========================== AUTO DUMP ANALYZER ==========================Auto D

1. ========================== AUTO DUMP ANALYZER ==========================
2. Auto Dump Analyzer
3. Version: 0.91
4. Time to analyze file(s): 00 hours and 01 minutes and 39 seconds
5.  
6. ================================= CPU ==================================
7. COUNT: 4
8. MHZ: 3912
9. VENDOR: GenuineIntel
10. FAMILY: 6
11. MODEL: 9e
12. STEPPING: 9
13.  
14. ================================== OS ==================================
15. Product: WinNt, suite: TerminalServer SingleUserTS
16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
17. BUILD_VERSION: 10.0.18362.418 (WinBuild.160101.0800)
18. BUILD: 18362
19. SERVICEPACK: 418
20. PLATFORM_TYPE: x64
21. NAME: Windows 10
22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
23. BUILD_TIMESTAMP: unknown_date
24. BUILDDATESTAMP: 160101.0800
25. BUILDLAB: WinBuild
26. BUILDOSVER: 10.0.18362.418
27.  
28. =============================== DEBUGGER ===============================
29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
30. Copyright (c) Microsoft Corporation. All rights reserved.
31.  
32. =============================== COMMENTS ===============================
33. * Information gathered from different dump files may be different. If
34. Windows updates between two dump files, two or more OS versions may
35. be shown above.
36. * Additional BIOS information was not included in the dump file(s). This
37. can be caused by an outdated BIOS.
38.  
39. ========================================================================
40. ======================= Dump #1: ANALYZE VERBOSE =======================
41. ====================== File: 072320-61218-01.dmp =======================
42. ========================================================================
43.  
44. Mini Kernel Dump File: Only registers and stack trace are available
45. Windows 10 Kernel Version 18362 MP (4 procs) Free x64
46. Kernel base = 0xfffff806`46800000 PsLoadedModuleList = 0xfffff806`46c48210
47. Debug session time: Thu Jul 23 06:20:19.629 2020 (UTC - 4:00)
48. System Uptime: 0 days 23:00:43.303
49.  
50. BugCheck 154, {ffffb188127a4000, ffffc50c9add5f00, 2, 0}
51. *** WARNING: Unable to verify timestamp for win32k.sys
52. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
53. Probably caused by : hardware_disk
54. Followup: MachineOwner
55.  
56. UNEXPECTED_STORE_EXCEPTION (154)
57. The store component caught an unexpected exception.
58.  
59. Arguments:
60. Arg1: ffffb188127a4000, Pointer to the store context or data manager
61. Arg2: ffffc50c9add5f00, Exception information
62. Arg3: 0000000000000002, Reserved
63. Arg4: 0000000000000000, Reserved
64.  
65. Debugging Details:
66. DUMP_CLASS: 1
67. DUMP_QUALIFIER: 400
68. DUMP_TYPE: 2
69. EXCEPTION_RECORD: ffffc50c9add6ea8 -- (.exr 0xffffc50c9add6ea8)
70. ExceptionAddress: fffff8064695e150 (nt!RtlDecompressBufferXpressLz+0x0000000000000050)
71. ExceptionCode: c0000006 (In-page I/O error)
72. ExceptionFlags: 00000000
73. NumberParameters: 3
74. Parameter[0]: 0000000000000000
75. Parameter[1]: 000002298b14efe0
76. Parameter[2]: 00000000c0000483
77. Inpage operation failed at 000002298b14efe0, due to I/O error 00000000c0000483
78. EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
79. FAULTING_IP:
80. nt!RtlDecompressBufferXpressLz+50
81. fffff806`4695e150 418b08 mov ecx,dword ptr [r8]
82. FOLLOWUP_IP:
83. +0
84. 00000229`8b14efe0 ?? ???
85. EXCEPTION_PARAMETER1: 0000000000000000
86. EXCEPTION_PARAMETER2: 000002298b14efe0
87. CONTEXT: ffffc50c9add66f0 -- (.cxr 0xffffc50c9add66f0)
88. rax=fffff8064695e100 rbx=0000000000000000 rcx=ffff8000fcd67000
89. rdx=ffff8000fcd67000 rsi=0000000000000002 rdi=000002298b14efe0
90. rip=fffff8064695e150 rsp=ffffc50c9add70e8 rbp=ffff8000fcd67000
91. r8=000002298b14efe0 r9=0000000000000222 r10=ffff8000fcd67ea0
92. r11=000002298b14f202 r12=ffffc50c9add7378 r13=ffffb18818671000
93. r14=000002298b14f1ac r15=ffff8000fcd68000
94. iopl=0 nv up ei pl zr na po nc
95. cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00050246
96. nt!RtlDecompressBufferXpressLz+0x50:
97. fffff806`4695e150 418b08 mov ecx,dword ptr [r8] ds:002b:00000229`8b14efe0=????????
98. Resetting default scope
99. CUSTOMER_CRASH_COUNT: 1
100. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
101.  
102. PROCESS_NAME: MemCompression
103.  
104. CURRENT_IRQL: 0
105. ERROR_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
106. EXCEPTION_CODE_STR: c0000006
107. EXCEPTION_PARAMETER3: 00000000c0000483
108. IO_ERROR: (NTSTATUS) 0xc0000483 - The request failed due to a fatal device hardware error.
109. EXCEPTION_STR: 0xc0000006_c0000483
110. BUGCHECK_STR: 0x154_c0000006_c0000483
111. STACK_TEXT:
112. ffffc50c`9add5e48 fffff806`46b21aea : 00000000`00000154 ffffb188`127a4000 ffffc50c`9add5f00 00000000`00000002 : nt!KeBugCheckEx
113. ffffc50c`9add5e50 fffff806`469db1de : ffffb188`127a4000 ffffc50c`9add5f00 fffff806`00000002 fffff806`46833926 : nt!SMKM_STORE<SM_TRAITS>::SmStUnhandledExceptionFilter+0x7e
114. ffffc50c`9add5ea0 fffff806`4699c399 : ffffc50c`00000002 ffffc50c`9add73d0 ffffc50c`9add1000 ffffc50c`9add8000 : nt!`SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue'::`1'::filt$0+0x22
115. ffffc50c`9add5ed0 fffff806`469ca04f : ffffc50c`9add73d0 ffffc50c`9add64b0 00000000`00000000 00000000`0010001f : nt!_C_specific_handler+0xa9
116. ffffc50c`9add5f40 fffff806`468c3375 : 00000000`00000000 00000000`00000000 ffffc50c`9add64b0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0xf
117. ffffc50c`9add5f70 fffff806`468c790e : ffffc50c`9add6ea8 ffffc50c`9add6bf0 ffffc50c`9add6ea8 00000229`8b14efe0 : nt!RtlDispatchException+0x4a5
118. ffffc50c`9add66c0 fffff806`469d321d : ffffb188`127a0600 fffff806`46886c8d 00000000`00010000 ffffc50c`9add6f50 : nt!KiDispatchException+0x16e
119. ffffc50c`9add6d70 fffff806`469cf405 : 00000000`00000000 00000000`00000000 ffffc50c`9add7378 00000000`00000000 : nt!KiExceptionDispatch+0x11d
120. ffffc50c`9add6f50 fffff806`4695e150 : ffff8000`fcd67000 ffffb188`127a4050 fffff806`4685cfc0 ffff8000`fcd67000 : nt!KiPageFault+0x445
121. ffffc50c`9add70e8 fffff806`4685cfc0 : ffff8000`fcd67000 ffff8000`fcd67000 00000000`00000002 00000229`8b14efe0 : nt!RtlDecompressBufferXpressLz+0x50
122. ffffc50c`9add7100 fffff806`4695fed9 : 00000000`00000000 fffff806`00000001 00000000`00000000 ffffb188`127a5788 : nt!RtlDecompressBufferEx+0x60
123. ffffc50c`9add7150 fffff806`4695fd64 : 00000000`00000004 ffffc50c`9add7360 00000000`00000000 00000000`00000bd4 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
124. ffffc50c`9add7230 fffff806`4695fbe2 : 00000000`00000001 00000000`0000efe0 ffffb188`0000efe0 ffffb188`00008000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
125. ffffc50c`9add7280 fffff806`4695fa0b : 00000000`ffffffff ffffb188`18671000 ffffc50c`9add7360 ffffb188`17313250 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
126. ffffc50c`9add7320 fffff806`4695f851 : ffffb188`18671000 00000000`00000000 00000000`00000001 ffffb188`127a5788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
127. ffffc50c`9add73d0 fffff806`4695f761 : ffffb188`127a4000 ffffb188`17313250 ffffb188`18671000 ffffb188`127a59b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
128. ffffc50c`9add7450 fffff806`46869e18 : ffffb188`14b020c0 ffffb188`127a4000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
129. ffffc50c`9add7480 fffff806`46962cc1 : fffff806`4695f740 ffffc50c`9add7530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
130. ffffc50c`9add74f0 fffff806`4694b941 : ffffc50c`9add75f0 fffff806`46d8db78 ffffb188`127a4000 ffffc50c`9add7740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
131. ffffc50c`9add75c0 fffff806`4694b527 : 00000000`0000000c ffffb188`127a4000 ffffc50c`9add7670 ffffb188`17313250 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
132. ffffc50c`9add7610 fffff806`46961fd3 : 00000000`0000000c ffffb188`17313250 00000000`00000008 00000000`00000008 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
133. ffffc50c`9add76a0 fffff806`469636af : ffffb188`00000008 ffffb188`18318930 00000000`00000000 ffffb188`127a4000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
134. ffffc50c`9add7710 fffff806`4688e05b : ffffb188`12b93580 00000000`00000001 ffffb188`12b93640 fffff806`46874ee6 : nt!SmPageRead+0x33
135. ffffc50c`9add7760 fffff806`4688d759 : 00000000`00000002 ffffc50c`9add77f0 ffffc50c`9add7958 fffff97c`80000240 : nt!MiIssueHardFaultIo+0x117
136. ffffc50c`9add77b0 fffff806`46872f9b : 00000000`c0033333 00000000`00000001 00000000`090c5fac ffffb188`0f15c960 : nt!MiIssueHardFault+0x489
137. ffffc50c`9add7860 fffff806`469cf320 : 00000000`00000001 ffffc50c`9add7a80 00000000`1b6db000 ffffc50c`9add7a80 : nt!MmAccessFault+0x40b
138. ffffc50c`9add7a00 00000000`1cc7cbb1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360
139. 00000000`2328f064 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x1cc7cbb1
140. STACK_COMMAND: kb
141. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
142. fffff80646873034-fffff80646873038 5 bytes - nt!MmAccessFault+4a4
143. [ df be 7d fb f6:2f 5f be 7c f9 ]
144. fffff806468b17e7-fffff806468b17e8 2 bytes - nt!MiTerminateWsleCluster+b7 (+0x3e7b3)
145. [ 80 f6:00 f9 ]
146. fffff806468b184f-fffff806468b1853 5 bytes - nt!MiTerminateWsleCluster+11f (+0x68)
147. [ d7 be 7d fb f6:27 5f be 7c f9 ]
148. fffff806468b185d - nt!MiTerminateWsleCluster+12d (+0x0e)
149. [ fa:95 ]
150. fffff806468b187b-fffff806468b187c 2 bytes - nt!MiTerminateWsleCluster+14b (+0x1e)
151. [ ff f6:7f f9 ]
152. fffff806468b1882-fffff806468b1886 5 bytes - nt!MiTerminateWsleCluster+152 (+0x07)
153. [ d0 be 7d fb f6:20 5f be 7c f9 ]
154. fffff8064692066d - nt!MiZeroLargePage+39 (+0x6edeb)
155. [ fa:95 ]
156. fffff806469206c4 - nt!MiZeroLargePage+90 (+0x57)
157. [ fa:95 ]
158. fffff80646963797-fffff80646963798 2 bytes - nt!SMKM_STORE_MGR<SM_TRAITS>::SmAsyncReadQueueWorker+87 (+0x430d3)
159. [ 48 ff:4c 8b ]
160. fffff8064696379e-fffff806469637a1 4 bytes - nt!SMKM_STORE_MGR<SM_TRAITS>::SmAsyncReadQueueWorker+8e (+0x07)
161. [ 0f 1f 44 00:e8 1d 40 95 ]
162. fffff80646a2c077-fffff80646a2c07b 5 bytes - nt!MiUpdatePrefetchPriority+16dbe7 (+0xc88d9)
163. [ d7 be 7d fb f6:27 5f be 7c f9 ]
164. 33 errors : !nt (fffff80646873034-fffff80646a2c07b)
165. THREAD_SHA1_HASH_MOD_FUNC: be91335f728989fad5a9a5641f89ffee7fe3c14c
166. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 284d6f66330e36aa06844fea7f04f02730e9e11d
167. THREAD_SHA1_HASH_MOD: 901685eb5ed44e617e07e22622321d209483595d
168. FOLLOWUP_NAME: MachineOwner
169. MODULE_NAME: hardware_disk
170.  
171. IMAGE_NAME: hardware_disk
172.  
173. DEBUG_FLR_IMAGE_TIMESTAMP: 0
174. FAILURE_BUCKET_ID: 0x154_c0000006_c0000483_IMAGE_hardware_disk
175. BUCKET_ID: 0x154_c0000006_c0000483_IMAGE_hardware_disk
176. PRIMARY_PROBLEM_CLASS: 0x154_c0000006_c0000483_IMAGE_hardware_disk
177. TARGET_TIME: 2020-07-23T10:20:19.000Z
178. SUITE_MASK: 272
179. PRODUCT_TYPE: 1
180. USER_LCID: 0
181. FAILURE_ID_HASH_STRING: km:0x154_c0000006_c0000483_image_hardware_disk
182. FAILURE_ID_HASH: {d170a5ab-ac8b-0fed-3160-792217daec42}
183. Followup: MachineOwner
184.  
185. ====================== Dump #1: 3RD PARTY DRIVERS ======================
186.  
187. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
188. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
189. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
190. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
191. May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
192. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
193. Jun 06 2017 - SCDEmu.SYS - PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
194. Nov 19 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
195. Mar 16 2018 - kltap.sys - TAP - Windows Virtual Network driver - The OpenVPN Project
196. Nov 13 2018 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
197. Jan 22 2019 - klupd_klif_kimul.sys - Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
198. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
199. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
200. Jul 03 2019 - womic.sys - Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
201. Feb 12 2020 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
202. Feb 25 2020 - IntcDAud.sys - Intel Display Audio Driver http://www.intel.com/
203. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
204. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
205. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
206. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
207. Apr 02 2020 - tapprotonvpn.sys - Proton TAP VPN driver http://www.protonvpn.com/
208. Apr 28 2020 - klgse.sys - Kaspersky Security Extender driver
209. Apr 28 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
210. May 19 2020 - igdkmd64.sys - Intel HD graphics driver
211. Jun 11 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
212. Jun 13 2020 - vgk.sys - Vanguard Anti-Cheat driver
213. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
214. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
215. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
216. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
217. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
218. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
219. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
220.  
221. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
222.  
223. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
224. Image name: klmouflt.sys
225. Search : https://www.google.com/search?q=klmouflt.sys
226. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
227. Timestamp : Fri Sep 12 1975
228.  
229. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
230. Image name: klwtp.sys
231. Search : https://www.google.com/search?q=klwtp.sys
232. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
233. Timestamp : Sat May 5 2007
234.  
235. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
236. Image name: klbackupdisk.sys
237. Search : https://www.google.com/search?q=klbackupdisk.sys
238. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
239. Timestamp : Sun Apr 13 2008
240.  
241. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
242. Image name: AsUpIO.sys
243. Search : https://www.google.com/search?q=AsUpIO.sys
244. ADA Info : ASUS Update Input Output driver http://www.asus.com/
245. Timestamp : Mon Aug 2 2010
246.  
247. Image path: \SystemRoot\System32\drivers\ScpVBus.sys
248. Image name: ScpVBus.sys
249. Search : https://www.google.com/search?q=ScpVBus.sys
250. ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
251. Timestamp : Sun May 5 2013
252.  
253. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
254. Image name: klim6.sys
255. Search : https://www.google.com/search?q=klim6.sys
256. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
257. Timestamp : Wed Jan 7 2015
258.  
259. Image path: \SystemRoot\System32\Drivers\SCDEmu.SYS
260. Image name: SCDEmu.SYS
261. Search : https://www.google.com/search?q=SCDEmu.SYS
262. ADA Info : PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
263. Timestamp : Tue Jun 6 2017
264.  
265. Mapped memory image file: C:\ProgramData\dbg\sym\TeeDriverW8x64.sys\5A116D8F34000\TeeDriverW8x64.sys
266. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
267. Image name: TeeDriverW8x64.sys
268. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
269. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
270. Timestamp : Sun Nov 19 2017
271. File version: 11.7.0.1057
272. Product version: 11.7.0.1057
273. File flags: 8 (Mask 3F) Private
274. File OS: 40004 NT Win32
275. File type: 3.7 Driver
276. File date: 00000000.00000000
277. CompanyName: Intel Corporation
278. ProductName: Intel(R) Management Engine Interface
279. InternalName: TeeDriverx64.sys
280. OriginalFilename: TeeDriverx64.sys
281. ProductVersion: 11.7.0.1057
282. FileVersion: 11.7.0.1057
283. FileDescription: Intel(R) Management Engine Interface
284. LegalCopyright: Copyright © 2006-2015, Intel Corporation. All rights reserved.
285.  
286. Image path: \SystemRoot\System32\drivers\kltap.sys
287. Image name: kltap.sys
288. Search : https://www.google.com/search?q=kltap.sys
289. ADA Info : TAP - Windows Virtual Network driver - The OpenVPN Project
290. Timestamp : Fri Mar 16 2018
291.  
292. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
293. Image name: RTKVHD64.sys
294. Search : https://www.google.com/search?q=RTKVHD64.sys
295. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
296. Timestamp : Tue Nov 13 2018
297.  
298. Image path: \SystemRoot\System32\Drivers\klupd_klif_kimul.sys
299. Image name: klupd_klif_kimul.sys
300. Search : https://www.google.com/search?q=klupd_klif_kimul.sys
301. ADA Info : Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
302. Timestamp : Tue Jan 22 2019
303.  
304. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
305. Image name: cm_km.sys
306. Search : https://www.google.com/search?q=cm_km.sys
307. ADA Info : Kaspersky Cryptographic Module Driver
308. Timestamp : Fri Feb 15 2019
309.  
310. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
311. Image name: klwfp.sys
312. Search : https://www.google.com/search?q=klwfp.sys
313. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
314. Timestamp : Tue Feb 26 2019
315.  
316. Image path: \SystemRoot\system32\drivers\womic.sys
317. Image name: womic.sys
318. Search : https://www.google.com/search?q=womic.sys
319. ADA Info : Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
320. Timestamp : Wed Jul 3 2019
321.  
322. Image path: \SystemRoot\System32\drivers\rt640x64.sys
323. Image name: rt640x64.sys
324. Search : https://www.google.com/search?q=rt640x64.sys
325. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
326. Timestamp : Wed Feb 12 2020
327.  
328. Image path: \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys
329. Image name: IntcDAud.sys
330. Search : https://www.google.com/search?q=IntcDAud.sys
331. ADA Info : Intel Display Audio Driver http://www.intel.com/
332. Timestamp : Tue Feb 25 2020
333.  
334. Image path: \SystemRoot\system32\DRIVERS\klif.sys
335. Image name: klif.sys
336. Search : https://www.google.com/search?q=klif.sys
337. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
338. Timestamp : Fri Mar 13 2020
339.  
340. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
341. Image name: klupd_klif_klark.sys
342. Search : https://www.google.com/search?q=klupd_klif_klark.sys
343. ADA Info : Kaspersky https://www.kaspersky.com/
344. Timestamp : Fri Mar 20 2020
345.  
346. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
347. Image name: klupd_klif_mark.sys
348. Search : https://www.google.com/search?q=klupd_klif_mark.sys
349. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
350. Timestamp : Fri Mar 20 2020
351.  
352. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
353. Image name: klupd_klif_arkmon.sys
354. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
355. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
356. Timestamp : Sun Mar 22 2020
357.  
358. Image path: \SystemRoot\System32\drivers\tapprotonvpn.sys
359. Image name: tapprotonvpn.sys
360. Search : https://www.google.com/search?q=tapprotonvpn.sys
361. ADA Info : Proton TAP VPN driver http://www.protonvpn.com/
362. Timestamp : Thu Apr 2 2020
363.  
364. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
365. Image name: klgse.sys
366. Search : https://www.google.com/search?q=klgse.sys
367. ADA Info : Kaspersky Security Extender driver
368. Timestamp : Tue Apr 28 2020
369.  
370. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
371. Image name: klhk.sys
372. Search : https://www.google.com/search?q=klhk.sys
373. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
374. Timestamp : Tue Apr 28 2020
375.  
376. Image path: \SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_29d4e3e2513aa913\igdkmd64.sys
377. Image name: igdkmd64.sys
378. Search : https://www.google.com/search?q=igdkmd64.sys
379. ADA Info : Intel HD graphics driver
380. Timestamp : Tue May 19 2020
381.  
382. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
383. Image name: klids.sys
384. Search : https://www.google.com/search?q=klids.sys
385. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
386. Timestamp : Thu Jun 11 2020
387.  
388. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
389. Image name: vgk.sys
390. Search : https://www.google.com/search?q=vgk.sys
391. ADA Info : Vanguard Anti-Cheat driver
392. Timestamp : Sat Jun 13 2020
393.  
394. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
395. Image name: klupd_klif_klbg.sys
396. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
397. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
398. Timestamp : Wed Jun 17 2020
399.  
400. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
401. Image name: klkbdflt.sys
402. Search : https://www.google.com/search?q=klkbdflt.sys
403. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
404. Timestamp : Tue Nov 16 2021
405.  
406. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
407. Image name: klpd.sys
408. Search : https://www.google.com/search?q=klpd.sys
409. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
410. Timestamp : Tue Mar 13 2029
411.  
412. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
413. Image name: klflt.sys
414. Search : https://www.google.com/search?q=klflt.sys
415. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
416. Timestamp : Mon Aug 13 2029
417.  
418. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
419. Image name: klbackupflt.sys
420. Search : https://www.google.com/search?q=klbackupflt.sys
421. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
422. Timestamp : ***** Invalid (946E4501)
423.  
424. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
425. Image name: kldisk.sys
426. Search : https://www.google.com/search?q=kldisk.sys
427. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
428. Timestamp : ***** Invalid (B1F414C8)
429.  
430. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
431. Image name: kneps.sys
432. Search : https://www.google.com/search?q=kneps.sys
433. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
434. Timestamp : ***** Invalid (E34C73F4)
435.  
436. ====================== Dump #1: MICROSOFT DRIVERS ======================
437.  
438. ACPI.sys ACPI Driver for NT (Microsoft)
439. acpiex.sys ACPIEx Driver (Microsoft)
440. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
441. afd.sys Ancillary Function Driver for WinSock (Microsoft)
442. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
443. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
444. ahcache.sys Application Compatibility Cache (Microsoft)
445. bam.sys BAM Kernal driver (Microsoft)
446. BasicDisplay.sys Basic Display driver (Microsoft)
447. BasicRender.sys Basic Render driver (Microsoft)
448. Beep.SYS BEEP driver (Microsoft)
449. BOOTVID.dll VGA Boot Driver (Microsoft)
450. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
451. cdd.dll Canonical Display Driver (Microsoft)
452. cdrom.sys SCSI CD-ROM Driver (Microsoft)
453. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
454. CI.dll Code Integrity Module (Microsoft)
455. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
456. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
457. CLFS.SYS Common Log File System Driver (Microsoft)
458. clipsp.sys CLIP Service (Microsoft)
459. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
460. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
461. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
462. condrv.sys Console Driver (Microsoft)
463. crashdmp.sys Crash Dump driver (Microsoft)
464. csc.sys Windows Client Side Caching driver (Microsoft)
465. dfsc.sys DFS Namespace Client Driver (Microsoft)
466. disk.sys PnP Disk Driver (Microsoft)
467. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
468. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
469. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
470. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
471. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
472. dxgmms2.sys DirectX Graphics MMS
473. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
474. fastfat.SYS Fast FAT File System Driver (Microsoft)
475. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
476. fileinfo.sys FileInfo Filter Driver (Microsoft)
477. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
478. Fs_Rec.sys File System Recognizer Driver (Microsoft)
479. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
480. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
481. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
482. hal.dll Hardware Abstraction Layer DLL (Microsoft)
483. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
484. HIDCLASS.SYS Hid Class Library (Microsoft)
485. HIDPARSE.SYS Hid Parsing Library (Microsoft)
486. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
487. HTTP.sys HTTP Protocol Stack (Microsoft)
488. intelpep.sys Intel Power Engine Plugin (Microsoft)
489. intelppm.sys Processor Device Driver (Microsoft)
490. iorate.sys I/O rate control Filter (Microsoft)
491. kbdclass.sys Keyboard Class Driver (Microsoft)
492. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
493. kd.dll Local Kernal Debugger (Microsoft)
494. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
495. ks.sys Kernal CSA Library (Microsoft)
496. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
497. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
498. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
499. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
500. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
501. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
502. mmcss.sys MMCSS Driver (Microsoft)
503. monitor.sys Monitor Driver (Microsoft)
504. mouclass.sys Mouse Class Driver (Microsoft)
505. mouhid.sys HID Mouse Filter Driver (Microsoft)
506. mountmgr.sys Mount Point Manager (Microsoft)
507. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
508. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
509. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
510. Msfs.SYS Mailslot driver (Microsoft)
511. msisadrv.sys ISA Driver (Microsoft)
512. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
513. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
514. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
515. mssmbios.sys System Management BIOS driver (Microsoft)
516. mup.sys Multiple UNC Provider driver (Microsoft)
517. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
518. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
519. ndisuio.sys NDIS User mode I/O driver (Microsoft)
520. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
521. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
522. NDProxy.sys NDIS Proxy driver (Microsoft)
523. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
524. netbios.sys NetBIOS Interface driver (Microsoft)
525. netbt.sys MBT Transport driver (Microsoft)
526. NETIO.SYS Network I/O Subsystem (Microsoft)
527. Npfs.SYS NPFS driver (Microsoft)
528. npsvctrig.sys Named pipe service triggers (Microsoft)
529. nsiproxy.sys NSI Proxy driver (Microsoft)
530. Ntfs.sys NT File System Driver (Microsoft)
531. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
532. ntosext.sys NTOS Extension Host driver (Microsoft)
533. Null.SYS NULL Driver (Microsoft)
534. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
535. pacer.sys QoS Packet Scheduler (Microsoft)
536. parport.sys Parallel Port Driver (Microsoft)
537. partmgr.sys Partition driver (Microsoft)
538. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
539. pcw.sys Performance Counter Driver (Microsoft)
540. pdc.sys Power Dependency Coordinator Driver (Microsoft)
541. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
542. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
543. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
544. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
545. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
546. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
547. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
548. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
549. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
550. rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
551. rdyboost.sys ReadyBoost Driver (Microsoft)
552. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
553. serenum.sys Serial Port Enumerator (Microsoft)
554. serial.sys Serial Device Driver
555. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
556. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
557. spaceport.sys Storage Spaces driver (Microsoft)
558. srv2.sys Smb 2.0 Server driver (Microsoft)
559. srvnet.sys Server Network driver (Microsoft)
560. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
561. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
562. storqosflt.sys Storage QoS Filter driver (Microsoft)
563. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
564. tbs.sys Export driver for kernel mode TPM API (Microsoft)
565. tcpip.sys TCP/IP Protocol driver (Microsoft)
566. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
567. TDI.SYS TDI Wrapper driver (Microsoft)
568. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
569. tm.sys Kernel Transaction Manager driver (Microsoft)
570. ucx01000.sys USB Controller Extension (Microsoft)
571. UEFI.sys UEFI NT driver (Microsoft)
572. umbus.sys User-Mode Bus Enumerator (Microsoft)
573. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
574. USBD.SYS Universal Serial Bus Driver (Microsoft)
575. UsbHub3.sys USB3 HUB driver (Microsoft)
576. USBXHCI.SYS USB XHCI driver (Microsoft)
577. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
578. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
579. volmgr.sys Volume Manager Driver (Microsoft)
580. volmgrx.sys Volume Manager Extension Driver (Microsoft)
581. volsnap.sys Volume Shadow Copy driver (Microsoft)
582. volume.sys Volume driver (Microsoft)
583. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
584. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
585. watchdog.sys Watchdog driver (Microsoft)
586. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
587. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
588. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
589. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
590. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
591. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
592. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
593. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
594. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
595. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
596. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
597. winquic.sys QUIC Transport Protocol driver (Microsoft)
598. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
599. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
600. Wof.sys Windows Overlay Filter (Microsoft)
601. WppRecorder.sys WPP Trace Recorder (Microsoft)
602.  
603. ====================== Dump #1: UNLOADED MODULES =======================
604.  
605. fffff806`44800000 fffff806`4496a000 EasyAntiChea
606. fffff806`454e0000 fffff806`454ef000 hiber_storpo
607. fffff806`454f0000 fffff806`4551f000 hiber_storah
608. fffff806`45520000 fffff806`4553e000 hiber_dumpfv
609. fffff806`52820000 fffff806`52859000 klids.sys
610. fffff806`51490000 fffff806`5149f000 dump_storpor
611. fffff806`514d0000 fffff806`514ff000 dump_storahc
612. fffff806`51520000 fffff806`5153e000 dump_dumpfve
613. fffff806`543d0000 fffff806`543db000 klpnpflt.sys
614. fffff806`54360000 fffff806`5436b000 klpnpflt.sys
615. fffff806`52690000 fffff806`5269b000 klpnpflt.sys
616. fffff806`528c0000 fffff806`528de000 dam.sys
617. fffff806`499b0000 fffff806`499be000 klelam.sys
618. fffff806`4a9e0000 fffff806`4a9f0000 hwpolicy.sys
619.  
620. ====================== Dump #1: BIOS INFORMATION =======================
621.  
622. sysinfo: could not find necessary interfaces.
623. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
624.  
625. ========================== Dump #1: Extra #1 ===========================
626.  
627. 1: kd> !verifier
628. Verify Flags Level 0x00000000
629. STANDARD FLAGS:
630. [X] (0x00000000) Automatic Checks
631. [ ] (0x00000001) Special pool
632. [ ] (0x00000002) Force IRQL checking
633. [ ] (0x00000008) Pool tracking
634. [ ] (0x00000010) I/O verification
635. [ ] (0x00000020) Deadlock detection
636. [ ] (0x00000080) DMA checking
637. [ ] (0x00000100) Security checks
638. [ ] (0x00000800) Miscellaneous checks
639. [ ] (0x00020000) DDI compliance checking
640. ADDITIONAL FLAGS:
641. [ ] (0x00000004) Randomized low resources simulation
642. [ ] (0x00000200) Force pending I/O requests
643. [ ] (0x00000400) IRP logging
644. [ ] (0x00002000) Invariant MDL checking for stack
645. [ ] (0x00004000) Invariant MDL checking for driver
646. [ ] (0x00008000) Power framework delay fuzzing
647. [ ] (0x00010000) Port/miniport interface checking
648. [ ] (0x00040000) Systematic low resources simulation
649. [ ] (0x00080000) DDI compliance checking (additional)
650. [ ] (0x00200000) NDIS/WIFI verification
651. [ ] (0x00800000) Kernel synchronization delay fuzzing
652. [ ] (0x01000000) VM switch verification
653. [ ] (0x02000000) Code integrity checks
654. [X] Indicates flag is enabled
655. Summary of All Verifier Statistics
656. RaiseIrqls 0x0
657. AcquireSpinLocks 0x0
658. Synch Executions 0x0
659. Trims 0x0
660. Pool Allocations Attempted 0x0
661. Pool Allocations Succeeded 0x0
662. Pool Allocations Succeeded SpecialPool 0x0
663. Pool Allocations With NO TAG 0x0
664. Pool Allocations Failed 0x0
665. Current paged pool allocations 0x0 for 00000000 bytes
666. Peak paged pool allocations 0x0 for 00000000 bytes
667. Current nonpaged pool allocations 0x0 for 00000000 bytes
668. Peak nonpaged pool allocations 0x0 for 00000000 bytes
669.  
670. ========================== Dump #1: Extra #2 ===========================
671.  
672. 1: kd> !thread
673. THREAD ffffb18814b020c0 Cid 1280.2418 Teb: 000000001b6db000 Win32Thread: 0000000000000000 RUNNING on processor 1
674. Not impersonating
675. GetUlongFromAddress: unable to read from fffff80646c2ca14
676. Owning Process ffffb18812b93080 Image: System Process
677. Attached Process ffffb188127a0040 Image: MemCompression
678. fffff78000000000: Unable to get shared data
679. Wait Start TickCount 5301971
680. Context Switch Count 739818 IdealProcessor: 1
681. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
682. UserTime 00:00:00.000
683. KernelTime 00:00:00.000
684. Win32 Start Address 0x0000000066d40018
685. Stack Init ffffc50c9add7b90 Current ffffc50c9add6800
686. Base ffffc50c9add8000 Limit ffffc50c9add1000 Call 0000000000000000
687. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
688. Child-SP RetAddr : Args to Child : Call Site
689. ffffc50c`9add5e48 fffff806`46b21aea : 00000000`00000154 ffffb188`127a4000 ffffc50c`9add5f00 00000000`00000002 : nt!KeBugCheckEx
690. ffffc50c`9add5e50 fffff806`469db1de : ffffb188`127a4000 ffffc50c`9add5f00 fffff806`00000002 fffff806`46833926 : nt!SMKM_STORE<SM_TRAITS>::SmStUnhandledExceptionFilter+0x7e
691. ffffc50c`9add5ea0 fffff806`4699c399 : ffffc50c`00000002 ffffc50c`9add73d0 ffffc50c`9add1000 ffffc50c`9add8000 : nt!`SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue'::`1'::filt$0+0x22
692. ffffc50c`9add5ed0 fffff806`469ca04f : ffffc50c`9add73d0 ffffc50c`9add64b0 00000000`00000000 00000000`0010001f : nt!_C_specific_handler+0xa9
693. ffffc50c`9add5f40 fffff806`468c3375 : 00000000`00000000 00000000`00000000 ffffc50c`9add64b0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0xf
694. ffffc50c`9add5f70 fffff806`468c790e : ffffc50c`9add6ea8 ffffc50c`9add6bf0 ffffc50c`9add6ea8 00000229`8b14efe0 : nt!RtlDispatchException+0x4a5
695. ffffc50c`9add66c0 fffff806`469d321d : ffffb188`127a0600 fffff806`46886c8d 00000000`00010000 ffffc50c`9add6f50 : nt!KiDispatchException+0x16e
696. ffffc50c`9add6d70 fffff806`469cf405 : 00000000`00000000 00000000`00000000 ffffc50c`9add7378 00000000`00000000 : nt!KiExceptionDispatch+0x11d
697. ffffc50c`9add6f50 fffff806`4695e150 : ffff8000`fcd67000 ffffb188`127a4050 fffff806`4685cfc0 ffff8000`fcd67000 : nt!KiPageFault+0x445 (TrapFrame @ ffffc50c`9add6f50)
698. ffffc50c`9add70e8 fffff806`4685cfc0 : ffff8000`fcd67000 ffff8000`fcd67000 00000000`00000002 00000229`8b14efe0 : nt!RtlDecompressBufferXpressLz+0x50
699. ffffc50c`9add7100 fffff806`4695fed9 : 00000000`00000000 fffff806`00000001 00000000`00000000 ffffb188`127a5788 : nt!RtlDecompressBufferEx+0x60
700. ffffc50c`9add7150 fffff806`4695fd64 : 00000000`00000004 ffffc50c`9add7360 00000000`00000000 00000000`00000bd4 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
701. ffffc50c`9add7230 fffff806`4695fbe2 : 00000000`00000001 00000000`0000efe0 ffffb188`0000efe0 ffffb188`00008000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
702. ffffc50c`9add7280 fffff806`4695fa0b : 00000000`ffffffff ffffb188`18671000 ffffc50c`9add7360 ffffb188`17313250 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
703. ffffc50c`9add7320 fffff806`4695f851 : ffffb188`18671000 00000000`00000000 00000000`00000001 ffffb188`127a5788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
704. ffffc50c`9add73d0 fffff806`4695f761 : ffffb188`127a4000 ffffb188`17313250 ffffb188`18671000 ffffb188`127a59b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
705. ffffc50c`9add7450 fffff806`46869e18 : ffffb188`14b020c0 ffffb188`127a4000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
706. ffffc50c`9add7480 fffff806`46962cc1 : fffff806`4695f740 ffffc50c`9add7530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
707. ffffc50c`9add74f0 fffff806`4694b941 : ffffc50c`9add75f0 fffff806`46d8db78 ffffb188`127a4000 ffffc50c`9add7740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
708. ffffc50c`9add75c0 fffff806`4694b527 : 00000000`0000000c ffffb188`127a4000 ffffc50c`9add7670 ffffb188`17313250 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
709. ffffc50c`9add7610 fffff806`46961fd3 : 00000000`0000000c ffffb188`17313250 00000000`00000008 00000000`00000008 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
710. ffffc50c`9add76a0 fffff806`469636af : ffffb188`00000008 ffffb188`18318930 00000000`00000000 ffffb188`127a4000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
711. ffffc50c`9add7710 fffff806`4688e05b : ffffb188`12b93580 00000000`00000001 ffffb188`12b93640 fffff806`46874ee6 : nt!SmPageRead+0x33
712. ffffc50c`9add7760 fffff806`4688d759 : 00000000`00000002 ffffc50c`9add77f0 ffffc50c`9add7958 fffff97c`80000240 : nt!MiIssueHardFaultIo+0x117
713. ffffc50c`9add77b0 fffff806`46872f9b : 00000000`c0033333 00000000`00000001 00000000`090c5fac ffffb188`0f15c960 : nt!MiIssueHardFault+0x489
714. ffffc50c`9add7860 fffff806`469cf320 : 00000000`00000001 ffffc50c`9add7a80 00000000`1b6db000 ffffc50c`9add7a80 : nt!MmAccessFault+0x40b
715. ffffc50c`9add7a00 00000000`1cc7cbb1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360 (TrapFrame @ ffffc50c`9add7a00)
716. 00000000`2328f064 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x1cc7cbb1
717.  
718.  
719. ========================================================================
720. ======================= Dump #2: ANALYZE VERBOSE =======================
721. ====================== File: 072220-64359-01.dmp =======================
722. ========================================================================
723.  
724. Mini Kernel Dump File: Only registers and stack trace are available
725. Windows 10 Kernel Version 18362 MP (4 procs) Free x64
726. Kernel base = 0xfffff805`26a00000 PsLoadedModuleList = 0xfffff805`26e48210
727. Debug session time: Wed Jul 22 06:46:20.997 2020 (UTC - 4:00)
728. System Uptime: 1 days 1:37:12.190
729.  
730. BugCheck 1E, {ffffffffc0000006, fffff8052704d3bf, 0, 193c53f3008}
731. *** WARNING: Unable to verify timestamp for win32k.sys
732. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
733. Probably caused by : memory_corruption
734. Followup: memory_corruption
735.  
736. KMODE_EXCEPTION_NOT_HANDLED (1e)
737. This is a very common bugcheck. Usually the exception address pinpoints
738. the driver/function that caused the problem. Always note this address
739. as well as the link date of the driver/image that contains this address.
740.  
741. Arguments:
742. Arg1: ffffffffc0000006, The exception code that was not handled
743. Arg2: fffff8052704d3bf, The address that the exception occurred at
744. Arg3: 0000000000000000, Parameter 0 of the exception
745. Arg4: 00000193c53f3008, Parameter 1 of the exception
746.  
747. Debugging Details:
748. DUMP_CLASS: 1
749. DUMP_QUALIFIER: 400
750. DUMP_TYPE: 2
751. EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
752. FAULTING_IP:
753. nt!HvpFindFreeCellInBin+f
754. fffff805`2704d3bf 458b5908 mov r11d,dword ptr [r9+8]
755. EXCEPTION_PARAMETER2: 00000193c53f3008
756. BUGCHECK_STR: 0x1E_c0000006
757. CUSTOMER_CRASH_COUNT: 1
758. DEFAULT_BUCKET_ID: CODE_CORRUPTION
759.  
760. PROCESS_NAME: Registry
761.  
762. CURRENT_IRQL: 0
763. EXCEPTION_RECORD: ffffaf046f304640 -- (.exr 0xffffaf046f304640)
764. ExceptionAddress: 0000000000000000
765. ExceptionCode: 00000000
766. ExceptionFlags: 00000000
767. NumberParameters: 0
768. TRAP_FRAME: 0000000000008000 -- (.trap 0x8000)
769. Unable to read trap frame at 00000000`00008000
770. LAST_CONTROL_TRANSFER: from fffff80526c2fd3f to fffff80526bc1220
771. STACK_TEXT:
772. fffff60c`ad57e588 fffff805`26c2fd3f : 00000000`0000001e ffffffff`c0000006 fffff805`2704d3bf 00000000`00000000 : nt!KeBugCheckEx
773. fffff60c`ad57e590 fffff805`26bd321d : ffffaf04`6f304640 fffff805`26a86c8d 00000000`00008000 fffff60c`ad57ee20 : nt!KiDispatchException+0x16859f
774. fffff60c`ad57ec40 fffff805`26bcf405 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x11d
775. fffff60c`ad57ee20 fffff805`2704d3bf : 00000000`00000000 00000000`ffffffff 00000000`001ff000 ffff9a88`97aa0000 : nt!KiPageFault+0x445
776. fffff60c`ad57efb0 fffff805`2704d0d4 : 00000000`00000120 00000000`001ff000 00000000`00011ae7 ffff9a88`97aa0000 : nt!HvpFindFreeCellInBin+0xf
777. fffff60c`ad57efe0 fffff805`2704d1e9 : ffff9a88`97aa0050 00000000`00003063 00000000`00000068 ffff9a88`03062000 : nt!HvpFindFreeCell+0x120
778. fffff60c`ad57f060 fffff805`27053a76 : ffff9a88`97aa0000 00000000`00000000 ffff9a88`97aa0000 fffff60c`ad57f130 : nt!HvpDoAllocateCell+0x75
779. fffff60c`ad57f0f0 fffff805`27051a72 : 00000000`00000000 ffff9a88`97aa0000 00000193`c53f4e0c fffff60c`ad57f1b0 : nt!HvReallocateCell+0xba
780. fffff60c`ad57f170 fffff805`2704adf0 : 01d66015`56260d6f 00000000`00000000 ffff9a88`97aec930 fffff60c`00000003 : nt!CmpSetValueKeyExisting+0x22a
781. fffff60c`ad57f1e0 fffff805`2704a776 : fffff60c`00000001 fffff60c`ad57f480 00000000`00000000 00000004`ffffff01 : nt!CmSetValueKey+0x520
782. fffff60c`ad57f380 fffff805`26bd2b15 : 00000000`ffffffff fffff805`26a71006 fffff60c`ad57f6a0 00000000`00000000 : nt!NtSetValueKey+0x646
783. fffff60c`ad57f570 fffff805`26bc5060 : fffff805`2700e71b 00000000`00000000 fffff60c`ad57fa80 ffff9a88`9c154400 : nt!KiSystemServiceCopyEnd+0x25
784. fffff60c`ad57f778 fffff805`2700e71b : 00000000`00000000 fffff60c`ad57fa80 ffff9a88`9c154400 fffff805`00000000 : nt!KiServiceLinkage
785. fffff60c`ad57f780 fffff805`2700c6a2 : 00000000`0000005a 00000000`00000000 fffff60c`ad57fa80 00000000`0000005a : nt!ExpWnfWriteStateData+0x173
786. fffff60c`ad57f890 fffff805`26bd2b15 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffaf04`7f289800 : nt!NtUpdateWnfStateData+0x262
787. fffff60c`ad57f990 00007ff8`ecbdf9b4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
788. 00000068`fb8fd9d8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`ecbdf9b4
789. STACK_COMMAND: kb
790. CHKIMG_EXTENSION: !chkimg -lo 50 -d !FLTMGR
791. fffff805294fef25-fffff805294fef26 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+35
792. [ 48 ff:4c 8b ]
793. fffff805294fef2c-fffff805294fef30 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+3c (+0x07)
794. [ 0f 1f 44 00 00:e8 df 74 56 fd ]
795. fffff805294fef3a-fffff805294fef3b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+4a (+0x0e)
796. [ 48 ff:4c 8b ]
797. fffff805294fef41-fffff805294fef45 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+51 (+0x07)
798. [ 0f 1f 44 00 00:e8 8a 81 53 fd ]
799. fffff805294fef8a-fffff805294fef8b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+9a (+0x49)
800. [ 48 ff:4c 8b ]
801. fffff805294fef91-fffff805294fef97 7 bytes - FLTMGR!DeleteStreamListCtrlCallback+a1 (+0x07)
802. [ 0f 1f 44 00 00 48 ff:e8 ba 79 53 fd 4c 8b ]
803. fffff805294fef9d-fffff805294fefa1 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+ad (+0x0c)
804. [ 0f 1f 44 00 00:e8 2e 74 56 fd ]
805. 28 errors : !FLTMGR (fffff805294fef25-fffff805294fefa1)
806. MODULE_NAME: memory_corruption
807.  
808. IMAGE_NAME: memory_corruption
809.  
810. FOLLOWUP_NAME: memory_corruption
811. DEBUG_FLR_IMAGE_TIMESTAMP: 0
812. MEMORY_CORRUPTOR: LARGE
813. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
814. BUCKET_ID: MEMORY_CORRUPTION_LARGE
815. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
816. TARGET_TIME: 2020-07-22T10:46:20.000Z
817. SUITE_MASK: 272
818. PRODUCT_TYPE: 1
819. USER_LCID: 0
820. FAILURE_ID_HASH_STRING: km:memory_corruption_large
821. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
822. Followup: memory_corruption
823.  
824. ====================== Dump #2: 3RD PARTY DRIVERS ======================
825.  
826. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
827. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
828. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
829. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
830. May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
831. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
832. Jun 03 2016 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
833. Jun 06 2017 - SCDEmu.SYS - PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
834. Nov 19 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
835. Mar 16 2018 - kltap.sys - TAP - Windows Virtual Network driver - The OpenVPN Project
836. Jan 22 2019 - klupd_klif_kimul.sys - Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
837. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
838. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
839. Jul 03 2019 - womic.sys - Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
840. Feb 12 2020 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
841. Feb 25 2020 - IntcDAud.sys - Intel Display Audio Driver http://www.intel.com/
842. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
843. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
844. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
845. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
846. Apr 02 2020 - tapprotonvpn.sys - Proton TAP VPN driver http://www.protonvpn.com/
847. Apr 28 2020 - klgse.sys - Kaspersky Security Extender driver
848. Apr 28 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
849. May 19 2020 - igdkmd64.sys - Intel HD graphics driver
850. Jun 11 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
851. Jun 13 2020 - vgk.sys - Vanguard Anti-Cheat driver
852. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
853. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
854. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
855. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
856. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
857. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
858. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
859.  
860. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
861.  
862. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
863. Image name: klmouflt.sys
864. Search : https://www.google.com/search?q=klmouflt.sys
865. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
866. Timestamp : Fri Sep 12 1975
867.  
868. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
869. Image name: klwtp.sys
870. Search : https://www.google.com/search?q=klwtp.sys
871. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
872. Timestamp : Sat May 5 2007
873.  
874. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
875. Image name: klbackupdisk.sys
876. Search : https://www.google.com/search?q=klbackupdisk.sys
877. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
878. Timestamp : Sun Apr 13 2008
879.  
880. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
881. Image name: AsUpIO.sys
882. Search : https://www.google.com/search?q=AsUpIO.sys
883. ADA Info : ASUS Update Input Output driver http://www.asus.com/
884. Timestamp : Mon Aug 2 2010
885.  
886. Image path: \SystemRoot\System32\drivers\ScpVBus.sys
887. Image name: ScpVBus.sys
888. Search : https://www.google.com/search?q=ScpVBus.sys
889. ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
890. Timestamp : Sun May 5 2013
891.  
892. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
893. Image name: klim6.sys
894. Search : https://www.google.com/search?q=klim6.sys
895. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
896. Timestamp : Wed Jan 7 2015
897.  
898. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
899. Image name: RTKVHD64.sys
900. Search : https://www.google.com/search?q=RTKVHD64.sys
901. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
902. Timestamp : Fri Jun 3 2016
903.  
904. Image path: \SystemRoot\System32\Drivers\SCDEmu.SYS
905. Image name: SCDEmu.SYS
906. Search : https://www.google.com/search?q=SCDEmu.SYS
907. ADA Info : PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
908. Timestamp : Tue Jun 6 2017
909.  
910. Mapped memory image file: C:\ProgramData\dbg\sym\TeeDriverW8x64.sys\5A116D8F34000\TeeDriverW8x64.sys
911. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
912. Image name: TeeDriverW8x64.sys
913. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
914. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
915. Timestamp : Sun Nov 19 2017
916. File version: 11.7.0.1057
917. Product version: 11.7.0.1057
918. File flags: 8 (Mask 3F) Private
919. File OS: 40004 NT Win32
920. File type: 3.7 Driver
921. File date: 00000000.00000000
922. CompanyName: Intel Corporation
923. ProductName: Intel(R) Management Engine Interface
924. InternalName: TeeDriverx64.sys
925. OriginalFilename: TeeDriverx64.sys
926. ProductVersion: 11.7.0.1057
927. FileVersion: 11.7.0.1057
928. FileDescription: Intel(R) Management Engine Interface
929. LegalCopyright: Copyright © 2006-2015, Intel Corporation. All rights reserved.
930.  
931. Image path: \SystemRoot\System32\drivers\kltap.sys
932. Image name: kltap.sys
933. Search : https://www.google.com/search?q=kltap.sys
934. ADA Info : TAP - Windows Virtual Network driver - The OpenVPN Project
935. Timestamp : Fri Mar 16 2018
936.  
937. Image path: \SystemRoot\System32\Drivers\klupd_klif_kimul.sys
938. Image name: klupd_klif_kimul.sys
939. Search : https://www.google.com/search?q=klupd_klif_kimul.sys
940. ADA Info : Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
941. Timestamp : Tue Jan 22 2019
942.  
943. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
944. Image name: cm_km.sys
945. Search : https://www.google.com/search?q=cm_km.sys
946. ADA Info : Kaspersky Cryptographic Module Driver
947. Timestamp : Fri Feb 15 2019
948.  
949. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
950. Image name: klwfp.sys
951. Search : https://www.google.com/search?q=klwfp.sys
952. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
953. Timestamp : Tue Feb 26 2019
954.  
955. Image path: \SystemRoot\system32\drivers\womic.sys
956. Image name: womic.sys
957. Search : https://www.google.com/search?q=womic.sys
958. ADA Info : Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
959. Timestamp : Wed Jul 3 2019
960.  
961. Image path: \SystemRoot\System32\drivers\rt640x64.sys
962. Image name: rt640x64.sys
963. Search : https://www.google.com/search?q=rt640x64.sys
964. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
965. Timestamp : Wed Feb 12 2020
966.  
967. Image path: \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys
968. Image name: IntcDAud.sys
969. Search : https://www.google.com/search?q=IntcDAud.sys
970. ADA Info : Intel Display Audio Driver http://www.intel.com/
971. Timestamp : Tue Feb 25 2020
972.  
973. Image path: \SystemRoot\system32\DRIVERS\klif.sys
974. Image name: klif.sys
975. Search : https://www.google.com/search?q=klif.sys
976. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
977. Timestamp : Fri Mar 13 2020
978.  
979. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
980. Image name: klupd_klif_klark.sys
981. Search : https://www.google.com/search?q=klupd_klif_klark.sys
982. ADA Info : Kaspersky https://www.kaspersky.com/
983. Timestamp : Fri Mar 20 2020
984.  
985. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
986. Image name: klupd_klif_mark.sys
987. Search : https://www.google.com/search?q=klupd_klif_mark.sys
988. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
989. Timestamp : Fri Mar 20 2020
990.  
991. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
992. Image name: klupd_klif_arkmon.sys
993. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
994. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
995. Timestamp : Sun Mar 22 2020
996.  
997. Image path: \SystemRoot\System32\drivers\tapprotonvpn.sys
998. Image name: tapprotonvpn.sys
999. Search : https://www.google.com/search?q=tapprotonvpn.sys
1000. ADA Info : Proton TAP VPN driver http://www.protonvpn.com/
1001. Timestamp : Thu Apr 2 2020
1002.  
1003. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
1004. Image name: klgse.sys
1005. Search : https://www.google.com/search?q=klgse.sys
1006. ADA Info : Kaspersky Security Extender driver
1007. Timestamp : Tue Apr 28 2020
1008.  
1009. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
1010. Image name: klhk.sys
1011. Search : https://www.google.com/search?q=klhk.sys
1012. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
1013. Timestamp : Tue Apr 28 2020
1014.  
1015. Image path: \SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_29d4e3e2513aa913\igdkmd64.sys
1016. Image name: igdkmd64.sys
1017. Search : https://www.google.com/search?q=igdkmd64.sys
1018. ADA Info : Intel HD graphics driver
1019. Timestamp : Tue May 19 2020
1020.  
1021. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
1022. Image name: klids.sys
1023. Search : https://www.google.com/search?q=klids.sys
1024. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
1025. Timestamp : Thu Jun 11 2020
1026.  
1027. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
1028. Image name: vgk.sys
1029. Search : https://www.google.com/search?q=vgk.sys
1030. ADA Info : Vanguard Anti-Cheat driver
1031. Timestamp : Sat Jun 13 2020
1032.  
1033. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
1034. Image name: klupd_klif_klbg.sys
1035. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
1036. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
1037. Timestamp : Wed Jun 17 2020
1038.  
1039. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
1040. Image name: klkbdflt.sys
1041. Search : https://www.google.com/search?q=klkbdflt.sys
1042. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
1043. Timestamp : Tue Nov 16 2021
1044.  
1045. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
1046. Image name: klpd.sys
1047. Search : https://www.google.com/search?q=klpd.sys
1048. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
1049. Timestamp : Tue Mar 13 2029
1050.  
1051. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
1052. Image name: klflt.sys
1053. Search : https://www.google.com/search?q=klflt.sys
1054. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
1055. Timestamp : Mon Aug 13 2029
1056.  
1057. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
1058. Image name: klbackupflt.sys
1059. Search : https://www.google.com/search?q=klbackupflt.sys
1060. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
1061. Timestamp : ***** Invalid (946E4501)
1062.  
1063. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
1064. Image name: kldisk.sys
1065. Search : https://www.google.com/search?q=kldisk.sys
1066. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
1067. Timestamp : ***** Invalid (B1F414C8)
1068.  
1069. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
1070. Image name: kneps.sys
1071. Search : https://www.google.com/search?q=kneps.sys
1072. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
1073. Timestamp : ***** Invalid (E34C73F4)
1074.  
1075. ====================== Dump #2: MICROSOFT DRIVERS ======================
1076.  
1077. ACPI.sys ACPI Driver for NT (Microsoft)
1078. acpiex.sys ACPIEx Driver (Microsoft)
1079. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
1080. afd.sys Ancillary Function Driver for WinSock (Microsoft)
1081. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
1082. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
1083. ahcache.sys Application Compatibility Cache (Microsoft)
1084. bam.sys BAM Kernal driver (Microsoft)
1085. BasicDisplay.sys Basic Display driver (Microsoft)
1086. BasicRender.sys Basic Render driver (Microsoft)
1087. Beep.SYS BEEP driver (Microsoft)
1088. BOOTVID.dll VGA Boot Driver (Microsoft)
1089. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
1090. cdd.dll Canonical Display Driver (Microsoft)
1091. cdrom.sys SCSI CD-ROM Driver (Microsoft)
1092. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
1093. CI.dll Code Integrity Module (Microsoft)
1094. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
1095. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
1096. CLFS.SYS Common Log File System Driver (Microsoft)
1097. clipsp.sys CLIP Service (Microsoft)
1098. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
1099. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
1100. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
1101. condrv.sys Console Driver (Microsoft)
1102. crashdmp.sys Crash Dump driver (Microsoft)
1103. csc.sys Windows Client Side Caching driver (Microsoft)
1104. dfsc.sys DFS Namespace Client Driver (Microsoft)
1105. disk.sys PnP Disk Driver (Microsoft)
1106. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
1107. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1108. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1109. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1110. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
1111. dxgmms2.sys DirectX Graphics MMS
1112. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
1113. fastfat.SYS Fast FAT File System Driver (Microsoft)
1114. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
1115. fileinfo.sys FileInfo Filter Driver (Microsoft)
1116. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
1117. Fs_Rec.sys File System Recognizer Driver (Microsoft)
1118. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
1119. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
1120. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
1121. hal.dll Hardware Abstraction Layer DLL (Microsoft)
1122. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
1123. HIDCLASS.SYS Hid Class Library (Microsoft)
1124. HIDPARSE.SYS Hid Parsing Library (Microsoft)
1125. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
1126. HTTP.sys HTTP Protocol Stack (Microsoft)
1127. intelpep.sys Intel Power Engine Plugin (Microsoft)
1128. intelppm.sys Processor Device Driver (Microsoft)
1129. iorate.sys I/O rate control Filter (Microsoft)
1130. kbdclass.sys Keyboard Class Driver (Microsoft)
1131. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
1132. kd.dll Local Kernal Debugger (Microsoft)
1133. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
1134. ks.sys Kernal CSA Library (Microsoft)
1135. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
1136. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
1137. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
1138. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
1139. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
1140. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
1141. mmcss.sys MMCSS Driver (Microsoft)
1142. monitor.sys Monitor Driver (Microsoft)
1143. mouclass.sys Mouse Class Driver (Microsoft)
1144. mouhid.sys HID Mouse Filter Driver (Microsoft)
1145. mountmgr.sys Mount Point Manager (Microsoft)
1146. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
1147. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
1148. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
1149. Msfs.SYS Mailslot driver (Microsoft)
1150. msisadrv.sys ISA Driver (Microsoft)
1151. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
1152. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
1153. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
1154. mssmbios.sys System Management BIOS driver (Microsoft)
1155. mup.sys Multiple UNC Provider driver (Microsoft)
1156. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
1157. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
1158. ndisuio.sys NDIS User mode I/O driver (Microsoft)
1159. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
1160. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
1161. NDProxy.sys NDIS Proxy driver (Microsoft)
1162. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
1163. netbios.sys NetBIOS Interface driver (Microsoft)
1164. netbt.sys MBT Transport driver (Microsoft)
1165. NETIO.SYS Network I/O Subsystem (Microsoft)
1166. Npfs.SYS NPFS driver (Microsoft)
1167. npsvctrig.sys Named pipe service triggers (Microsoft)
1168. nsiproxy.sys NSI Proxy driver (Microsoft)
1169. Ntfs.sys NT File System Driver (Microsoft)
1170. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
1171. ntosext.sys NTOS Extension Host driver (Microsoft)
1172. Null.SYS NULL Driver (Microsoft)
1173. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
1174. pacer.sys QoS Packet Scheduler (Microsoft)
1175. parport.sys Parallel Port Driver (Microsoft)
1176. partmgr.sys Partition driver (Microsoft)
1177. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
1178. pcw.sys Performance Counter Driver (Microsoft)
1179. pdc.sys Power Dependency Coordinator Driver (Microsoft)
1180. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
1181. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
1182. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
1183. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
1184. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
1185. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
1186. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
1187. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
1188. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
1189. rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
1190. rdyboost.sys ReadyBoost Driver (Microsoft)
1191. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
1192. serenum.sys Serial Port Enumerator (Microsoft)
1193. serial.sys Serial Device Driver
1194. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
1195. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
1196. spaceport.sys Storage Spaces driver (Microsoft)
1197. srv2.sys Smb 2.0 Server driver (Microsoft)
1198. srvnet.sys Server Network driver (Microsoft)
1199. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
1200. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
1201. storqosflt.sys Storage QoS Filter driver (Microsoft)
1202. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
1203. tbs.sys Export driver for kernel mode TPM API (Microsoft)
1204. tcpip.sys TCP/IP Protocol driver (Microsoft)
1205. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
1206. TDI.SYS TDI Wrapper driver (Microsoft)
1207. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
1208. tm.sys Kernel Transaction Manager driver (Microsoft)
1209. ucx01000.sys USB Controller Extension (Microsoft)
1210. UEFI.sys UEFI NT driver (Microsoft)
1211. umbus.sys User-Mode Bus Enumerator (Microsoft)
1212. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
1213. USBD.SYS Universal Serial Bus Driver (Microsoft)
1214. UsbHub3.sys USB3 HUB driver (Microsoft)
1215. USBXHCI.SYS USB XHCI driver (Microsoft)
1216. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
1217. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
1218. volmgr.sys Volume Manager Driver (Microsoft)
1219. volmgrx.sys Volume Manager Extension Driver (Microsoft)
1220. volsnap.sys Volume Shadow Copy driver (Microsoft)
1221. volume.sys Volume driver (Microsoft)
1222. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
1223. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
1224. watchdog.sys Watchdog driver (Microsoft)
1225. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
1226. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
1227. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
1228. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
1229. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
1230. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
1231. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
1232. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
1233. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
1234. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
1235. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
1236. winquic.sys QUIC Transport Protocol driver (Microsoft)
1237. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
1238. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
1239. Wof.sys Windows Overlay Filter (Microsoft)
1240. WppRecorder.sys WPP Trace Recorder (Microsoft)
1241. xusb22.sys Xbox 360 Common Controller for Windows driver (Microsoft)
1242.  
1243. ====================== Dump #2: UNLOADED MODULES =======================
1244.  
1245. fffff805`34ef0000 fffff805`34eff000 hiber_storpo
1246. fffff805`30c30000 fffff805`30c5f000 hiber_storah
1247. fffff805`36fe0000 fffff805`36ffe000 hiber_dumpfv
1248. fffff805`351c0000 fffff805`351d9000 monitor.sys
1249. fffff805`30c00000 fffff805`30c21000 xusb22.sys
1250. fffff805`36fe0000 fffff805`36ff1000 libusbK.sys
1251. fffff805`36fe0000 fffff805`36ff1000 libusbK.sys
1252. fffff805`280e0000 fffff805`2824a000 EasyAntiChea
1253. fffff805`36fe0000 fffff805`36ff1000 libusbK.sys
1254. fffff805`32340000 fffff805`32379000 klids.sys
1255. fffff805`30fb0000 fffff805`30fbf000 dump_storpor
1256. fffff805`30c00000 fffff805`30c2f000 dump_storahc
1257. fffff805`30c50000 fffff805`30c6e000 dump_dumpfve
1258. fffff805`34f60000 fffff805`34f6b000 klpnpflt.sys
1259. fffff805`34ef0000 fffff805`34efb000 klpnpflt.sys
1260. fffff805`34900000 fffff805`3490b000 klpnpflt.sys
1261. fffff805`323e0000 fffff805`323fe000 dam.sys
1262. fffff805`299b0000 fffff805`299be000 klelam.sys
1263. fffff805`2a9e0000 fffff805`2a9f0000 hwpolicy.sys
1264.  
1265. ====================== Dump #2: BIOS INFORMATION =======================
1266.  
1267. sysinfo: could not find necessary interfaces.
1268. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
1269.  
1270. ========================== Dump #2: Extra #1 ===========================
1271.  
1272. 2: kd> !verifier
1273. Verify Flags Level 0x00000000
1274. STANDARD FLAGS:
1275. [X] (0x00000000) Automatic Checks
1276. [ ] (0x00000001) Special pool
1277. [ ] (0x00000002) Force IRQL checking
1278. [ ] (0x00000008) Pool tracking
1279. [ ] (0x00000010) I/O verification
1280. [ ] (0x00000020) Deadlock detection
1281. [ ] (0x00000080) DMA checking
1282. [ ] (0x00000100) Security checks
1283. [ ] (0x00000800) Miscellaneous checks
1284. [ ] (0x00020000) DDI compliance checking
1285. ADDITIONAL FLAGS:
1286. [ ] (0x00000004) Randomized low resources simulation
1287. [ ] (0x00000200) Force pending I/O requests
1288. [ ] (0x00000400) IRP logging
1289. [ ] (0x00002000) Invariant MDL checking for stack
1290. [ ] (0x00004000) Invariant MDL checking for driver
1291. [ ] (0x00008000) Power framework delay fuzzing
1292. [ ] (0x00010000) Port/miniport interface checking
1293. [ ] (0x00040000) Systematic low resources simulation
1294. [ ] (0x00080000) DDI compliance checking (additional)
1295. [ ] (0x00200000) NDIS/WIFI verification
1296. [ ] (0x00800000) Kernel synchronization delay fuzzing
1297. [ ] (0x01000000) VM switch verification
1298. [ ] (0x02000000) Code integrity checks
1299. [X] Indicates flag is enabled
1300. Summary of All Verifier Statistics
1301. RaiseIrqls 0x0
1302. AcquireSpinLocks 0x0
1303. Synch Executions 0x0
1304. Trims 0x0
1305. Pool Allocations Attempted 0x0
1306. Pool Allocations Succeeded 0x0
1307. Pool Allocations Succeeded SpecialPool 0x0
1308. Pool Allocations With NO TAG 0x0
1309. Pool Allocations Failed 0x0
1310. Current paged pool allocations 0x0 for 00000000 bytes
1311. Peak paged pool allocations 0x0 for 00000000 bytes
1312. Current nonpaged pool allocations 0x0 for 00000000 bytes
1313. Peak nonpaged pool allocations 0x0 for 00000000 bytes
1314.  
1315. ========================== Dump #2: Extra #2 ===========================
1316.  
1317. 2: kd> !thread
1318. THREAD ffffaf047e892080 Cid 2190.0b00 Teb: 00000068fb645000 Win32Thread: 0000000000000000 RUNNING on processor 2
1319. Not impersonating
1320. GetUlongFromAddress: unable to read from fffff80526e2ca14
1321. Owning Process ffffaf047e80b080 Image: System Process
1322. Attached Process ffffaf046f304080 Image: Registry
1323. fffff78000000000: Unable to get shared data
1324. Wait Start TickCount 5902860
1325. Context Switch Count 87 IdealProcessor: 0
1326. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
1327. UserTime 00:00:00.000
1328. KernelTime 00:00:00.000
1329. Win32 Start Address 0x00007ff8ecb73d60
1330. Stack Init fffff60cad57fb90 Current fffff60cad57dae0
1331. Base fffff60cad580000 Limit fffff60cad579000 Call 0000000000000000
1332. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
1333. Scheduling Group: ffffaf0479710820 <Cannot find Rank field of nt!_KSCB> KSCB: ffffaf0479710bf0 rank 0
1334. Child-SP RetAddr : Args to Child : Call Site
1335. fffff60c`ad57e588 fffff805`26c2fd3f : 00000000`0000001e ffffffff`c0000006 fffff805`2704d3bf 00000000`00000000 : nt!KeBugCheckEx
1336. fffff60c`ad57e590 fffff805`26bd321d : ffffaf04`6f304640 fffff805`26a86c8d 00000000`00008000 fffff60c`ad57ee20 : nt!KiDispatchException+0x16859f
1337. fffff60c`ad57ec40 fffff805`26bcf405 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x11d
1338. fffff60c`ad57ee20 fffff805`2704d3bf : 00000000`00000000 00000000`ffffffff 00000000`001ff000 ffff9a88`97aa0000 : nt!KiPageFault+0x445 (TrapFrame @ fffff60c`ad57ee20)
1339. fffff60c`ad57efb0 fffff805`2704d0d4 : 00000000`00000120 00000000`001ff000 00000000`00011ae7 ffff9a88`97aa0000 : nt!HvpFindFreeCellInBin+0xf
1340. fffff60c`ad57efe0 fffff805`2704d1e9 : ffff9a88`97aa0050 00000000`00003063 00000000`00000068 ffff9a88`03062000 : nt!HvpFindFreeCell+0x120
1341. fffff60c`ad57f060 fffff805`27053a76 : ffff9a88`97aa0000 00000000`00000000 ffff9a88`97aa0000 fffff60c`ad57f130 : nt!HvpDoAllocateCell+0x75
1342. fffff60c`ad57f0f0 fffff805`27051a72 : 00000000`00000000 ffff9a88`97aa0000 00000193`c53f4e0c fffff60c`ad57f1b0 : nt!HvReallocateCell+0xba
1343. fffff60c`ad57f170 fffff805`2704adf0 : 01d66015`56260d6f 00000000`00000000 ffff9a88`97aec930 fffff60c`00000003 : nt!CmpSetValueKeyExisting+0x22a
1344. fffff60c`ad57f1e0 fffff805`2704a776 : fffff60c`00000001 fffff60c`ad57f480 00000000`00000000 00000004`ffffff01 : nt!CmSetValueKey+0x520
1345. fffff60c`ad57f380 fffff805`26bd2b15 : 00000000`ffffffff fffff805`26a71006 fffff60c`ad57f6a0 00000000`00000000 : nt!NtSetValueKey+0x646
1346. fffff60c`ad57f570 fffff805`26bc5060 : fffff805`2700e71b 00000000`00000000 fffff60c`ad57fa80 ffff9a88`9c154400 : nt!KiSystemServiceCopyEnd+0x25 (TrapFrame @ fffff60c`ad57f5e0)
1347. fffff60c`ad57f778 fffff805`2700e71b : 00000000`00000000 fffff60c`ad57fa80 ffff9a88`9c154400 fffff805`00000000 : nt!KiServiceLinkage
1348. fffff60c`ad57f780 fffff805`2700c6a2 : 00000000`0000005a 00000000`00000000 fffff60c`ad57fa80 00000000`0000005a : nt!ExpWnfWriteStateData+0x173
1349. fffff60c`ad57f890 fffff805`26bd2b15 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffaf04`7f289800 : nt!NtUpdateWnfStateData+0x262
1350. fffff60c`ad57f990 00007ff8`ecbdf9b4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 (TrapFrame @ fffff60c`ad57fa00)
1351. 00000068`fb8fd9d8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`ecbdf9b4