Hey All,
I've completed my first build and am in the process of stabilizing my system. I've come across a MEMORY.DMP file and would appreciate some assistance in analyzing it. I've installed WinDbg to look into the .DMP file. Some research I've done leads me to think it may be related to a Microsoft Security Essentials .exe file. Am I reading this log output correctly?
I should note that running Windows Memory Diagnostics resulted in a hardware problem warning related to my RAM was detected.
My system spec's:
OS: Windows 8.1 Pro
MB: ASUS X99 Deluxe
CPU: Intel i7-5820K
GPU: EVGA GeForce GTX 980
PSU: EVGA SuperNOVA 1000 P2
RAM: 2 x Crucial 32GB Kit (8GBx4) DDR4 2133 MT/s
MEMORY.DMP log file:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041793, The subtype of the bugcheck.
Arg2: fffff6804f432ff8
Arg3: 0000000000000140
Arg4: 000000000000013f
Debugging Details:
------------------
Page 10f3d2 not present in the dump file. Type ".hh dbgerr004" for details
BUGCHECK_STR: 0x1a_41793
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: MsMpEng.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
LAST_CONTROL_TRANSFER: from fffff8024f7ff07c to fffff8024f7d3fa0
STACK_TEXT:
ffffd000`2907b608 fffff802`4f7ff07c : 00000000`0000001a 00000000`00041793 fffff680`4f432ff8 00000000`00000140 : nt!KeBugCheckEx
ffffd000`2907b610 fffff802`4f6f10b2 : ffffe000`09e4def0 ffffe000`0eebf080 00000000`00000000 ffffe000`53646156 : nt! ?? ::FNODOBFM::`string'+0x1abcc
ffffd000`2907b8a0 fffff802`4f6edf5d : ffffe000`0ed6b190 00000000`00000010 e0000a97`00000000 ffffd000`00000000 : nt!MiDeleteVad+0xc22
ffffd000`2907b9a0 fffff802`4f7df7b3 : 00000000`00000001 0000009e`00000000 ffffe000`0a977750 ffffe000`0a977750 : nt!NtFreeVirtualMemory+0x89d
ffffd000`2907bb00 00007ffe`ef83ad6a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
0000009e`85c9e258 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`ef83ad6a
STACK_COMMAND: kb
FOLLOWUP_IP:
nt! ?? ::FNODOBFM::`string'+1abcc
fffff802`4f7ff07c cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt! ?? ::FNODOBFM::`string'+1abcc
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 53085af2
BUCKET_ID_FUNC_OFFSET: 1abcc
FAILURE_BUCKET_ID: 0x1a_41793_nt!_??_::FNODOBFM::_string_
BUCKET_ID: 0x1a_41793_nt!_??_::FNODOBFM::_string_
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x1a_41793_nt!_??_::fnodobfm::_string_
FAILURE_ID_HASH: {2bb49b32-09fa-a96d-8b93-292cf7a50b3f}
Followup: MachineOwner
---------
Replies appreciated.
Cheers!
I've completed my first build and am in the process of stabilizing my system. I've come across a MEMORY.DMP file and would appreciate some assistance in analyzing it. I've installed WinDbg to look into the .DMP file. Some research I've done leads me to think it may be related to a Microsoft Security Essentials .exe file. Am I reading this log output correctly?
I should note that running Windows Memory Diagnostics resulted in a hardware problem warning related to my RAM was detected.
My system spec's:
OS: Windows 8.1 Pro
MB: ASUS X99 Deluxe
CPU: Intel i7-5820K
GPU: EVGA GeForce GTX 980
PSU: EVGA SuperNOVA 1000 P2
RAM: 2 x Crucial 32GB Kit (8GBx4) DDR4 2133 MT/s
MEMORY.DMP log file:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041793, The subtype of the bugcheck.
Arg2: fffff6804f432ff8
Arg3: 0000000000000140
Arg4: 000000000000013f
Debugging Details:
------------------
Page 10f3d2 not present in the dump file. Type ".hh dbgerr004" for details
BUGCHECK_STR: 0x1a_41793
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: MsMpEng.exe
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
LAST_CONTROL_TRANSFER: from fffff8024f7ff07c to fffff8024f7d3fa0
STACK_TEXT:
ffffd000`2907b608 fffff802`4f7ff07c : 00000000`0000001a 00000000`00041793 fffff680`4f432ff8 00000000`00000140 : nt!KeBugCheckEx
ffffd000`2907b610 fffff802`4f6f10b2 : ffffe000`09e4def0 ffffe000`0eebf080 00000000`00000000 ffffe000`53646156 : nt! ?? ::FNODOBFM::`string'+0x1abcc
ffffd000`2907b8a0 fffff802`4f6edf5d : ffffe000`0ed6b190 00000000`00000010 e0000a97`00000000 ffffd000`00000000 : nt!MiDeleteVad+0xc22
ffffd000`2907b9a0 fffff802`4f7df7b3 : 00000000`00000001 0000009e`00000000 ffffe000`0a977750 ffffe000`0a977750 : nt!NtFreeVirtualMemory+0x89d
ffffd000`2907bb00 00007ffe`ef83ad6a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
0000009e`85c9e258 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffe`ef83ad6a
STACK_COMMAND: kb
FOLLOWUP_IP:
nt! ?? ::FNODOBFM::`string'+1abcc
fffff802`4f7ff07c cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt! ?? ::FNODOBFM::`string'+1abcc
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 53085af2
BUCKET_ID_FUNC_OFFSET: 1abcc
FAILURE_BUCKET_ID: 0x1a_41793_nt!_??_::FNODOBFM::_string_
BUCKET_ID: 0x1a_41793_nt!_??_::FNODOBFM::_string_
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x1a_41793_nt!_??_::fnodobfm::_string_
FAILURE_ID_HASH: {2bb49b32-09fa-a96d-8b93-292cf7a50b3f}
Followup: MachineOwner
---------
Replies appreciated.
Cheers!