Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.91
- Time to analyze file(s): 00 hours and 00 minutes and 44 seconds
- ================================ SYSTEM ================================
- MANUFACTURER: ASUS
- PRODUCT_NAME: All Series
- SKU: [Removed]
- ================================= BIOS =================================
- VENDOR: American Megatrends Inc.
- VERSION: 3602
- DATE: 03/26/2018
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: ASUSTeK COMPUTER INC.
- PRODUCT: H81M-D
- VERSION: Rev X.0x
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 0MHz
- 8192MB 1333MHz Kingston 99U5471-052.A00LF
- ================================= CPU ==================================
- Processor Version: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
- COUNT: 4
- MHZ: 3198
- VENDOR: GenuineIntel
- FAMILY: 6
- MODEL: 3c
- STEPPING: 3
- MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 27'00000000 (cache) 27'00000000 (init)
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 19041.1.amd64fre.vb_release.191206-1406
- BUILD_VERSION: 10.0.19041.388 (WinBuild.160101.0800)
- BUILD: 19041
- SERVICEPACK: 388
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS
- BUILD_TIMESTAMP: unknown_date
- BUILDDATESTAMP: 160101.0800
- BUILDLAB: WinBuild
- BUILDOSVER: 10.0.19041.388
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in a full BIOS section.
- ========================================================================
- ======================= Dump #1: ANALYZE VERBOSE =======================
- ====================== File: 072120-35578-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 19041 MP (4 procs) Free x64
- Kernel base = 0xfffff801`7a200000 PsLoadedModuleList = 0xfffff801`7ae2a310
- Debug session time: Tue Jul 21 13:22:09.013 2020 (UTC - 4:00)
- System Uptime: 1 days 14:14:52.661
- BugCheck 3B, {c0000006, fffff8017a8d5f12, ffffec041cd47570, 0}
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000006, Exception code that caused the bugcheck
- Arg2: fffff8017a8d5f12, Address of the instruction which caused the bugcheck
- Arg3: ffffec041cd47570, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
- FAULTING_IP:
- nt!HvpGetCellPaged+a2
- fffff801`7a8d5f12 418b02 mov eax,dword ptr [r10]
- CONTEXT: ffffec041cd47570 -- (.cxr 0xffffec041cd47570)
- rax=0000000000000000 rbx=ffffec041cd47fd0 rcx=0000000000000007
- rdx=00000000038ca4b0 rsi=0000000000000363 rdi=ffff9e8a9f9a9000
- rip=fffff8017a8d5f12 rsp=ffffec041cd47f78 rbp=ffff9e8a9f9a9000
- r8=000000000000001c r9=ffff8801edb6b080 r10=0000019c98cfb4b0
- r11=00000000000004b0 r12=00000000ce4cf905 r13=ffffec041cd48230
- r14=0000000000000363 r15=0000019c98e1e024
- iopl=0 nv up ei pl nz na pe nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
- nt!HvpGetCellPaged+0xa2:
- fffff801`7a8d5f12 418b02 mov eax,dword ptr [r10] ds:002b:0000019c`98cfb4b0=????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: Registry
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff8017a82612f to fffff8017a8d5f12
- STACK_TEXT:
- ffffec04`1cd47f78 fffff801`7a82612f : 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 ffff9e8a`a55312f0 : nt!HvpGetCellPaged+0xa2
- ffffec04`1cd47f80 fffff801`7a7edab5 : 00000001`ffffffff 00000000`ce4cf905 ffffec04`1cd489e8 00000000`00000000 : nt!CmpDoCompareKeyName+0x2f
- ffffec04`1cd47fd0 fffff801`7a7f9f99 : ffff9e8a`a55312f0 00000000`00000006 ffffec04`1cd481d0 ffffec04`1cd48250 : nt!CmpWalkOneLevel+0x6f5
- ffffec04`1cd480d0 fffff801`7a7f1e63 : 00010101`0000001c ffffec04`1cd48420 ffffec04`1cd483d8 ffff8801`ee654010 : nt!CmpDoParseKey+0x849
- ffffec04`1cd48370 fffff801`7a7f554e : fffff801`7a7f1b01 00000000`00000000 ffff8801`ee654010 00000000`00000001 : nt!CmpParseKey+0x2c3
- ffffec04`1cd48510 fffff801`7a7f0faa : ffff8801`ee654000 ffffec04`1cd48778 00000000`00000040 ffff8801`df8f8ae0 : nt!ObpLookupObjectName+0x3fe
- ffffec04`1cd486e0 fffff801`7a7f0d8c : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8801`df8f8ae0 : nt!ObOpenObjectByNameEx+0x1fa
- ffffec04`1cd48810 fffff801`7a7f08b1 : 000000a0`ee07ee38 ffffec04`1cd48b80 00000000`00000001 fffff801`7a40198e : nt!ObOpenObjectByName+0x5c
- ffffec04`1cd48860 fffff801`7a7efe9f : fffff801`7a5d9c50 fffff801`7a516b2a 00000000`00000000 ffffec04`1cd48a88 : nt!CmOpenKey+0x2c1
- ffffec04`1cd48ac0 fffff801`7a5ef478 : 00000000`00000000 00000000`00000000 ffffec04`1cd48b80 000001ec`77efe550 : nt!NtOpenKeyEx+0xf
- ffffec04`1cd48b00 00007ffd`b0ecd184 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
- 000000a0`ee07ed58 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`b0ecd184
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !FLTMGR
- fffff80177554429-fffff8017755442a 2 bytes - FLTMGR!FltpPassThroughFastIo+59
- [ 48 ff:4c 8b ]
- fffff80177554430-fffff80177554434 5 bytes - FLTMGR!FltpPassThroughFastIo+60 (+0x07)
- [ 0f 1f 44 00 00:e8 fb 25 fc 02 ]
- fffff80177554468-fffff80177554469 2 bytes - FLTMGR!FltpPassThroughFastIo+98 (+0x38)
- [ 48 ff:4c 8b ]
- fffff8017755446f-fffff80177554473 5 bytes - FLTMGR!FltpPassThroughFastIo+9f (+0x07)
- [ 0f 1f 44 00 00:e8 3c 68 ee 02 ]
- fffff8017758cd05-fffff8017758cd06 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+35
- [ 48 ff:4c 8b ]
- fffff8017758cd0c - FLTMGR!DeleteStreamListCtrlCallback+3c (+0x07)
- [ 0f:e8 ]
- fffff8017758cd0e-fffff8017758cd10 3 bytes - FLTMGR!DeleteStreamListCtrlCallback+3e (+0x02)
- [ 44 00 00:5b f8 02 ]
- fffff8017758cd1a-fffff8017758cd1b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+4a (+0x0c)
- [ 48 ff:4c 8b ]
- fffff8017758cd21-fffff8017758cd25 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+51 (+0x07)
- [ 0f 1f 44 00 00:e8 fa 63 e9 02 ]
- fffff8017758cd6a-fffff8017758cd6b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+9a (+0x49)
- [ 48 ff:4c 8b ]
- fffff8017758cd71-fffff8017758cd77 7 bytes - FLTMGR!DeleteStreamListCtrlCallback+a1 (+0x07)
- [ 0f 1f 44 00 00 48 ff:e8 fa 5b e9 02 4c 8b ]
- fffff8017758cd7d-fffff8017758cd81 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+ad (+0x0c)
- [ 0f 1f 44 00 00:e8 5e eb f6 02 ]
- 41 errors : !FLTMGR (fffff80177554429-fffff8017758cd81)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- STACK_COMMAND: .cxr 0xffffec041cd47570 ; kb
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-21T17:22:09.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #1: 3RD PARTY DRIVERS ======================
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
- Nov 19 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
- Jul 04 2018 - Smb_driver_Intel.sys - Synaptics SMBus driver http://www.synaptics.com/
- Dec 19 2018 - idmwfp.sys - Internet Download Manager WFP driver (Tonec Inc.)
- Jul 02 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 18 2019 - iaStorE.sys - Intel SATA Storage Device RAID Controller
- Feb 12 2020 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Feb 19 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
- Image name: HWiNFO64A.SYS
- Search : https://www.google.com/search?q=HWiNFO64A.SYS
- ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
- Timestamp : Tue Mar 31 2015
- Mapped memory image file: C:\ProgramData\dbg\sym\TeeDriverW8x64.sys\5A116D8F34000\TeeDriverW8x64.sys
- Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
- Image name: TeeDriverW8x64.sys
- Search : https://www.google.com/search?q=TeeDriverW8x64.sys
- ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
- Timestamp : Sun Nov 19 2017
- File version: 11.7.0.1057
- Product version: 11.7.0.1057
- File flags: 8 (Mask 3F) Private
- File OS: 40004 NT Win32
- File type: 3.7 Driver
- File date: 00000000.00000000
- CompanyName: Intel Corporation
- ProductName: Intel(R) Management Engine Interface
- InternalName: TeeDriverx64.sys
- OriginalFilename: TeeDriverx64.sys
- ProductVersion: 11.7.0.1057
- FileVersion: 11.7.0.1057
- FileDescription: Intel(R) Management Engine Interface
- LegalCopyright: Copyright © 2006-2015, Intel Corporation. All rights reserved.
- Image path: \SystemRoot\System32\drivers\Smb_driver_Intel.sys
- Image name: Smb_driver_Intel.sys
- Search : https://www.google.com/search?q=Smb_driver_Intel.sys
- ADA Info : Synaptics SMBus driver http://www.synaptics.com/
- Timestamp : Wed Jul 4 2018
- Image path: \SystemRoot\system32\DRIVERS\idmwfp.sys
- Image name: idmwfp.sys
- Search : https://www.google.com/search?q=idmwfp.sys
- ADA Info : Internet Download Manager WFP driver (Tonec Inc.)
- Timestamp : Wed Dec 19 2018
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Tue Jul 2 2019
- Image path: \SystemRoot\System32\drivers\iaStorE.sys
- Image name: iaStorE.sys
- Search : https://www.google.com/search?q=iaStorE.sys
- ADA Info : Intel SATA Storage Device RAID Controller
- Timestamp : Wed Sep 18 2019
- Image path: \SystemRoot\System32\drivers\rt640x64.sys
- Image name: rt640x64.sys
- Search : https://www.google.com/search?q=rt640x64.sys
- ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Timestamp : Wed Feb 12 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Wed Feb 19 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- ====================== Dump #1: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_iaStorE.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- IntelTA.sys Intel Telemetry Driver
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msquic.sys Windows QUIC Driver
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- parport.sys Parallel Port Driver (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- uaspstor.sys UASP driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #1: UNLOADED MODULES =======================
- fffff801`811a0000 fffff801`811b1000 mouhid.sys
- fffff801`7ebd0000 fffff801`7ebe1000 mouhid.sys
- fffff801`811a0000 fffff801`811b6000 WdNisDrv.sys
- fffff801`7f3b0000 fffff801`7f3c1000 MpKsl1005ffb
- fffff801`7ebf0000 fffff801`7ebff000 hiber_storpo
- fffff801`7e800000 fffff801`7e930000 hiber_iaStor
- fffff801`7e930000 fffff801`7e94e000 hiber_dumpfv
- fffff801`7f3b0000 fffff801`7f3c1000 MpKslDrv.sys
- fffff801`7ead0000 fffff801`7eadf000 dump_storpor
- fffff801`7e930000 fffff801`7ea60000 dump_iaStorE
- fffff801`7eae0000 fffff801`7eafe000 dump_dumpfve
- fffff801`7d5e0000 fffff801`7d5fd000 EhStorClass.
- fffff801`81eb0000 fffff801`81f05000 WUDFRd.sys
- fffff801`7f420000 fffff801`7f43c000 dam.sys
- fffff801`7d050000 fffff801`7d061000 WdBoot.sys
- fffff801`7e1c0000 fffff801`7e1d0000 hwpolicy.sys
- ====================== Dump #1: BIOS INFORMATION =======================
- [SMBIOS Data Tables v2.7]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 2679 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 3602
- BIOS Starting Address Segment f000
- BIOS Release Date 03/26/2018
- BIOS ROM Size 800000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 4
- BIOS Minor Revision 6
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer ASUS
- Product Name All Series
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber All
- Family ASUS MB
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product H81M-D
- Version Rev X.0x
- Feature Flags 09h
- -1856522528: - -1856522480: - «?Íû
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Manufacturer Chassis Manufacture
- Chassis Type Desktop
- Version Chassis Version
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 0
- [Onboard Devices Information (Type 10) - Length 8 - Handle 001ah]
- Number of Devices 2
- 01: Type Ethernet [enabled]
- 01: Description Onboard Ethernet
- 02: Type Sound [enabled]
- 02: Description Onboard Audio
- [OEM Strings (Type 11) - Length 5 - Handle 001bh]
- Number of Strings 4
- 3 Rosemary
- [System Configuration Options (Type 12) - Length 5 - Handle 001ch]
- [Memory Device (Type 17) - Length 34 - Handle 0038h]
- Physical Memory Array Handle 0039h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator ChannelA-DIMM0
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Physical Memory Array (Type 16) - Length 23 - Handle 0039h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 16777216KB
- Number of Memory Devices 2
- [Memory Device (Type 17) - Length 34 - Handle 003ah]
- Physical Memory Array Handle 0039h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator ChannelB-DIMM0
- Bank Locator BANK 2
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1333MHz
- Manufacturer Kingston
- Part Number 99U5471-052.A00LF
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 003bh]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Device Handle 003ah
- Mem Array Mapped Adr Handle 003ch
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 003ch]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Array Handle 0039h
- Partition Width 02
- [Cache Information (Type 7) - Length 19 - Handle 003dh]
- Socket Designation CPU Internal L1
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0002h - Unknown
- Current SRAM Type 0002h - Unknown
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Other
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 003eh]
- Socket Designation CPU Internal L2
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0002h - Unknown
- Current SRAM Type 0002h - Unknown
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 003fh]
- Socket Designation CPU Internal L3
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 1800h - 6144K
- Installed Size 1800h - 6144K
- Supported SRAM Type 0002h - Unknown
- Current SRAM Type 0002h - Unknown
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity Specification Reserved
- [Processor Information (Type 4) - Length 42 - Handle 0043h]
- Socket Designation SOCKET 1150
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer Intel
- Processor ID c3060300fffbebbf
- Processor Version Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
- Processor Voltage 8ch - 1.2V
- External Clock 100MHz
- Max Speed 3900MHz
- Current Speed 3200MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 003dh
- L2 Cache Handle 003eh
- L3 Cache Handle 003fh
- ========================== Dump #1: Extra #1 ===========================
- 1: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #1: Extra #2 ===========================
- 1: kd> !thread
- THREAD ffff8801edb6b080 Cid 0654.042c Teb: 000000a0edbbb000 Win32Thread: 0000000000000000 RUNNING on processor 1
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8017ae1143c
- Owning Process ffff8801ed8bb080 Image: System Process
- Attached Process ffff8801df908080 Image: Registry
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 8812330
- Context Switch Count 797 IdealProcessor: 2
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ffda8d8a890
- Stack Init ffffec041cd48c90 Current ffffec041cd46ac0
- Base ffffec041cd49000 Limit ffffec041cd43000 Call 0000000000000000
- Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffec04`1cd46c68 fffff801`7a5efa29 : 00000000`0000003b 00000000`c0000006 fffff801`7a8d5f12 ffffec04`1cd47570 : nt!KeBugCheckEx
- ffffec04`1cd46c70 fffff801`7a5eee7c : ffffec04`1cd473b0 fffff801`7a2e6904 ffffec04`1cd46e60 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- ffffec04`1cd46db0 fffff801`7a5e6a22 : fffff801`7a5eee00 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceHandler+0x7c
- ffffec04`1cd46df0 fffff801`7a432fd7 : ffffec04`1cd47360 00000000`00000000 ffffec04`1cd48b00 fffff801`7a5ef478 : nt!RtlpExecuteHandlerForException+0x12
- ffffec04`1cd46e20 fffff801`7a47b246 : ffffec04`1cd47d38 ffffec04`1cd47a70 ffffec04`1cd47d38 ffff9e8a`9f9a9000 : nt!RtlDispatchException+0x297
- ffffec04`1cd47540 fffff801`7a5efb6c : ffff8801`df9087c0 fffff801`7a414bd6 00000000`00001000 ffffec04`1cd47de0 : nt!KiDispatchException+0x186
- ffffec04`1cd47c00 fffff801`7a5ebd03 : 00000000`00000000 ffff9e8a`9dcd0500 00000000`00000101 00000000`00000000 : nt!KiExceptionDispatch+0x12c
- ffffec04`1cd47de0 fffff801`7a8d5f12 : fffff801`7a82612f 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 : nt!KiPageFault+0x443 (TrapFrame @ ffffec04`1cd47de0)
- ffffec04`1cd47f78 fffff801`7a82612f : 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 ffff9e8a`a55312f0 : nt!HvpGetCellPaged+0xa2
- ffffec04`1cd47f80 fffff801`7a7edab5 : 00000001`ffffffff 00000000`ce4cf905 ffffec04`1cd489e8 00000000`00000000 : nt!CmpDoCompareKeyName+0x2f
- ffffec04`1cd47fd0 fffff801`7a7f9f99 : ffff9e8a`a55312f0 00000000`00000006 ffffec04`1cd481d0 ffffec04`1cd48250 : nt!CmpWalkOneLevel+0x6f5
- ffffec04`1cd480d0 fffff801`7a7f1e63 : 00010101`0000001c ffffec04`1cd48420 ffffec04`1cd483d8 ffff8801`ee654010 : nt!CmpDoParseKey+0x849
- ffffec04`1cd48370 fffff801`7a7f554e : fffff801`7a7f1b01 00000000`00000000 ffff8801`ee654010 00000000`00000001 : nt!CmpParseKey+0x2c3
- ffffec04`1cd48510 fffff801`7a7f0faa : ffff8801`ee654000 ffffec04`1cd48778 00000000`00000040 ffff8801`df8f8ae0 : nt!ObpLookupObjectName+0x3fe
- ffffec04`1cd486e0 fffff801`7a7f0d8c : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8801`df8f8ae0 : nt!ObOpenObjectByNameEx+0x1fa
- ffffec04`1cd48810 fffff801`7a7f08b1 : 000000a0`ee07ee38 ffffec04`1cd48b80 00000000`00000001 fffff801`7a40198e : nt!ObOpenObjectByName+0x5c
- ffffec04`1cd48860 fffff801`7a7efe9f : fffff801`7a5d9c50 fffff801`7a516b2a 00000000`00000000 ffffec04`1cd48a88 : nt!CmOpenKey+0x2c1
- ffffec04`1cd48ac0 fffff801`7a5ef478 : 00000000`00000000 00000000`00000000 ffffec04`1cd48b80 000001ec`77efe550 : nt!NtOpenKeyEx+0xf
- ffffec04`1cd48b00 00007ffd`b0ecd184 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28 (TrapFrame @ ffffec04`1cd48b00)
- 000000a0`ee07ed58 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`b0ecd184
Add Comment
Please, Sign In to add comment