- Sep 12, 2015
- 1
- 0
- 4,510
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {0, 0, 0, 0}
Probably caused by : tcpipreg.sys ( tcpipreg!InterfaceAddressRegKeyChangeHandler+109 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000000, caller is trying to allocate zero bytes
Arg2: 0000000000000000, current IRQL
Arg3: 0000000000000000, pool type
Arg4: 0000000000000000, number of bytes
Debugging Details:
------------------
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
BUGCHECK_STR: 0xc4_0
CURRENT_IRQL: 0
CPU_COUNT: 4
CPU_MHZ: c1f
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
ANALYSIS_VERSION: 10.0.10240.9 x86fre
LAST_CONTROL_TRANSFER: from fffff8000395c4ec to fffff800034c75c0
STACK_TEXT:
fffff880`03baf488 fffff800`0395c4ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff880`03baf490 fffff800`0395cf2b : 00000000`00000000 fffff800`034f2f4c 000652ed`4000000d 00000000`00200002 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`03baf4d0 fffff800`0396da58 : 00000000`6547654c 00000000`00000080 00000000`00000010 fffff880`0000007f : nt!ExAllocatePoolSanityChecks+0xcb
fffff880`03baf510 fffff800`0396dcc7 : 00000000`00000000 00000000`00000000 fffff980`6547654c fffff980`1fce6fec : nt!VeAllocatePoolWithTagPriority+0x88
fffff880`03baf580 fffff880`068635a1 : 00000000`00000000 00000000`00000000 fffff980`1fce6fd0 fffff800`0396915c : nt!VerifierExAllocatePoolWithTagPriority+0x17
fffff880`03baf5c0 fffff880`068627bb : fffff880`06869c20 fffff980`1fce6fd0 fffff980`20cc8f90 fffff980`1fce6fd0 : tcpipreg!InterfaceAddressRegKeyChangeHandler+0x109
fffff880`03baf6f0 fffff880`06861a59 : fffff880`00000001 00000000`00000103 fffff980`20cc8f70 00000000`00000001 : tcpipreg!TcpipRegQueryAndUpdateKeyValue+0x363
fffff880`03baf780 fffff880`02055754 : fffff880`06867a60 00000000`00000004 00000000`00000000 00000000`00010202 : tcpipreg!TcpipRegStartRegistryKeyNotification+0xbd
fffff880`03baf7d0 fffff880`06862293 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff880`0686d073 : NETIO!RtlInvokeStartRoutines+0x34
fffff880`03baf810 fffff800`038c7006 : 00000000`00000006 fffffa80`0e47cbc0 fffffa80`0e531000 00000000`00000001 : tcpipreg!DriverEntry+0x257
fffff880`03baf860 fffff800`038c7405 : 00000000`00000010 00000000`00000000 00000000`00000010 00000000`00010206 : nt!IopLoadDriver+0xa06
fffff880`03bafb30 fffff800`034d11b5 : fffff800`00000000 ffffffff`80001b20 fffff800`038c73b0 fffffa80`0742e660 : nt!IopLoadUnloadDriver+0x55
fffff880`03bafb70 fffff800`037608e2 : 00000000`00000000 fffffa80`0742e660 00000000`00000080 fffffa80`0699cb10 : nt!ExpWorkerThread+0x111
fffff880`03bafc00 fffff800`034b8f46 : fffff880`03965180 fffffa80`0742e660 fffff880`0396ffc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03bafc40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpipreg!InterfaceAddressRegKeyChangeHandler+109
fffff880`068635a1 4c8be0 mov r12,rax
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: tcpipreg!InterfaceAddressRegKeyChangeHandler+109
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpipreg
IMAGE_NAME: tcpipreg.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 506c62be
IMAGE_VERSION: 6.1.7601.17964
FAILURE_BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
PRIMARY_PROBLEM_CLASS: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xc4_0_vrf_tcpipreg!interfaceaddressregkeychangehandler+109
FAILURE_ID_HASH: {45cf6425-6374-4552-149c-70174323fa61}
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000000, caller is trying to allocate zero bytes
Arg2: 0000000000000000, current IRQL
Arg3: 0000000000000000, pool type
Arg4: 0000000000000000, number of bytes
Debugging Details:
------------------
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
BUGCHECK_STR: 0xc4_0
CURRENT_IRQL: 0
CPU_COUNT: 4
CPU_MHZ: c1f
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
ANALYSIS_VERSION: 10.0.10240.9 x86fre
LAST_CONTROL_TRANSFER: from fffff8000395c4ec to fffff800034c75c0
STACK_TEXT:
fffff880`03baf488 fffff800`0395c4ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff880`03baf490 fffff800`0395cf2b : 00000000`00000000 fffff800`034f2f4c 000652ed`4000000d 00000000`00200002 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`03baf4d0 fffff800`0396da58 : 00000000`6547654c 00000000`00000080 00000000`00000010 fffff880`0000007f : nt!ExAllocatePoolSanityChecks+0xcb
fffff880`03baf510 fffff800`0396dcc7 : 00000000`00000000 00000000`00000000 fffff980`6547654c fffff980`1fce6fec : nt!VeAllocatePoolWithTagPriority+0x88
fffff880`03baf580 fffff880`068635a1 : 00000000`00000000 00000000`00000000 fffff980`1fce6fd0 fffff800`0396915c : nt!VerifierExAllocatePoolWithTagPriority+0x17
fffff880`03baf5c0 fffff880`068627bb : fffff880`06869c20 fffff980`1fce6fd0 fffff980`20cc8f90 fffff980`1fce6fd0 : tcpipreg!InterfaceAddressRegKeyChangeHandler+0x109
fffff880`03baf6f0 fffff880`06861a59 : fffff880`00000001 00000000`00000103 fffff980`20cc8f70 00000000`00000001 : tcpipreg!TcpipRegQueryAndUpdateKeyValue+0x363
fffff880`03baf780 fffff880`02055754 : fffff880`06867a60 00000000`00000004 00000000`00000000 00000000`00010202 : tcpipreg!TcpipRegStartRegistryKeyNotification+0xbd
fffff880`03baf7d0 fffff880`06862293 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff880`0686d073 : NETIO!RtlInvokeStartRoutines+0x34
fffff880`03baf810 fffff800`038c7006 : 00000000`00000006 fffffa80`0e47cbc0 fffffa80`0e531000 00000000`00000001 : tcpipreg!DriverEntry+0x257
fffff880`03baf860 fffff800`038c7405 : 00000000`00000010 00000000`00000000 00000000`00000010 00000000`00010206 : nt!IopLoadDriver+0xa06
fffff880`03bafb30 fffff800`034d11b5 : fffff800`00000000 ffffffff`80001b20 fffff800`038c73b0 fffffa80`0742e660 : nt!IopLoadUnloadDriver+0x55
fffff880`03bafb70 fffff800`037608e2 : 00000000`00000000 fffffa80`0742e660 00000000`00000080 fffffa80`0699cb10 : nt!ExpWorkerThread+0x111
fffff880`03bafc00 fffff800`034b8f46 : fffff880`03965180 fffffa80`0742e660 fffff880`0396ffc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03bafc40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpipreg!InterfaceAddressRegKeyChangeHandler+109
fffff880`068635a1 4c8be0 mov r12,rax
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: tcpipreg!InterfaceAddressRegKeyChangeHandler+109
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpipreg
IMAGE_NAME: tcpipreg.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 506c62be
IMAGE_VERSION: 6.1.7601.17964
FAILURE_BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
PRIMARY_PROBLEM_CLASS: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xc4_0_vrf_tcpipreg!interfaceaddressregkeychangehandler+109
FAILURE_ID_HASH: {45cf6425-6374-4552-149c-70174323fa61}
Followup: MachineOwner
---------
If you've got an idea on how to fix this, please let me know, thank you!
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {0, 0, 0, 0}
Probably caused by : tcpipreg.sys ( tcpipreg!InterfaceAddressRegKeyChangeHandler+109 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000000, caller is trying to allocate zero bytes
Arg2: 0000000000000000, current IRQL
Arg3: 0000000000000000, pool type
Arg4: 0000000000000000, number of bytes
Debugging Details:
------------------
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
BUGCHECK_STR: 0xc4_0
CURRENT_IRQL: 0
CPU_COUNT: 4
CPU_MHZ: c1f
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
ANALYSIS_VERSION: 10.0.10240.9 x86fre
LAST_CONTROL_TRANSFER: from fffff8000395c4ec to fffff800034c75c0
STACK_TEXT:
fffff880`03baf488 fffff800`0395c4ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff880`03baf490 fffff800`0395cf2b : 00000000`00000000 fffff800`034f2f4c 000652ed`4000000d 00000000`00200002 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`03baf4d0 fffff800`0396da58 : 00000000`6547654c 00000000`00000080 00000000`00000010 fffff880`0000007f : nt!ExAllocatePoolSanityChecks+0xcb
fffff880`03baf510 fffff800`0396dcc7 : 00000000`00000000 00000000`00000000 fffff980`6547654c fffff980`1fce6fec : nt!VeAllocatePoolWithTagPriority+0x88
fffff880`03baf580 fffff880`068635a1 : 00000000`00000000 00000000`00000000 fffff980`1fce6fd0 fffff800`0396915c : nt!VerifierExAllocatePoolWithTagPriority+0x17
fffff880`03baf5c0 fffff880`068627bb : fffff880`06869c20 fffff980`1fce6fd0 fffff980`20cc8f90 fffff980`1fce6fd0 : tcpipreg!InterfaceAddressRegKeyChangeHandler+0x109
fffff880`03baf6f0 fffff880`06861a59 : fffff880`00000001 00000000`00000103 fffff980`20cc8f70 00000000`00000001 : tcpipreg!TcpipRegQueryAndUpdateKeyValue+0x363
fffff880`03baf780 fffff880`02055754 : fffff880`06867a60 00000000`00000004 00000000`00000000 00000000`00010202 : tcpipreg!TcpipRegStartRegistryKeyNotification+0xbd
fffff880`03baf7d0 fffff880`06862293 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff880`0686d073 : NETIO!RtlInvokeStartRoutines+0x34
fffff880`03baf810 fffff800`038c7006 : 00000000`00000006 fffffa80`0e47cbc0 fffffa80`0e531000 00000000`00000001 : tcpipreg!DriverEntry+0x257
fffff880`03baf860 fffff800`038c7405 : 00000000`00000010 00000000`00000000 00000000`00000010 00000000`00010206 : nt!IopLoadDriver+0xa06
fffff880`03bafb30 fffff800`034d11b5 : fffff800`00000000 ffffffff`80001b20 fffff800`038c73b0 fffffa80`0742e660 : nt!IopLoadUnloadDriver+0x55
fffff880`03bafb70 fffff800`037608e2 : 00000000`00000000 fffffa80`0742e660 00000000`00000080 fffffa80`0699cb10 : nt!ExpWorkerThread+0x111
fffff880`03bafc00 fffff800`034b8f46 : fffff880`03965180 fffffa80`0742e660 fffff880`0396ffc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03bafc40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpipreg!InterfaceAddressRegKeyChangeHandler+109
fffff880`068635a1 4c8be0 mov r12,rax
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: tcpipreg!InterfaceAddressRegKeyChangeHandler+109
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpipreg
IMAGE_NAME: tcpipreg.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 506c62be
IMAGE_VERSION: 6.1.7601.17964
FAILURE_BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
PRIMARY_PROBLEM_CLASS: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xc4_0_vrf_tcpipreg!interfaceaddressregkeychangehandler+109
FAILURE_ID_HASH: {45cf6425-6374-4552-149c-70174323fa61}
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000000, caller is trying to allocate zero bytes
Arg2: 0000000000000000, current IRQL
Arg3: 0000000000000000, pool type
Arg4: 0000000000000000, number of bytes
Debugging Details:
------------------
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
BUGCHECK_STR: 0xc4_0
CURRENT_IRQL: 0
CPU_COUNT: 4
CPU_MHZ: c1f
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 3a
CPU_STEPPING: 9
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
ANALYSIS_VERSION: 10.0.10240.9 x86fre
LAST_CONTROL_TRANSFER: from fffff8000395c4ec to fffff800034c75c0
STACK_TEXT:
fffff880`03baf488 fffff800`0395c4ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff880`03baf490 fffff800`0395cf2b : 00000000`00000000 fffff800`034f2f4c 000652ed`4000000d 00000000`00200002 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`03baf4d0 fffff800`0396da58 : 00000000`6547654c 00000000`00000080 00000000`00000010 fffff880`0000007f : nt!ExAllocatePoolSanityChecks+0xcb
fffff880`03baf510 fffff800`0396dcc7 : 00000000`00000000 00000000`00000000 fffff980`6547654c fffff980`1fce6fec : nt!VeAllocatePoolWithTagPriority+0x88
fffff880`03baf580 fffff880`068635a1 : 00000000`00000000 00000000`00000000 fffff980`1fce6fd0 fffff800`0396915c : nt!VerifierExAllocatePoolWithTagPriority+0x17
fffff880`03baf5c0 fffff880`068627bb : fffff880`06869c20 fffff980`1fce6fd0 fffff980`20cc8f90 fffff980`1fce6fd0 : tcpipreg!InterfaceAddressRegKeyChangeHandler+0x109
fffff880`03baf6f0 fffff880`06861a59 : fffff880`00000001 00000000`00000103 fffff980`20cc8f70 00000000`00000001 : tcpipreg!TcpipRegQueryAndUpdateKeyValue+0x363
fffff880`03baf780 fffff880`02055754 : fffff880`06867a60 00000000`00000004 00000000`00000000 00000000`00010202 : tcpipreg!TcpipRegStartRegistryKeyNotification+0xbd
fffff880`03baf7d0 fffff880`06862293 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff880`0686d073 : NETIO!RtlInvokeStartRoutines+0x34
fffff880`03baf810 fffff800`038c7006 : 00000000`00000006 fffffa80`0e47cbc0 fffffa80`0e531000 00000000`00000001 : tcpipreg!DriverEntry+0x257
fffff880`03baf860 fffff800`038c7405 : 00000000`00000010 00000000`00000000 00000000`00000010 00000000`00010206 : nt!IopLoadDriver+0xa06
fffff880`03bafb30 fffff800`034d11b5 : fffff800`00000000 ffffffff`80001b20 fffff800`038c73b0 fffffa80`0742e660 : nt!IopLoadUnloadDriver+0x55
fffff880`03bafb70 fffff800`037608e2 : 00000000`00000000 fffffa80`0742e660 00000000`00000080 fffffa80`0699cb10 : nt!ExpWorkerThread+0x111
fffff880`03bafc00 fffff800`034b8f46 : fffff880`03965180 fffffa80`0742e660 fffff880`0396ffc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03bafc40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
tcpipreg!InterfaceAddressRegKeyChangeHandler+109
fffff880`068635a1 4c8be0 mov r12,rax
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: tcpipreg!InterfaceAddressRegKeyChangeHandler+109
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tcpipreg
IMAGE_NAME: tcpipreg.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 506c62be
IMAGE_VERSION: 6.1.7601.17964
FAILURE_BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
BUCKET_ID: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
PRIMARY_PROBLEM_CLASS: X64_0xc4_0_VRF_tcpipreg!InterfaceAddressRegKeyChangeHandler+109
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xc4_0_vrf_tcpipreg!interfaceaddressregkeychangehandler+109
FAILURE_ID_HASH: {45cf6425-6374-4552-149c-70174323fa61}
Followup: MachineOwner
---------
If you've got an idea on how to fix this, please let me know, thank you!
Facebook
Twitter
Instagram