00000000 0x77bb3223
start end module name
80800000 80a5a000 nt ntkrpamp.exe Thu May 03 08:43:46 2012 (4FA27D82)
80a5a000 80a86000 hal halmacpi.dll Sat Feb 17 00:48:26 2007 (45D6972A)
95e12000 95e14580 PROCEXP141 PROCEXP141.SYS Thu Apr 15 05:23:35 2010 (4BC6DB17)
b653d000 b6568000 RDPWD RDPWD.SYS Tue May 01 08:45:40 2012 (4F9FDAF4)
b6640000 b664b000 TDTCP TDTCP.SYS Sat Feb 17 00:44:32 2007 (45D69640)
b78a0000 b7904000 srv srv.sys Thu Feb 17 11:58:17 2011 (4D5D53A9)
b7cc4000 b7d15000 HTTP HTTP.sys Wed Apr 14 13:37:09 2010 (4BC5FD45)
b81c5000 b81dd000 clusnet clusnet.sys Sat Feb 17 01:02:57 2007 (45D69A91)
b8255000 b8280500 ino_fltr ino_fltr.sys Thu Oct 18 15:55:21 2007 (4717BA29)
b83fb000 b8410000 Cdfs Cdfs.SYS Sat Feb 17 01:27:08 2007 (45D6A03C)
b86d2000 b86e3000 Fips Fips.SYS Sat Feb 17 01:26:33 2007 (45D6A019)
b8773000 b877d000 Dxapi Dxapi.sys Tue Mar 25 03:06:01 2003 (3E7FFFD9)
b8783000 b87f9000 mrxsmb mrxsmb.sys Wed Jul 06 10:34:54 2011 (4E14728E)
b8821000 b8851000 rdbss rdbss.sys Wed Feb 24 10:54:03 2010 (4B854B9B)
b8851000 b887b000 afd afd.sys Tue Dec 27 09:11:19 2011 (4EF9D207)
b887b000 b88ac000 netbt netbt.sys Sat Feb 17 01:28:57 2007 (45D6A0A9)
b88ac000 b8940000 tcpip tcpip.sys Sat Aug 15 05:53:38 2009 (4A8685A2)
b8940000 b8959000 ipsec ipsec.sys Sat Feb 17 01:29:28 2007 (45D6A0C8)
b89a9000 b89c0000 ClusDisk ClusDisk.sys Sat Feb 17 01:02:55 2007 (45D69A8F)
b8d11000 b8d26000 usbhub usbhub.sys Sat Feb 17 01:13:05 2007 (45D69CF1)
b8de9000 b8e48000 update update.sys Mon Oct 15 06:56:18 2007 (47134752)
b8e48000 b8e7f000 rdpdr rdpdr.sys Sat Feb 17 00:51:00 2007 (45D697C4)
b8e7f000 b8e91000 raspptp raspptp.sys Sat Feb 17 01:29:20 2007 (45D6A0C0)
b8e91000 b8eaa000 ndiswan ndiswan.sys Sat Feb 17 01:29:22 2007 (45D6A0C2)
b8eaa000 b8ebe000 rasl2tp rasl2tp.sys Sat Feb 17 01:29:02 2007 (45D6A0AE)
b8ebe000 b8ee5000 ks ks.sys Sat Feb 17 01:30:40 2007 (45D6A110)
b8ee5000 b8ef9000 redbook redbook.sys Sat Feb 17 01:07:26 2007 (45D69B9E)
b8ef9000 b8f0e000 cdrom cdrom.sys Sat Feb 17 01:07:48 2007 (45D69BB4)
b8f0e000 b8f23000 serial serial.sys Sat Feb 17 01:06:46 2007 (45D69B76)
b8f23000 b8f3f000 VIDEOPRT VIDEOPRT.SYS Sat Feb 17 01:10:30 2007 (45D69C56)
b8f3f000 b8f69000 USBPORT USBPORT.SYS Sat Feb 17 01:12:59 2007 (45D69CEB)
b8f69000 b8fa9000 e1e5132 e1e5132.sys Wed Nov 01 14:23:48 2006 (4548E634)
b8fa9000 b8fbc000 bxnd52x bxnd52x.sys Mon Dec 28 14:56:32 2009 (4B390D70)
b9b23000 b9b2b000 audstub audstub.sys Tue Mar 25 03:09:12 2003 (3E800098)
b9b2b000 b9b31b80 usbehci usbehci.sys Sat Feb 17 01:12:56 2007 (45D69CE8)
b9b33000 b9b38180 usbuhci usbuhci.sys Sat Feb 17 01:13:02 2007 (45D69CEE)
b9b63000 b9b6a000 dxgthk dxgthk.sys Tue Mar 25 03:05:52 2003 (3E7FFFD0)
bab94000 bab9c000 mouhid mouhid.sys Tue Mar 25 03:03:12 2003 (3E7FFF30)
bab9c000 baba3d80 usbccgp usbccgp.sys Sat Feb 17 01:13:08 2007 (45D69CF4)
baba4000 babac000 rasacd rasacd.sys Tue Mar 25 03:11:50 2003 (3E800136)
babac000 babb4000 RDPCDD RDPCDD.sys Tue Mar 25 03:03:05 2003 (3E7FFF29)
bac50000 bac5d000 wanarp wanarp.sys Sat Feb 17 00:59:17 2007 (45D699B5)
bac60000 bac6e000 dump_msas2k3 dump_msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
bac70000 bac7c000 vgapnp vgapnp.sys Sat Feb 17 01:10:30 2007 (45D69C56)
bac80000 bac8cc80 GenericMount GenericMount.sys Mon Jan 18 08:49:10 2010 (4B5466D6)
bac90000 bac9e000 msgpc msgpc.sys Sat Feb 17 00:58:37 2007 (45D6998D)
bacc0000 bacce000 NDProxy NDProxy.SYS Wed Nov 03 09:25:59 2010 (4CD162E7)
bacd0000 bacd9000 mssmbios mssmbios.sys Sat Feb 17 00:59:12 2007 (45D699B0)
bace0000 bace9000 raspti raspti.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bacf0000 bacff000 intelppm intelppm.sys Sat Feb 17 00:48:30 2007 (45D6972E)
bad20000 bad2f000 raspppoe raspppoe.sys Sat Feb 17 00:59:23 2007 (45D699BB)
bad40000 bad4d000 netbios netbios.sys Sat Feb 17 00:58:29 2007 (45D69985)
bad60000 bad6b000 Msfs Msfs.SYS Sat Feb 17 00:50:33 2007 (45D697A9)
bad70000 bad7e000 HIDCLASS HIDCLASS.SYS Tue Mar 25 03:10:17 2003 (3E8000D9)
bad80000 bad8b000 ptilink ptilink.sys Sat Feb 17 01:06:38 2007 (45D69B6E)
bad90000 bad99000 hidusb hidusb.sys Tue Mar 25 03:10:17 2003 (3E8000D9)
bada0000 bada9000 kbdhid kbdhid.sys Sat Feb 17 01:05:42 2007 (45D69B36)
badd0000 baddc000 USBSTOR USBSTOR.SYS Sat Feb 17 01:13:05 2007 (45D69CF1)
badf0000 badf9000 ndistapi ndistapi.sys Fri Jul 08 10:08:19 2011 (4E170F53)
bae98000 baeb7000 Mup Mup.sys Tue Apr 12 15:05:46 2011 (4DA4A28A)
baeb7000 baef6000 NDIS NDIS.sys Sat Feb 17 01:28:49 2007 (45D6A0A1)
baef6000 baf8b000 Ntfs Ntfs.sys Sat Feb 17 01:27:23 2007 (45D6A04B)
baf8b000 bb000000 bxvbdx bxvbdx.sys Wed Jun 30 18:10:57 2010 (4C2BC0F1)
bf800000 bf9d4000 win32k win32k.sys Wed Jun 13 10:42:03 2012 (4FD8A6BB)
bf9d4000 bf9eb000 dxg dxg.sys Sat Feb 17 01:14:39 2007 (45D69D4F)
bf9eb000 bfa36000 ATMFD ATMFD.DLL Tue Feb 15 08:19:22 2011 (4D5A7D5A)
bff40000 bff48000 framebuf framebuf.dll Tue Mar 25 05:46:25 2003 (3E802571)
bff60000 bff7e000 RDPDD RDPDD.dll Sat Feb 17 09:01:19 2007 (45D70AAF)
f7201000 f722d000 dmio dmio.sys Sat Feb 17 01:10:44 2007 (45D69C64)
f722d000 f7254000 ftdisk ftdisk.sys Fri Aug 31 10:37:48 2007 (46D827BC)
f7254000 f72c5000 wdf01000 wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
f72c5000 f7323000 EmcpMpx EmcpMpx.sys Thu Jan 13 12:25:44 2011 (4D2F3598)
f7323000 f733c000 mpio mpio.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f733c000 f7352000 pci pci.sys Sat Feb 17 00:59:03 2007 (45D699A7)
f7352000 f7386000 ACPI ACPI.sys Sat Feb 17 00:58:47 2007 (45D69997)
f7487000 f7490000 WMILIB WMILIB.SYS Tue Mar 25 03:13:00 2003 (3E80017C)
f7497000 f74a6000 isapnp isapnp.sys Sat Feb 17 00:58:57 2007 (45D699A1)
f74a7000 f74b5000 WDFLDR WDFLDR.SYS Mon Jul 13 19:11:25 2009 (4A5BBF1D)
f74b7000 f74c3000 elxplus elxplus.sys Thu Nov 11 12:36:43 2010 (4CDC29AB)
f74c7000 f74d4000 PCIIDEX PCIIDEX.SYS Sat Feb 17 01:07:32 2007 (45D69BA4)
f74d7000 f74e7000 MountMgr MountMgr.sys Sat Feb 17 01:05:35 2007 (45D69B2F)
f74e7000 f74f2000 PartMgr PartMgr.sys Fri Aug 31 11:51:05 2007 (46D838E9)
f74f7000 f7500000 EmcpGpx EmcpGpx.sys Thu Jun 03 01:13:51 2010 (4C073A0F)
f7507000 f7515000 msas2k3 msas2k3.sys Fri Sep 17 13:46:31 2010 (4C93A977)
f7517000 f7524000 EmcpDm EmcpDm.sys Wed Dec 01 11:25:34 2010 (4CF676FE)
f7527000 f7537000 disk disk.sys Sat Feb 17 01:07:51 2007 (45D69BB7)
f7537000 f7543000 Dfs Dfs.sys Sat Feb 17 00:51:17 2007 (45D697D5)
f7547000 f7550000 mpspfltr mpspfltr.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f7557000 f7567000 agp440 agp440.sys Sat Feb 17 00:58:53 2007 (45D6999D)
f7567000 f7571000 crcdisk crcdisk.sys Sat Feb 17 01:09:50 2007 (45D69C2E)
f75e7000 f75f1000 mouclass mouclass.sys Tue Mar 25 03:03:09 2003 (3E7FFF2D)
f75f7000 f7602000 kbdclass kbdclass.sys Sat Feb 17 01:05:39 2007 (45D69B33)
f7637000 f7641000 dump_diskdump dump_diskdump.sys Mon Mar 30 07:02:51 2009 (49D0A6DB)
f7647000 f7652000 TDI TDI.SYS Sat Feb 17 01:01:19 2007 (45D69A2F)
f7657000 f7666000 termdd termdd.sys Sat Feb 17 00:44:32 2007 (45D69640)
f7667000 f7670000 watchdog watchdog.sys Sat Feb 17 01:11:45 2007 (45D69CA1)
f7677000 f7681000 serenum serenum.sys Sat Feb 17 01:06:44 2007 (45D69B74)
f7687000 f7694000 Npfs Npfs.SYS Sat Feb 17 00:50:36 2007 (45D697AC)
f76c8000 f76d9000 symmpi symmpi.sys Mon Dec 13 16:03:14 2004 (41BE0392)
f76d9000 f7707000 volsnap volsnap.sys Fri Aug 31 10:38:26 2007 (46D827E2)
f7707000 f770f000 kdcom kdcom.dll Tue Mar 25 03:08:00 2003 (3E800050)
f770f000 f7717000 BOOTVID BOOTVID.dll Tue Mar 25 03:07:58 2003 (3E80004E)
f7717000 f771e000 pciide pciide.sys Tue Mar 25 03:04:46 2003 (3E7FFF8E)
f771f000 f7726000 intelide intelide.sys Sat Feb 17 01:07:32 2007 (45D69BA4)
f7727000 f772e000 dmload dmload.sys Tue Mar 25 03:08:08 2003 (3E800058)
f772f000 f7736000 lamclar lamclar.sys Wed Feb 03 13:09:48 2010 (4B69BBEC)
f7737000 f773e000 lamsymm lamsymm.sys Wed Feb 03 13:12:04 2010 (4B69BC74)
f773f000 f7746000 lamgen lamgen.sys Wed Feb 03 13:10:26 2010 (4B69BC12)
f7747000 f774e000 laminv laminv.sys Wed Feb 03 13:11:22 2010 (4B69BC4A)
f774f000 f7754180 ino_flpy ino_flpy.sys Wed Jun 06 20:14:51 2007 (46674DFB)
f7757000 f775e000 mpdev mpdev.sys Thu Apr 02 14:22:18 2009 (49D5025A)
f77ff000 f7807000 Fs_Rec Fs_Rec.SYS Tue Mar 25 03:08:36 2003 (3E800074)
f7807000 f780e000 Null Null.SYS Tue Mar 25 03:03:05 2003 (3E7FFF29)
f780f000 f7816000 Beep Beep.SYS Tue Mar 25 03:03:04 2003 (3E7FFF28)
f7817000 f781d300 HIDPARSE HIDPARSE.SYS Sat Feb 17 01:12:35 2007 (45D69CD3)
f781f000 f7827000 mnmdd mnmdd.SYS Tue Mar 25 03:07:53 2003 (3E800049)
f7837000 f7897000 EmcpBase EmcpBase.sys Tue Jul 27 01:27:01 2010 (4C4E6E25)
f7897000 f7899980 compbatt compbatt.sys Sat Feb 17 00:58:51 2007 (45D6999B)
f789b000 f789e900 BATTC BATTC.SYS Sat Feb 17 00:58:46 2007 (45D69996)
f7957000 f796a000 CLASSPNP CLASSPNP.SYS Sat Feb 17 01:28:16 2007 (45D6A080)
f796a000 f7987000 atapi atapi.sys Sat Feb 17 01:07:34 2007 (45D69BA6)
f79b5000 f79b68a0 PROCEXP90 PROCEXP90.SYS Sun May 22 19:50:44 2005 (42911AD4)
f79c3000 f79c4280 swenum swenum.sys Sat Feb 17 01:05:56 2007 (45D69B44)
f79c5000 f79c6580 USBD USBD.SYS Tue Mar 25 03:10:39 2003 (3E8000EF)
f79f7000 f79f8ee0 PROCEXP111 PROCEXP111.SYS Mon Apr 14 20:26:09 2008 (4803F621)
f7a03000 f7a04a20 PROCEXP100 PROCEXP100.SYS Tue Sep 26 09:46:39 2006 (45192F3F)
f7a0f000 f7a4f000 storport storport.sys Mon Mar 30 07:02:53 2009 (49D0A6DD)
f7ac8000 f7aef000 KSecDD KSecDD.sys Fri Jun 01 08:47:07 2012 (4FC8B9CB)
f7aef000 f7b0fb00 symsnap symsnap.sys Mon Jun 21 11:37:35 2010 (4C1F873F)
f7b10000 f7b35000 fltMgr fltMgr.sys Sat Feb 17 00:51:08 2007 (45D697CC)
f7b35000 f7b54000 SCSIPORT SCSIPORT.SYS Sat Feb 17 01:28:41 2007 (45D6A099)
f7b54000 f7bdf000 elxstor elxstor.sys Thu Oct 28 15:26:58 2010 (4CC9CE82)
Unloaded modules:
966d4000 966db000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a150000 9a157000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c6c000 99c73000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c2c000 99c33000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
99c64000 99c6b000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
9a050000 9a057000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8961000 b8968000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b9b4b000 b9b52000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8969000 b8970000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bab8c000 bab93000 cfig50wnt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f775f000 f7766000 EmcpClass.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
baca0000 bacae000 imapi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
bac60000 bac6c000 vga.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f7637000 f7640000 kbdhid.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b8996000 b89a9000 i8042prt.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f77f7000 f77ff000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the suggestions so far, this is an enterprise server, so I would have to check in with the "server owners" on a few of those questions.
Hard to see what could be causing this with your initial posting...