API tools faq
paste
Guest User

Untitled

a guest
Jul 22nd, 2020
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.14 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 00 minutes and 44 seconds
  5.  
  6. ================================ SYSTEM ================================
  7. MANUFACTURER: ASUS
  8. PRODUCT_NAME: All Series
  9. SKU: [Removed]
  10.  
  11. ================================= BIOS =================================
  12. VENDOR: American Megatrends Inc.
  13. VERSION: 3602
  14. DATE: 03/26/2018
  15.  
  16. ============================= MOTHERBOARD ==============================
  17. MANUFACTURER: ASUSTeK COMPUTER INC.
  18. PRODUCT: H81M-D
  19. VERSION: Rev X.0x
  20.  
  21. ================================= RAM ==================================
  22. Size Speed Manufacturer Part No.
  23. -------------- -------------- ------------------- ----------------------
  24. 0MHz
  25. 8192MB 1333MHz Kingston 99U5471-052.A00LF
  26.  
  27. ================================= CPU ==================================
  28. Processor Version: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
  29. COUNT: 4
  30. MHZ: 3198
  31. VENDOR: GenuineIntel
  32. FAMILY: 6
  33. MODEL: 3c
  34. STEPPING: 3
  35. MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 27'00000000 (cache) 27'00000000 (init)
  36.  
  37. ================================== OS ==================================
  38. Product: WinNt, suite: TerminalServer SingleUserTS
  39. Built by: 19041.1.amd64fre.vb_release.191206-1406
  40. BUILD_VERSION: 10.0.19041.388 (WinBuild.160101.0800)
  41. BUILD: 19041
  42. SERVICEPACK: 388
  43. PLATFORM_TYPE: x64
  44. NAME: Windows 10
  45. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  46. BUILD_TIMESTAMP: unknown_date
  47. BUILDDATESTAMP: 160101.0800
  48. BUILDLAB: WinBuild
  49. BUILDOSVER: 10.0.19041.388
  50.  
  51. =============================== DEBUGGER ===============================
  52. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  53. Copyright (c) Microsoft Corporation. All rights reserved.
  54.  
  55. =============================== COMMENTS ===============================
  56. * Information gathered from different dump files may be different. If
  57. Windows updates between two dump files, two or more OS versions may
  58. be shown above.
  59. * If the user updates the BIOS between dump files, two or more versions
  60. and dates may be shown above.
  61. * More RAM information can be found below in a full BIOS section.
  62.  
  63. ========================================================================
  64. ======================= Dump #1: ANALYZE VERBOSE =======================
  65. ====================== File: 072120-35578-01.dmp =======================
  66. ========================================================================
  67.  
  68. Mini Kernel Dump File: Only registers and stack trace are available
  69. Windows 10 Kernel Version 19041 MP (4 procs) Free x64
  70. Kernel base = 0xfffff801`7a200000 PsLoadedModuleList = 0xfffff801`7ae2a310
  71. Debug session time: Tue Jul 21 13:22:09.013 2020 (UTC - 4:00)
  72. System Uptime: 1 days 14:14:52.661
  73.  
  74. BugCheck 3B, {c0000006, fffff8017a8d5f12, ffffec041cd47570, 0}
  75. *** WARNING: Unable to verify timestamp for win32k.sys
  76. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  77. Probably caused by : memory_corruption
  78. Followup: memory_corruption
  79.  
  80. SYSTEM_SERVICE_EXCEPTION (3b)
  81. An exception happened while executing a system service routine.
  82.  
  83. Arguments:
  84. Arg1: 00000000c0000006, Exception code that caused the bugcheck
  85. Arg2: fffff8017a8d5f12, Address of the instruction which caused the bugcheck
  86. Arg3: ffffec041cd47570, Address of the context record for the exception that caused the bugcheck
  87. Arg4: 0000000000000000, zero.
  88.  
  89. Debugging Details:
  90. DUMP_CLASS: 1
  91. DUMP_QUALIFIER: 400
  92. DUMP_TYPE: 2
  93. EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
  94. FAULTING_IP:
  95. nt!HvpGetCellPaged+a2
  96. fffff801`7a8d5f12 418b02 mov eax,dword ptr [r10]
  97. CONTEXT: ffffec041cd47570 -- (.cxr 0xffffec041cd47570)
  98. rax=0000000000000000 rbx=ffffec041cd47fd0 rcx=0000000000000007
  99. rdx=00000000038ca4b0 rsi=0000000000000363 rdi=ffff9e8a9f9a9000
  100. rip=fffff8017a8d5f12 rsp=ffffec041cd47f78 rbp=ffff9e8a9f9a9000
  101. r8=000000000000001c r9=ffff8801edb6b080 r10=0000019c98cfb4b0
  102. r11=00000000000004b0 r12=00000000ce4cf905 r13=ffffec041cd48230
  103. r14=0000000000000363 r15=0000019c98e1e024
  104. iopl=0 nv up ei pl nz na pe nc
  105. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
  106. nt!HvpGetCellPaged+0xa2:
  107. fffff801`7a8d5f12 418b02 mov eax,dword ptr [r10] ds:002b:0000019c`98cfb4b0=????????
  108. Resetting default scope
  109. CUSTOMER_CRASH_COUNT: 1
  110. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  111. BUGCHECK_STR: 0x3B
  112.  
  113. PROCESS_NAME: Registry
  114.  
  115. CURRENT_IRQL: 0
  116. LAST_CONTROL_TRANSFER: from fffff8017a82612f to fffff8017a8d5f12
  117. STACK_TEXT:
  118. ffffec04`1cd47f78 fffff801`7a82612f : 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 ffff9e8a`a55312f0 : nt!HvpGetCellPaged+0xa2
  119. ffffec04`1cd47f80 fffff801`7a7edab5 : 00000001`ffffffff 00000000`ce4cf905 ffffec04`1cd489e8 00000000`00000000 : nt!CmpDoCompareKeyName+0x2f
  120. ffffec04`1cd47fd0 fffff801`7a7f9f99 : ffff9e8a`a55312f0 00000000`00000006 ffffec04`1cd481d0 ffffec04`1cd48250 : nt!CmpWalkOneLevel+0x6f5
  121. ffffec04`1cd480d0 fffff801`7a7f1e63 : 00010101`0000001c ffffec04`1cd48420 ffffec04`1cd483d8 ffff8801`ee654010 : nt!CmpDoParseKey+0x849
  122. ffffec04`1cd48370 fffff801`7a7f554e : fffff801`7a7f1b01 00000000`00000000 ffff8801`ee654010 00000000`00000001 : nt!CmpParseKey+0x2c3
  123. ffffec04`1cd48510 fffff801`7a7f0faa : ffff8801`ee654000 ffffec04`1cd48778 00000000`00000040 ffff8801`df8f8ae0 : nt!ObpLookupObjectName+0x3fe
  124. ffffec04`1cd486e0 fffff801`7a7f0d8c : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8801`df8f8ae0 : nt!ObOpenObjectByNameEx+0x1fa
  125. ffffec04`1cd48810 fffff801`7a7f08b1 : 000000a0`ee07ee38 ffffec04`1cd48b80 00000000`00000001 fffff801`7a40198e : nt!ObOpenObjectByName+0x5c
  126. ffffec04`1cd48860 fffff801`7a7efe9f : fffff801`7a5d9c50 fffff801`7a516b2a 00000000`00000000 ffffec04`1cd48a88 : nt!CmOpenKey+0x2c1
  127. ffffec04`1cd48ac0 fffff801`7a5ef478 : 00000000`00000000 00000000`00000000 ffffec04`1cd48b80 000001ec`77efe550 : nt!NtOpenKeyEx+0xf
  128. ffffec04`1cd48b00 00007ffd`b0ecd184 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
  129. 000000a0`ee07ed58 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`b0ecd184
  130. CHKIMG_EXTENSION: !chkimg -lo 50 -d !FLTMGR
  131. fffff80177554429-fffff8017755442a 2 bytes - FLTMGR!FltpPassThroughFastIo+59
  132. [ 48 ff:4c 8b ]
  133. fffff80177554430-fffff80177554434 5 bytes - FLTMGR!FltpPassThroughFastIo+60 (+0x07)
  134. [ 0f 1f 44 00 00:e8 fb 25 fc 02 ]
  135. fffff80177554468-fffff80177554469 2 bytes - FLTMGR!FltpPassThroughFastIo+98 (+0x38)
  136. [ 48 ff:4c 8b ]
  137. fffff8017755446f-fffff80177554473 5 bytes - FLTMGR!FltpPassThroughFastIo+9f (+0x07)
  138. [ 0f 1f 44 00 00:e8 3c 68 ee 02 ]
  139. fffff8017758cd05-fffff8017758cd06 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+35
  140. [ 48 ff:4c 8b ]
  141. fffff8017758cd0c - FLTMGR!DeleteStreamListCtrlCallback+3c (+0x07)
  142. [ 0f:e8 ]
  143. fffff8017758cd0e-fffff8017758cd10 3 bytes - FLTMGR!DeleteStreamListCtrlCallback+3e (+0x02)
  144. [ 44 00 00:5b f8 02 ]
  145. fffff8017758cd1a-fffff8017758cd1b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+4a (+0x0c)
  146. [ 48 ff:4c 8b ]
  147. fffff8017758cd21-fffff8017758cd25 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+51 (+0x07)
  148. [ 0f 1f 44 00 00:e8 fa 63 e9 02 ]
  149. fffff8017758cd6a-fffff8017758cd6b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+9a (+0x49)
  150. [ 48 ff:4c 8b ]
  151. fffff8017758cd71-fffff8017758cd77 7 bytes - FLTMGR!DeleteStreamListCtrlCallback+a1 (+0x07)
  152. [ 0f 1f 44 00 00 48 ff:e8 fa 5b e9 02 4c 8b ]
  153. fffff8017758cd7d-fffff8017758cd81 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+ad (+0x0c)
  154. [ 0f 1f 44 00 00:e8 5e eb f6 02 ]
  155. 41 errors : !FLTMGR (fffff80177554429-fffff8017758cd81)
  156. MODULE_NAME: memory_corruption
  157.  
  158. IMAGE_NAME: memory_corruption
  159.  
  160. FOLLOWUP_NAME: memory_corruption
  161. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  162. MEMORY_CORRUPTOR: LARGE
  163. STACK_COMMAND: .cxr 0xffffec041cd47570 ; kb
  164. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  165. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  166. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  167. TARGET_TIME: 2020-07-21T17:22:09.000Z
  168. SUITE_MASK: 272
  169. PRODUCT_TYPE: 1
  170. USER_LCID: 0
  171. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  172. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  173. Followup: memory_corruption
  174.  
  175. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  176.  
  177. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  178. Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  179. Nov 19 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  180. Jul 04 2018 - Smb_driver_Intel.sys - Synaptics SMBus driver http://www.synaptics.com/
  181. Dec 19 2018 - idmwfp.sys - Internet Download Manager WFP driver (Tonec Inc.)
  182. Jul 02 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  183. Sep 18 2019 - iaStorE.sys - Intel SATA Storage Device RAID Controller
  184. Feb 12 2020 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  185. Feb 19 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  186. Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  187.  
  188. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  189.  
  190. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  191. Image name: AsIO.sys
  192. Search : https://www.google.com/search?q=AsIO.sys
  193. ADA Info : ASUS Input Output driver http://www.asus.com/
  194. Timestamp : Wed Aug 22 2012
  195.  
  196. Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
  197. Image name: HWiNFO64A.SYS
  198. Search : https://www.google.com/search?q=HWiNFO64A.SYS
  199. ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  200. Timestamp : Tue Mar 31 2015
  201.  
  202. Mapped memory image file: C:\ProgramData\dbg\sym\TeeDriverW8x64.sys\5A116D8F34000\TeeDriverW8x64.sys
  203. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  204. Image name: TeeDriverW8x64.sys
  205. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  206. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  207. Timestamp : Sun Nov 19 2017
  208. File version: 11.7.0.1057
  209. Product version: 11.7.0.1057
  210. File flags: 8 (Mask 3F) Private
  211. File OS: 40004 NT Win32
  212. File type: 3.7 Driver
  213. File date: 00000000.00000000
  214. CompanyName: Intel Corporation
  215. ProductName: Intel(R) Management Engine Interface
  216. InternalName: TeeDriverx64.sys
  217. OriginalFilename: TeeDriverx64.sys
  218. ProductVersion: 11.7.0.1057
  219. FileVersion: 11.7.0.1057
  220. FileDescription: Intel(R) Management Engine Interface
  221. LegalCopyright: Copyright © 2006-2015, Intel Corporation. All rights reserved.
  222.  
  223. Image path: \SystemRoot\System32\drivers\Smb_driver_Intel.sys
  224. Image name: Smb_driver_Intel.sys
  225. Search : https://www.google.com/search?q=Smb_driver_Intel.sys
  226. ADA Info : Synaptics SMBus driver http://www.synaptics.com/
  227. Timestamp : Wed Jul 4 2018
  228.  
  229. Image path: \SystemRoot\system32\DRIVERS\idmwfp.sys
  230. Image name: idmwfp.sys
  231. Search : https://www.google.com/search?q=idmwfp.sys
  232. ADA Info : Internet Download Manager WFP driver (Tonec Inc.)
  233. Timestamp : Wed Dec 19 2018
  234.  
  235. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  236. Image name: RTKVHD64.sys
  237. Search : https://www.google.com/search?q=RTKVHD64.sys
  238. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  239. Timestamp : Tue Jul 2 2019
  240.  
  241. Image path: \SystemRoot\System32\drivers\iaStorE.sys
  242. Image name: iaStorE.sys
  243. Search : https://www.google.com/search?q=iaStorE.sys
  244. ADA Info : Intel SATA Storage Device RAID Controller
  245. Timestamp : Wed Sep 18 2019
  246.  
  247. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  248. Image name: rt640x64.sys
  249. Search : https://www.google.com/search?q=rt640x64.sys
  250. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  251. Timestamp : Wed Feb 12 2020
  252.  
  253. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  254. Image name: nvhda64v.sys
  255. Search : https://www.google.com/search?q=nvhda64v.sys
  256. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  257. Timestamp : Wed Feb 19 2020
  258.  
  259. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
  260. Image name: nvlddmkm.sys
  261. Search : https://www.google.com/search?q=nvlddmkm.sys
  262. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  263. Timestamp : Sun Jul 5 2020
  264.  
  265. ====================== Dump #1: MICROSOFT DRIVERS ======================
  266.  
  267. ACPI.sys ACPI Driver for NT (Microsoft)
  268. acpiex.sys ACPIEx Driver (Microsoft)
  269. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  270. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  271. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  272. ahcache.sys Application Compatibility Cache (Microsoft)
  273. bam.sys BAM Kernal driver (Microsoft)
  274. BasicDisplay.sys Basic Display driver (Microsoft)
  275. BasicRender.sys Basic Render driver (Microsoft)
  276. Beep.SYS BEEP driver (Microsoft)
  277. bindflt.sys Windows Bind Filter driver (Microsoft)
  278. BOOTVID.dll VGA Boot Driver (Microsoft)
  279. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  280. cdd.dll Canonical Display Driver (Microsoft)
  281. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  282. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  283. CI.dll Code Integrity Module (Microsoft)
  284. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  285. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  286. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  287. CLFS.SYS Common Log File System Driver (Microsoft)
  288. clipsp.sys CLIP Service (Microsoft)
  289. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  290. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  291. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  292. condrv.sys Console Driver (Microsoft)
  293. crashdmp.sys Crash Dump driver (Microsoft)
  294. csc.sys Windows Client Side Caching driver (Microsoft)
  295. dfsc.sys DFS Namespace Client Driver (Microsoft)
  296. disk.sys PnP Disk Driver (Microsoft)
  297. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  298. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  299. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  300. dump_iaStorE.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  301. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  302. dxgmms2.sys DirectX Graphics MMS
  303. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  304. fileinfo.sys FileInfo Filter Driver (Microsoft)
  305. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  306. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  307. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  308. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  309. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  310. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  311. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  312. HIDCLASS.SYS Hid Class Library (Microsoft)
  313. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  314. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  315. HTTP.sys HTTP Protocol Stack (Microsoft)
  316. intelpep.sys Intel Power Engine Plugin (Microsoft)
  317. intelppm.sys Processor Device Driver (Microsoft)
  318. IntelTA.sys Intel Telemetry Driver
  319. iorate.sys I/O rate control Filter (Microsoft)
  320. kbdclass.sys Keyboard Class Driver (Microsoft)
  321. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  322. kd.dll Local Kernal Debugger (Microsoft)
  323. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  324. ks.sys Kernal CSA Library (Microsoft)
  325. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  326. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  327. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  328. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  329. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  330. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  331. mmcss.sys MMCSS Driver (Microsoft)
  332. monitor.sys Monitor Driver (Microsoft)
  333. mouclass.sys Mouse Class Driver (Microsoft)
  334. mouhid.sys HID Mouse Filter Driver (Microsoft)
  335. mountmgr.sys Mount Point Manager (Microsoft)
  336. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  337. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  338. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  339. Msfs.SYS Mailslot driver (Microsoft)
  340. msisadrv.sys ISA Driver (Microsoft)
  341. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  342. msquic.sys Windows QUIC Driver
  343. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  344. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  345. mssmbios.sys System Management BIOS driver (Microsoft)
  346. mup.sys Multiple UNC Provider driver (Microsoft)
  347. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  348. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  349. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  350. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  351. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  352. NDProxy.sys NDIS Proxy driver (Microsoft)
  353. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  354. netbios.sys NetBIOS Interface driver (Microsoft)
  355. netbt.sys MBT Transport driver (Microsoft)
  356. NETIO.SYS Network I/O Subsystem (Microsoft)
  357. Npfs.SYS NPFS driver (Microsoft)
  358. npsvctrig.sys Named pipe service triggers (Microsoft)
  359. nsiproxy.sys NSI Proxy driver (Microsoft)
  360. Ntfs.sys NT File System Driver (Microsoft)
  361. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  362. ntosext.sys NTOS Extension Host driver (Microsoft)
  363. Null.SYS NULL Driver (Microsoft)
  364. pacer.sys QoS Packet Scheduler (Microsoft)
  365. parport.sys Parallel Port Driver (Microsoft)
  366. partmgr.sys Partition driver (Microsoft)
  367. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  368. pcw.sys Performance Counter Driver (Microsoft)
  369. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  370. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  371. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  372. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  373. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  374. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  375. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  376. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  377. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  378. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  379. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  380. rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
  381. rdyboost.sys ReadyBoost Driver (Microsoft)
  382. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  383. serenum.sys Serial Port Enumerator (Microsoft)
  384. serial.sys Serial Device Driver
  385. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  386. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  387. spaceport.sys Storage Spaces driver (Microsoft)
  388. srv2.sys Smb 2.0 Server driver (Microsoft)
  389. srvnet.sys Server Network driver (Microsoft)
  390. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  391. storqosflt.sys Storage QoS Filter driver (Microsoft)
  392. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  393. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  394. tcpip.sys TCP/IP Protocol driver (Microsoft)
  395. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  396. TDI.SYS TDI Wrapper driver (Microsoft)
  397. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  398. tm.sys Kernel Transaction Manager driver (Microsoft)
  399. uaspstor.sys UASP driver (Microsoft)
  400. ucx01000.sys USB Controller Extension (Microsoft)
  401. umbus.sys User-Mode Bus Enumerator (Microsoft)
  402. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  403. USBD.SYS Universal Serial Bus Driver (Microsoft)
  404. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  405. usbhub.sys Default Hub Driver for USB (Microsoft)
  406. UsbHub3.sys USB3 HUB driver (Microsoft)
  407. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  408. USBXHCI.SYS USB XHCI driver (Microsoft)
  409. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  410. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  411. volmgr.sys Volume Manager Driver (Microsoft)
  412. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  413. volsnap.sys Volume Shadow Copy driver (Microsoft)
  414. volume.sys Volume driver (Microsoft)
  415. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  416. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  417. watchdog.sys Watchdog driver (Microsoft)
  418. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  419. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  420. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  421. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  422. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  423. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  424. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  425. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  426. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  427. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  428. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  429. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  430. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  431. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  432. Wof.sys Windows Overlay Filter (Microsoft)
  433. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  434. WppRecorder.sys WPP Trace Recorder (Microsoft)
  435. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  436.  
  437. ====================== Dump #1: UNLOADED MODULES =======================
  438.  
  439. fffff801`811a0000 fffff801`811b1000 mouhid.sys
  440. fffff801`7ebd0000 fffff801`7ebe1000 mouhid.sys
  441. fffff801`811a0000 fffff801`811b6000 WdNisDrv.sys
  442. fffff801`7f3b0000 fffff801`7f3c1000 MpKsl1005ffb
  443. fffff801`7ebf0000 fffff801`7ebff000 hiber_storpo
  444. fffff801`7e800000 fffff801`7e930000 hiber_iaStor
  445. fffff801`7e930000 fffff801`7e94e000 hiber_dumpfv
  446. fffff801`7f3b0000 fffff801`7f3c1000 MpKslDrv.sys
  447. fffff801`7ead0000 fffff801`7eadf000 dump_storpor
  448. fffff801`7e930000 fffff801`7ea60000 dump_iaStorE
  449. fffff801`7eae0000 fffff801`7eafe000 dump_dumpfve
  450. fffff801`7d5e0000 fffff801`7d5fd000 EhStorClass.
  451. fffff801`81eb0000 fffff801`81f05000 WUDFRd.sys
  452. fffff801`7f420000 fffff801`7f43c000 dam.sys
  453. fffff801`7d050000 fffff801`7d061000 WdBoot.sys
  454. fffff801`7e1c0000 fffff801`7e1d0000 hwpolicy.sys
  455.  
  456. ====================== Dump #1: BIOS INFORMATION =======================
  457.  
  458. [SMBIOS Data Tables v2.7]
  459. [DMI Version - 0]
  460. [2.0 Calling Convention - No]
  461. [Table Size - 2679 bytes]
  462. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  463. Vendor American Megatrends Inc.
  464. BIOS Version 3602
  465. BIOS Starting Address Segment f000
  466. BIOS Release Date 03/26/2018
  467. BIOS ROM Size 800000
  468. BIOS Characteristics
  469. 07: - PCI Supported
  470. 10: - APM Supported
  471. 11: - Upgradeable FLASH BIOS
  472. 12: - BIOS Shadowing Supported
  473. 15: - CD-Boot Supported
  474. 16: - Selectable Boot Supported
  475. 17: - BIOS ROM Socketed
  476. 19: - EDD Supported
  477. 23: - 1.2MB Floppy Supported
  478. 24: - 720KB Floppy Supported
  479. 25: - 2.88MB Floppy Supported
  480. 26: - Print Screen Device Supported
  481. 27: - Keyboard Services Supported
  482. 28: - Serial Services Supported
  483. 29: - Printer Services Supported
  484. 32: - BIOS Vendor Reserved
  485. BIOS Characteristic Extensions
  486. 00: - ACPI Supported
  487. 01: - USB Legacy Supported
  488. 08: - BIOS Boot Specification Supported
  489. 10: - Specification Reserved
  490. 11: - Specification Reserved
  491. BIOS Major Revision 4
  492. BIOS Minor Revision 6
  493. EC Firmware Major Revision 255
  494. EC Firmware Minor Revision 255
  495. [System Information (Type 1) - Length 27 - Handle 0001h]
  496. Manufacturer ASUS
  497. Product Name All Series
  498. Version System Version
  499. UUID 00000000-0000-0000-0000-000000000000
  500. Wakeup Type Power Switch
  501. SKUNumber All
  502. Family ASUS MB
  503. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  504. Manufacturer ASUSTeK COMPUTER INC.
  505. Product H81M-D
  506. Version Rev X.0x
  507. Feature Flags 09h
  508. -1856522528: - -1856522480: - «?Íû
  509. Chassis Handle 0003h
  510. Board Type 0ah - Processor/Memory Module
  511. Number of Child Handles 0
  512. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  513. Manufacturer Chassis Manufacture
  514. Chassis Type Desktop
  515. Version Chassis Version
  516. Bootup State Safe
  517. Power Supply State Safe
  518. Thermal State Safe
  519. Security Status None
  520. OEM Defined 0
  521. Height 0U
  522. Number of Power Cords 1
  523. Number of Contained Elements 0
  524. Contained Element Size 0
  525. [Onboard Devices Information (Type 10) - Length 8 - Handle 001ah]
  526. Number of Devices 2
  527. 01: Type Ethernet [enabled]
  528. 01: Description Onboard Ethernet
  529. 02: Type Sound [enabled]
  530. 02: Description Onboard Audio
  531. [OEM Strings (Type 11) - Length 5 - Handle 001bh]
  532. Number of Strings 4
  533. 3 Rosemary
  534. [System Configuration Options (Type 12) - Length 5 - Handle 001ch]
  535. [Memory Device (Type 17) - Length 34 - Handle 0038h]
  536. Physical Memory Array Handle 0039h
  537. Total Width 0 bits
  538. Data Width 0 bits
  539. Form Factor 09h - DIMM
  540. Device Locator ChannelA-DIMM0
  541. Bank Locator BANK 0
  542. Memory Type 02h - Unknown
  543. Type Detail 0000h -
  544. Speed 0MHz
  545. [Physical Memory Array (Type 16) - Length 23 - Handle 0039h]
  546. Location 03h - SystemBoard/Motherboard
  547. Use 03h - System Memory
  548. Memory Error Correction 03h - None
  549. Maximum Capacity 16777216KB
  550. Number of Memory Devices 2
  551. [Memory Device (Type 17) - Length 34 - Handle 003ah]
  552. Physical Memory Array Handle 0039h
  553. Total Width 64 bits
  554. Data Width 64 bits
  555. Size 8192MB
  556. Form Factor 09h - DIMM
  557. Device Locator ChannelB-DIMM0
  558. Bank Locator BANK 2
  559. Memory Type 18h - Specification Reserved
  560. Type Detail 0080h - Synchronous
  561. Speed 1333MHz
  562. Manufacturer Kingston
  563. Part Number 99U5471-052.A00LF
  564. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 003bh]
  565. Starting Address 00000000h
  566. Ending Address 007fffffh
  567. Memory Device Handle 003ah
  568. Mem Array Mapped Adr Handle 003ch
  569. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 003ch]
  570. Starting Address 00000000h
  571. Ending Address 007fffffh
  572. Memory Array Handle 0039h
  573. Partition Width 02
  574. [Cache Information (Type 7) - Length 19 - Handle 003dh]
  575. Socket Designation CPU Internal L1
  576. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  577. Maximum Cache Size 0100h - 256K
  578. Installed Size 0100h - 256K
  579. Supported SRAM Type 0002h - Unknown
  580. Current SRAM Type 0002h - Unknown
  581. Cache Speed 0ns
  582. Error Correction Type Multi-Bit ECC
  583. System Cache Type Other
  584. Associativity 8-way Set-Associative
  585. [Cache Information (Type 7) - Length 19 - Handle 003eh]
  586. Socket Designation CPU Internal L2
  587. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  588. Maximum Cache Size 0400h - 1024K
  589. Installed Size 0400h - 1024K
  590. Supported SRAM Type 0002h - Unknown
  591. Current SRAM Type 0002h - Unknown
  592. Cache Speed 0ns
  593. Error Correction Type Multi-Bit ECC
  594. System Cache Type Unified
  595. Associativity 8-way Set-Associative
  596. [Cache Information (Type 7) - Length 19 - Handle 003fh]
  597. Socket Designation CPU Internal L3
  598. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  599. Maximum Cache Size 1800h - 6144K
  600. Installed Size 1800h - 6144K
  601. Supported SRAM Type 0002h - Unknown
  602. Current SRAM Type 0002h - Unknown
  603. Cache Speed 0ns
  604. Error Correction Type Multi-Bit ECC
  605. System Cache Type Unified
  606. Associativity Specification Reserved
  607. [Processor Information (Type 4) - Length 42 - Handle 0043h]
  608. Socket Designation SOCKET 1150
  609. Processor Type Central Processor
  610. Processor Family 01h - Other
  611. Processor Manufacturer Intel
  612. Processor ID c3060300fffbebbf
  613. Processor Version Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
  614. Processor Voltage 8ch - 1.2V
  615. External Clock 100MHz
  616. Max Speed 3900MHz
  617. Current Speed 3200MHz
  618. Status Enabled Populated
  619. Processor Upgrade Specification Reserved
  620. L1 Cache Handle 003dh
  621. L2 Cache Handle 003eh
  622. L3 Cache Handle 003fh
  623.  
  624. ========================== Dump #1: Extra #1 ===========================
  625.  
  626. 1: kd> !verifier
  627. Verify Flags Level 0x00000000
  628. STANDARD FLAGS:
  629. [X] (0x00000000) Automatic Checks
  630. [ ] (0x00000001) Special pool
  631. [ ] (0x00000002) Force IRQL checking
  632. [ ] (0x00000008) Pool tracking
  633. [ ] (0x00000010) I/O verification
  634. [ ] (0x00000020) Deadlock detection
  635. [ ] (0x00000080) DMA checking
  636. [ ] (0x00000100) Security checks
  637. [ ] (0x00000800) Miscellaneous checks
  638. [ ] (0x00020000) DDI compliance checking
  639. ADDITIONAL FLAGS:
  640. [ ] (0x00000004) Randomized low resources simulation
  641. [ ] (0x00000200) Force pending I/O requests
  642. [ ] (0x00000400) IRP logging
  643. [ ] (0x00002000) Invariant MDL checking for stack
  644. [ ] (0x00004000) Invariant MDL checking for driver
  645. [ ] (0x00008000) Power framework delay fuzzing
  646. [ ] (0x00010000) Port/miniport interface checking
  647. [ ] (0x00040000) Systematic low resources simulation
  648. [ ] (0x00080000) DDI compliance checking (additional)
  649. [ ] (0x00200000) NDIS/WIFI verification
  650. [ ] (0x00800000) Kernel synchronization delay fuzzing
  651. [ ] (0x01000000) VM switch verification
  652. [ ] (0x02000000) Code integrity checks
  653. [X] Indicates flag is enabled
  654. Summary of All Verifier Statistics
  655. RaiseIrqls 0x0
  656. AcquireSpinLocks 0x0
  657. Synch Executions 0x0
  658. Trims 0x0
  659. Pool Allocations Attempted 0x0
  660. Pool Allocations Succeeded 0x0
  661. Pool Allocations Succeeded SpecialPool 0x0
  662. Pool Allocations With NO TAG 0x0
  663. Pool Allocations Failed 0x0
  664. Current paged pool allocations 0x0 for 00000000 bytes
  665. Peak paged pool allocations 0x0 for 00000000 bytes
  666. Current nonpaged pool allocations 0x0 for 00000000 bytes
  667. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  668.  
  669. ========================== Dump #1: Extra #2 ===========================
  670.  
  671. 1: kd> !thread
  672. THREAD ffff8801edb6b080 Cid 0654.042c Teb: 000000a0edbbb000 Win32Thread: 0000000000000000 RUNNING on processor 1
  673. Not impersonating
  674. GetUlongFromAddress: unable to read from fffff8017ae1143c
  675. Owning Process ffff8801ed8bb080 Image: System Process
  676. Attached Process ffff8801df908080 Image: Registry
  677. fffff78000000000: Unable to get shared data
  678. Wait Start TickCount 8812330
  679. Context Switch Count 797 IdealProcessor: 2
  680. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  681. UserTime 00:00:00.000
  682. KernelTime 00:00:00.000
  683. Win32 Start Address 0x00007ffda8d8a890
  684. Stack Init ffffec041cd48c90 Current ffffec041cd46ac0
  685. Base ffffec041cd49000 Limit ffffec041cd43000 Call 0000000000000000
  686. Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  687. Child-SP RetAddr : Args to Child : Call Site
  688. ffffec04`1cd46c68 fffff801`7a5efa29 : 00000000`0000003b 00000000`c0000006 fffff801`7a8d5f12 ffffec04`1cd47570 : nt!KeBugCheckEx
  689. ffffec04`1cd46c70 fffff801`7a5eee7c : ffffec04`1cd473b0 fffff801`7a2e6904 ffffec04`1cd46e60 00000000`00000000 : nt!KiBugCheckDispatch+0x69
  690. ffffec04`1cd46db0 fffff801`7a5e6a22 : fffff801`7a5eee00 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceHandler+0x7c
  691. ffffec04`1cd46df0 fffff801`7a432fd7 : ffffec04`1cd47360 00000000`00000000 ffffec04`1cd48b00 fffff801`7a5ef478 : nt!RtlpExecuteHandlerForException+0x12
  692. ffffec04`1cd46e20 fffff801`7a47b246 : ffffec04`1cd47d38 ffffec04`1cd47a70 ffffec04`1cd47d38 ffff9e8a`9f9a9000 : nt!RtlDispatchException+0x297
  693. ffffec04`1cd47540 fffff801`7a5efb6c : ffff8801`df9087c0 fffff801`7a414bd6 00000000`00001000 ffffec04`1cd47de0 : nt!KiDispatchException+0x186
  694. ffffec04`1cd47c00 fffff801`7a5ebd03 : 00000000`00000000 ffff9e8a`9dcd0500 00000000`00000101 00000000`00000000 : nt!KiExceptionDispatch+0x12c
  695. ffffec04`1cd47de0 fffff801`7a8d5f12 : fffff801`7a82612f 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 : nt!KiPageFault+0x443 (TrapFrame @ ffffec04`1cd47de0)
  696. ffffec04`1cd47f78 fffff801`7a82612f : 00000000`7f147a21 ffffec04`1cd482f0 00000000`00000000 ffff9e8a`a55312f0 : nt!HvpGetCellPaged+0xa2
  697. ffffec04`1cd47f80 fffff801`7a7edab5 : 00000001`ffffffff 00000000`ce4cf905 ffffec04`1cd489e8 00000000`00000000 : nt!CmpDoCompareKeyName+0x2f
  698. ffffec04`1cd47fd0 fffff801`7a7f9f99 : ffff9e8a`a55312f0 00000000`00000006 ffffec04`1cd481d0 ffffec04`1cd48250 : nt!CmpWalkOneLevel+0x6f5
  699. ffffec04`1cd480d0 fffff801`7a7f1e63 : 00010101`0000001c ffffec04`1cd48420 ffffec04`1cd483d8 ffff8801`ee654010 : nt!CmpDoParseKey+0x849
  700. ffffec04`1cd48370 fffff801`7a7f554e : fffff801`7a7f1b01 00000000`00000000 ffff8801`ee654010 00000000`00000001 : nt!CmpParseKey+0x2c3
  701. ffffec04`1cd48510 fffff801`7a7f0faa : ffff8801`ee654000 ffffec04`1cd48778 00000000`00000040 ffff8801`df8f8ae0 : nt!ObpLookupObjectName+0x3fe
  702. ffffec04`1cd486e0 fffff801`7a7f0d8c : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8801`df8f8ae0 : nt!ObOpenObjectByNameEx+0x1fa
  703. ffffec04`1cd48810 fffff801`7a7f08b1 : 000000a0`ee07ee38 ffffec04`1cd48b80 00000000`00000001 fffff801`7a40198e : nt!ObOpenObjectByName+0x5c
  704. ffffec04`1cd48860 fffff801`7a7efe9f : fffff801`7a5d9c50 fffff801`7a516b2a 00000000`00000000 ffffec04`1cd48a88 : nt!CmOpenKey+0x2c1
  705. ffffec04`1cd48ac0 fffff801`7a5ef478 : 00000000`00000000 00000000`00000000 ffffec04`1cd48b80 000001ec`77efe550 : nt!NtOpenKeyEx+0xf
  706. ffffec04`1cd48b00 00007ffd`b0ecd184 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28 (TrapFrame @ ffffec04`1cd48b00)
  707. 000000a0`ee07ed58 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`b0ecd184
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!