API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 28th, 2020
458
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 41.79 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 04 minutes and 00 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: 4
  8. MHZ: 3912
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 9e
  12. STEPPING: 9
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.418 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 418
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  23. BUILD_TIMESTAMP: unknown_date
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.418
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information was not included in the dump file(s). This
  37. can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ======================= Dump #1: ANALYZE VERBOSE =======================
  41. ====================== File: 062920-64593-01.dmp =======================
  42. ========================================================================
  43.  
  44. Mini Kernel Dump File: Only registers and stack trace are available
  45. Windows 10 Kernel Version 18362 MP (4 procs) Free x64
  46. Kernel base = 0xfffff806`13200000 PsLoadedModuleList = 0xfffff806`13648210
  47. Debug session time: Sun Jun 28 12:14:00.006 2020 (UTC - 4:00)
  48. System Uptime: 0 days 4:50:02.679
  49.  
  50. BugCheck 154, {ffffd40f639f1000, fffffa81e4fadf00, 2, 0}
  51. *** WARNING: Unable to verify timestamp for win32k.sys
  52. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  53. Probably caused by : hardware_disk
  54. Followup: MachineOwner
  55.  
  56. UNEXPECTED_STORE_EXCEPTION (154)
  57. The store component caught an unexpected exception.
  58.  
  59. Arguments:
  60. Arg1: ffffd40f639f1000, Pointer to the store context or data manager
  61. Arg2: fffffa81e4fadf00, Exception information
  62. Arg3: 0000000000000002, Reserved
  63. Arg4: 0000000000000000, Reserved
  64.  
  65. Debugging Details:
  66. DUMP_CLASS: 1
  67. DUMP_QUALIFIER: 400
  68. DUMP_TYPE: 2
  69. EXCEPTION_RECORD: fffffa81e4faeea8 -- (.exr 0xfffffa81e4faeea8)
  70. ExceptionAddress: fffff8061335e150 (nt!RtlDecompressBufferXpressLz+0x0000000000000050)
  71. ExceptionCode: c0000006 (In-page I/O error)
  72. ExceptionFlags: 00000000
  73. NumberParameters: 3
  74. Parameter[0]: 0000000000000000
  75. Parameter[1]: 0000018b25f417d0
  76. Parameter[2]: 00000000c0000483
  77. Inpage operation failed at 0000018b25f417d0, due to I/O error 00000000c0000483
  78. EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
  79. FAULTING_IP:
  80. nt!RtlDecompressBufferXpressLz+50
  81. fffff806`1335e150 418b08 mov ecx,dword ptr [r8]
  82. FOLLOWUP_IP:
  83. +0
  84. 0000018b`25f417d0 ?? ???
  85. EXCEPTION_PARAMETER1: 0000000000000000
  86. EXCEPTION_PARAMETER2: 0000018b25f417d0
  87. CONTEXT: fffffa81e4fae6f0 -- (.cxr 0xfffffa81e4fae6f0)
  88. rax=fffff8061335e100 rbx=0000000000000000 rcx=ffffaa80fff40000
  89. rdx=ffffaa80fff40000 rsi=0000000000000002 rdi=0000018b25f417d0
  90. rip=fffff8061335e150 rsp=fffffa81e4faf0e8 rbp=ffffaa80fff40000
  91. r8=0000018b25f417d0 r9=0000000000000297 r10=ffffaa80fff40ea0
  92. r11=0000018b25f41a67 r12=fffffa81e4faf378 r13=ffffd40f699be000
  93. r14=0000018b25f41a11 r15=ffffaa80fff41000
  94. iopl=0 nv up ei pl zr na po nc
  95. cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00050246
  96. nt!RtlDecompressBufferXpressLz+0x50:
  97. fffff806`1335e150 418b08 mov ecx,dword ptr [r8] ds:002b:0000018b`25f417d0=????????
  98. Resetting default scope
  99. CUSTOMER_CRASH_COUNT: 1
  100. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  101.  
  102. PROCESS_NAME: MemCompression
  103.  
  104. CURRENT_IRQL: 0
  105. ERROR_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.
  106. EXCEPTION_CODE_STR: c0000006
  107. EXCEPTION_PARAMETER3: 00000000c0000483
  108. IO_ERROR: (NTSTATUS) 0xc0000483 - The request failed due to a fatal device hardware error.
  109. EXCEPTION_STR: 0xc0000006_c0000483
  110. BUGCHECK_STR: 0x154_c0000006_c0000483
  111. STACK_TEXT:
  112. fffffa81`e4fade48 fffff806`13521aea : 00000000`00000154 ffffd40f`639f1000 fffffa81`e4fadf00 00000000`00000002 : nt!KeBugCheckEx
  113. fffffa81`e4fade50 fffff806`133db1de : ffffd40f`639f1000 fffffa81`e4fadf00 00000000`00000002 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStUnhandledExceptionFilter+0x7e
  114. fffffa81`e4fadea0 fffff806`1339c399 : 00001f80`00000002 fffffa81`e4faf3d0 fffffa81`e4fa9000 fffffa81`e4fb0000 : nt!`SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue'::`1'::filt$0+0x22
  115. fffffa81`e4faded0 fffff806`133ca04f : fffffa81`e4faf3d0 fffffa81`e4fae4b0 00000000`00000000 00000000`0010001f : nt!_C_specific_handler+0xa9
  116. fffffa81`e4fadf40 fffff806`132c3375 : 00000000`00000000 00000000`00000000 fffffa81`e4fae4b0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0xf
  117. fffffa81`e4fadf70 fffff806`132c790e : fffffa81`e4faeea8 fffffa81`e4faebf0 fffffa81`e4faeea8 0000018b`25f417d0 : nt!RtlDispatchException+0x4a5
  118. fffffa81`e4fae6c0 fffff806`133d321d : ffffd40f`639f3600 fffff806`13274ee6 00000000`00001000 fffffa81`e4faef50 : nt!KiDispatchException+0x16e
  119. fffffa81`e4faed70 fffff806`133cf405 : 00000000`00000000 fffffa81`e4faefd0 fffffa81`e4faf378 00000000`00000000 : nt!KiExceptionDispatch+0x11d
  120. fffffa81`e4faef50 fffff806`1335e150 : ffffaa80`fff40000 ffffd40f`639f1050 fffff806`1325cfc0 ffffaa80`fff40000 : nt!KiPageFault+0x445
  121. fffffa81`e4faf0e8 fffff806`1325cfc0 : ffffaa80`fff40000 ffffaa80`fff40000 00000000`00000002 0000018b`25f417d0 : nt!RtlDecompressBufferXpressLz+0x50
  122. fffffa81`e4faf100 fffff806`1335fed9 : 00000001`00000000 00000000`00000001 00000000`00000000 ffffd40f`639f2788 : nt!RtlDecompressBufferEx+0x60
  123. fffffa81`e4faf150 fffff806`1335fd64 : 00000000`00000004 fffffa81`e4faf360 00000000`00000000 00000000`000017a4 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
  124. fffffa81`e4faf230 fffff806`1335fbe2 : 00000000`00000001 00000000`000017d0 ffffd40f`000017d0 ffffd40f`00010000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
  125. fffffa81`e4faf280 fffff806`1335fa0b : 00000000`ffffffff ffffd40f`699be000 fffffa81`e4faf360 ffffd40f`67c926d0 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
  126. fffffa81`e4faf320 fffff806`1335f851 : ffffd40f`699be000 00000000`00000000 00000000`00000001 ffffd40f`639f2788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
  127. fffffa81`e4faf3d0 fffff806`1335f761 : ffffd40f`639f1000 ffffd40f`67c926d0 ffffd40f`699be000 ffffd40f`639f29b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
  128. fffffa81`e4faf450 fffff806`13269e18 : ffffd40f`6984c080 ffffd40f`639f1000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
  129. fffffa81`e4faf480 fffff806`13362cc1 : fffff806`1335f740 fffffa81`e4faf530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  130. fffffa81`e4faf4f0 fffff806`1334b941 : fffffa81`e4faf5f0 fffff806`1378db78 ffffd40f`639f1000 fffffa81`e4faf740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
  131. fffffa81`e4faf5c0 fffff806`1334b527 : 00000000`0000000c ffffd40f`639f1000 fffffa81`e4faf670 ffffd40f`67c926d0 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
  132. fffffa81`e4faf610 fffff806`13361fd3 : 00000000`0000000c ffffd40f`67c926d0 00000000`00000010 00000000`00000010 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
  133. fffffa81`e4faf6a0 fffff806`133636af : ffffd40f`00000010 ffffd40f`65aeef40 00000000`00000000 ffffd40f`639f1000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
  134. fffffa81`e4faf710 fffff806`1328e05b : ffffd40f`63eef7c0 00000000`00000001 ffffd40f`63eef880 fffff806`13274ee6 : nt!SmPageRead+0x33
  135. fffffa81`e4faf760 fffff806`1328d759 : 00000000`00000002 fffffa81`e4faf7f0 fffffa81`e4faf958 fffff9fc`c06bbad8 : nt!MiIssueHardFaultIo+0x117
  136. fffffa81`e4faf7b0 fffff806`13272f9b : 00000000`c0033333 00000000`00000001 000001ae`eb702008 00000000`00000005 : nt!MiIssueHardFault+0x489
  137. fffffa81`e4faf860 fffff806`133cf320 : 00000000`74880fdd fffffa81`e4fafa80 000001ae`e6ce23d0 fffffa81`e4fafa80 : nt!MmAccessFault+0x40b
  138. fffffa81`e4fafa00 00007fff`d0cfb492 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360
  139. 0000001d`0b27ee00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`d0cfb492
  140. STACK_COMMAND: kb
  141. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  142. fffff8061315f48b-fffff8061315f48c 2 bytes - hal!HalRequestIpi+31b
  143. [ 48 ff:4c 8b ]
  144. fffff8061315f492-fffff8061315f495 4 bytes - hal!HalRequestIpi+322 (+0x07)
  145. [ 0f 1f 44 00:e8 59 87 14 ]
  146. fffff8061315f4de-fffff8061315f4df 2 bytes - hal!HalRequestIpi+36e (+0x4c)
  147. [ 48 ff:4c 8b ]
  148. fffff8061315f4e5-fffff8061315f4e8 4 bytes - hal!HalRequestIpi+375 (+0x07)
  149. [ 0f 1f 44 00:e8 16 93 14 ]
  150. fffff8061315f4f7-fffff8061315f4f8 2 bytes - hal!HalRequestIpi+387 (+0x12)
  151. [ 48 ff:4c 8b ]
  152. fffff8061315f4fe-fffff8061315f501 4 bytes - hal!HalRequestIpi+38e (+0x07)
  153. [ 0f 1f 44 00:e8 dd 80 0c ]
  154. fffff8061315f531-fffff8061315f532 2 bytes - hal!HalRequestIpi+3c1 (+0x33)
  155. [ 48 ff:4c 8b ]
  156. fffff8061315f538-fffff8061315f53b 4 bytes - hal!HalRequestIpi+3c8 (+0x07)
  157. [ 0f 1f 44 00:e8 a3 80 0c ]
  158. 24 errors : !hal (fffff8061315f48b-fffff8061315f53b)
  159. THREAD_SHA1_HASH_MOD_FUNC: be91335f728989fad5a9a5641f89ffee7fe3c14c
  160. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 284d6f66330e36aa06844fea7f04f02730e9e11d
  161. THREAD_SHA1_HASH_MOD: 901685eb5ed44e617e07e22622321d209483595d
  162. FOLLOWUP_NAME: MachineOwner
  163. MODULE_NAME: hardware_disk
  164.  
  165. IMAGE_NAME: hardware_disk
  166.  
  167. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  168. FAILURE_BUCKET_ID: 0x154_c0000006_c0000483_IMAGE_hardware_disk
  169. BUCKET_ID: 0x154_c0000006_c0000483_IMAGE_hardware_disk
  170. PRIMARY_PROBLEM_CLASS: 0x154_c0000006_c0000483_IMAGE_hardware_disk
  171. TARGET_TIME: 2020-06-28T16:14:00.000Z
  172. SUITE_MASK: 272
  173. PRODUCT_TYPE: 1
  174. USER_LCID: 0
  175. FAILURE_ID_HASH_STRING: km:0x154_c0000006_c0000483_image_hardware_disk
  176. FAILURE_ID_HASH: {d170a5ab-ac8b-0fed-3160-792217daec42}
  177. Followup: MachineOwner
  178.  
  179. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  180.  
  181. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
  182. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  183. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
  184. May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  185. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  186. Mar 28 2016 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  187. Jun 03 2016 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  188. Jun 06 2017 - SCDEmu.SYS - PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
  189. Mar 16 2018 - kltap.sys - TAP - Windows Virtual Network driver - The OpenVPN Project
  190. Oct 22 2018 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  191. Jan 22 2019 - klupd_klif_kimul.sys - Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  192. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
  193. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
  194. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  195. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  196. Feb 25 2020 - IntcDAud.sys - Intel Display Audio Driver http://www.intel.com/
  197. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  198. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
  199. Mar 20 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
  200. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  201. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
  202. Apr 02 2020 - tapprotonvpn.sys - Proton TAP VPN driver http://www.protonvpn.com/
  203. Apr 15 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  204. Apr 17 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  205. Apr 28 2020 - klgse.sys - Kaspersky Security Extender driver
  206. Apr 28 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
  207. Apr 29 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
  208. Apr 29 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  209. May 19 2020 - igdkmd64.sys - Intel HD graphics driver
  210. May 27 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  211. Jun 13 2020 - vgk.sys - Vanguard Anti-Cheat driver
  212. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
  213. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
  214. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
  215. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
  216. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
  217. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
  218.  
  219. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  220.  
  221. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
  222. Image name: klmouflt.sys
  223. Search : https://www.google.com/search?q=klmouflt.sys
  224. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
  225. Timestamp : Fri Sep 12 1975
  226.  
  227. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
  228. Image name: klwtp.sys
  229. Search : https://www.google.com/search?q=klwtp.sys
  230. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  231. Timestamp : Sat May 5 2007
  232.  
  233. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
  234. Image name: klbackupdisk.sys
  235. Search : https://www.google.com/search?q=klbackupdisk.sys
  236. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
  237. Timestamp : Sun Apr 13 2008
  238.  
  239. Image path: \SystemRoot\System32\drivers\ScpVBus.sys
  240. Image name: ScpVBus.sys
  241. Search : https://www.google.com/search?q=ScpVBus.sys
  242. ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  243. Timestamp : Sun May 5 2013
  244.  
  245. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
  246. Image name: klim6.sys
  247. Search : https://www.google.com/search?q=klim6.sys
  248. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  249. Timestamp : Wed Jan 7 2015
  250.  
  251. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  252. Image name: TeeDriverW8x64.sys
  253. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  254. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  255. Timestamp : Mon Mar 28 2016
  256.  
  257. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  258. Image name: RTKVHD64.sys
  259. Search : https://www.google.com/search?q=RTKVHD64.sys
  260. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  261. Timestamp : Fri Jun 3 2016
  262.  
  263. Image path: \SystemRoot\System32\Drivers\SCDEmu.SYS
  264. Image name: SCDEmu.SYS
  265. Search : https://www.google.com/search?q=SCDEmu.SYS
  266. ADA Info : PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
  267. Timestamp : Tue Jun 6 2017
  268.  
  269. Image path: \SystemRoot\System32\drivers\kltap.sys
  270. Image name: kltap.sys
  271. Search : https://www.google.com/search?q=kltap.sys
  272. ADA Info : TAP - Windows Virtual Network driver - The OpenVPN Project
  273. Timestamp : Fri Mar 16 2018
  274.  
  275. Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5BCDE005a6000\rt640x64.sys
  276. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  277. Image name: rt640x64.sys
  278. Search : https://www.google.com/search?q=rt640x64.sys
  279. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  280. Timestamp : Mon Oct 22 2018
  281. File version: 9.1.409.2015
  282. Product version: 9.1.409.2015
  283. File flags: 8 (Mask 3F) Private
  284. File OS: 40004 NT Win32
  285. File type: 3.6 Driver
  286. File date: 00000000.00000000
  287. CompanyName: Realtek
  288. ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
  289. InternalName: rt640x64.sys
  290. OriginalFilename: rt640x64.sys
  291. ProductVersion: 9.001.0409.2015
  292. FileVersion: 9.001.0409.2015
  293. FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
  294. LegalCopyright: Copyright (C) 2018 Realtek Semiconductor Corporation. All Right Reserved.
  295.  
  296. Image path: \SystemRoot\System32\Drivers\klupd_klif_kimul.sys
  297. Image name: klupd_klif_kimul.sys
  298. Search : https://www.google.com/search?q=klupd_klif_kimul.sys
  299. ADA Info : Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  300. Timestamp : Tue Jan 22 2019
  301.  
  302. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
  303. Image name: cm_km.sys
  304. Search : https://www.google.com/search?q=cm_km.sys
  305. ADA Info : Kaspersky Cryptographic Module Driver
  306. Timestamp : Fri Feb 15 2019
  307.  
  308. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
  309. Image name: klwfp.sys
  310. Search : https://www.google.com/search?q=klwfp.sys
  311. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
  312. Timestamp : Tue Feb 26 2019
  313.  
  314. Image path: \??\C:\Windows\system32\drivers\mbae64.sys
  315. Image name: mbae64.sys
  316. Search : https://www.google.com/search?q=mbae64.sys
  317. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  318. Timestamp : Thu Apr 25 2019
  319.  
  320. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  321. Image name: mbamswissarmy.sys
  322. Search : https://www.google.com/search?q=mbamswissarmy.sys
  323. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  324. Timestamp : Wed Nov 20 2019
  325.  
  326. Image path: \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys
  327. Image name: IntcDAud.sys
  328. Search : https://www.google.com/search?q=IntcDAud.sys
  329. ADA Info : Intel Display Audio Driver http://www.intel.com/
  330. Timestamp : Tue Feb 25 2020
  331.  
  332. Image path: \SystemRoot\system32\DRIVERS\klif.sys
  333. Image name: klif.sys
  334. Search : https://www.google.com/search?q=klif.sys
  335. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  336. Timestamp : Fri Mar 13 2020
  337.  
  338. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
  339. Image name: klupd_klif_klark.sys
  340. Search : https://www.google.com/search?q=klupd_klif_klark.sys
  341. ADA Info : Kaspersky https://www.kaspersky.com/
  342. Timestamp : Fri Mar 20 2020
  343.  
  344. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
  345. Image name: klupd_klif_klbg.sys
  346. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
  347. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
  348. Timestamp : Fri Mar 20 2020
  349.  
  350. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
  351. Image name: klupd_klif_mark.sys
  352. Search : https://www.google.com/search?q=klupd_klif_mark.sys
  353. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  354. Timestamp : Fri Mar 20 2020
  355.  
  356. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
  357. Image name: klupd_klif_arkmon.sys
  358. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
  359. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
  360. Timestamp : Sun Mar 22 2020
  361.  
  362. Image path: \SystemRoot\System32\drivers\tapprotonvpn.sys
  363. Image name: tapprotonvpn.sys
  364. Search : https://www.google.com/search?q=tapprotonvpn.sys
  365. ADA Info : Proton TAP VPN driver http://www.protonvpn.com/
  366. Timestamp : Thu Apr 2 2020
  367.  
  368. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  369. Image name: farflt.sys
  370. Search : https://www.google.com/search?q=farflt.sys
  371. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  372. Timestamp : Wed Apr 15 2020
  373.  
  374. Image path: \??\C:\Windows\system32\DRIVERS\mbam.sys
  375. Image name: mbam.sys
  376. Search : https://www.google.com/search?q=mbam.sys
  377. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  378. Timestamp : Fri Apr 17 2020
  379.  
  380. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
  381. Image name: klgse.sys
  382. Search : https://www.google.com/search?q=klgse.sys
  383. ADA Info : Kaspersky Security Extender driver
  384. Timestamp : Tue Apr 28 2020
  385.  
  386. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
  387. Image name: klhk.sys
  388. Search : https://www.google.com/search?q=klhk.sys
  389. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
  390. Timestamp : Tue Apr 28 2020
  391.  
  392. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
  393. Image name: klids.sys
  394. Search : https://www.google.com/search?q=klids.sys
  395. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
  396. Timestamp : Wed Apr 29 2020
  397.  
  398. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  399. Image name: MbamChameleon.sys
  400. Search : https://www.google.com/search?q=MbamChameleon.sys
  401. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  402. Timestamp : Wed Apr 29 2020
  403.  
  404. Image path: \SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_29d4e3e2513aa913\igdkmd64.sys
  405. Image name: igdkmd64.sys
  406. Search : https://www.google.com/search?q=igdkmd64.sys
  407. ADA Info : Intel HD graphics driver
  408. Timestamp : Tue May 19 2020
  409.  
  410. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  411. Image name: mwac.sys
  412. Search : https://www.google.com/search?q=mwac.sys
  413. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  414. Timestamp : Wed May 27 2020
  415.  
  416. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
  417. Image name: vgk.sys
  418. Search : https://www.google.com/search?q=vgk.sys
  419. ADA Info : Vanguard Anti-Cheat driver
  420. Timestamp : Sat Jun 13 2020
  421.  
  422. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
  423. Image name: klkbdflt.sys
  424. Search : https://www.google.com/search?q=klkbdflt.sys
  425. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
  426. Timestamp : Tue Nov 16 2021
  427.  
  428. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
  429. Image name: klpd.sys
  430. Search : https://www.google.com/search?q=klpd.sys
  431. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
  432. Timestamp : Tue Mar 13 2029
  433.  
  434. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
  435. Image name: klflt.sys
  436. Search : https://www.google.com/search?q=klflt.sys
  437. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
  438. Timestamp : Mon Aug 13 2029
  439.  
  440. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
  441. Image name: klbackupflt.sys
  442. Search : https://www.google.com/search?q=klbackupflt.sys
  443. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
  444. Timestamp : ***** Invalid (946E4501)
  445.  
  446. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
  447. Image name: kldisk.sys
  448. Search : https://www.google.com/search?q=kldisk.sys
  449. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
  450. Timestamp : ***** Invalid (B1F414C8)
  451.  
  452. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
  453. Image name: kneps.sys
  454. Search : https://www.google.com/search?q=kneps.sys
  455. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
  456. Timestamp : ***** Invalid (E34C73F4)
  457.  
  458. ====================== Dump #1: MICROSOFT DRIVERS ======================
  459.  
  460. ACPI.sys ACPI Driver for NT (Microsoft)
  461. acpiex.sys ACPIEx Driver (Microsoft)
  462. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  463. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  464. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  465. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  466. ahcache.sys Application Compatibility Cache (Microsoft)
  467. bam.sys BAM Kernal driver (Microsoft)
  468. BasicDisplay.sys Basic Display driver (Microsoft)
  469. BasicRender.sys Basic Render driver (Microsoft)
  470. Beep.SYS BEEP driver (Microsoft)
  471. BOOTVID.dll VGA Boot Driver (Microsoft)
  472. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  473. cdd.dll Canonical Display Driver (Microsoft)
  474. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  475. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  476. CI.dll Code Integrity Module (Microsoft)
  477. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  478. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  479. CLFS.SYS Common Log File System Driver (Microsoft)
  480. clipsp.sys CLIP Service (Microsoft)
  481. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  482. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  483. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  484. condrv.sys Console Driver (Microsoft)
  485. crashdmp.sys Crash Dump driver (Microsoft)
  486. csc.sys Windows Client Side Caching driver (Microsoft)
  487. dfsc.sys DFS Namespace Client Driver (Microsoft)
  488. disk.sys PnP Disk Driver (Microsoft)
  489. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  490. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  491. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  492. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  493. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  494. dxgmms2.sys DirectX Graphics MMS
  495. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  496. fastfat.SYS Fast FAT File System Driver (Microsoft)
  497. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  498. fileinfo.sys FileInfo Filter Driver (Microsoft)
  499. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  500. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  501. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  502. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  503. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  504. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  505. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  506. HIDCLASS.SYS Hid Class Library (Microsoft)
  507. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  508. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  509. HTTP.sys HTTP Protocol Stack (Microsoft)
  510. intelpep.sys Intel Power Engine Plugin (Microsoft)
  511. intelppm.sys Processor Device Driver (Microsoft)
  512. iorate.sys I/O rate control Filter (Microsoft)
  513. kbdclass.sys Keyboard Class Driver (Microsoft)
  514. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  515. kd.dll Local Kernal Debugger (Microsoft)
  516. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  517. ks.sys Kernal CSA Library (Microsoft)
  518. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  519. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  520. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  521. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  522. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  523. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  524. mmcss.sys MMCSS Driver (Microsoft)
  525. monitor.sys Monitor Driver (Microsoft)
  526. mouclass.sys Mouse Class Driver (Microsoft)
  527. mouhid.sys HID Mouse Filter Driver (Microsoft)
  528. mountmgr.sys Mount Point Manager (Microsoft)
  529. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  530. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  531. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  532. Msfs.SYS Mailslot driver (Microsoft)
  533. msisadrv.sys ISA Driver (Microsoft)
  534. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  535. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  536. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  537. mssmbios.sys System Management BIOS driver (Microsoft)
  538. mup.sys Multiple UNC Provider driver (Microsoft)
  539. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  540. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  541. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  542. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  543. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  544. NDProxy.sys NDIS Proxy driver (Microsoft)
  545. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  546. netbios.sys NetBIOS Interface driver (Microsoft)
  547. netbt.sys MBT Transport driver (Microsoft)
  548. NETIO.SYS Network I/O Subsystem (Microsoft)
  549. Npfs.SYS NPFS driver (Microsoft)
  550. npsvctrig.sys Named pipe service triggers (Microsoft)
  551. nsiproxy.sys NSI Proxy driver (Microsoft)
  552. Ntfs.sys NT File System Driver (Microsoft)
  553. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  554. ntosext.sys NTOS Extension Host driver (Microsoft)
  555. Null.SYS NULL Driver (Microsoft)
  556. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  557. pacer.sys QoS Packet Scheduler (Microsoft)
  558. parport.sys Parallel Port Driver (Microsoft)
  559. partmgr.sys Partition driver (Microsoft)
  560. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  561. pcw.sys Performance Counter Driver (Microsoft)
  562. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  563. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  564. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  565. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  566. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  567. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  568. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  569. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  570. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  571. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  572. rdyboost.sys ReadyBoost Driver (Microsoft)
  573. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  574. serenum.sys Serial Port Enumerator (Microsoft)
  575. serial.sys Serial Device Driver
  576. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  577. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  578. spaceport.sys Storage Spaces driver (Microsoft)
  579. srv2.sys Smb 2.0 Server driver (Microsoft)
  580. srvnet.sys Server Network driver (Microsoft)
  581. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  582. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  583. storqosflt.sys Storage QoS Filter driver (Microsoft)
  584. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  585. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  586. tcpip.sys TCP/IP Protocol driver (Microsoft)
  587. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  588. TDI.SYS TDI Wrapper driver (Microsoft)
  589. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  590. tm.sys Kernel Transaction Manager driver (Microsoft)
  591. ucx01000.sys USB Controller Extension (Microsoft)
  592. UEFI.sys UEFI NT driver (Microsoft)
  593. umbus.sys User-Mode Bus Enumerator (Microsoft)
  594. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  595. USBD.SYS Universal Serial Bus Driver (Microsoft)
  596. UsbHub3.sys USB3 HUB driver (Microsoft)
  597. USBXHCI.SYS USB XHCI driver (Microsoft)
  598. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  599. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  600. volmgr.sys Volume Manager Driver (Microsoft)
  601. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  602. volsnap.sys Volume Shadow Copy driver (Microsoft)
  603. volume.sys Volume driver (Microsoft)
  604. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  605. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  606. watchdog.sys Watchdog driver (Microsoft)
  607. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  608. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  609. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  610. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  611. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  612. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  613. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  614. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  615. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  616. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  617. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  618. winquic.sys QUIC Transport Protocol driver (Microsoft)
  619. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  620. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  621. Wof.sys Windows Overlay Filter (Microsoft)
  622. WppRecorder.sys WPP Trace Recorder (Microsoft)
  623.  
  624. ====================== Dump #1: UNLOADED MODULES =======================
  625.  
  626. fffff806`1d230000 fffff806`1d39a000 EasyAntiChea
  627. fffff806`1deb0000 fffff806`1dee3000 klids.sys
  628. fffff806`1d240000 fffff806`1d24f000 dump_storpor
  629. fffff806`1d280000 fffff806`1d2af000 dump_storahc
  630. fffff806`1d2d0000 fffff806`1d2ee000 dump_dumpfve
  631. fffff806`22ef0000 fffff806`22efb000 klpnpflt.sys
  632. fffff806`22e70000 fffff806`22e7b000 klpnpflt.sys
  633. fffff806`1df80000 fffff806`1df9e000 dam.sys
  634. fffff806`157c0000 fffff806`157c9000 MbamElam.sys
  635. fffff806`157b0000 fffff806`157be000 klelam.sys
  636. fffff806`167f0000 fffff806`16800000 hwpolicy.sys
  637.  
  638. ====================== Dump #1: BIOS INFORMATION =======================
  639.  
  640. sysinfo: could not find necessary interfaces.
  641. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  642.  
  643. ========================== Dump #1: Extra #1 ===========================
  644.  
  645. 2: kd> !verifier
  646. Verify Flags Level 0x00000000
  647. STANDARD FLAGS:
  648. [X] (0x00000000) Automatic Checks
  649. [ ] (0x00000001) Special pool
  650. [ ] (0x00000002) Force IRQL checking
  651. [ ] (0x00000008) Pool tracking
  652. [ ] (0x00000010) I/O verification
  653. [ ] (0x00000020) Deadlock detection
  654. [ ] (0x00000080) DMA checking
  655. [ ] (0x00000100) Security checks
  656. [ ] (0x00000800) Miscellaneous checks
  657. [ ] (0x00020000) DDI compliance checking
  658. ADDITIONAL FLAGS:
  659. [ ] (0x00000004) Randomized low resources simulation
  660. [ ] (0x00000200) Force pending I/O requests
  661. [ ] (0x00000400) IRP logging
  662. [ ] (0x00002000) Invariant MDL checking for stack
  663. [ ] (0x00004000) Invariant MDL checking for driver
  664. [ ] (0x00008000) Power framework delay fuzzing
  665. [ ] (0x00010000) Port/miniport interface checking
  666. [ ] (0x00040000) Systematic low resources simulation
  667. [ ] (0x00080000) DDI compliance checking (additional)
  668. [ ] (0x00200000) NDIS/WIFI verification
  669. [ ] (0x00800000) Kernel synchronization delay fuzzing
  670. [ ] (0x01000000) VM switch verification
  671. [ ] (0x02000000) Code integrity checks
  672. [X] Indicates flag is enabled
  673. Summary of All Verifier Statistics
  674. RaiseIrqls 0x0
  675. AcquireSpinLocks 0x0
  676. Synch Executions 0x0
  677. Trims 0x0
  678. Pool Allocations Attempted 0x0
  679. Pool Allocations Succeeded 0x0
  680. Pool Allocations Succeeded SpecialPool 0x0
  681. Pool Allocations With NO TAG 0x0
  682. Pool Allocations Failed 0x0
  683. Current paged pool allocations 0x0 for 00000000 bytes
  684. Peak paged pool allocations 0x0 for 00000000 bytes
  685. Current nonpaged pool allocations 0x0 for 00000000 bytes
  686. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  687.  
  688. ========================== Dump #1: Extra #2 ===========================
  689.  
  690. 2: kd> !thread
  691. THREAD ffffd40f6984c080 Cid 0ef0.2f54 Teb: 0000001d0aa18000 Win32Thread: 0000000000000000 RUNNING on processor 2
  692. Not impersonating
  693. GetUlongFromAddress: unable to read from fffff8061362ca14
  694. Owning Process ffffd40f63eef2c0 Image: System Process
  695. Attached Process ffffd40f639f3040 Image: MemCompression
  696. fffff78000000000: Unable to get shared data
  697. Wait Start TickCount 1113771
  698. Context Switch Count 775 IdealProcessor: 2
  699. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  700. UserTime 00:00:00.000
  701. KernelTime 00:00:00.000
  702. Win32 Start Address 0x00007fffd0cf3d60
  703. Stack Init fffffa81e4fafb90 Current fffffa81e4fae800
  704. Base fffffa81e4fb0000 Limit fffffa81e4fa9000 Call 0000000000000000
  705. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  706. Child-SP RetAddr : Args to Child : Call Site
  707. fffffa81`e4fade48 fffff806`13521aea : 00000000`00000154 ffffd40f`639f1000 fffffa81`e4fadf00 00000000`00000002 : nt!KeBugCheckEx
  708. fffffa81`e4fade50 fffff806`133db1de : ffffd40f`639f1000 fffffa81`e4fadf00 00000000`00000002 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStUnhandledExceptionFilter+0x7e
  709. fffffa81`e4fadea0 fffff806`1339c399 : 00001f80`00000002 fffffa81`e4faf3d0 fffffa81`e4fa9000 fffffa81`e4fb0000 : nt!`SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue'::`1'::filt$0+0x22
  710. fffffa81`e4faded0 fffff806`133ca04f : fffffa81`e4faf3d0 fffffa81`e4fae4b0 00000000`00000000 00000000`0010001f : nt!_C_specific_handler+0xa9
  711. fffffa81`e4fadf40 fffff806`132c3375 : 00000000`00000000 00000000`00000000 fffffa81`e4fae4b0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0xf
  712. fffffa81`e4fadf70 fffff806`132c790e : fffffa81`e4faeea8 fffffa81`e4faebf0 fffffa81`e4faeea8 0000018b`25f417d0 : nt!RtlDispatchException+0x4a5
  713. fffffa81`e4fae6c0 fffff806`133d321d : ffffd40f`639f3600 fffff806`13274ee6 00000000`00001000 fffffa81`e4faef50 : nt!KiDispatchException+0x16e
  714. fffffa81`e4faed70 fffff806`133cf405 : 00000000`00000000 fffffa81`e4faefd0 fffffa81`e4faf378 00000000`00000000 : nt!KiExceptionDispatch+0x11d
  715. fffffa81`e4faef50 fffff806`1335e150 : ffffaa80`fff40000 ffffd40f`639f1050 fffff806`1325cfc0 ffffaa80`fff40000 : nt!KiPageFault+0x445 (TrapFrame @ fffffa81`e4faef50)
  716. fffffa81`e4faf0e8 fffff806`1325cfc0 : ffffaa80`fff40000 ffffaa80`fff40000 00000000`00000002 0000018b`25f417d0 : nt!RtlDecompressBufferXpressLz+0x50
  717. fffffa81`e4faf100 fffff806`1335fed9 : 00000001`00000000 00000000`00000001 00000000`00000000 ffffd40f`639f2788 : nt!RtlDecompressBufferEx+0x60
  718. fffffa81`e4faf150 fffff806`1335fd64 : 00000000`00000004 fffffa81`e4faf360 00000000`00000000 00000000`000017a4 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
  719. fffffa81`e4faf230 fffff806`1335fbe2 : 00000000`00000001 00000000`000017d0 ffffd40f`000017d0 ffffd40f`00010000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
  720. fffffa81`e4faf280 fffff806`1335fa0b : 00000000`ffffffff ffffd40f`699be000 fffffa81`e4faf360 ffffd40f`67c926d0 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
  721. fffffa81`e4faf320 fffff806`1335f851 : ffffd40f`699be000 00000000`00000000 00000000`00000001 ffffd40f`639f2788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
  722. fffffa81`e4faf3d0 fffff806`1335f761 : ffffd40f`639f1000 ffffd40f`67c926d0 ffffd40f`699be000 ffffd40f`639f29b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
  723. fffffa81`e4faf450 fffff806`13269e18 : ffffd40f`6984c080 ffffd40f`639f1000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
  724. fffffa81`e4faf480 fffff806`13362cc1 : fffff806`1335f740 fffffa81`e4faf530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  725. fffffa81`e4faf4f0 fffff806`1334b941 : fffffa81`e4faf5f0 fffff806`1378db78 ffffd40f`639f1000 fffffa81`e4faf740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
  726. fffffa81`e4faf5c0 fffff806`1334b527 : 00000000`0000000c ffffd40f`639f1000 fffffa81`e4faf670 ffffd40f`67c926d0 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
  727. fffffa81`e4faf610 fffff806`13361fd3 : 00000000`0000000c ffffd40f`67c926d0 00000000`00000010 00000000`00000010 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
  728. fffffa81`e4faf6a0 fffff806`133636af : ffffd40f`00000010 ffffd40f`65aeef40 00000000`00000000 ffffd40f`639f1000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
  729. fffffa81`e4faf710 fffff806`1328e05b : ffffd40f`63eef7c0 00000000`00000001 ffffd40f`63eef880 fffff806`13274ee6 : nt!SmPageRead+0x33
  730. fffffa81`e4faf760 fffff806`1328d759 : 00000000`00000002 fffffa81`e4faf7f0 fffffa81`e4faf958 fffff9fc`c06bbad8 : nt!MiIssueHardFaultIo+0x117
  731. fffffa81`e4faf7b0 fffff806`13272f9b : 00000000`c0033333 00000000`00000001 000001ae`eb702008 00000000`00000005 : nt!MiIssueHardFault+0x489
  732. fffffa81`e4faf860 fffff806`133cf320 : 00000000`74880fdd fffffa81`e4fafa80 000001ae`e6ce23d0 fffffa81`e4fafa80 : nt!MmAccessFault+0x40b
  733. fffffa81`e4fafa00 00007fff`d0cfb492 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360 (TrapFrame @ fffffa81`e4fafa00)
  734. 0000001d`0b27ee00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`d0cfb492
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!