Hi, I have a problem with the safe removal of usb pen-drives on my laptop, but was able to create a dump file, you can find it here:
http://www.filedropper.com/rundll32_1
Alternatively, I paste here its 'primary analysis': please, can you help me understand its meaning? Thanks!
Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 7 Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: SingleUserTS
kernel32.dll version: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
Machine Name:
Debug session time: Thu Sep 1 09:28:07.000 2016 (UTC - 4:00)
System Uptime: 0 days 22:18:50.607
Process Uptime: 0 days 0:00:33.000
Kernel time: 0 days 0:00:00.000
User time: 0 days 0:00:00.000
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\oca.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\winxp\triage.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\user.ini, error 2
*******************************************************************************
* *
* Exception Analysis *
* *
*******************************************************************************
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\guids.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
FAULTING_IP:
+6e752f3065396362
00000000`00000000 ?? ???
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000000000000
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 0
FAULTING_THREAD: 000000000000226c
DEFAULT_BUCKET_ID: STATUS_BREAKPOINT
PROCESS_NAME: rundll32.exe
ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached.
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
PRIMARY_PROBLEM_CLASS: STATUS_BREAKPOINT
BUGCHECK_STR: APPLICATION_FAULT_STATUS_BREAKPOINT
LAST_CONTROL_TRANSFER: from 0000000076fe9ece to 0000000076fe9e9a
STACK_TEXT:
00000000`000df728 00000000`76fe9ece : 00000000`00000000 000007fe`f4361678 00000000`000df880 00000000`000000bc : user32!NtUserGetMessage+0xa
00000000`000df730 000007fe`f4364328 : 00000000`00000000 00000000`0000000c 00000000`00000001 000007fe`f4366764 : user32!GetMessageW+0x34
00000000`000df760 000007fe`f43644bf : 00000000`000df880 00000000`000000bc 00000000`002d62b0 00000000`00010003 : hotplug!HotPlugSafeRemovalNotificationBase+0x160
00000000`000df860 00000000`ff542f42 : 00000000`00210490 00000000`00000000 00000000`00000004 00000000`002cb210 : hotplug!HotPlugSafeRemovalDriveNotificationW+0xbb
00000000`000df8b0 00000000`ff543b7a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rundll32!wWinMain+0x212
00000000`000df990 00000000`770e59bd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rundll32!DelayLoadFailureHook+0x206
00000000`000dfa50 00000000`7721a2e1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`000dfa80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d
STACK_COMMAND: ~0s; .ecxr ; kb
FOLLOWUP_IP:
hotplug!HotPlugSafeRemovalNotificationBase+160
000007fe`f4364328 3bc3 cmp eax,ebx
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: hotplug!HotPlugSafeRemovalNotificationBase+160
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: hotplug
IMAGE_NAME: hotplug.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bdf11
FAILURE_BUCKET_ID: STATUS_BREAKPOINT_80000003_hotplug.dll!HotPlugSafeRemovalNotificationBase
BUCKET_ID: X64_APPLICATION_FAULT_STATUS_BREAKPOINT_hotplug!HotPlugSafeRemovalNotificationBase+160
WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOn...0_0/bbbbbbb4/80000003/00000000.htm?Retriage=1
Followup: MachineOwner
http://www.filedropper.com/rundll32_1
Alternatively, I paste here its 'primary analysis': please, can you help me understand its meaning? Thanks!
Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 7 Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: SingleUserTS
kernel32.dll version: 6.1.7601.23418 (win7sp1_ldr.160408-2045)
Machine Name:
Debug session time: Thu Sep 1 09:28:07.000 2016 (UTC - 4:00)
System Uptime: 0 days 22:18:50.607
Process Uptime: 0 days 0:00:33.000
Kernel time: 0 days 0:00:00.000
User time: 0 days 0:00:00.000
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\oca.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\winxp\triage.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\user.ini, error 2
*******************************************************************************
* *
* Exception Analysis *
* *
*******************************************************************************
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\guids.ini, error 2
TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2
FAULTING_IP:
+6e752f3065396362
00000000`00000000 ?? ???
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000000000000
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 0
FAULTING_THREAD: 000000000000226c
DEFAULT_BUCKET_ID: STATUS_BREAKPOINT
PROCESS_NAME: rundll32.exe
ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached.
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
PRIMARY_PROBLEM_CLASS: STATUS_BREAKPOINT
BUGCHECK_STR: APPLICATION_FAULT_STATUS_BREAKPOINT
LAST_CONTROL_TRANSFER: from 0000000076fe9ece to 0000000076fe9e9a
STACK_TEXT:
00000000`000df728 00000000`76fe9ece : 00000000`00000000 000007fe`f4361678 00000000`000df880 00000000`000000bc : user32!NtUserGetMessage+0xa
00000000`000df730 000007fe`f4364328 : 00000000`00000000 00000000`0000000c 00000000`00000001 000007fe`f4366764 : user32!GetMessageW+0x34
00000000`000df760 000007fe`f43644bf : 00000000`000df880 00000000`000000bc 00000000`002d62b0 00000000`00010003 : hotplug!HotPlugSafeRemovalNotificationBase+0x160
00000000`000df860 00000000`ff542f42 : 00000000`00210490 00000000`00000000 00000000`00000004 00000000`002cb210 : hotplug!HotPlugSafeRemovalDriveNotificationW+0xbb
00000000`000df8b0 00000000`ff543b7a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rundll32!wWinMain+0x212
00000000`000df990 00000000`770e59bd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rundll32!DelayLoadFailureHook+0x206
00000000`000dfa50 00000000`7721a2e1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`000dfa80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d
STACK_COMMAND: ~0s; .ecxr ; kb
FOLLOWUP_IP:
hotplug!HotPlugSafeRemovalNotificationBase+160
000007fe`f4364328 3bc3 cmp eax,ebx
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: hotplug!HotPlugSafeRemovalNotificationBase+160
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: hotplug
IMAGE_NAME: hotplug.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bdf11
FAILURE_BUCKET_ID: STATUS_BREAKPOINT_80000003_hotplug.dll!HotPlugSafeRemovalNotificationBase
BUCKET_ID: X64_APPLICATION_FAULT_STATUS_BREAKPOINT_hotplug!HotPlugSafeRemovalNotificationBase+160
WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOn...0_0/bbbbbbb4/80000003/00000000.htm?Retriage=1
Followup: MachineOwner
Facebook
Twitter
Instagram