Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.9
- Time to analyze file(s): 00 hours and 05 minutes and 08 seconds
- ================================= CPU ==================================
- COUNT: 10
- MHZ: 4008
- VENDOR: GenuineIntel
- FAMILY: 6
- MODEL: 9e
- STEPPING: d
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS Personal
- Built by: 18362.1.amd64fre.19h1_release.190318-1202
- BUILD_VERSION: 10.0.18362.535 (WinBuild.160101.0800)
- BUILD: 18362
- SERVICEPACK: 535
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
- BUILD_TIMESTAMP: 1980-01-11 10:53:20
- BUILDDATESTAMP: 160101.0800
- BUILDLAB: WinBuild
- BUILDOSVER: 10.0.18362.535
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * Additional BIOS information (including RAM information) was unreadable
- from the first dump file. This can be caused by an outdated BIOS.
- ========================================================================
- ==================== Dump File: 121119-8828-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (16 procs) Free x64
- Kernel base = 0xfffff804`11000000 PsLoadedModuleList = 0xfffff804`11448130
- Debug session time: Wed Dec 11 12:13:05.949 2019 (UTC - 5:00)
- System Uptime: 0 days 0:16:24.664
- BugCheck 139, {4, ffffd380d60d0ff0, ffffd380d60d0f48, 0}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- KERNEL_SECURITY_CHECK_FAILURE (139)
- A kernel component has corrupted a critical data structure. The corruption
- could potentially allow a malicious user to gain control of this machine.
- Arguments:
- Arg1: 0000000000000004, The thread's stack pointer was outside the legal stack
- extents for the thread.
- Arg2: ffffd380d60d0ff0, Address of the trap frame for the exception that caused the bugcheck
- Arg3: ffffd380d60d0f48, Address of the exception record for the exception that caused the bugcheck
- Arg4: 0000000000000000, Reserved
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- TRAP_FRAME: ffffd380d60d0ff0 -- (.trap 0xffffd380d60d0ff0)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=ffffac0d006b6000 rbx=0000000000000000 rcx=0000000000000004
- rdx=ffffac0d006bd000 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8041124f1df rsp=ffffd380d60d1180 rbp=ffffd380d60d16f0
- r8=ffffac0d006bd000 r9=ffffd380d60d1710 r10=ffff878227fd5080
- r11=000000bf6495e9e8 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl zr na po nc
- nt!RtlpGetStackLimitsEx+0x12ea53:
- fffff804`1124f1df cd29 int 29h
- Resetting default scope
- EXCEPTION_RECORD: ffffd380d60d0f48 -- (.exr 0xffffd380d60d0f48)
- ExceptionAddress: fffff8041124f1df (nt!RtlpGetStackLimitsEx+0x000000000012ea53)
- ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
- ExceptionFlags: 00000001
- NumberParameters: 1
- Parameter[0]: 0000000000000004
- Subcode: 0x4 FAST_FAIL_INCORRECT_STACK
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x139
- PROCESS_NAME: lsass.exe
- CURRENT_IRQL: 2
- ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
- EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
- EXCEPTION_CODE_STR: c0000409
- EXCEPTION_PARAMETER1: 0000000000000004
- WATSON_BKT_EVENT: BEX
- BAD_STACK_POINTER: ffffd380d60d0cc8
- LAST_CONTROL_TRANSFER: from fffff804111d32e9 to fffff804111c14e0
- FAULTING_THREAD: 0000000000000000
- STACK_TEXT:
- ffffd380`d60d0cc8 fffff804`111d32e9 : 00000000`00000139 00000000`00000004 ffffd380`d60d0ff0 ffffd380`d60d0f48 : nt!KeBugCheckEx
- ffffd380`d60d0cd0 fffff804`111d3710 : 046b0900`6f00046b 11920073`706f6c03 1000b902`002d9200 1b920075`6f0104c7 : nt!KiBugCheckDispatch+0x69
- ffffd380`d60d0e10 fffff804`111d1aa5 : fffff804`11127368 fffff804`1140ec74 ffffd380`d60d17d0 00000000`00000000 : nt!KiFastFailDispatch+0xd0
- ffffd380`d60d0ff0 fffff804`1124f1df : 00000000`00000000 00000000`00000360 0005e548`00ab6000 00000000`0010001f : nt!KiRaiseSecurityCheckFailure+0x325
- ffffd380`d60d1180 fffff804`1122e860 : 00000000`00000000 00000000`00000000 ffffd380`d60d16f0 00007fff`00000003 : nt!RtlpGetStackLimitsEx+0x12ea53
- ffffd380`d60d11b0 fffff804`110c753e : ffffac0d`006bc318 ffffd380`d60d1e30 ffffac0d`006bc318 00000000`00000000 : nt!RtlDispatchException+0x16bd60
- ffffd380`d60d1900 fffff804`111c2362 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x16e
- ffffd380`d60d1fb0 fffff804`111c2330 : fffff804`111d3416 ffff8081`3b3384ff 00000000`00000028 00000276`0002a5c3 : nt!KxExceptionDispatchOnExceptionStack+0x12
- ffffac0d`006bc1d8 fffff804`111d3416 : ffff8081`3b3384ff 00000000`00000028 00000276`0002a5c3 00000000`00000060 : nt!KiExceptionDispatchOnExceptionStackContinue
- ffffac0d`006bc1e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x116
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff80411072ccf-fffff80411072cd3 5 bytes - nt!MmAccessFault+12f
- [ d0 be 7d fb f6:10 30 60 c0 80 ]
- fffff80411072d61-fffff80411072d66 6 bytes - nt!MmAccessFault+1c1 (+0x92)
- [ 68 df be 7d fb f6:08 18 30 60 c0 80 ]
- fffff80411073ec6 - nt!MiFastLockLeafPageTable+366 (+0x1165)
- [ f6:80 ]
- fffff80411073f8e-fffff80411073f93 6 bytes - nt!MiLockPageTableInternal+1e (+0xc8)
- [ 68 df be 7d fb f6:08 18 30 60 c0 80 ]
- fffff80411073fa2-fffff80411073fa6 5 bytes - nt!MiLockPageTableInternal+32 (+0x14)
- [ d0 be 7d fb f6:10 30 60 c0 80 ]
- fffff80411073fac-fffff80411073fae 3 bytes - nt!MiLockPageTableInternal+3c (+0x0a)
- [ df be 7d:1f 30 60 ]
- fffff804111273d4-fffff804111273d5 2 bytes - nt!MiDeleteNonPagedPoolTail+44 (+0xb3428)
- [ 80 fa:00 eb ]
- fffff8041124f24e-fffff8041124f24f 2 bytes - nt!MiZeroLargePage+12ea9a (+0x127e7a)
- [ fb f6:c0 80 ]
- fffff8041124f267 - nt!MiZeroLargePage+12eab3 (+0x19)
- [ f6:80 ]
- 31 errors : !nt (fffff80411072ccf-fffff8041124f267)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- STACK_COMMAND: ~0s ; kb
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2019-12-11T17:13:05.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ========================================================================
- ===================== 3RD PARTY DRIVER QUICK LIST ======================
- ========================================================================
- unavailable - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jul 26 2008 - WinRing0x64.sys - Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
- Oct 17 2008 - inpoutx64.sys - Kernel level port access driver http://www.highrez.co.uk/
- Jun 09 2015 - lgcoretemp.sys - CPU Core Temperature Monitor http://support.logitech.com/
- Jun 13 2016 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 13 2016 - LGJoyXlCore.sys - Logitech Gaming Software driver http://support.logitech.com/
- Sep 19 2017 - ICCWDT.sys - Intel(R) Watchdog Timer driver
- Feb 12 2018 - secnvme.sys - Samsung NVM Express Controller Storport Miniport Driver
- Jul 10 2018 - asmthub3.sys - ASMedia USB 3.0 Hub driver http://www.asmedia.com.tw/
- Jul 10 2018 - asmtxhci.sys - ASMedia USB 3.0 driver http://www.asmedia.com.tw/
- Aug 16 2018 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Sep 20 2018 - e2xw10x64.sys - Killer PCI-E Gigabit Ethernet Controller driver http://www.killernetworking.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Apr 09 2019 - AsIO2.sys - Asus Input Output driver
- Apr 18 2019 - iocbios2.sys - !!! Overclocking Software - Intel(R) Extreme Tuning Utility Performance Tuning driver
- Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
- May 01 2019 - KfeCo10X64.sys - Killer Networking Suite driver
- May 07 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
- May 14 2019 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
- May 15 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver
- Jun 21 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 18 2019 - semav6msr64.sys - Intel Driver Update Utility http://www.intel.com/ OR (SEMA Software) http://www.sema-soft.de/en/home/
- Sep 03 2019 - aswElam.sys - Avast ELAM driver
- Sep 06 2019 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Sep 06 2019 - aswNetSec.sys - Avast Firewall driver http://www.avast.com/
- Sep 06 2019 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Sep 06 2019 - ibtusb.sys - Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
- Sep 26 2019 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Sep 26 2019 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Oct 16 2019 - Netwtw08.sys - Intel(R) Wireless Networking driver
- Oct 29 2019 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Nov 19 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Dec 06 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ========================================================================
- ========================== 3RD PARTY DRIVERS ===========================
- ========================================================================
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : unavailable (00000000)
- Image path: \??\C:\Program Files (x86)\CoolerMaster\MasterPlus\WinRing0x64.sys
- Image name: WinRing0x64.sys
- Search : https://www.google.com/search?q=WinRing0x64.sys
- ADA Info : Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
- Timestamp : Sat Jul 26 2008
- Image path: \SystemRoot\System32\Drivers\inpoutx64.sys
- Image name: inpoutx64.sys
- Search : https://www.google.com/search?q=inpoutx64.sys
- ADA Info : Kernel level port access driver http://www.highrez.co.uk/
- Timestamp : Fri Oct 17 2008
- Image path: \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
- Image name: lgcoretemp.sys
- Search : https://www.google.com/search?q=lgcoretemp.sys
- ADA Info : CPU Core Temperature Monitor http://support.logitech.com/
- Timestamp : Tue Jun 9 2015
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Jun 13 2016
- Image path: \SystemRoot\system32\drivers\LGJoyXlCore.sys
- Image name: LGJoyXlCore.sys
- Search : https://www.google.com/search?q=LGJoyXlCore.sys
- ADA Info : Logitech Gaming Software driver http://support.logitech.com/
- Timestamp : Mon Jun 13 2016
- Image path: \SystemRoot\System32\drivers\ICCWDT.sys
- Image name: ICCWDT.sys
- Search : https://www.google.com/search?q=ICCWDT.sys
- ADA Info : Intel(R) Watchdog Timer driver
- Timestamp : Tue Sep 19 2017
- Image path: \SystemRoot\System32\drivers\secnvme.sys
- Image name: secnvme.sys
- Search : https://www.google.com/search?q=secnvme.sys
- ADA Info : Samsung NVM Express Controller Storport Miniport Driver
- Timestamp : Mon Feb 12 2018
- Image path: \SystemRoot\System32\drivers\asmthub3.sys
- Image name: asmthub3.sys
- Search : https://www.google.com/search?q=asmthub3.sys
- ADA Info : ASMedia USB 3.0 Hub driver http://www.asmedia.com.tw/
- Timestamp : Tue Jul 10 2018
- Image path: \SystemRoot\System32\drivers\asmtxhci.sys
- Image name: asmtxhci.sys
- Search : https://www.google.com/search?q=asmtxhci.sys
- ADA Info : ASMedia USB 3.0 driver http://www.asmedia.com.tw/
- Timestamp : Tue Jul 10 2018
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Thu Aug 16 2018
- Image path: \SystemRoot\System32\drivers\e2xw10x64.sys
- Image name: e2xw10x64.sys
- Search : https://www.google.com/search?q=e2xw10x64.sys
- ADA Info : Killer PCI-E Gigabit Ethernet Controller driver http://www.killernetworking.com/
- Timestamp : Thu Sep 20 2018
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\Windows\system32\drivers\AsIO2.sys
- Image name: AsIO2.sys
- Search : https://www.google.com/search?q=AsIO2.sys
- ADA Info : Asus Input Output driver
- Timestamp : Tue Apr 9 2019
- Image path: \SystemRoot\System32\drivers\iocbios2.sys
- Image name: iocbios2.sys
- Search : https://www.google.com/search?q=iocbios2.sys
- ADA Info : !!! Overclocking Software - Intel(R) Extreme Tuning Utility Performance Tuning driver
- Timestamp : Thu Apr 18 2019
- Image path: \??\C:\Windows\system32\drivers\GLCKIO2.sys
- Image name: GLCKIO2.sys
- Search : https://www.google.com/search?q=GLCKIO2.sys
- ADA Info : ASUS RGB driver
- Timestamp : Mon Apr 22 2019
- Image path: \SystemRoot\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys
- Image name: KfeCo10X64.sys
- Search : https://www.google.com/search?q=KfeCo10X64.sys
- ADA Info : Killer Networking Suite driver
- Timestamp : Wed May 1 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys
- Image name: TeeDriverW8x64.sys
- Search : https://www.google.com/search?q=TeeDriverW8x64.sys
- ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
- Timestamp : Tue May 7 2019
- Image path: \SystemRoot\System32\drivers\UcmCxUcsiNvppc.sys
- Image name: UcmCxUcsiNvppc.sys
- Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
- ADA Info : NVIDIA USB Type-C Port Policy Controller driver
- Timestamp : Tue May 14 2019
- Image path: \??\C:\Windows\system32\drivers\ene.sys
- Image name: ene.sys
- Search : https://www.google.com/search?q=ene.sys
- ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver
- Timestamp : Wed May 15 2019
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Fri Jun 21 2019
- Image path: \??\C:\Windows\system32\drivers\semav6msr64.sys
- Image name: semav6msr64.sys
- Search : https://www.google.com/search?q=semav6msr64.sys
- ADA Info : Intel Driver Update Utility http://www.intel.com/ OR (SEMA Software) http://www.sema-soft.de/en/home/
- Timestamp : Thu Jul 18 2019
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Tue Sep 3 2019
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswNetSec.sys
- Image name: aswNetSec.sys
- Search : https://www.google.com/search?q=aswNetSec.sys
- ADA Info : Avast Firewall driver http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\DRIVERS\ibtusb.sys
- Image name: ibtusb.sys
- Search : https://www.google.com/search?q=ibtusb.sys
- ADA Info : Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
- Timestamp : Fri Sep 6 2019
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Thu Sep 26 2019
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Thu Sep 26 2019
- Image path: \SystemRoot\System32\drivers\Netwtw08.sys
- Image name: Netwtw08.sys
- Search : https://www.google.com/search?q=Netwtw08.sys
- ADA Info : Intel(R) Wireless Networking driver
- Timestamp : Wed Oct 16 2019
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Oct 29 2019
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Tue Nov 19 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Fri Dec 6 2019
- If any of the above drivers are from Microsoft then please let me know.
- I will have them moved to the Microsoft list on the next update.
- ========================================================================
- ========================== MICROSOFT DRIVERS ===========================
- ========================================================================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- acpitime.sys ACPI Wake Alarm (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- BthEnum.sys Bluetooth Bus Extender
- bthpan.sys Bluetooth Personal Area Networking
- bthport.sys Bluetooth Bus driver (Microsoft)
- BTHUSB.sys Bluetooth Miniport driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_secnvme.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- fastfat.SYS Fast FAT File System Driver (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- Microsoft.Bluetooth.Legacy.LEEnumerator.sys Microsoft Bluetooth Legacy LE Enumerator driver (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rfcomm.sys Bluetooth RFCOMM driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- UcmCx.sys USB Connector Manager KMDF Class Extension
- ucx01000.sys USB Controller Extension (Microsoft)
- UEFI.sys UEFI NT driver (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwifibus.sys Virtual Wireless Bus driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- wdiwifi.sys WDI Driver Framework driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- Unloaded modules:
- fffff804`6c8d0000 fffff804`6c8d8000 magdrvamd64.
- fffff804`6c8c0000 fffff804`6c8c8000 magdrvamd64.
- fffff804`27b50000 fffff804`27b5f000 dump_storpor
- fffff804`27b90000 fffff804`27bb4000 dump_secnvme
- fffff804`27be0000 fffff804`27bfe000 dump_dumpfve
- fffff804`28430000 fffff804`2844e000 dam.sys
- fffff804`14d70000 fffff804`14d80000 hwpolicy.sys
- ========================================================================
- ============================== BIOS INFO ===============================
- ========================================================================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================================================================
- ============================== IMAGE SCAN ==============================
- ========================================================================
- MZ at ffffd29b`92600000, prot 00000040, type 01000000 - size 3a2000
- Name: win32kfull.sys
- MZ at ffffd29b`929b0000, prot 00000040, type 01000000 - size 2a5000
- Name: win32kbase.sys
- MZ at ffffd29b`92ed0000, prot 00000040, type 01000000 - size 8c000
- Name: WIN32K.SYS
- MZ at fffff804`10f5d000, prot 00000040, type 01000000 - size a3000
- Name: HAL.dll
- MZ at fffff804`11000000, prot 00000004, type 00020000 - size ab6000
- Name: ntoskrnl.exe
- MZ at fffff804`13400000, prot 00000040, type 01000000 - size b000
- Name: KD.dll
- MZ at fffff804`13410000, prot 00000040, type 01000000 - size 201000
- Name: mcupdate_GenuineIntel.dll
- MZ at fffff804`13620000, prot 00000040, type 01000000 - size 11000
- Name: WerLiveKernelApi.dll
- MZ at fffff804`13640000, prot 00000040, type 01000000 - size 2a000
- Name: ksecdd.sys
- MZ at fffff804`136e0000, prot 00000040, type 01000000 - size 27000
- Name: ntostmhost.dll
- MZ at fffff804`13710000, prot 00000040, type 01000000 - size 68000
- Name: CLFS.SYS
- MZ at fffff804`13780000, prot 00000040, type 01000000 - size 1a000
- Name: PSHED.dll
- MZ at fffff804`137a0000, prot 00000040, type 01000000 - size b000
- Name: BOOTVID.dll
- MZ at fffff804`137b0000, prot 00000040, type 01000000 - size e000
- Name: cmimcext.dll
- MZ at fffff804`137c0000, prot 00000040, type 01000000 - size c000
- Name: ntosext.dll
- MZ at fffff804`137d0000, prot 00000040, type 01000000 - size 13000
- Name: WDFLDR.SYS
- MZ at fffff804`137f0000, prot 00000040, type 01000000 - size f000
- Name: SleepStudyHelper.sys
- MZ at fffff804`13800000, prot 00000040, type 01000000 - size 105000
- Name: clipsp.sys
- MZ at fffff804`13910000, prot 00000040, type 01000000 - size 71000
- Name: FLTMGR.SYS
- MZ at fffff804`13990000, prot 00000040, type 01000000 - size dc000
- Name: CI.dll
- MZ at fffff804`13a70000, prot 00000040, type 01000000 - size bc000
- Name: cng.sys
- MZ at fffff804`13b30000, prot 00000040, type 01000000 - size d5000
- Name: Wdf01000.exe
- MZ at fffff804`13c10000, prot 00000040, type 01000000 - size 10000
- Name: WppRecorder.sys
- MZ at fffff804`13c30000, prot 00000040, type 01000000 - size 25000
- Name: acpiex.exe
- MZ at fffff804`13c60000, prot 00000040, type 01000000 - size 1a000
- Name: SgrmAgent.exe
- MZ at fffff804`13c80000, prot 00000040, type 01000000 - size cc000
- Name: ACPI.SYS
- MZ at fffff804`13d50000, prot 00000040, type 01000000 - size c000
- Name: WMILIB.SYS
- MZ at fffff804`13d70000, prot 00000040, type 01000000 - size 5b000
- Name: intelpep.exe
- MZ at fffff804`13dd0000, prot 00000040, type 01000000 - size 17000
- Name: WindowsTrustedRT.exe
- MZ at fffff804`13df0000, prot 00000040, type 01000000 - size b000
- Name: WindowsTrustedRTProxy.exe
- MZ at fffff804`13e00000, prot 00000040, type 01000000 - size 15000
- Name: pcw.exe
- MZ at fffff804`13e20000, prot 00000040, type 01000000 - size b000
- Name: msisadrv.exe
- MZ at fffff804`13e30000, prot 00000040, type 01000000 - size 6f000
- Name: pci.exe
- MZ at fffff804`13ea0000, prot 00000040, type 01000000 - size 13000
- Name: vdrvroot.exe
- MZ at fffff804`13ec0000, prot 00000040, type 01000000 - size 33000
- Name: PDC.exe
- MZ at fffff804`13f00000, prot 00000040, type 01000000 - size 19000
- Name: CEA.sys
- MZ at fffff804`13f20000, prot 00000040, type 01000000 - size 30000
- Name: partmgr.exe
- MZ at fffff804`13f60000, prot 00000040, type 01000000 - size a5000
- Name: spaceport.exe
- MZ at fffff804`14010000, prot 00000040, type 01000000 - size 1a000
- Name: volmgr.exe
- MZ at fffff804`140a0000, prot 00000040, type 01000000 - size 1f000
- Name: mountmgr.exe
- MZ at fffff804`140c0000, prot 00000040, type 01000000 - size 2e000
- Name: storahci.exe
- MZ at fffff804`140f0000, prot 00000040, type 01000000 - size a2000
- Name: storport.sys
- MZ at fffff804`141d0000, prot 00000040, type 01000000 - size 1b000
- Name: EhStorClass.exe
- MZ at fffff804`141f0000, prot 00000040, type 01000000 - size 1a000
- Name: fileinfo.exe
- MZ at fffff804`14210000, prot 00000040, type 01000000 - size 3d000
- Name: wof.exe
- MZ at fffff804`14250000, prot 00000040, type 01000000 - size 29d000
- Name: ntfs.exe
- MZ at fffff804`14500000, prot 00000040, type 01000000 - size 172000
- Name: NDIS.SYS
- MZ at fffff804`14680000, prot 00000040, type 01000000 - size 94000
- Name: NETIO.SYS
- MZ at fffff804`14720000, prot 00000040, type 01000000 - size 32000
- Name: ksecpkg.exe
- MZ at fffff804`14760000, prot 00000040, type 01000000 - size 2ea000
- Name: TCPIP.SYS
- MZ at fffff804`14a50000, prot 00000040, type 01000000 - size 7a000
- Name: fwpkclnt.sys
- MZ at fffff804`14ad0000, prot 00000040, type 01000000 - size 30000
- Name: wfplwfs.exe
- MZ at fffff804`14b80000, prot 00000040, type 01000000 - size c9000
- Name: fvevol.exe
- MZ at fffff804`14c50000, prot 00000040, type 01000000 - size b000
- Name: volume.exe
- MZ at fffff804`14c60000, prot 00000040, type 01000000 - size 6d000
- Name: volsnap.exe
- MZ at fffff804`14cd0000, prot 00000040, type 01000000 - size 4e000
- Name: rdyboost.exe
- MZ at fffff804`14d20000, prot 00000040, type 01000000 - size 25000
- Name: MUP.SYS
- MZ at fffff804`14d50000, prot 00000040, type 01000000 - size 12000
- Name: iorate.exe
- MZ at fffff804`14d80000, prot 00000040, type 01000000 - size 1c000
- Name: disk.exe
- MZ at fffff804`14da0000, prot 00000040, type 01000000 - size 6b000
- Name: CLASSPNP.SYS
- MZ at fffff804`27a00000, prot 00000040, type 01000000 - size 30000
- Name: cdrom.exe
- MZ at fffff804`27b20000, prot 00000040, type 01000000 - size 1d000
- Name: CRASHDMP.SYS
- MZ at fffff804`27c00000, prot 00000040, type 01000000 - size 78000
- Name: ks.sys
- MZ at fffff804`27c80000, prot 00000040, type 01000000 - size 15000
- Name: filecrypt.exe
- MZ at fffff804`27ca0000, prot 00000040, type 01000000 - size e000
- Name: tbs.sys
- MZ at fffff804`27cc0000, prot 00000040, type 01000000 - size a000
- Name: beep.exe
- MZ at fffff804`27ce0000, prot 00000040, type 01000000 - size 374000
- Name: dxgkrnl.sys
- MZ at fffff804`28060000, prot 00000040, type 01000000 - size 16000
- Name: watchdog.sys
- MZ at fffff804`28080000, prot 00000040, type 01000000 - size 16000
- Name: BasicDisplay.exe
- MZ at fffff804`280a0000, prot 00000040, type 01000000 - size 11000
- Name: BasicRender.exe
- MZ at fffff804`280c0000, prot 00000040, type 01000000 - size 1c000
- Name: npfs.exe
- MZ at fffff804`280e0000, prot 00000040, type 01000000 - size 11000
- Name: msfs.exe
- MZ at fffff804`28100000, prot 00000040, type 01000000 - size 26000
- Name: tdx.exe
- MZ at fffff804`28130000, prot 00000040, type 01000000 - size 10000
- Name: TDI.SYS
- MZ at fffff804`28150000, prot 00000040, type 01000000 - size 59000
- Name: netbt.exe
- MZ at fffff804`281d0000, prot 00000040, type 01000000 - size 13000
- Name: afunix.dll
- MZ at fffff804`281f0000, prot 00000040, type 01000000 - size a7000
- Name: afd.exe
- MZ at fffff804`282a0000, prot 00000040, type 01000000 - size 1a000
- Name: vwififlt.SYS
- MZ at fffff804`282c0000, prot 00000040, type 01000000 - size 2b000
- Name: pacer.exe
- MZ at fffff804`28400000, prot 00000040, type 01000000 - size 2c000
- Name: dfsc.exe
- MZ at fffff804`28450000, prot 00000040, type 01000000 - size 6b000
- Name: fastfat.exe
- MZ at fffff804`284c0000, prot 00000040, type 01000000 - size 16000
- Name: bam.exe
- MZ at fffff804`285a0000, prot 00000040, type 01000000 - size 4f000
- Name: ahcache.exe
- MZ at fffff804`285f0000, prot 00000040, type 01000000 - size 8c000
- Name: Vid.exe
- MZ at fffff804`28680000, prot 00000040, type 01000000 - size 1f000
- Name: winhvr.sys
- MZ at fffff804`286a0000, prot 00000040, type 01000000 - size 11000
- Name: CompositeBus.exe
- MZ at fffff804`286c0000, prot 00000040, type 01000000 - size d000
- Name: kdnic.sys
- MZ at fffff804`286d0000, prot 00000040, type 01000000 - size 15000
- Name: UmBus.exe
- MZ at fffff804`290e0000, prot 00000040, type 01000000 - size 14000
- Name: netbios.exe
- MZ at fffff804`29100000, prot 00000040, type 01000000 - size 7b000
- Name: rdbss.sys
- MZ at fffff804`29180000, prot 00000040, type 01000000 - size 12000
- Name: nsiproxy.exe
- MZ at fffff804`291a0000, prot 00000040, type 01000000 - size d000
- Name: NpSvcTrig.exe
- MZ at fffff804`291b0000, prot 00000040, type 01000000 - size 10000
- Name: mssmbios.exe
- MZ at fffff804`291d0000, prot 00000040, type 01000000 - size a000
- Name: gpuenergydrv.exe
- MZ at fffff804`2a060000, prot 00000040, type 01000000 - size da000
- Name: dxgmms2.sys
- MZ at fffff804`2a140000, prot 00000040, type 01000000 - size 37000
- Name: wcifs.exe
- MZ at fffff804`2a180000, prot 00000040, type 01000000 - size 77000
- Name: cldflt.exe
- MZ at fffff804`2a200000, prot 00000040, type 01000000 - size 1a000
- Name: storqosflt.exe
- MZ at fffff804`2a2a0000, prot 00000040, type 01000000 - size 19000
- Name: mslldp.exe
- MZ at fffff804`2a2c0000, prot 00000040, type 01000000 - size 18000
- Name: lltdio.exe
- MZ at fffff804`2a2e0000, prot 00000040, type 01000000 - size 1b000
- Name: rspndr.exe
- MZ at fffff804`2a300000, prot 00000040, type 01000000 - size 1d000
- Name: wanarp.exe
- MZ at fffff804`2a320000, prot 00000040, type 01000000 - size 18000
- Name: ndisuio.exe
- MZ at fffff804`2a340000, prot 00000040, type 01000000 - size b2000
- Name: nwifi.exe
- MZ at fffff804`2a400000, prot 00000040, type 01000000 - size 38000
- Name: winquic.sys
- MZ at fffff804`2a440000, prot 00000040, type 01000000 - size 145000
- Name: http.exe
- MZ at fffff804`2a590000, prot 00000040, type 01000000 - size 13000
- Name: condrv.exe
- MZ at fffff804`2a5b0000, prot 00000040, type 01000000 - size 25000
- Name: bowser.exe
- MZ at fffff804`2a5e0000, prot 00000040, type 01000000 - size 1a000
- Name: mpsdrv.exe
- MZ at fffff804`2a600000, prot 00000040, type 01000000 - size 8f000
- Name: mrxsmb.sys
- MZ at fffff804`2a690000, prot 00000040, type 01000000 - size 45000
- Name: mrxsmb20.exe
- MZ at fffff804`2a6f0000, prot 00000040, type 01000000 - size 14000
- Name: mmcss.exe
- MZ at fffff804`2a710000, prot 00000040, type 01000000 - size 53000
- Name: srvnet.sys
- MZ at fffff804`2af30000, prot 00000040, type 01000000 - size 33000
- Name: usbccgp.exe
- MZ at fffff804`2af70000, prot 00000040, type 01000000 - size 12000
- Name: hidusb.exe
- MZ at fffff804`2af90000, prot 00000040, type 01000000 - size 3b000
- Name: HIDCLASS.SYS
- MZ at fffff804`2afd0000, prot 00000040, type 01000000 - size 13000
- Name: HIDPARSE.SYS
- MZ at fffff804`2b200000, prot 00000040, type 01000000 - size 89000
- Name: usbxhci.exe
- MZ at fffff804`2b290000, prot 00000040, type 01000000 - size 41000
- Name: ucx01000.exe
- MZ at fffff804`2b390000, prot 00000040, type 01000000 - size 2c000
- Name: UcmCx.exe
- MZ at fffff804`2b3c0000, prot 00000040, type 01000000 - size ea000
- Name: WdiWiFi.sys
- MZ at fffff804`2b4b0000, prot 00000040, type 01000000 - size e000
- Name: vwifibus.exe
- MZ at fffff804`2b5d0000, prot 00000040, type 01000000 - size c000
- Name: wmiacpi.exe
- MZ at fffff804`2b5e0000, prot 00000040, type 01000000 - size 3e000
- Name: intelppm.exe
- MZ at fffff804`2b620000, prot 00000040, type 01000000 - size b000
- Name: acpipagr.exe
- MZ at fffff804`2b630000, prot 00000040, type 01000000 - size c000
- Name: acpitime.exe
- MZ at fffff804`2b640000, prot 00000040, type 01000000 - size e000
- Name: UEFI.SYS
- MZ at fffff804`2b670000, prot 00000040, type 01000000 - size f000
- Name: ksthunk.exe
- MZ at fffff804`2b6a0000, prot 00000040, type 01000000 - size d000
- Name: NdisVirtualBus.exe
- MZ at fffff804`2b6b0000, prot 00000040, type 01000000 - size c000
- Name: swenum.exe
- MZ at fffff804`2b6e0000, prot 00000040, type 01000000 - size e000
- Name: rdpbus.exe
- MZ at fffff804`2b730000, prot 00000040, type 01000000 - size 9c000
- Name: usbhub3.sys
- MZ at fffff804`2b7d0000, prot 00000040, type 01000000 - size e000
- Name: USBD.SYS
- MZ at fffff804`2d320000, prot 00000040, type 01000000 - size 22000
- Name: hdaudbus.exe
- MZ at fffff804`2d350000, prot 00000040, type 01000000 - size 67000
- Name: portcls.sys
- MZ at fffff804`2e430000, prot 00000040, type 01000000 - size 10000
- Name: mouhid.exe
- MZ at fffff804`2e450000, prot 00000040, type 01000000 - size 13000
- Name: mouclass.exe
- MZ at fffff804`2e470000, prot 00000040, type 01000000 - size 11000
- Name: kbdhid.exe
- MZ at fffff804`2e490000, prot 00000040, type 01000000 - size 14000
- Name: kbdclass.exe
- MZ at fffff804`2e4b0000, prot 00000040, type 01000000 - size 1e000
- Name: Microsoft.Bluetooth.Legacy.LEEnumerator.exe
- MZ at fffff804`2e4d0000, prot 00000040, type 01000000 - size 3a000
- Name: rfcomm.exe
- MZ at fffff804`2e510000, prot 00000040, type 01000000 - size 22000
- Name: bthenum.exe
- MZ at fffff804`2e540000, prot 00000040, type 01000000 - size 26000
- Name: bthpan.exe
- MZ at fffff804`2e580000, prot 00000040, type 01000000 - size e000
- Name: SYS.exe
- MZ at fffff804`2e610000, prot 00000040, type 01000000 - size 1d000
- Name: DUMPFVE.SYS
- MZ at fffff804`2e630000, prot 00000040, type 01000000 - size 18000
- Name: monitor.exe
- MZ at fffff804`2e650000, prot 00000040, type 01000000 - size 2a000
- Name: luafv.exe
- MZ at fffff804`2f660000, prot 00000040, type 01000000 - size 1f000
- Name: bthusb.exe
- MZ at fffff804`2f680000, prot 00000040, type 01000000 - size 164000
- Name: bthport.sys
- MZ at fffff804`6c600000, prot 00000040, type 01000000 - size 14000
- Name: tcpipreg.exe
- MZ at fffff804`6c620000, prot 00000040, type 01000000 - size c5000
- Name: srv2.exe
- MZ at fffff804`6c6f0000, prot 00000040, type 01000000 - size 1d000
- Name: rassstp.exe
- MZ at fffff804`6c710000, prot 00000040, type 01000000 - size 41000
- Name: ndproxy.exe
- MZ at fffff804`6c760000, prot 00000040, type 01000000 - size 27000
- Name: AgileVpn.exe
- MZ at fffff804`6c790000, prot 00000040, type 01000000 - size 22000
- Name: rasl2tp.exe
- MZ at fffff804`6c7c0000, prot 00000040, type 01000000 - size 20000
- Name: raspptp.exe
- MZ at fffff804`6c7f0000, prot 00000040, type 01000000 - size 1c000
- Name: raspppoe.exe
- MZ at fffff804`6c810000, prot 00000040, type 01000000 - size f000
- Name: NDISTAPI.SYS
- MZ at fffff804`6c820000, prot 00000040, type 01000000 - size 3a000
- Name: ndiswan.exe
- MZ at fffff804`6c870000, prot 00000040, type 01000000 - size 13000
- Name: vwifimp.exe
- MZ at fffff804`6c890000, prot 00000040, type 01000000 - size 21000
- Name: bindflt.exe
- MZ at fffff804`6de90000, prot 00000040, type 01000000 - size 52000
- Name: mrxsmb10.exe
- MZ at fffff804`6dfd0000, prot 00000040, type 01000000 - size 27000
- Name: ndu.exe
- ========================================================================
- ==================== Dump File: 121119-8781-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (16 procs) Free x64
- Kernel base = 0xfffff801`14c00000 PsLoadedModuleList = 0xfffff801`15048130
- Debug session time: Wed Dec 11 11:48:04.098 2019 (UTC - 5:00)
- System Uptime: 0 days 0:01:04.812
- BugCheck 101, {c, 0, ffff8581fe3c5180, 4}
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- CLOCK_WATCHDOG_TIMEOUT (101)
- An expected clock interrupt was not received on a secondary processor in an
- MP system within the allocated interval. This indicates that the specified
- processor is hung and not processing interrupts.
- Arguments:
- Arg1: 000000000000000c, Clock interrupt time out interval in nominal clock ticks.
- Arg2: 0000000000000000, 0.
- Arg3: ffff8581fe3c5180, The PRCB address of the hung processor.
- Arg4: 0000000000000004, The index of the hung processor.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_10_PROC
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: System
- CURRENT_IRQL: d
- STACK_TEXT:
- ffff8581`fe27fb08 fffff801`14dee9b0 : 00000000`00000101 00000000`0000000c 00000000`00000000 ffff8581`fe3c5180 : nt!KeBugCheckEx
- ffff8581`fe27fb10 fffff801`14c1f61c : fffff780`00000320 ffff8581`fe280180 00000000`00001034 00000000`00001034 : nt!KeAccumulateTicks+0x1cbf50
- ffff8581`fe27fb70 fffff801`14b5e4b7 : 00000000`00000001 ffffa406`4e466f20 ffffa406`4e466fa0 00000000`00000002 : nt!KeClockInterruptNotify+0x98c
- ffff8581`fe27ff30 fffff801`14c02a25 : 00000000`26b872b6 ffffbb0e`28ad4000 ffffbb0e`28ad40b0 00000000`00000000 : hal!HalpTimerClockInterrupt+0xf7
- ffff8581`fe27ff60 fffff801`14dc2f7a : ffffa406`4e466fa0 ffffbb0e`28ad4000 ffff9980`00007796 ffffbb0e`28ad4000 : nt!KiCallInterruptServiceRoutine+0xa5
- ffff8581`fe27ffb0 fffff801`14dc34e7 : ffffa406`4e467110 ffffa406`4e466fa0 ffffbb0e`28ad4000 fffff801`14dc3574 : nt!KiInterruptSubDispatchNoLockNoEtw+0xfa
- ffffa406`4e466f20 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
- fffff80114b5e41c-fffff80114b5e41d 2 bytes - hal!HalpTimerClockInterrupt+5c
- [ 48 ff:4c 8b ]
- fffff80114b5e423-fffff80114b5e426 4 bytes - hal!HalpTimerClockInterrupt+63 (+0x07)
- [ 0f 1f 44 00:e8 58 98 0c ]
- fffff80114b5e46c-fffff80114b5e46d 2 bytes - hal!HalpTimerClockInterrupt+ac (+0x49)
- [ 48 ff:4c 8b ]
- fffff80114b5e473-fffff80114b5e476 4 bytes - hal!HalpTimerClockInterrupt+b3 (+0x07)
- [ 0f 1f 44 00:e8 38 80 1b ]
- fffff80114b5e4ab-fffff80114b5e4ac 2 bytes - hal!HalpTimerClockInterrupt+eb (+0x38)
- [ 48 ff:4c 8b ]
- fffff80114b5e4b2-fffff80114b5e4b5 4 bytes - hal!HalpTimerClockInterrupt+f2 (+0x07)
- [ 0f 1f 44 00:e8 d9 07 0c ]
- fffff80114b8f454-fffff80114b8f455 2 bytes - hal!HalpInterruptDeferredRecoveryService+4 (+0x30fa2)
- [ 48 ff:4c 8b ]
- fffff80114b8f45b-fffff80114b8f45e 4 bytes - hal!HalpInterruptDeferredRecoveryService+b (+0x07)
- [ 0f 1f 44 00:e8 00 29 3b ]
- fffff80114b8f4d0-fffff80114b8f4d1 2 bytes - hal!HalpInterruptSpuriousService+10 (+0x75)
- [ 48 ff:4c 8b ]
- fffff80114b8f4d7-fffff80114b8f4da 4 bytes - hal!HalpInterruptSpuriousService+17 (+0x07)
- [ 0f 1f 44 00:e8 84 e6 18 ]
- fffff80114b8f500-fffff80114b8f501 2 bytes - hal!HalpInterruptStubService+10 (+0x29)
- [ 48 ff:4c 8b ]
- fffff80114b8f507-fffff80114b8f50a 4 bytes - hal!HalpInterruptStubService+17 (+0x07)
- [ 0f 1f 44 00:e8 54 e6 18 ]
- 36 errors : !hal (fffff80114b5e41c-fffff80114b8f50a)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2019-12-11T16:48:04.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ========================================================================
- ==================== Dump File: 121119-8765-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (16 procs) Free x64
- Kernel base = 0xfffff803`75400000 PsLoadedModuleList = 0xfffff803`75848130
- Debug session time: Wed Dec 11 12:23:36.608 2019 (UTC - 5:00)
- System Uptime: 0 days 0:02:52.322
- BugCheck 124, {0, ffff9b07ea5c0028, b2000000, 30005}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- WHEA_UNCORRECTABLE_ERROR (124)
- A fatal hardware error has occurred. Parameter 1 identifies the type of error
- source that reported the error. Parameter 2 holds the address of the
- WHEA_ERROR_RECORD structure that describes the error conditon.
- Arguments:
- Arg1: 0000000000000000, Machine Check Exception
- Arg2: ffff9b07ea5c0028, Address of the WHEA_ERROR_RECORD structure.
- Arg3: 00000000b2000000, High order 32-bits of the MCi_STATUS value.
- Arg4: 0000000000030005, Low order 32-bits of the MCi_STATUS value.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: 0x124_GenuineIntel
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: SkypeApp.exe
- CURRENT_IRQL: f
- STACK_TEXT:
- ffffac80`3ae85d78 fffff803`753a4fe8 : 00000000`00000124 00000000`00000000 ffff9b07`ea5c0028 00000000`b2000000 : nt!KeBugCheckEx
- ffffac80`3ae85d80 fffff803`78181920 : ffff9b07`e3f40ea0 00000000`00000000 ffff9b07`ea5c0028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- ffffac80`3ae85dc0 fffff803`75740952 : ffff9b07`e3f40ea0 ffffac80`3ae85e49 00000000`00000000 ffff9b07`ea5c0028 : PSHED!PshedBugCheckSystem+0x10
- ffffac80`3ae85df0 fffff803`753a6946 : ffffac80`3ae85f10 00000000`0000000b ffff9b07`e3f40ef0 ffff9b07`e3f40ea0 : nt!WheaReportHwError+0x382
- ffffac80`3ae85eb0 fffff803`753a6dda : 00000000`00000010 ffff9b07`e3f40ef0 ffffac80`3ae86068 ffffac80`3ae862b0 : hal!HalpMcaReportError+0x72
- ffffac80`3ae86010 fffff803`753a6cb4 : ffff9b07`e38e4be0 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- ffffac80`3ae86060 fffff803`753a6f20 : 00000000`00000010 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- ffffac80`3ae860a0 fffff803`753a5fc8 : 00000000`00000000 ffffac80`3ae86330 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- ffffac80`3ae860d0 fffff803`753a71a7 : ffff9b07`e38e4be0 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- ffffac80`3ae86100 fffff803`756a4a20 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- ffffac80`3ae86130 fffff803`755d04ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- ffffac80`3ae86160 fffff803`755d0171 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxMcheckAbort+0x7a
- ffffac80`3ae862a0 00007fff`2eab9706 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x271
- 000000ee`a41ff7e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`2eab9706
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !Ntfs
- fffff80378c658c8-fffff80378c658c9 2 bytes - Ntfs!NtfsAcquireSharedFcb+68
- [ 48 ff:4c 8b ]
- fffff80378c658cf-fffff80378c658d3 5 bytes - Ntfs!NtfsAcquireSharedFcb+6f (+0x07)
- [ 0f 1f 44 00 00:e8 1c 1c 7d fc ]
- 7 errors : !Ntfs (fffff80378c658c8-fffff80378c658d3)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2019-12-11T17:23:36.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ========================================================================
- ==================== Dump File: 121119-8750-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (16 procs) Free x64
- Kernel base = 0xfffff804`1ce00000 PsLoadedModuleList = 0xfffff804`1d248130
- Debug session time: Wed Dec 11 12:20:15.693 2019 (UTC - 5:00)
- System Uptime: 0 days 0:06:40.417
- BugCheck 1E, {ffffffffc0000005, fffff8041d41e99d, 0, 30}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- KMODE_EXCEPTION_NOT_HANDLED (1e)
- This is a very common bugcheck. Usually the exception address pinpoints
- the driver/function that caused the problem. Always note this address
- as well as the link date of the driver/image that contains this address.
- Arguments:
- Arg1: ffffffffc0000005, The exception code that was not handled
- Arg2: fffff8041d41e99d, The address that the exception occurred at
- Arg3: 0000000000000000, Parameter 0 of the exception
- Arg4: 0000000000000030, Parameter 1 of the exception
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff8041d3733b8: Unable to get MiVisibleState
- 0000000000000030
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- nt!CmpCheckOpenAccessOnKeyBody+3fd
- fffff804`1d41e99d 488b4930 mov rcx,qword ptr [rcx+30h]
- EXCEPTION_PARAMETER2: 0000000000000030
- BUGCHECK_STR: 0x1E_c0000005_R
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: WerFault.exe
- CURRENT_IRQL: 0
- EXCEPTION_RECORD: ffff94017b5b6ae0 -- (.exr 0xffff94017b5b6ae0)
- ExceptionAddress: ffff94017b5b6ae0
- ExceptionCode: 7b5b6d50
- ExceptionFlags: ffff9401
- NumberParameters: 16
- Parameter[0]: ffff893284ca2eb4
- Parameter[1]: 0000000000000030
- Parameter[2]: 0000000000000001
- Parameter[3]: 0000000000000000
- Parameter[4]: 0000000000220022
- Parameter[5]: 00007fffdc953ca0
- Parameter[6]: 0000000000000000
- Parameter[7]: 0000000000000000
- Parameter[8]: 0000000000000000
- Parameter[9]: 0000000000000000
- Parameter[10]: 0000000000000000
- Parameter[11]: 0000000000000000
- Parameter[12]: 0000000000000000
- Parameter[13]: 0000000000000000
- Parameter[14]: 0000000000000000
- TRAP_FRAME: ffff893284ca2eb4 -- (.trap 0xffff893284ca2eb4)
- Unable to read trap frame at ffff8932`84ca2eb4
- LAST_CONTROL_TRANSFER: from fffff8041d02fda7 to fffff8041cfc14e0
- STACK_TEXT:
- ffff9401`7b5b6438 fffff804`1d02fda7 : 00000000`0000001e ffffffff`c0000005 fffff804`1d41e99d 00000000`00000000 : nt!KeBugCheckEx
- ffff9401`7b5b6440 fffff804`1cfd341d : ffff9401`7b5b6ae0 00000000`00000010 ffff8932`84ca2eb4 00000000`00000030 : nt!KiDispatchException+0x1689d7
- ffff9401`7b5b6af0 fffff804`1cfcf605 : 00000000`00001001 00000000`00000fff ffff9401`7b5b70a0 00000000`00000100 : nt!KiExceptionDispatch+0x11d
- ffff9401`7b5b6cd0 fffff804`1d41e99d : ffffab0a`ef35dba0 00000000`00006600 ffffab0a`f9a41e70 ffffab0a`f9a41e90 : nt!KiPageFault+0x445
- ffff9401`7b5b6e68 ffffab0a`f9a41e70 : 00000000`00000001 ffff9401`7b5b7840 00000000`00000000 00000000`00000001 : nt!CmpCheckOpenAccessOnKeyBody+0x3fd
- ffff9401`7b5b6f58 00000000`00000001 : ffff9401`7b5b7840 00000000`00000000 00000000`00000001 ffff9401`7b5b7000 : 0xffffab0a`f9a41e70
- ffff9401`7b5b6f60 ffff9401`7b5b7840 : 00000000`00000000 00000000`00000001 ffff9401`7b5b7000 00000000`00000000 : 0x1
- ffff9401`7b5b6f68 00000000`00000000 : 00000000`00000001 ffff9401`7b5b7000 00000000`00000000 ffff9401`7b5b6fd1 : 0xffff9401`7b5b7840
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff8041cec2932-fffff8041cec2936 5 bytes - nt!MI_IS_PHYSICAL_ADDRESS+32
- [ d0 be 7d fb f6:40 9a 34 69 d2 ]
- fffff8041cec293c-fffff8041cec2940 5 bytes - nt!MI_IS_PHYSICAL_ADDRESS+3c (+0x0a)
- [ d7 be 7d fb f6:47 9a 34 69 d2 ]
- 10 errors : !nt (fffff8041cec2932-fffff8041cec2940)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2019-12-11T17:20:15.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ========================================================================
- ==================== Dump File: 121119-8484-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (16 procs) Free x64
- Kernel base = 0xfffff806`72e00000 PsLoadedModuleList = 0xfffff806`73248130
- Debug session time: Wed Dec 11 12:52:33.150 2019 (UTC - 5:00)
- System Uptime: 0 days 0:04:59.875
- BugCheck 101, {c, 0, ffffc900259c5180, 4}
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- CLOCK_WATCHDOG_TIMEOUT (101)
- An expected clock interrupt was not received on a secondary processor in an
- MP system within the allocated interval. This indicates that the specified
- processor is hung and not processing interrupts.
- Arguments:
- Arg1: 000000000000000c, Clock interrupt time out interval in nominal clock ticks.
- Arg2: 0000000000000000, 0.
- Arg3: ffffc900259c5180, The PRCB address of the hung processor.
- Arg4: 0000000000000004, The index of the hung processor.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_10_PROC
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: System
- CURRENT_IRQL: d
- STACK_TEXT:
- ffffc900`25cd8b08 fffff806`72fee9b0 : 00000000`00000101 00000000`0000000c 00000000`00000000 ffffc900`259c5180 : nt!KeBugCheckEx
- ffffc900`25cd8b10 fffff806`72e1f61c : fffff780`00000320 ffffc900`25c80180 00000000`00004af8 00000000`00004af8 : nt!KeAccumulateTicks+0x1cbf50
- ffffc900`25cd8b70 fffff806`72d5e4b7 : 00000000`00000000 fffff88e`52bc9800 fffff88e`52bc9880 00000000`0000000c : nt!KeClockInterruptNotify+0x98c
- ffffc900`25cd8f30 fffff806`72e02a25 : 00000000`b2d422f9 ffff860e`baad8200 ffff860e`baad82b0 00000000`00000000 : hal!HalpTimerClockInterrupt+0xf7
- ffffc900`25cd8f60 fffff806`72fc2f7a : fffff88e`52bc9880 ffff860e`baad8200 00000000`00000000 ffff860e`baad8200 : nt!KiCallInterruptServiceRoutine+0xa5
- ffffc900`25cd8fb0 fffff806`72fc34e7 : 00000000`0c1613a8 fffff88e`52bc9880 ffff860e`baad8200 00000000`00000000 : nt!KiInterruptSubDispatchNoLockNoEtw+0xfa
- fffff88e`52bc9800 fffff806`72ede5e0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
- fffff88e`52bc9990 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIpiSendRequestEx+0x78
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
- fffff80672d5e41c-fffff80672d5e41d 2 bytes - hal!HalpTimerClockInterrupt+5c
- [ 48 ff:4c 8b ]
- fffff80672d5e423-fffff80672d5e426 4 bytes - hal!HalpTimerClockInterrupt+63 (+0x07)
- [ 0f 1f 44 00:e8 58 98 0c ]
- fffff80672d5e46c-fffff80672d5e46d 2 bytes - hal!HalpTimerClockInterrupt+ac (+0x49)
- [ 48 ff:4c 8b ]
- fffff80672d5e473-fffff80672d5e476 4 bytes - hal!HalpTimerClockInterrupt+b3 (+0x07)
- [ 0f 1f 44 00:e8 38 80 1b ]
- fffff80672d5e4ab-fffff80672d5e4ac 2 bytes - hal!HalpTimerClockInterrupt+eb (+0x38)
- [ 48 ff:4c 8b ]
- fffff80672d5e4b2-fffff80672d5e4b5 4 bytes - hal!HalpTimerClockInterrupt+f2 (+0x07)
- [ 0f 1f 44 00:e8 d9 07 0c ]
- fffff80672d5ed66-fffff80672d5ed67 2 bytes - hal!HalRequestIpiSpecifyVector+36 (+0x8b4)
- [ 48 ff:4c 8b ]
- fffff80672d5ed6d-fffff80672d5ed70 4 bytes - hal!HalRequestIpiSpecifyVector+3d (+0x07)
- [ 0f 1f 44 00:e8 3e 89 0c ]
- fffff80672d601d5-fffff80672d601d6 2 bytes - hal!HalpTimerClockIpiRoutine+15 (+0x1468)
- [ 48 ff:4c 8b ]
- fffff80672d601dc-fffff80672d601df 4 bytes - hal!HalpTimerClockIpiRoutine+1c (+0x07)
- [ 0f 1f 44 00:e8 af ea 0b ]
- fffff80672d603a7-fffff80672d603a8 2 bytes - hal!HalPutScatterGatherList+67 (+0x1cb)
- [ 48 ff:4c 8b ]
- fffff80672d603ae-fffff80672d603b1 4 bytes - hal!HalPutScatterGatherList+6e (+0x07)
- [ 0f 1f 44 00:e8 ed ec 40 ]
- fffff80672d8f454-fffff80672d8f455 2 bytes - hal!HalpInterruptDeferredRecoveryService+4 (+0x2f0a6)
- [ 48 ff:4c 8b ]
- fffff80672d8f45b-fffff80672d8f45e 4 bytes - hal!HalpInterruptDeferredRecoveryService+b (+0x07)
- [ 0f 1f 44 00:e8 00 29 3b ]
- fffff80672d8f4d0-fffff80672d8f4d1 2 bytes - hal!HalpInterruptSpuriousService+10 (+0x75)
- [ 48 ff:4c 8b ]
- fffff80672d8f4d7-fffff80672d8f4da 4 bytes - hal!HalpInterruptSpuriousService+17 (+0x07)
- [ 0f 1f 44 00:e8 84 e6 18 ]
- fffff80672d8f500-fffff80672d8f501 2 bytes - hal!HalpInterruptStubService+10 (+0x29)
- [ 48 ff:4c 8b ]
- fffff80672d8f507-fffff80672d8f50a 4 bytes - hal!HalpInterruptStubService+17 (+0x07)
- [ 0f 1f 44 00:e8 54 e6 18 ]
- 54 errors : !hal (fffff80672d5e41c-fffff80672d8f50a)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2019-12-11T17:52:33.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement