Blue screen of Death on boot: ctaud2k.sys
MEMORY.DMP analysis:
(minidump will follow shortly)
"
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\WINDOWS\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is:
SRV*c:\Tools\WinDbg\WebSymbols*
http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2003 Kernel Version 3790 (Service Pack 2) MP (2 procs) Free
x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_gdr.100216-1301
Machine Name:
Kernel base = 0xfffff800`01000000 PsLoadedModuleList = 0xfffff800`011d4140
Debug session time: Wed Dec 29 03:18:25.609 2010 (GMT+1)
System Uptime: 0 days 0:01:24.536
Loading Kernel Symbols
.................................................. ..............
.................................................. ...............
.............................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for
details
Loading unloaded module list
......
************************************************** *****************************
*
*
* Bugcheck Analysis
*
*
*
************************************************** *****************************
Use !analyze -v to get detailed debugging information.
BugCheck 3B, {c0000005, fffffadf8ebb5398, fffffadf8c6144c0, 0}
Page ac7d4 not present in the dump file. Type ".hh dbgerr004" for details
Page acb29 not present in the dump file. Type ".hh dbgerr004" for details
*** ERROR: Module load completed but symbols could not be loaded for
ctaud2k.sys
*** ERROR: Module load completed but symbols could not be loaded for
ctprxy2k.sys
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for
details
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for
details
Probably caused by : ctaud2k.sys ( ctaud2k+e398 )
Followup: MachineOwner
---------
1: kd> !analyze -v
************************************************** *****************************
*
*
* Bugcheck Analysis
*
*
*
************************************************** *****************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffffadf8ebb5398, Address of the exception record for the exception
that caused the bugcheck
Arg3: fffffadf8c6144c0, Address of the context record for the exception that
caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
Page ac7d4 not present in the dump file. Type ".hh dbgerr004" for details
Page acb29 not present in the dump file. Type ".hh dbgerr004" for details
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for
details
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for
details
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx"
referenced memory at "0x%08lx". The memory could not be "%s".
FAULTING_IP:
ctaud2k+e398
fffffadf`8ebb5398 488b02 mov rax,qword ptr [rdx]
CONTEXT: fffffadf8c6144c0 -- (.cxr 0xfffffadf8c6144c0)
rax=0000000000000001 rbx=fffffadf9a613190 rcx=0000000000000001
rdx=00000018ffffffff rsi=fffffadf9a613260 rdi=0000000000000000
rip=fffffadf8ebb5398 rsp=fffffadf8c614cd0 rbp=fffffadf99c04330
r8=fffffadf99c04330 r9=fffffadf9c6ff570 r10=fffffadf99c04330
r11=fffffadf8c614d98 r12=0000000000000000 r13=fffffadf8c614d98
r14=0000000000000001 r15=fffffadf9a6132a8
iopl=0 nv up ei pl nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b
efl=00010206
ctaud2k+0xe398:
fffffadf`8ebb5398 488b02 mov rax,qword ptr [rdx]
ds:002b:00000018`ffffffff=????????????????
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x3B
PROCESS_NAME: DLLML.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffffadf90b88785 to fffffadf8ebb5398
STACK_TEXT:
fffffadf`8c614cd0 fffffadf`90b88785 : 00000000`20206f49 fffff800`0105039a
fffffadf`99c04330 fffffadf`9a613190 : ctaud2k+0xe398
fffffadf`8c614d50 fffff800`0127f131 : 00000000`00000001 fffffadf`00000000
fffffadf`8c615010 00000000`00000000 : ctprxy2k+0x5785
fffffadf`8c614d90 fffff800`0127ec36 : 00000000`00000314 00000000`00000000
00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0xa79
fffffadf`8c614eb0 fffff800`0102e33d : fffffadf`99ee2c20 fffffadf`9c8bbb70
fffffadf`8c614f00 00000000`00000000 : nt!NtDeviceIoControlFile+0x56
fffffadf`8c614f20 00000000`78b83e48 : 00000000`00000000 00000000`00000000
00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x3
00000000`0016dd98 fffff800`01026640 : 00000000`00000000 00000000`00000000
00000000`00000000 00000000`00000000 : 0x78b83e48
fffffadf`8c615320 00000000`00000000 : 00000000`00000000 00000000`00000000
00000000`00000000 00000000`00000000 : nt!KiCallUserMode
FOLLOWUP_IP:
ctaud2k+e398
fffffadf`8ebb5398 488b02 mov rax,qword ptr [rdx]
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: ctaud2k+e398
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ctaud2k
IMAGE_NAME: ctaud2k.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a26ba11
STACK_COMMAND: .cxr 0xfffffadf8c6144c0 ; kb
FAILURE_BUCKET_ID: X64_0x3B_ctaud2k+e398
BUCKET_ID: X64_0x3B_ctaud2k+e398
Followup: MachineOwner
---------
"
Bye,
Skybuck.
Similar Threads
Linear Mode
