I did a bug check on the dump file and got the following results:
*** ERROR: Module load completed but symbols could not be loaded for lhmon.sys
*** ERROR: Module load completed but symbols could not be loaded for bxnd52x.sys
*** ERROR: Module load completed but symbols could not be loaded for bxvbdx.sys
Probably caused by : lhmon.sys ( lhmon+75a7 )
!Analyze -v showed the following:
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0b4b907e, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 808531df, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: 0b4b907e
CURRENT_IRQL: 2
FAULTING_IP:
nt!MmMapLockedPagesSpecifyCache+2ed
808531df 0fb7490e movzx ecx,word ptr [ecx+0Eh]
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: Idle
TRAP_FRAME: f78de7c4 -- (.trap 0xfffffffff78de7c4)
ErrCode = 00000000
eax=84ecfc04 ebx=c05d0a48 ecx=0b4b9070 edx=0001407a esi=00000000 edi=00000963
eip=808531df esp=f78de838 ebp=f78de878 iopl=0 ov up ei pl nz na po cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010a03
nt!MmMapLockedPagesSpecifyCache+0x2ed:
808531df 0fb7490e movzx ecx,word ptr [ecx+0Eh] ds:0023:0b4b907e=????
Resetting default scope
LAST_CONTROL_TRANSFER: from 808531df to 8088c963
STACK_TEXT:
f78de7c4 808531df badb0d00 0001407a 808aea18 nt!KiTrap0E+0x2a7
f78de878 b8bc75a7 8c628be8 1f000000 c05d0a48 nt!MmMapLockedPagesSpecifyCache+0x2ed
WARNING: Stack unwind information not available. Following frames may be wrong.
f78de8a8 b8bc61e5 8b2a4150 8ab77090 00006dc0 lhmon+0x75a7
f78de8e0 b8bc4352 f78de92c 8ac81c30 0000000f lhmon+0x61e5
f78de970 b8bc1a29 b8bce9a0 00000001 8ac81c30 lhmon+0x4352
f78de9c0 b8c3bf16 8ac81c30 8ad15b08 00000a20 lhmon+0x1a29
f78dea24 b8c6c479 010f0e40 00000000 f78dea48 tcpip!IndicateData+0xcd
f78dea94 baec5fe0 0266f57c 89836318 00000000 tcpip!TcpOffloadReceiveHandler+0xd7
f78deaac b93708d5 8a66f57c 89836318 00000000 NDIS!NdisMTcpOffloadReceiveIndicate+0x1a
f78dead0 bafa2e8f 8c4ef010 00000000 89ab7090 bxnd52x+0xa8d5
f78deaf4 bafaa54a 8c8e3010 89caabd0 89caacf0 bxvbdx+0x13e8f
f78deb14 bafaa619 8c8e3010 89caabd0 8b2a4108 bxvbdx+0x1b54a
f78deb38 bafaa722 8c8e3010 00000001 f78debb0 bxvbdx+0x1b619
f78deb50 bafaa83c 8c8e3010 f78debb0 00000001 bxvbdx+0x1b722
f78deb70 bafaa8d2 00000001 f78debac 00000001 bxvbdx+0x1b83c
f78deb94 bafaa99d 8c8e3010 8c8e563c 00008000 bxvbdx+0x1b8d2
f78decac baf9a57b 00000000 8c8e3010 baf9a82e bxvbdx+0x1b99d
f78decdc baf9add3 f7767a40 8c8e4c5c baf9ad2e bxvbdx+0xb57b
f78decf8 808320f0 8c8e4c5c 8c8e3010 00000001 bxvbdx+0xbdd3
f78ded50 8088de1f 00000000 0000000e 00000000 nt!KiRetireDpcList+0xca
f78ded54 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x37
STACK_COMMAND: kb
FOLLOWUP_IP:
lhmon+75a7
b8bc75a7 8b4d10 mov ecx,dword ptr [ebp+10h]
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: lhmon+75a7
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: lhmon
IMAGE_NAME: lhmon.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 497e142a
FAILURE_BUCKET_ID: 0xA_lhmon+75a7
BUCKET_ID: 0xA_lhmon+75a7
Followup: MachineOwner
---------
I tried to research lhmon.sys but I can't seem to find much on it. At first I thought it was something to do with the NIC drivers. I updated those to the latest version but they did not solve the issue.
Anyone have a clue what lhmon.sys is?
Sign In
Create Account
