If the scans 100 partition, 100000K+ 4 KB very small files !!! 10000K+ folders !!!, multiple TB HDD, and I'm trying to stop some of the multi-threads.
Win 7 x64 bit SP1
Code: Alles auswählen
FAULTING_IP:
oodag+19ee30
00000001`4019ee30 4c8b91f8000000 mov r10,qword ptr [rcx+0F8h]
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 000000014019ee30 (oodag+0x000000000019ee30)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 00000000000000f8
Attempt to read from address 00000000000000f8
CONTEXT: 0000000000000000 -- (.cxr 0x0;r)
rax=0000000000000218 rbx=00000000000004d0 rcx=0000000015d7d278
rdx=ffffffffec0b8744 rsi=0000000000000005 rdi=00000000028684b8
rip=000000007733c80a rsp=0000000015d7cca8 rbp=0000000015d7dcc0
r8=000000000000001c r9=000000000000090c r10=0000000000000000
r11=0000000015d7d260 r12=00000000028683f8 r13=0000000019690080
r14=00000000800704c7 r15=0000000000100000
iopl=0 nv up ei pl nz na pe nc
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202
ntdll!NtGetContextThread+0xa:
00000000`7733c80a c3 ret
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
PROCESS_NAME: oodag.exe
ADDITIONAL_DEBUG_TEXT:
You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
MODULE_NAME: oodag
FAULTING_MODULE: 00000000772f0000 ntdll
DEBUG_FLR_IMAGE_TIMESTAMP: 56c201e8
ERROR_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 00000000000000f8
READ_ADDRESS: 00000000000000f8
FOLLOWUP_IP:
oodag+19ee30
00000001`4019ee30 4c8b91f8000000 mov r10,qword ptr [rcx+0F8h]
APP: oodag.exe
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
PRIMARY_PROBLEM_CLASS: WRONG_SYMBOLS
BUGCHECK_STR: APPLICATION_FAULT_WRONG_SYMBOLS
LAST_CONTROL_TRANSFER: from 000000014000778d to 000000014019ee30
STACK_TEXT:
00000000`15d7f4b8 00000001`4000778d : 00000000`00000004 00000000`00000000 00000000`01005c90 00000000`00000031 : oodag+0x19ee30
00000000`15d7f4c0 00000001`400088d5 : 00000000`10b72150 00000000`00000008 00000000`1093f520 00000000`00000000 : oodag+0x778d
00000000`15d7f4f0 00000001`40012d22 : 00000000`15d7f740 00000000`1093f520 00000000`1093f520 00000000`10930520 : oodag+0x88d5
00000000`15d7f590 00000001`400131c9 : 00000000`00000014 00000000`10b82590 00000000`109305c8 00000000`10930520 : oodag+0x12d22
00000000`15d7f5d0 00000001`40013495 : 00000000`10930520 00000000`00000005 00000000`00000006 00000000`15d7f860 : oodag+0x131c9
00000000`15d7f730 00000001`40008543 : 00000000`10930520 00000000`00000006 00000000`00000000 00000000`10930520 : oodag+0x13495
00000000`15d7f760 00000001`4002534b : 00000000`00000000 00000000`10bb32e0 00000000`00000000 00000000`00000000 : oodag+0x8543
00000000`15d7ff00 00000001`400253df : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : oodag+0x2534b
00000000`15d7ff30 00000000`771e59bd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : oodag+0x253df
00000000`15d7ff60 00000000`7731a2e1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`15d7ff90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: oodag+19ee30
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: oodag.exe
STACK_COMMAND: ~14s; .ecxr ; kb
BUCKET_ID: WRONG_SYMBOLS
FAILURE_BUCKET_ID: WRONG_SYMBOLS_c0000005_oodag.exe!Unknown
ANALYSIS_SOURCE: UM
FAILURE_ID_HASH_STRING: um:wrong_symbols_c0000005_oodag.exe!unknown
FAILURE_ID_HASH: {c0f37705-bd26-7eb8-1ead-02bbb4af2eb2}
Followup: MachineOwner
---------