API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 12th, 2019
1,082
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 64.70 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.9
  4. Time to analyze file(s): 00 hours and 05 minutes and 08 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: 10
  8. MHZ: 4008
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 9e
  12. STEPPING: d
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.535 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 535
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  23. BUILD_TIMESTAMP: 1980-01-11 10:53:20
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.535
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information (including RAM information) was unreadable
  37. from the first dump file. This can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ==================== Dump File: 121119-8828-01.dmp =====================
  41. ========================================================================
  42. Mini Kernel Dump File: Only registers and stack trace are available
  43. Windows 10 Kernel Version 18362 MP (16 procs) Free x64
  44. Kernel base = 0xfffff804`11000000 PsLoadedModuleList = 0xfffff804`11448130
  45. Debug session time: Wed Dec 11 12:13:05.949 2019 (UTC - 5:00)
  46. System Uptime: 0 days 0:16:24.664
  47.  
  48. BugCheck 139, {4, ffffd380d60d0ff0, ffffd380d60d0f48, 0}
  49. Probably caused by : memory_corruption
  50. Followup: memory_corruption
  51.  
  52. KERNEL_SECURITY_CHECK_FAILURE (139)
  53. A kernel component has corrupted a critical data structure. The corruption
  54. could potentially allow a malicious user to gain control of this machine.
  55.  
  56. Arguments:
  57. Arg1: 0000000000000004, The thread's stack pointer was outside the legal stack
  58. extents for the thread.
  59. Arg2: ffffd380d60d0ff0, Address of the trap frame for the exception that caused the bugcheck
  60. Arg3: ffffd380d60d0f48, Address of the exception record for the exception that caused the bugcheck
  61. Arg4: 0000000000000000, Reserved
  62.  
  63. Debugging Details:
  64. DUMP_CLASS: 1
  65. DUMP_QUALIFIER: 400
  66. DUMP_TYPE: 2
  67. TRAP_FRAME: ffffd380d60d0ff0 -- (.trap 0xffffd380d60d0ff0)
  68. NOTE: The trap frame does not contain all registers.
  69. Some register values may be zeroed or incorrect.
  70. rax=ffffac0d006b6000 rbx=0000000000000000 rcx=0000000000000004
  71. rdx=ffffac0d006bd000 rsi=0000000000000000 rdi=0000000000000000
  72. rip=fffff8041124f1df rsp=ffffd380d60d1180 rbp=ffffd380d60d16f0
  73. r8=ffffac0d006bd000 r9=ffffd380d60d1710 r10=ffff878227fd5080
  74. r11=000000bf6495e9e8 r12=0000000000000000 r13=0000000000000000
  75. r14=0000000000000000 r15=0000000000000000
  76. iopl=0 nv up ei pl zr na po nc
  77. nt!RtlpGetStackLimitsEx+0x12ea53:
  78. fffff804`1124f1df cd29 int 29h
  79. Resetting default scope
  80. EXCEPTION_RECORD: ffffd380d60d0f48 -- (.exr 0xffffd380d60d0f48)
  81. ExceptionAddress: fffff8041124f1df (nt!RtlpGetStackLimitsEx+0x000000000012ea53)
  82. ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  83. ExceptionFlags: 00000001
  84. NumberParameters: 1
  85. Parameter[0]: 0000000000000004
  86. Subcode: 0x4 FAST_FAIL_INCORRECT_STACK
  87. CUSTOMER_CRASH_COUNT: 1
  88. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  89. BUGCHECK_STR: 0x139
  90.  
  91. PROCESS_NAME: lsass.exe
  92.  
  93. CURRENT_IRQL: 2
  94. ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
  95. EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
  96. EXCEPTION_CODE_STR: c0000409
  97. EXCEPTION_PARAMETER1: 0000000000000004
  98. WATSON_BKT_EVENT: BEX
  99. BAD_STACK_POINTER: ffffd380d60d0cc8
  100. LAST_CONTROL_TRANSFER: from fffff804111d32e9 to fffff804111c14e0
  101. FAULTING_THREAD: 0000000000000000
  102. STACK_TEXT:
  103. ffffd380`d60d0cc8 fffff804`111d32e9 : 00000000`00000139 00000000`00000004 ffffd380`d60d0ff0 ffffd380`d60d0f48 : nt!KeBugCheckEx
  104. ffffd380`d60d0cd0 fffff804`111d3710 : 046b0900`6f00046b 11920073`706f6c03 1000b902`002d9200 1b920075`6f0104c7 : nt!KiBugCheckDispatch+0x69
  105. ffffd380`d60d0e10 fffff804`111d1aa5 : fffff804`11127368 fffff804`1140ec74 ffffd380`d60d17d0 00000000`00000000 : nt!KiFastFailDispatch+0xd0
  106. ffffd380`d60d0ff0 fffff804`1124f1df : 00000000`00000000 00000000`00000360 0005e548`00ab6000 00000000`0010001f : nt!KiRaiseSecurityCheckFailure+0x325
  107. ffffd380`d60d1180 fffff804`1122e860 : 00000000`00000000 00000000`00000000 ffffd380`d60d16f0 00007fff`00000003 : nt!RtlpGetStackLimitsEx+0x12ea53
  108. ffffd380`d60d11b0 fffff804`110c753e : ffffac0d`006bc318 ffffd380`d60d1e30 ffffac0d`006bc318 00000000`00000000 : nt!RtlDispatchException+0x16bd60
  109. ffffd380`d60d1900 fffff804`111c2362 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x16e
  110. ffffd380`d60d1fb0 fffff804`111c2330 : fffff804`111d3416 ffff8081`3b3384ff 00000000`00000028 00000276`0002a5c3 : nt!KxExceptionDispatchOnExceptionStack+0x12
  111. ffffac0d`006bc1d8 fffff804`111d3416 : ffff8081`3b3384ff 00000000`00000028 00000276`0002a5c3 00000000`00000060 : nt!KiExceptionDispatchOnExceptionStackContinue
  112. ffffac0d`006bc1e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x116
  113. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  114. fffff80411072ccf-fffff80411072cd3 5 bytes - nt!MmAccessFault+12f
  115. [ d0 be 7d fb f6:10 30 60 c0 80 ]
  116. fffff80411072d61-fffff80411072d66 6 bytes - nt!MmAccessFault+1c1 (+0x92)
  117. [ 68 df be 7d fb f6:08 18 30 60 c0 80 ]
  118. fffff80411073ec6 - nt!MiFastLockLeafPageTable+366 (+0x1165)
  119. [ f6:80 ]
  120. fffff80411073f8e-fffff80411073f93 6 bytes - nt!MiLockPageTableInternal+1e (+0xc8)
  121. [ 68 df be 7d fb f6:08 18 30 60 c0 80 ]
  122. fffff80411073fa2-fffff80411073fa6 5 bytes - nt!MiLockPageTableInternal+32 (+0x14)
  123. [ d0 be 7d fb f6:10 30 60 c0 80 ]
  124. fffff80411073fac-fffff80411073fae 3 bytes - nt!MiLockPageTableInternal+3c (+0x0a)
  125. [ df be 7d:1f 30 60 ]
  126. fffff804111273d4-fffff804111273d5 2 bytes - nt!MiDeleteNonPagedPoolTail+44 (+0xb3428)
  127. [ 80 fa:00 eb ]
  128. fffff8041124f24e-fffff8041124f24f 2 bytes - nt!MiZeroLargePage+12ea9a (+0x127e7a)
  129. [ fb f6:c0 80 ]
  130. fffff8041124f267 - nt!MiZeroLargePage+12eab3 (+0x19)
  131. [ f6:80 ]
  132. 31 errors : !nt (fffff80411072ccf-fffff8041124f267)
  133. MODULE_NAME: memory_corruption
  134.  
  135. IMAGE_NAME: memory_corruption
  136.  
  137. FOLLOWUP_NAME: memory_corruption
  138. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  139. MEMORY_CORRUPTOR: LARGE
  140. STACK_COMMAND: ~0s ; kb
  141. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  142. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  143. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  144. TARGET_TIME: 2019-12-11T17:13:05.000Z
  145. SUITE_MASK: 784
  146. PRODUCT_TYPE: 1
  147. USER_LCID: 0
  148. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  149. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  150. Followup: memory_corruption
  151.  
  152. ========================================================================
  153. ===================== 3RD PARTY DRIVER QUICK LIST ======================
  154. ========================================================================
  155. unavailable - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  156. Jul 26 2008 - WinRing0x64.sys - Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  157. Oct 17 2008 - inpoutx64.sys - Kernel level port access driver http://www.highrez.co.uk/
  158. Jun 09 2015 - lgcoretemp.sys - CPU Core Temperature Monitor http://support.logitech.com/
  159. Jun 13 2016 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  160. Jun 13 2016 - LGJoyXlCore.sys - Logitech Gaming Software driver http://support.logitech.com/
  161. Sep 19 2017 - ICCWDT.sys - Intel(R) Watchdog Timer driver
  162. Feb 12 2018 - secnvme.sys - Samsung NVM Express Controller Storport Miniport Driver
  163. Jul 10 2018 - asmthub3.sys - ASMedia USB 3.0 Hub driver http://www.asmedia.com.tw/
  164. Jul 10 2018 - asmtxhci.sys - ASMedia USB 3.0 driver http://www.asmedia.com.tw/
  165. Aug 16 2018 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  166. Sep 20 2018 - e2xw10x64.sys - Killer PCI-E Gigabit Ethernet Controller driver http://www.killernetworking.com/
  167. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  168. Apr 09 2019 - AsIO2.sys - Asus Input Output driver
  169. Apr 18 2019 - iocbios2.sys - !!! Overclocking Software - Intel(R) Extreme Tuning Utility Performance Tuning driver
  170. Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
  171. May 01 2019 - KfeCo10X64.sys - Killer Networking Suite driver
  172. May 07 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  173. May 14 2019 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
  174. May 15 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver
  175. Jun 21 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  176. Jul 18 2019 - semav6msr64.sys - Intel Driver Update Utility http://www.intel.com/ OR (SEMA Software) http://www.sema-soft.de/en/home/
  177. Sep 03 2019 - aswElam.sys - Avast ELAM driver
  178. Sep 06 2019 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  179. Sep 06 2019 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  180. Sep 06 2019 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  181. Sep 06 2019 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  182. Sep 06 2019 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  183. Sep 06 2019 - aswNetSec.sys - Avast Firewall driver http://www.avast.com/
  184. Sep 06 2019 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  185. Sep 06 2019 - aswStm.sys - Avast Antivirus http://www.avast.com/
  186. Sep 06 2019 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  187. Sep 06 2019 - ibtusb.sys - Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
  188. Sep 26 2019 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  189. Sep 26 2019 - aswSP.sys - Avast Antivirus http://www.avast.com/
  190. Oct 16 2019 - Netwtw08.sys - Intel(R) Wireless Networking driver
  191. Oct 29 2019 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  192. Nov 19 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  193. Dec 06 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  194.  
  195. ========================================================================
  196. ========================== 3RD PARTY DRIVERS ===========================
  197. ========================================================================
  198. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  199. Image name: aswRvrt.sys
  200. Search : https://www.google.com/search?q=aswRvrt.sys
  201. ADA Info : Avast Antivirus http://www.avast.com/
  202. Timestamp : unavailable (00000000)
  203.  
  204. Image path: \??\C:\Program Files (x86)\CoolerMaster\MasterPlus\WinRing0x64.sys
  205. Image name: WinRing0x64.sys
  206. Search : https://www.google.com/search?q=WinRing0x64.sys
  207. ADA Info : Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  208. Timestamp : Sat Jul 26 2008
  209.  
  210. Image path: \SystemRoot\System32\Drivers\inpoutx64.sys
  211. Image name: inpoutx64.sys
  212. Search : https://www.google.com/search?q=inpoutx64.sys
  213. ADA Info : Kernel level port access driver http://www.highrez.co.uk/
  214. Timestamp : Fri Oct 17 2008
  215.  
  216. Image path: \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
  217. Image name: lgcoretemp.sys
  218. Search : https://www.google.com/search?q=lgcoretemp.sys
  219. ADA Info : CPU Core Temperature Monitor http://support.logitech.com/
  220. Timestamp : Tue Jun 9 2015
  221.  
  222. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  223. Image name: LGBusEnum.sys
  224. Search : https://www.google.com/search?q=LGBusEnum.sys
  225. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  226. Timestamp : Mon Jun 13 2016
  227.  
  228. Image path: \SystemRoot\system32\drivers\LGJoyXlCore.sys
  229. Image name: LGJoyXlCore.sys
  230. Search : https://www.google.com/search?q=LGJoyXlCore.sys
  231. ADA Info : Logitech Gaming Software driver http://support.logitech.com/
  232. Timestamp : Mon Jun 13 2016
  233.  
  234. Image path: \SystemRoot\System32\drivers\ICCWDT.sys
  235. Image name: ICCWDT.sys
  236. Search : https://www.google.com/search?q=ICCWDT.sys
  237. ADA Info : Intel(R) Watchdog Timer driver
  238. Timestamp : Tue Sep 19 2017
  239.  
  240. Image path: \SystemRoot\System32\drivers\secnvme.sys
  241. Image name: secnvme.sys
  242. Search : https://www.google.com/search?q=secnvme.sys
  243. ADA Info : Samsung NVM Express Controller Storport Miniport Driver
  244. Timestamp : Mon Feb 12 2018
  245.  
  246. Image path: \SystemRoot\System32\drivers\asmthub3.sys
  247. Image name: asmthub3.sys
  248. Search : https://www.google.com/search?q=asmthub3.sys
  249. ADA Info : ASMedia USB 3.0 Hub driver http://www.asmedia.com.tw/
  250. Timestamp : Tue Jul 10 2018
  251.  
  252. Image path: \SystemRoot\System32\drivers\asmtxhci.sys
  253. Image name: asmtxhci.sys
  254. Search : https://www.google.com/search?q=asmtxhci.sys
  255. ADA Info : ASMedia USB 3.0 driver http://www.asmedia.com.tw/
  256. Timestamp : Tue Jul 10 2018
  257.  
  258. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  259. Image name: nvvhci.sys
  260. Search : https://www.google.com/search?q=nvvhci.sys
  261. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  262. Timestamp : Thu Aug 16 2018
  263.  
  264. Image path: \SystemRoot\System32\drivers\e2xw10x64.sys
  265. Image name: e2xw10x64.sys
  266. Search : https://www.google.com/search?q=e2xw10x64.sys
  267. ADA Info : Killer PCI-E Gigabit Ethernet Controller driver http://www.killernetworking.com/
  268. Timestamp : Thu Sep 20 2018
  269.  
  270. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  271. Image name: nvvad64v.sys
  272. Search : https://www.google.com/search?q=nvvad64v.sys
  273. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  274. Timestamp : Thu Mar 14 2019
  275.  
  276. Image path: \??\C:\Windows\system32\drivers\AsIO2.sys
  277. Image name: AsIO2.sys
  278. Search : https://www.google.com/search?q=AsIO2.sys
  279. ADA Info : Asus Input Output driver
  280. Timestamp : Tue Apr 9 2019
  281.  
  282. Image path: \SystemRoot\System32\drivers\iocbios2.sys
  283. Image name: iocbios2.sys
  284. Search : https://www.google.com/search?q=iocbios2.sys
  285. ADA Info : !!! Overclocking Software - Intel(R) Extreme Tuning Utility Performance Tuning driver
  286. Timestamp : Thu Apr 18 2019
  287.  
  288. Image path: \??\C:\Windows\system32\drivers\GLCKIO2.sys
  289. Image name: GLCKIO2.sys
  290. Search : https://www.google.com/search?q=GLCKIO2.sys
  291. ADA Info : ASUS RGB driver
  292. Timestamp : Mon Apr 22 2019
  293.  
  294. Image path: \SystemRoot\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys
  295. Image name: KfeCo10X64.sys
  296. Search : https://www.google.com/search?q=KfeCo10X64.sys
  297. ADA Info : Killer Networking Suite driver
  298. Timestamp : Wed May 1 2019
  299.  
  300. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys
  301. Image name: TeeDriverW8x64.sys
  302. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  303. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  304. Timestamp : Tue May 7 2019
  305.  
  306. Image path: \SystemRoot\System32\drivers\UcmCxUcsiNvppc.sys
  307. Image name: UcmCxUcsiNvppc.sys
  308. Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
  309. ADA Info : NVIDIA USB Type-C Port Policy Controller driver
  310. Timestamp : Tue May 14 2019
  311.  
  312. Image path: \??\C:\Windows\system32\drivers\ene.sys
  313. Image name: ene.sys
  314. Search : https://www.google.com/search?q=ene.sys
  315. ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver
  316. Timestamp : Wed May 15 2019
  317.  
  318. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  319. Image name: nvhda64v.sys
  320. Search : https://www.google.com/search?q=nvhda64v.sys
  321. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  322. Timestamp : Fri Jun 21 2019
  323.  
  324. Image path: \??\C:\Windows\system32\drivers\semav6msr64.sys
  325. Image name: semav6msr64.sys
  326. Search : https://www.google.com/search?q=semav6msr64.sys
  327. ADA Info : Intel Driver Update Utility http://www.intel.com/ OR (SEMA Software) http://www.sema-soft.de/en/home/
  328. Timestamp : Thu Jul 18 2019
  329.  
  330. Image path: \SystemRoot\system32\drivers\aswElam.sys
  331. Image name: aswElam.sys
  332. Search : https://www.google.com/search?q=aswElam.sys
  333. ADA Info : Avast ELAM driver
  334. Timestamp : Tue Sep 3 2019
  335.  
  336. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  337. Image name: aswArPot.sys
  338. Search : https://www.google.com/search?q=aswArPot.sys
  339. ADA Info : Avast Antivirus http://www.avast.com/
  340. Timestamp : Fri Sep 6 2019
  341.  
  342. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  343. Image name: aswbidsdriver.sys
  344. Search : https://www.google.com/search?q=aswbidsdriver.sys
  345. ADA Info : Avast Antivirus http://www.avast.com/
  346. Timestamp : Fri Sep 6 2019
  347.  
  348. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  349. Image name: aswbidsh.sys
  350. Search : https://www.google.com/search?q=aswbidsh.sys
  351. ADA Info : Avast Antivirus http://www.avast.com/
  352. Timestamp : Fri Sep 6 2019
  353.  
  354. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  355. Image name: aswbuniv.sys
  356. Search : https://www.google.com/search?q=aswbuniv.sys
  357. ADA Info : Avast Antivirus http://www.avast.com/
  358. Timestamp : Fri Sep 6 2019
  359.  
  360. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  361. Image name: aswKbd.sys
  362. Search : https://www.google.com/search?q=aswKbd.sys
  363. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  364. Timestamp : Fri Sep 6 2019
  365.  
  366. Image path: \SystemRoot\system32\drivers\aswNetSec.sys
  367. Image name: aswNetSec.sys
  368. Search : https://www.google.com/search?q=aswNetSec.sys
  369. ADA Info : Avast Firewall driver http://www.avast.com/
  370. Timestamp : Fri Sep 6 2019
  371.  
  372. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  373. Image name: aswRdr2.sys
  374. Search : https://www.google.com/search?q=aswRdr2.sys
  375. ADA Info : Avast Antivirus http://www.avast.com/
  376. Timestamp : Fri Sep 6 2019
  377.  
  378. Image path: \SystemRoot\system32\drivers\aswStm.sys
  379. Image name: aswStm.sys
  380. Search : https://www.google.com/search?q=aswStm.sys
  381. ADA Info : Avast Antivirus http://www.avast.com/
  382. Timestamp : Fri Sep 6 2019
  383.  
  384. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  385. Image name: aswVmm.sys
  386. Search : https://www.google.com/search?q=aswVmm.sys
  387. ADA Info : Avast Antivirus http://www.avast.com/
  388. Timestamp : Fri Sep 6 2019
  389.  
  390. Image path: \SystemRoot\system32\DRIVERS\ibtusb.sys
  391. Image name: ibtusb.sys
  392. Search : https://www.google.com/search?q=ibtusb.sys
  393. ADA Info : Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
  394. Timestamp : Fri Sep 6 2019
  395.  
  396. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  397. Image name: aswSnx.sys
  398. Search : https://www.google.com/search?q=aswSnx.sys
  399. ADA Info : Avast Antivirus http://www.avast.com/
  400. Timestamp : Thu Sep 26 2019
  401.  
  402. Image path: \SystemRoot\system32\drivers\aswSP.sys
  403. Image name: aswSP.sys
  404. Search : https://www.google.com/search?q=aswSP.sys
  405. ADA Info : Avast Antivirus http://www.avast.com/
  406. Timestamp : Thu Sep 26 2019
  407.  
  408. Image path: \SystemRoot\System32\drivers\Netwtw08.sys
  409. Image name: Netwtw08.sys
  410. Search : https://www.google.com/search?q=Netwtw08.sys
  411. ADA Info : Intel(R) Wireless Networking driver
  412. Timestamp : Wed Oct 16 2019
  413.  
  414. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  415. Image name: aswMonFlt.sys
  416. Search : https://www.google.com/search?q=aswMonFlt.sys
  417. ADA Info : Avast Antivirus http://www.avast.com/
  418. Timestamp : Tue Oct 29 2019
  419.  
  420. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  421. Image name: RTKVHD64.sys
  422. Search : https://www.google.com/search?q=RTKVHD64.sys
  423. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  424. Timestamp : Tue Nov 19 2019
  425.  
  426. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys
  427. Image name: nvlddmkm.sys
  428. Search : https://www.google.com/search?q=nvlddmkm.sys
  429. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  430. Timestamp : Fri Dec 6 2019
  431.  
  432. If any of the above drivers are from Microsoft then please let me know.
  433. I will have them moved to the Microsoft list on the next update.
  434.  
  435. ========================================================================
  436. ========================== MICROSOFT DRIVERS ===========================
  437. ========================================================================
  438. ACPI.sys ACPI Driver for NT (Microsoft)
  439. acpiex.sys ACPIEx Driver (Microsoft)
  440. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  441. acpitime.sys ACPI Wake Alarm (Microsoft)
  442. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  443. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  444. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  445. ahcache.sys Application Compatibility Cache (Microsoft)
  446. bam.sys BAM Kernal driver (Microsoft)
  447. BasicDisplay.sys Basic Display driver (Microsoft)
  448. BasicRender.sys Basic Render driver (Microsoft)
  449. Beep.SYS BEEP driver (Microsoft)
  450. bindflt.sys Windows Bind Filter driver (Microsoft)
  451. BOOTVID.dll VGA Boot Driver (Microsoft)
  452. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  453. BthEnum.sys Bluetooth Bus Extender
  454. bthpan.sys Bluetooth Personal Area Networking
  455. bthport.sys Bluetooth Bus driver (Microsoft)
  456. BTHUSB.sys Bluetooth Miniport driver (Microsoft)
  457. cdd.dll Canonical Display Driver (Microsoft)
  458. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  459. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  460. CI.dll Code Integrity Module (Microsoft)
  461. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  462. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  463. CLFS.SYS Common Log File System Driver (Microsoft)
  464. clipsp.sys CLIP Service (Microsoft)
  465. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  466. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  467. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  468. condrv.sys Console Driver (Microsoft)
  469. crashdmp.sys Crash Dump driver (Microsoft)
  470. dfsc.sys DFS Namespace Client Driver (Microsoft)
  471. disk.sys PnP Disk Driver (Microsoft)
  472. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  473. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  474. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  475. dump_secnvme.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  476. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  477. dxgmms2.sys DirectX Graphics MMS
  478. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  479. fastfat.SYS Fast FAT File System Driver (Microsoft)
  480. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  481. fileinfo.sys FileInfo Filter Driver (Microsoft)
  482. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  483. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  484. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  485. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  486. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  487. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  488. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  489. HIDCLASS.SYS Hid Class Library (Microsoft)
  490. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  491. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  492. HTTP.sys HTTP Protocol Stack (Microsoft)
  493. intelpep.sys Intel Power Engine Plugin (Microsoft)
  494. intelppm.sys Processor Device Driver (Microsoft)
  495. iorate.sys I/O rate control Filter (Microsoft)
  496. kbdclass.sys Keyboard Class Driver (Microsoft)
  497. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  498. kd.dll Local Kernal Debugger (Microsoft)
  499. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  500. ks.sys Kernal CSA Library (Microsoft)
  501. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  502. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  503. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  504. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  505. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  506. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  507. Microsoft.Bluetooth.Legacy.LEEnumerator.sys Microsoft Bluetooth Legacy LE Enumerator driver (Microsoft)
  508. mmcss.sys MMCSS Driver (Microsoft)
  509. monitor.sys Monitor Driver (Microsoft)
  510. mouclass.sys Mouse Class Driver (Microsoft)
  511. mouhid.sys HID Mouse Filter Driver (Microsoft)
  512. mountmgr.sys Mount Point Manager (Microsoft)
  513. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  514. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  515. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  516. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  517. Msfs.SYS Mailslot driver (Microsoft)
  518. msisadrv.sys ISA Driver (Microsoft)
  519. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  520. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  521. mssmbios.sys System Management BIOS driver (Microsoft)
  522. mup.sys Multiple UNC Provider driver (Microsoft)
  523. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  524. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  525. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  526. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  527. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  528. NDProxy.sys NDIS Proxy driver (Microsoft)
  529. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  530. netbios.sys NetBIOS Interface driver (Microsoft)
  531. netbt.sys MBT Transport driver (Microsoft)
  532. NETIO.SYS Network I/O Subsystem (Microsoft)
  533. Npfs.SYS NPFS driver (Microsoft)
  534. npsvctrig.sys Named pipe service triggers (Microsoft)
  535. nsiproxy.sys NSI Proxy driver (Microsoft)
  536. Ntfs.sys NT File System Driver (Microsoft)
  537. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  538. ntosext.sys NTOS Extension Host driver (Microsoft)
  539. Null.SYS NULL Driver (Microsoft)
  540. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  541. pacer.sys QoS Packet Scheduler (Microsoft)
  542. partmgr.sys Partition driver (Microsoft)
  543. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  544. pcw.sys Performance Counter Driver (Microsoft)
  545. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  546. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  547. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  548. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  549. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  550. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  551. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  552. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  553. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  554. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  555. rdyboost.sys ReadyBoost Driver (Microsoft)
  556. rfcomm.sys Bluetooth RFCOMM driver (Microsoft)
  557. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  558. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  559. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  560. spaceport.sys Storage Spaces driver (Microsoft)
  561. srv2.sys Smb 2.0 Server driver (Microsoft)
  562. srvnet.sys Server Network driver (Microsoft)
  563. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  564. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  565. storqosflt.sys Storage QoS Filter driver (Microsoft)
  566. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  567. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  568. tcpip.sys TCP/IP Protocol driver (Microsoft)
  569. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  570. TDI.SYS TDI Wrapper driver (Microsoft)
  571. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  572. tm.sys Kernel Transaction Manager driver (Microsoft)
  573. UcmCx.sys USB Connector Manager KMDF Class Extension
  574. ucx01000.sys USB Controller Extension (Microsoft)
  575. UEFI.sys UEFI NT driver (Microsoft)
  576. umbus.sys User-Mode Bus Enumerator (Microsoft)
  577. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  578. USBD.SYS Universal Serial Bus Driver (Microsoft)
  579. UsbHub3.sys USB3 HUB driver (Microsoft)
  580. USBXHCI.SYS USB XHCI driver (Microsoft)
  581. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  582. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  583. volmgr.sys Volume Manager Driver (Microsoft)
  584. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  585. volsnap.sys Volume Shadow Copy driver (Microsoft)
  586. volume.sys Volume driver (Microsoft)
  587. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  588. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  589. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  590. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  591. watchdog.sys Watchdog driver (Microsoft)
  592. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  593. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  594. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  595. wdiwifi.sys WDI Driver Framework driver (Microsoft)
  596. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  597. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  598. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  599. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  600. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  601. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  602. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  603. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  604. winquic.sys QUIC Transport Protocol driver (Microsoft)
  605. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  606. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  607. Wof.sys Windows Overlay Filter (Microsoft)
  608. WppRecorder.sys WPP Trace Recorder (Microsoft)
  609.  
  610. Unloaded modules:
  611. fffff804`6c8d0000 fffff804`6c8d8000 magdrvamd64.
  612. fffff804`6c8c0000 fffff804`6c8c8000 magdrvamd64.
  613. fffff804`27b50000 fffff804`27b5f000 dump_storpor
  614. fffff804`27b90000 fffff804`27bb4000 dump_secnvme
  615. fffff804`27be0000 fffff804`27bfe000 dump_dumpfve
  616. fffff804`28430000 fffff804`2844e000 dam.sys
  617. fffff804`14d70000 fffff804`14d80000 hwpolicy.sys
  618.  
  619. ========================================================================
  620. ============================== BIOS INFO ===============================
  621. ========================================================================
  622. sysinfo: could not find necessary interfaces.
  623. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  624.  
  625. ========================================================================
  626. ============================== IMAGE SCAN ==============================
  627. ========================================================================
  628.  
  629. MZ at ffffd29b`92600000, prot 00000040, type 01000000 - size 3a2000
  630. Name: win32kfull.sys
  631. MZ at ffffd29b`929b0000, prot 00000040, type 01000000 - size 2a5000
  632. Name: win32kbase.sys
  633. MZ at ffffd29b`92ed0000, prot 00000040, type 01000000 - size 8c000
  634. Name: WIN32K.SYS
  635. MZ at fffff804`10f5d000, prot 00000040, type 01000000 - size a3000
  636. Name: HAL.dll
  637. MZ at fffff804`11000000, prot 00000004, type 00020000 - size ab6000
  638. Name: ntoskrnl.exe
  639. MZ at fffff804`13400000, prot 00000040, type 01000000 - size b000
  640. Name: KD.dll
  641. MZ at fffff804`13410000, prot 00000040, type 01000000 - size 201000
  642. Name: mcupdate_GenuineIntel.dll
  643. MZ at fffff804`13620000, prot 00000040, type 01000000 - size 11000
  644. Name: WerLiveKernelApi.dll
  645. MZ at fffff804`13640000, prot 00000040, type 01000000 - size 2a000
  646. Name: ksecdd.sys
  647. MZ at fffff804`136e0000, prot 00000040, type 01000000 - size 27000
  648. Name: ntostmhost.dll
  649. MZ at fffff804`13710000, prot 00000040, type 01000000 - size 68000
  650. Name: CLFS.SYS
  651. MZ at fffff804`13780000, prot 00000040, type 01000000 - size 1a000
  652. Name: PSHED.dll
  653. MZ at fffff804`137a0000, prot 00000040, type 01000000 - size b000
  654. Name: BOOTVID.dll
  655. MZ at fffff804`137b0000, prot 00000040, type 01000000 - size e000
  656. Name: cmimcext.dll
  657. MZ at fffff804`137c0000, prot 00000040, type 01000000 - size c000
  658. Name: ntosext.dll
  659. MZ at fffff804`137d0000, prot 00000040, type 01000000 - size 13000
  660. Name: WDFLDR.SYS
  661. MZ at fffff804`137f0000, prot 00000040, type 01000000 - size f000
  662. Name: SleepStudyHelper.sys
  663. MZ at fffff804`13800000, prot 00000040, type 01000000 - size 105000
  664. Name: clipsp.sys
  665. MZ at fffff804`13910000, prot 00000040, type 01000000 - size 71000
  666. Name: FLTMGR.SYS
  667. MZ at fffff804`13990000, prot 00000040, type 01000000 - size dc000
  668. Name: CI.dll
  669. MZ at fffff804`13a70000, prot 00000040, type 01000000 - size bc000
  670. Name: cng.sys
  671. MZ at fffff804`13b30000, prot 00000040, type 01000000 - size d5000
  672. Name: Wdf01000.exe
  673. MZ at fffff804`13c10000, prot 00000040, type 01000000 - size 10000
  674. Name: WppRecorder.sys
  675. MZ at fffff804`13c30000, prot 00000040, type 01000000 - size 25000
  676. Name: acpiex.exe
  677. MZ at fffff804`13c60000, prot 00000040, type 01000000 - size 1a000
  678. Name: SgrmAgent.exe
  679. MZ at fffff804`13c80000, prot 00000040, type 01000000 - size cc000
  680. Name: ACPI.SYS
  681. MZ at fffff804`13d50000, prot 00000040, type 01000000 - size c000
  682. Name: WMILIB.SYS
  683. MZ at fffff804`13d70000, prot 00000040, type 01000000 - size 5b000
  684. Name: intelpep.exe
  685. MZ at fffff804`13dd0000, prot 00000040, type 01000000 - size 17000
  686. Name: WindowsTrustedRT.exe
  687. MZ at fffff804`13df0000, prot 00000040, type 01000000 - size b000
  688. Name: WindowsTrustedRTProxy.exe
  689. MZ at fffff804`13e00000, prot 00000040, type 01000000 - size 15000
  690. Name: pcw.exe
  691. MZ at fffff804`13e20000, prot 00000040, type 01000000 - size b000
  692. Name: msisadrv.exe
  693. MZ at fffff804`13e30000, prot 00000040, type 01000000 - size 6f000
  694. Name: pci.exe
  695. MZ at fffff804`13ea0000, prot 00000040, type 01000000 - size 13000
  696. Name: vdrvroot.exe
  697. MZ at fffff804`13ec0000, prot 00000040, type 01000000 - size 33000
  698. Name: PDC.exe
  699. MZ at fffff804`13f00000, prot 00000040, type 01000000 - size 19000
  700. Name: CEA.sys
  701. MZ at fffff804`13f20000, prot 00000040, type 01000000 - size 30000
  702. Name: partmgr.exe
  703. MZ at fffff804`13f60000, prot 00000040, type 01000000 - size a5000
  704. Name: spaceport.exe
  705. MZ at fffff804`14010000, prot 00000040, type 01000000 - size 1a000
  706. Name: volmgr.exe
  707. MZ at fffff804`140a0000, prot 00000040, type 01000000 - size 1f000
  708. Name: mountmgr.exe
  709. MZ at fffff804`140c0000, prot 00000040, type 01000000 - size 2e000
  710. Name: storahci.exe
  711. MZ at fffff804`140f0000, prot 00000040, type 01000000 - size a2000
  712. Name: storport.sys
  713. MZ at fffff804`141d0000, prot 00000040, type 01000000 - size 1b000
  714. Name: EhStorClass.exe
  715. MZ at fffff804`141f0000, prot 00000040, type 01000000 - size 1a000
  716. Name: fileinfo.exe
  717. MZ at fffff804`14210000, prot 00000040, type 01000000 - size 3d000
  718. Name: wof.exe
  719. MZ at fffff804`14250000, prot 00000040, type 01000000 - size 29d000
  720. Name: ntfs.exe
  721. MZ at fffff804`14500000, prot 00000040, type 01000000 - size 172000
  722. Name: NDIS.SYS
  723. MZ at fffff804`14680000, prot 00000040, type 01000000 - size 94000
  724. Name: NETIO.SYS
  725. MZ at fffff804`14720000, prot 00000040, type 01000000 - size 32000
  726. Name: ksecpkg.exe
  727. MZ at fffff804`14760000, prot 00000040, type 01000000 - size 2ea000
  728. Name: TCPIP.SYS
  729. MZ at fffff804`14a50000, prot 00000040, type 01000000 - size 7a000
  730. Name: fwpkclnt.sys
  731. MZ at fffff804`14ad0000, prot 00000040, type 01000000 - size 30000
  732. Name: wfplwfs.exe
  733. MZ at fffff804`14b80000, prot 00000040, type 01000000 - size c9000
  734. Name: fvevol.exe
  735. MZ at fffff804`14c50000, prot 00000040, type 01000000 - size b000
  736. Name: volume.exe
  737. MZ at fffff804`14c60000, prot 00000040, type 01000000 - size 6d000
  738. Name: volsnap.exe
  739. MZ at fffff804`14cd0000, prot 00000040, type 01000000 - size 4e000
  740. Name: rdyboost.exe
  741. MZ at fffff804`14d20000, prot 00000040, type 01000000 - size 25000
  742. Name: MUP.SYS
  743. MZ at fffff804`14d50000, prot 00000040, type 01000000 - size 12000
  744. Name: iorate.exe
  745. MZ at fffff804`14d80000, prot 00000040, type 01000000 - size 1c000
  746. Name: disk.exe
  747. MZ at fffff804`14da0000, prot 00000040, type 01000000 - size 6b000
  748. Name: CLASSPNP.SYS
  749. MZ at fffff804`27a00000, prot 00000040, type 01000000 - size 30000
  750. Name: cdrom.exe
  751. MZ at fffff804`27b20000, prot 00000040, type 01000000 - size 1d000
  752. Name: CRASHDMP.SYS
  753. MZ at fffff804`27c00000, prot 00000040, type 01000000 - size 78000
  754. Name: ks.sys
  755. MZ at fffff804`27c80000, prot 00000040, type 01000000 - size 15000
  756. Name: filecrypt.exe
  757. MZ at fffff804`27ca0000, prot 00000040, type 01000000 - size e000
  758. Name: tbs.sys
  759. MZ at fffff804`27cc0000, prot 00000040, type 01000000 - size a000
  760. Name: beep.exe
  761. MZ at fffff804`27ce0000, prot 00000040, type 01000000 - size 374000
  762. Name: dxgkrnl.sys
  763. MZ at fffff804`28060000, prot 00000040, type 01000000 - size 16000
  764. Name: watchdog.sys
  765. MZ at fffff804`28080000, prot 00000040, type 01000000 - size 16000
  766. Name: BasicDisplay.exe
  767. MZ at fffff804`280a0000, prot 00000040, type 01000000 - size 11000
  768. Name: BasicRender.exe
  769. MZ at fffff804`280c0000, prot 00000040, type 01000000 - size 1c000
  770. Name: npfs.exe
  771. MZ at fffff804`280e0000, prot 00000040, type 01000000 - size 11000
  772. Name: msfs.exe
  773. MZ at fffff804`28100000, prot 00000040, type 01000000 - size 26000
  774. Name: tdx.exe
  775. MZ at fffff804`28130000, prot 00000040, type 01000000 - size 10000
  776. Name: TDI.SYS
  777. MZ at fffff804`28150000, prot 00000040, type 01000000 - size 59000
  778. Name: netbt.exe
  779. MZ at fffff804`281d0000, prot 00000040, type 01000000 - size 13000
  780. Name: afunix.dll
  781. MZ at fffff804`281f0000, prot 00000040, type 01000000 - size a7000
  782. Name: afd.exe
  783. MZ at fffff804`282a0000, prot 00000040, type 01000000 - size 1a000
  784. Name: vwififlt.SYS
  785. MZ at fffff804`282c0000, prot 00000040, type 01000000 - size 2b000
  786. Name: pacer.exe
  787. MZ at fffff804`28400000, prot 00000040, type 01000000 - size 2c000
  788. Name: dfsc.exe
  789. MZ at fffff804`28450000, prot 00000040, type 01000000 - size 6b000
  790. Name: fastfat.exe
  791. MZ at fffff804`284c0000, prot 00000040, type 01000000 - size 16000
  792. Name: bam.exe
  793. MZ at fffff804`285a0000, prot 00000040, type 01000000 - size 4f000
  794. Name: ahcache.exe
  795. MZ at fffff804`285f0000, prot 00000040, type 01000000 - size 8c000
  796. Name: Vid.exe
  797. MZ at fffff804`28680000, prot 00000040, type 01000000 - size 1f000
  798. Name: winhvr.sys
  799. MZ at fffff804`286a0000, prot 00000040, type 01000000 - size 11000
  800. Name: CompositeBus.exe
  801. MZ at fffff804`286c0000, prot 00000040, type 01000000 - size d000
  802. Name: kdnic.sys
  803. MZ at fffff804`286d0000, prot 00000040, type 01000000 - size 15000
  804. Name: UmBus.exe
  805. MZ at fffff804`290e0000, prot 00000040, type 01000000 - size 14000
  806. Name: netbios.exe
  807. MZ at fffff804`29100000, prot 00000040, type 01000000 - size 7b000
  808. Name: rdbss.sys
  809. MZ at fffff804`29180000, prot 00000040, type 01000000 - size 12000
  810. Name: nsiproxy.exe
  811. MZ at fffff804`291a0000, prot 00000040, type 01000000 - size d000
  812. Name: NpSvcTrig.exe
  813. MZ at fffff804`291b0000, prot 00000040, type 01000000 - size 10000
  814. Name: mssmbios.exe
  815. MZ at fffff804`291d0000, prot 00000040, type 01000000 - size a000
  816. Name: gpuenergydrv.exe
  817. MZ at fffff804`2a060000, prot 00000040, type 01000000 - size da000
  818. Name: dxgmms2.sys
  819. MZ at fffff804`2a140000, prot 00000040, type 01000000 - size 37000
  820. Name: wcifs.exe
  821. MZ at fffff804`2a180000, prot 00000040, type 01000000 - size 77000
  822. Name: cldflt.exe
  823. MZ at fffff804`2a200000, prot 00000040, type 01000000 - size 1a000
  824. Name: storqosflt.exe
  825. MZ at fffff804`2a2a0000, prot 00000040, type 01000000 - size 19000
  826. Name: mslldp.exe
  827. MZ at fffff804`2a2c0000, prot 00000040, type 01000000 - size 18000
  828. Name: lltdio.exe
  829. MZ at fffff804`2a2e0000, prot 00000040, type 01000000 - size 1b000
  830. Name: rspndr.exe
  831. MZ at fffff804`2a300000, prot 00000040, type 01000000 - size 1d000
  832. Name: wanarp.exe
  833. MZ at fffff804`2a320000, prot 00000040, type 01000000 - size 18000
  834. Name: ndisuio.exe
  835. MZ at fffff804`2a340000, prot 00000040, type 01000000 - size b2000
  836. Name: nwifi.exe
  837. MZ at fffff804`2a400000, prot 00000040, type 01000000 - size 38000
  838. Name: winquic.sys
  839. MZ at fffff804`2a440000, prot 00000040, type 01000000 - size 145000
  840. Name: http.exe
  841. MZ at fffff804`2a590000, prot 00000040, type 01000000 - size 13000
  842. Name: condrv.exe
  843. MZ at fffff804`2a5b0000, prot 00000040, type 01000000 - size 25000
  844. Name: bowser.exe
  845. MZ at fffff804`2a5e0000, prot 00000040, type 01000000 - size 1a000
  846. Name: mpsdrv.exe
  847. MZ at fffff804`2a600000, prot 00000040, type 01000000 - size 8f000
  848. Name: mrxsmb.sys
  849. MZ at fffff804`2a690000, prot 00000040, type 01000000 - size 45000
  850. Name: mrxsmb20.exe
  851. MZ at fffff804`2a6f0000, prot 00000040, type 01000000 - size 14000
  852. Name: mmcss.exe
  853. MZ at fffff804`2a710000, prot 00000040, type 01000000 - size 53000
  854. Name: srvnet.sys
  855. MZ at fffff804`2af30000, prot 00000040, type 01000000 - size 33000
  856. Name: usbccgp.exe
  857. MZ at fffff804`2af70000, prot 00000040, type 01000000 - size 12000
  858. Name: hidusb.exe
  859. MZ at fffff804`2af90000, prot 00000040, type 01000000 - size 3b000
  860. Name: HIDCLASS.SYS
  861. MZ at fffff804`2afd0000, prot 00000040, type 01000000 - size 13000
  862. Name: HIDPARSE.SYS
  863. MZ at fffff804`2b200000, prot 00000040, type 01000000 - size 89000
  864. Name: usbxhci.exe
  865. MZ at fffff804`2b290000, prot 00000040, type 01000000 - size 41000
  866. Name: ucx01000.exe
  867. MZ at fffff804`2b390000, prot 00000040, type 01000000 - size 2c000
  868. Name: UcmCx.exe
  869. MZ at fffff804`2b3c0000, prot 00000040, type 01000000 - size ea000
  870. Name: WdiWiFi.sys
  871. MZ at fffff804`2b4b0000, prot 00000040, type 01000000 - size e000
  872. Name: vwifibus.exe
  873. MZ at fffff804`2b5d0000, prot 00000040, type 01000000 - size c000
  874. Name: wmiacpi.exe
  875. MZ at fffff804`2b5e0000, prot 00000040, type 01000000 - size 3e000
  876. Name: intelppm.exe
  877. MZ at fffff804`2b620000, prot 00000040, type 01000000 - size b000
  878. Name: acpipagr.exe
  879. MZ at fffff804`2b630000, prot 00000040, type 01000000 - size c000
  880. Name: acpitime.exe
  881. MZ at fffff804`2b640000, prot 00000040, type 01000000 - size e000
  882. Name: UEFI.SYS
  883. MZ at fffff804`2b670000, prot 00000040, type 01000000 - size f000
  884. Name: ksthunk.exe
  885. MZ at fffff804`2b6a0000, prot 00000040, type 01000000 - size d000
  886. Name: NdisVirtualBus.exe
  887. MZ at fffff804`2b6b0000, prot 00000040, type 01000000 - size c000
  888. Name: swenum.exe
  889. MZ at fffff804`2b6e0000, prot 00000040, type 01000000 - size e000
  890. Name: rdpbus.exe
  891. MZ at fffff804`2b730000, prot 00000040, type 01000000 - size 9c000
  892. Name: usbhub3.sys
  893. MZ at fffff804`2b7d0000, prot 00000040, type 01000000 - size e000
  894. Name: USBD.SYS
  895. MZ at fffff804`2d320000, prot 00000040, type 01000000 - size 22000
  896. Name: hdaudbus.exe
  897. MZ at fffff804`2d350000, prot 00000040, type 01000000 - size 67000
  898. Name: portcls.sys
  899. MZ at fffff804`2e430000, prot 00000040, type 01000000 - size 10000
  900. Name: mouhid.exe
  901. MZ at fffff804`2e450000, prot 00000040, type 01000000 - size 13000
  902. Name: mouclass.exe
  903. MZ at fffff804`2e470000, prot 00000040, type 01000000 - size 11000
  904. Name: kbdhid.exe
  905. MZ at fffff804`2e490000, prot 00000040, type 01000000 - size 14000
  906. Name: kbdclass.exe
  907. MZ at fffff804`2e4b0000, prot 00000040, type 01000000 - size 1e000
  908. Name: Microsoft.Bluetooth.Legacy.LEEnumerator.exe
  909. MZ at fffff804`2e4d0000, prot 00000040, type 01000000 - size 3a000
  910. Name: rfcomm.exe
  911. MZ at fffff804`2e510000, prot 00000040, type 01000000 - size 22000
  912. Name: bthenum.exe
  913. MZ at fffff804`2e540000, prot 00000040, type 01000000 - size 26000
  914. Name: bthpan.exe
  915. MZ at fffff804`2e580000, prot 00000040, type 01000000 - size e000
  916. Name: SYS.exe
  917. MZ at fffff804`2e610000, prot 00000040, type 01000000 - size 1d000
  918. Name: DUMPFVE.SYS
  919. MZ at fffff804`2e630000, prot 00000040, type 01000000 - size 18000
  920. Name: monitor.exe
  921. MZ at fffff804`2e650000, prot 00000040, type 01000000 - size 2a000
  922. Name: luafv.exe
  923. MZ at fffff804`2f660000, prot 00000040, type 01000000 - size 1f000
  924. Name: bthusb.exe
  925. MZ at fffff804`2f680000, prot 00000040, type 01000000 - size 164000
  926. Name: bthport.sys
  927. MZ at fffff804`6c600000, prot 00000040, type 01000000 - size 14000
  928. Name: tcpipreg.exe
  929. MZ at fffff804`6c620000, prot 00000040, type 01000000 - size c5000
  930. Name: srv2.exe
  931. MZ at fffff804`6c6f0000, prot 00000040, type 01000000 - size 1d000
  932. Name: rassstp.exe
  933. MZ at fffff804`6c710000, prot 00000040, type 01000000 - size 41000
  934. Name: ndproxy.exe
  935. MZ at fffff804`6c760000, prot 00000040, type 01000000 - size 27000
  936. Name: AgileVpn.exe
  937. MZ at fffff804`6c790000, prot 00000040, type 01000000 - size 22000
  938. Name: rasl2tp.exe
  939. MZ at fffff804`6c7c0000, prot 00000040, type 01000000 - size 20000
  940. Name: raspptp.exe
  941. MZ at fffff804`6c7f0000, prot 00000040, type 01000000 - size 1c000
  942. Name: raspppoe.exe
  943. MZ at fffff804`6c810000, prot 00000040, type 01000000 - size f000
  944. Name: NDISTAPI.SYS
  945. MZ at fffff804`6c820000, prot 00000040, type 01000000 - size 3a000
  946. Name: ndiswan.exe
  947. MZ at fffff804`6c870000, prot 00000040, type 01000000 - size 13000
  948. Name: vwifimp.exe
  949. MZ at fffff804`6c890000, prot 00000040, type 01000000 - size 21000
  950. Name: bindflt.exe
  951. MZ at fffff804`6de90000, prot 00000040, type 01000000 - size 52000
  952. Name: mrxsmb10.exe
  953. MZ at fffff804`6dfd0000, prot 00000040, type 01000000 - size 27000
  954. Name: ndu.exe
  955.  
  956. ========================================================================
  957. ==================== Dump File: 121119-8781-01.dmp =====================
  958. ========================================================================
  959. Mini Kernel Dump File: Only registers and stack trace are available
  960. Windows 10 Kernel Version 18362 MP (16 procs) Free x64
  961. Kernel base = 0xfffff801`14c00000 PsLoadedModuleList = 0xfffff801`15048130
  962. Debug session time: Wed Dec 11 11:48:04.098 2019 (UTC - 5:00)
  963. System Uptime: 0 days 0:01:04.812
  964.  
  965. BugCheck 101, {c, 0, ffff8581fe3c5180, 4}
  966. *** WARNING: Unable to verify timestamp for win32k.sys
  967. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  968. Probably caused by : memory_corruption
  969. Followup: memory_corruption
  970.  
  971. CLOCK_WATCHDOG_TIMEOUT (101)
  972. An expected clock interrupt was not received on a secondary processor in an
  973. MP system within the allocated interval. This indicates that the specified
  974. processor is hung and not processing interrupts.
  975.  
  976. Arguments:
  977. Arg1: 000000000000000c, Clock interrupt time out interval in nominal clock ticks.
  978. Arg2: 0000000000000000, 0.
  979. Arg3: ffff8581fe3c5180, The PRCB address of the hung processor.
  980. Arg4: 0000000000000004, The index of the hung processor.
  981.  
  982. Debugging Details:
  983. DUMP_CLASS: 1
  984. DUMP_QUALIFIER: 400
  985. DUMP_TYPE: 2
  986. BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_10_PROC
  987. CUSTOMER_CRASH_COUNT: 1
  988. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  989.  
  990. PROCESS_NAME: System
  991.  
  992. CURRENT_IRQL: d
  993. STACK_TEXT:
  994. ffff8581`fe27fb08 fffff801`14dee9b0 : 00000000`00000101 00000000`0000000c 00000000`00000000 ffff8581`fe3c5180 : nt!KeBugCheckEx
  995. ffff8581`fe27fb10 fffff801`14c1f61c : fffff780`00000320 ffff8581`fe280180 00000000`00001034 00000000`00001034 : nt!KeAccumulateTicks+0x1cbf50
  996. ffff8581`fe27fb70 fffff801`14b5e4b7 : 00000000`00000001 ffffa406`4e466f20 ffffa406`4e466fa0 00000000`00000002 : nt!KeClockInterruptNotify+0x98c
  997. ffff8581`fe27ff30 fffff801`14c02a25 : 00000000`26b872b6 ffffbb0e`28ad4000 ffffbb0e`28ad40b0 00000000`00000000 : hal!HalpTimerClockInterrupt+0xf7
  998. ffff8581`fe27ff60 fffff801`14dc2f7a : ffffa406`4e466fa0 ffffbb0e`28ad4000 ffff9980`00007796 ffffbb0e`28ad4000 : nt!KiCallInterruptServiceRoutine+0xa5
  999. ffff8581`fe27ffb0 fffff801`14dc34e7 : ffffa406`4e467110 ffffa406`4e466fa0 ffffbb0e`28ad4000 fffff801`14dc3574 : nt!KiInterruptSubDispatchNoLockNoEtw+0xfa
  1000. ffffa406`4e466f20 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
  1001. STACK_COMMAND: kb
  1002. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  1003. fffff80114b5e41c-fffff80114b5e41d 2 bytes - hal!HalpTimerClockInterrupt+5c
  1004. [ 48 ff:4c 8b ]
  1005. fffff80114b5e423-fffff80114b5e426 4 bytes - hal!HalpTimerClockInterrupt+63 (+0x07)
  1006. [ 0f 1f 44 00:e8 58 98 0c ]
  1007. fffff80114b5e46c-fffff80114b5e46d 2 bytes - hal!HalpTimerClockInterrupt+ac (+0x49)
  1008. [ 48 ff:4c 8b ]
  1009. fffff80114b5e473-fffff80114b5e476 4 bytes - hal!HalpTimerClockInterrupt+b3 (+0x07)
  1010. [ 0f 1f 44 00:e8 38 80 1b ]
  1011. fffff80114b5e4ab-fffff80114b5e4ac 2 bytes - hal!HalpTimerClockInterrupt+eb (+0x38)
  1012. [ 48 ff:4c 8b ]
  1013. fffff80114b5e4b2-fffff80114b5e4b5 4 bytes - hal!HalpTimerClockInterrupt+f2 (+0x07)
  1014. [ 0f 1f 44 00:e8 d9 07 0c ]
  1015. fffff80114b8f454-fffff80114b8f455 2 bytes - hal!HalpInterruptDeferredRecoveryService+4 (+0x30fa2)
  1016. [ 48 ff:4c 8b ]
  1017. fffff80114b8f45b-fffff80114b8f45e 4 bytes - hal!HalpInterruptDeferredRecoveryService+b (+0x07)
  1018. [ 0f 1f 44 00:e8 00 29 3b ]
  1019. fffff80114b8f4d0-fffff80114b8f4d1 2 bytes - hal!HalpInterruptSpuriousService+10 (+0x75)
  1020. [ 48 ff:4c 8b ]
  1021. fffff80114b8f4d7-fffff80114b8f4da 4 bytes - hal!HalpInterruptSpuriousService+17 (+0x07)
  1022. [ 0f 1f 44 00:e8 84 e6 18 ]
  1023. fffff80114b8f500-fffff80114b8f501 2 bytes - hal!HalpInterruptStubService+10 (+0x29)
  1024. [ 48 ff:4c 8b ]
  1025. fffff80114b8f507-fffff80114b8f50a 4 bytes - hal!HalpInterruptStubService+17 (+0x07)
  1026. [ 0f 1f 44 00:e8 54 e6 18 ]
  1027. 36 errors : !hal (fffff80114b5e41c-fffff80114b8f50a)
  1028. MODULE_NAME: memory_corruption
  1029.  
  1030. IMAGE_NAME: memory_corruption
  1031.  
  1032. FOLLOWUP_NAME: memory_corruption
  1033. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1034. MEMORY_CORRUPTOR: LARGE
  1035. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1036. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1037. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1038. TARGET_TIME: 2019-12-11T16:48:04.000Z
  1039. SUITE_MASK: 784
  1040. PRODUCT_TYPE: 1
  1041. USER_LCID: 0
  1042. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1043. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1044. Followup: memory_corruption
  1045.  
  1046. ========================================================================
  1047. ==================== Dump File: 121119-8765-01.dmp =====================
  1048. ========================================================================
  1049. Mini Kernel Dump File: Only registers and stack trace are available
  1050. Windows 10 Kernel Version 18362 MP (16 procs) Free x64
  1051. Kernel base = 0xfffff803`75400000 PsLoadedModuleList = 0xfffff803`75848130
  1052. Debug session time: Wed Dec 11 12:23:36.608 2019 (UTC - 5:00)
  1053. System Uptime: 0 days 0:02:52.322
  1054.  
  1055. BugCheck 124, {0, ffff9b07ea5c0028, b2000000, 30005}
  1056. Probably caused by : memory_corruption
  1057. Followup: memory_corruption
  1058.  
  1059. WHEA_UNCORRECTABLE_ERROR (124)
  1060. A fatal hardware error has occurred. Parameter 1 identifies the type of error
  1061. source that reported the error. Parameter 2 holds the address of the
  1062. WHEA_ERROR_RECORD structure that describes the error conditon.
  1063.  
  1064. Arguments:
  1065. Arg1: 0000000000000000, Machine Check Exception
  1066. Arg2: ffff9b07ea5c0028, Address of the WHEA_ERROR_RECORD structure.
  1067. Arg3: 00000000b2000000, High order 32-bits of the MCi_STATUS value.
  1068. Arg4: 0000000000030005, Low order 32-bits of the MCi_STATUS value.
  1069.  
  1070. Debugging Details:
  1071. DUMP_CLASS: 1
  1072. DUMP_QUALIFIER: 400
  1073. DUMP_TYPE: 2
  1074. BUGCHECK_STR: 0x124_GenuineIntel
  1075. CUSTOMER_CRASH_COUNT: 1
  1076. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1077.  
  1078. PROCESS_NAME: SkypeApp.exe
  1079.  
  1080. CURRENT_IRQL: f
  1081. STACK_TEXT:
  1082. ffffac80`3ae85d78 fffff803`753a4fe8 : 00000000`00000124 00000000`00000000 ffff9b07`ea5c0028 00000000`b2000000 : nt!KeBugCheckEx
  1083. ffffac80`3ae85d80 fffff803`78181920 : ffff9b07`e3f40ea0 00000000`00000000 ffff9b07`ea5c0028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  1084. ffffac80`3ae85dc0 fffff803`75740952 : ffff9b07`e3f40ea0 ffffac80`3ae85e49 00000000`00000000 ffff9b07`ea5c0028 : PSHED!PshedBugCheckSystem+0x10
  1085. ffffac80`3ae85df0 fffff803`753a6946 : ffffac80`3ae85f10 00000000`0000000b ffff9b07`e3f40ef0 ffff9b07`e3f40ea0 : nt!WheaReportHwError+0x382
  1086. ffffac80`3ae85eb0 fffff803`753a6dda : 00000000`00000010 ffff9b07`e3f40ef0 ffffac80`3ae86068 ffffac80`3ae862b0 : hal!HalpMcaReportError+0x72
  1087. ffffac80`3ae86010 fffff803`753a6cb4 : ffff9b07`e38e4be0 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  1088. ffffac80`3ae86060 fffff803`753a6f20 : 00000000`00000010 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  1089. ffffac80`3ae860a0 fffff803`753a5fc8 : 00000000`00000000 ffffac80`3ae86330 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  1090. ffffac80`3ae860d0 fffff803`753a71a7 : ffff9b07`e38e4be0 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  1091. ffffac80`3ae86100 fffff803`756a4a20 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  1092. ffffac80`3ae86130 fffff803`755d04ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  1093. ffffac80`3ae86160 fffff803`755d0171 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxMcheckAbort+0x7a
  1094. ffffac80`3ae862a0 00007fff`2eab9706 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x271
  1095. 000000ee`a41ff7e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`2eab9706
  1096. STACK_COMMAND: kb
  1097. CHKIMG_EXTENSION: !chkimg -lo 50 -d !Ntfs
  1098. fffff80378c658c8-fffff80378c658c9 2 bytes - Ntfs!NtfsAcquireSharedFcb+68
  1099. [ 48 ff:4c 8b ]
  1100. fffff80378c658cf-fffff80378c658d3 5 bytes - Ntfs!NtfsAcquireSharedFcb+6f (+0x07)
  1101. [ 0f 1f 44 00 00:e8 1c 1c 7d fc ]
  1102. 7 errors : !Ntfs (fffff80378c658c8-fffff80378c658d3)
  1103. MODULE_NAME: memory_corruption
  1104.  
  1105. IMAGE_NAME: memory_corruption
  1106.  
  1107. FOLLOWUP_NAME: memory_corruption
  1108. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1109. MEMORY_CORRUPTOR: LARGE
  1110. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1111. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1112. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1113. TARGET_TIME: 2019-12-11T17:23:36.000Z
  1114. SUITE_MASK: 784
  1115. PRODUCT_TYPE: 1
  1116. USER_LCID: 0
  1117. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1118. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1119. Followup: memory_corruption
  1120.  
  1121. ========================================================================
  1122. ==================== Dump File: 121119-8750-01.dmp =====================
  1123. ========================================================================
  1124. Mini Kernel Dump File: Only registers and stack trace are available
  1125. Windows 10 Kernel Version 18362 MP (16 procs) Free x64
  1126. Kernel base = 0xfffff804`1ce00000 PsLoadedModuleList = 0xfffff804`1d248130
  1127. Debug session time: Wed Dec 11 12:20:15.693 2019 (UTC - 5:00)
  1128. System Uptime: 0 days 0:06:40.417
  1129.  
  1130. BugCheck 1E, {ffffffffc0000005, fffff8041d41e99d, 0, 30}
  1131. Probably caused by : memory_corruption
  1132. Followup: memory_corruption
  1133.  
  1134. KMODE_EXCEPTION_NOT_HANDLED (1e)
  1135. This is a very common bugcheck. Usually the exception address pinpoints
  1136. the driver/function that caused the problem. Always note this address
  1137. as well as the link date of the driver/image that contains this address.
  1138.  
  1139. Arguments:
  1140. Arg1: ffffffffc0000005, The exception code that was not handled
  1141. Arg2: fffff8041d41e99d, The address that the exception occurred at
  1142. Arg3: 0000000000000000, Parameter 0 of the exception
  1143. Arg4: 0000000000000030, Parameter 1 of the exception
  1144.  
  1145. Debugging Details:
  1146. DUMP_CLASS: 1
  1147. DUMP_QUALIFIER: 400
  1148. DUMP_TYPE: 2
  1149. READ_ADDRESS: fffff8041d3733b8: Unable to get MiVisibleState
  1150. 0000000000000030
  1151. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  1152. FAULTING_IP:
  1153. nt!CmpCheckOpenAccessOnKeyBody+3fd
  1154. fffff804`1d41e99d 488b4930 mov rcx,qword ptr [rcx+30h]
  1155. EXCEPTION_PARAMETER2: 0000000000000030
  1156. BUGCHECK_STR: 0x1E_c0000005_R
  1157. CUSTOMER_CRASH_COUNT: 1
  1158. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1159.  
  1160. PROCESS_NAME: WerFault.exe
  1161.  
  1162. CURRENT_IRQL: 0
  1163. EXCEPTION_RECORD: ffff94017b5b6ae0 -- (.exr 0xffff94017b5b6ae0)
  1164. ExceptionAddress: ffff94017b5b6ae0
  1165. ExceptionCode: 7b5b6d50
  1166. ExceptionFlags: ffff9401
  1167. NumberParameters: 16
  1168. Parameter[0]: ffff893284ca2eb4
  1169. Parameter[1]: 0000000000000030
  1170. Parameter[2]: 0000000000000001
  1171. Parameter[3]: 0000000000000000
  1172. Parameter[4]: 0000000000220022
  1173. Parameter[5]: 00007fffdc953ca0
  1174. Parameter[6]: 0000000000000000
  1175. Parameter[7]: 0000000000000000
  1176. Parameter[8]: 0000000000000000
  1177. Parameter[9]: 0000000000000000
  1178. Parameter[10]: 0000000000000000
  1179. Parameter[11]: 0000000000000000
  1180. Parameter[12]: 0000000000000000
  1181. Parameter[13]: 0000000000000000
  1182. Parameter[14]: 0000000000000000
  1183. TRAP_FRAME: ffff893284ca2eb4 -- (.trap 0xffff893284ca2eb4)
  1184. Unable to read trap frame at ffff8932`84ca2eb4
  1185. LAST_CONTROL_TRANSFER: from fffff8041d02fda7 to fffff8041cfc14e0
  1186. STACK_TEXT:
  1187. ffff9401`7b5b6438 fffff804`1d02fda7 : 00000000`0000001e ffffffff`c0000005 fffff804`1d41e99d 00000000`00000000 : nt!KeBugCheckEx
  1188. ffff9401`7b5b6440 fffff804`1cfd341d : ffff9401`7b5b6ae0 00000000`00000010 ffff8932`84ca2eb4 00000000`00000030 : nt!KiDispatchException+0x1689d7
  1189. ffff9401`7b5b6af0 fffff804`1cfcf605 : 00000000`00001001 00000000`00000fff ffff9401`7b5b70a0 00000000`00000100 : nt!KiExceptionDispatch+0x11d
  1190. ffff9401`7b5b6cd0 fffff804`1d41e99d : ffffab0a`ef35dba0 00000000`00006600 ffffab0a`f9a41e70 ffffab0a`f9a41e90 : nt!KiPageFault+0x445
  1191. ffff9401`7b5b6e68 ffffab0a`f9a41e70 : 00000000`00000001 ffff9401`7b5b7840 00000000`00000000 00000000`00000001 : nt!CmpCheckOpenAccessOnKeyBody+0x3fd
  1192. ffff9401`7b5b6f58 00000000`00000001 : ffff9401`7b5b7840 00000000`00000000 00000000`00000001 ffff9401`7b5b7000 : 0xffffab0a`f9a41e70
  1193. ffff9401`7b5b6f60 ffff9401`7b5b7840 : 00000000`00000000 00000000`00000001 ffff9401`7b5b7000 00000000`00000000 : 0x1
  1194. ffff9401`7b5b6f68 00000000`00000000 : 00000000`00000001 ffff9401`7b5b7000 00000000`00000000 ffff9401`7b5b6fd1 : 0xffff9401`7b5b7840
  1195. STACK_COMMAND: kb
  1196. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1197. fffff8041cec2932-fffff8041cec2936 5 bytes - nt!MI_IS_PHYSICAL_ADDRESS+32
  1198. [ d0 be 7d fb f6:40 9a 34 69 d2 ]
  1199. fffff8041cec293c-fffff8041cec2940 5 bytes - nt!MI_IS_PHYSICAL_ADDRESS+3c (+0x0a)
  1200. [ d7 be 7d fb f6:47 9a 34 69 d2 ]
  1201. 10 errors : !nt (fffff8041cec2932-fffff8041cec2940)
  1202. MODULE_NAME: memory_corruption
  1203.  
  1204. IMAGE_NAME: memory_corruption
  1205.  
  1206. FOLLOWUP_NAME: memory_corruption
  1207. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1208. MEMORY_CORRUPTOR: LARGE
  1209. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1210. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1211. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1212. TARGET_TIME: 2019-12-11T17:20:15.000Z
  1213. SUITE_MASK: 784
  1214. PRODUCT_TYPE: 1
  1215. USER_LCID: 0
  1216. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1217. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1218. Followup: memory_corruption
  1219.  
  1220. ========================================================================
  1221. ==================== Dump File: 121119-8484-01.dmp =====================
  1222. ========================================================================
  1223. Mini Kernel Dump File: Only registers and stack trace are available
  1224. Windows 10 Kernel Version 18362 MP (16 procs) Free x64
  1225. Kernel base = 0xfffff806`72e00000 PsLoadedModuleList = 0xfffff806`73248130
  1226. Debug session time: Wed Dec 11 12:52:33.150 2019 (UTC - 5:00)
  1227. System Uptime: 0 days 0:04:59.875
  1228.  
  1229. BugCheck 101, {c, 0, ffffc900259c5180, 4}
  1230. *** WARNING: Unable to verify timestamp for win32k.sys
  1231. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  1232. Probably caused by : memory_corruption
  1233. Followup: memory_corruption
  1234.  
  1235. CLOCK_WATCHDOG_TIMEOUT (101)
  1236. An expected clock interrupt was not received on a secondary processor in an
  1237. MP system within the allocated interval. This indicates that the specified
  1238. processor is hung and not processing interrupts.
  1239.  
  1240. Arguments:
  1241. Arg1: 000000000000000c, Clock interrupt time out interval in nominal clock ticks.
  1242. Arg2: 0000000000000000, 0.
  1243. Arg3: ffffc900259c5180, The PRCB address of the hung processor.
  1244. Arg4: 0000000000000004, The index of the hung processor.
  1245.  
  1246. Debugging Details:
  1247. DUMP_CLASS: 1
  1248. DUMP_QUALIFIER: 400
  1249. DUMP_TYPE: 2
  1250. BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_10_PROC
  1251. CUSTOMER_CRASH_COUNT: 1
  1252. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1253.  
  1254. PROCESS_NAME: System
  1255.  
  1256. CURRENT_IRQL: d
  1257. STACK_TEXT:
  1258. ffffc900`25cd8b08 fffff806`72fee9b0 : 00000000`00000101 00000000`0000000c 00000000`00000000 ffffc900`259c5180 : nt!KeBugCheckEx
  1259. ffffc900`25cd8b10 fffff806`72e1f61c : fffff780`00000320 ffffc900`25c80180 00000000`00004af8 00000000`00004af8 : nt!KeAccumulateTicks+0x1cbf50
  1260. ffffc900`25cd8b70 fffff806`72d5e4b7 : 00000000`00000000 fffff88e`52bc9800 fffff88e`52bc9880 00000000`0000000c : nt!KeClockInterruptNotify+0x98c
  1261. ffffc900`25cd8f30 fffff806`72e02a25 : 00000000`b2d422f9 ffff860e`baad8200 ffff860e`baad82b0 00000000`00000000 : hal!HalpTimerClockInterrupt+0xf7
  1262. ffffc900`25cd8f60 fffff806`72fc2f7a : fffff88e`52bc9880 ffff860e`baad8200 00000000`00000000 ffff860e`baad8200 : nt!KiCallInterruptServiceRoutine+0xa5
  1263. ffffc900`25cd8fb0 fffff806`72fc34e7 : 00000000`0c1613a8 fffff88e`52bc9880 ffff860e`baad8200 00000000`00000000 : nt!KiInterruptSubDispatchNoLockNoEtw+0xfa
  1264. fffff88e`52bc9800 fffff806`72ede5e0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInterruptDispatchNoLockNoEtw+0x37
  1265. fffff88e`52bc9990 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIpiSendRequestEx+0x78
  1266. STACK_COMMAND: kb
  1267. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  1268. fffff80672d5e41c-fffff80672d5e41d 2 bytes - hal!HalpTimerClockInterrupt+5c
  1269. [ 48 ff:4c 8b ]
  1270. fffff80672d5e423-fffff80672d5e426 4 bytes - hal!HalpTimerClockInterrupt+63 (+0x07)
  1271. [ 0f 1f 44 00:e8 58 98 0c ]
  1272. fffff80672d5e46c-fffff80672d5e46d 2 bytes - hal!HalpTimerClockInterrupt+ac (+0x49)
  1273. [ 48 ff:4c 8b ]
  1274. fffff80672d5e473-fffff80672d5e476 4 bytes - hal!HalpTimerClockInterrupt+b3 (+0x07)
  1275. [ 0f 1f 44 00:e8 38 80 1b ]
  1276. fffff80672d5e4ab-fffff80672d5e4ac 2 bytes - hal!HalpTimerClockInterrupt+eb (+0x38)
  1277. [ 48 ff:4c 8b ]
  1278. fffff80672d5e4b2-fffff80672d5e4b5 4 bytes - hal!HalpTimerClockInterrupt+f2 (+0x07)
  1279. [ 0f 1f 44 00:e8 d9 07 0c ]
  1280. fffff80672d5ed66-fffff80672d5ed67 2 bytes - hal!HalRequestIpiSpecifyVector+36 (+0x8b4)
  1281. [ 48 ff:4c 8b ]
  1282. fffff80672d5ed6d-fffff80672d5ed70 4 bytes - hal!HalRequestIpiSpecifyVector+3d (+0x07)
  1283. [ 0f 1f 44 00:e8 3e 89 0c ]
  1284. fffff80672d601d5-fffff80672d601d6 2 bytes - hal!HalpTimerClockIpiRoutine+15 (+0x1468)
  1285. [ 48 ff:4c 8b ]
  1286. fffff80672d601dc-fffff80672d601df 4 bytes - hal!HalpTimerClockIpiRoutine+1c (+0x07)
  1287. [ 0f 1f 44 00:e8 af ea 0b ]
  1288. fffff80672d603a7-fffff80672d603a8 2 bytes - hal!HalPutScatterGatherList+67 (+0x1cb)
  1289. [ 48 ff:4c 8b ]
  1290. fffff80672d603ae-fffff80672d603b1 4 bytes - hal!HalPutScatterGatherList+6e (+0x07)
  1291. [ 0f 1f 44 00:e8 ed ec 40 ]
  1292. fffff80672d8f454-fffff80672d8f455 2 bytes - hal!HalpInterruptDeferredRecoveryService+4 (+0x2f0a6)
  1293. [ 48 ff:4c 8b ]
  1294. fffff80672d8f45b-fffff80672d8f45e 4 bytes - hal!HalpInterruptDeferredRecoveryService+b (+0x07)
  1295. [ 0f 1f 44 00:e8 00 29 3b ]
  1296. fffff80672d8f4d0-fffff80672d8f4d1 2 bytes - hal!HalpInterruptSpuriousService+10 (+0x75)
  1297. [ 48 ff:4c 8b ]
  1298. fffff80672d8f4d7-fffff80672d8f4da 4 bytes - hal!HalpInterruptSpuriousService+17 (+0x07)
  1299. [ 0f 1f 44 00:e8 84 e6 18 ]
  1300. fffff80672d8f500-fffff80672d8f501 2 bytes - hal!HalpInterruptStubService+10 (+0x29)
  1301. [ 48 ff:4c 8b ]
  1302. fffff80672d8f507-fffff80672d8f50a 4 bytes - hal!HalpInterruptStubService+17 (+0x07)
  1303. [ 0f 1f 44 00:e8 54 e6 18 ]
  1304. 54 errors : !hal (fffff80672d5e41c-fffff80672d8f50a)
  1305. MODULE_NAME: memory_corruption
  1306.  
  1307. IMAGE_NAME: memory_corruption
  1308.  
  1309. FOLLOWUP_NAME: memory_corruption
  1310. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1311. MEMORY_CORRUPTOR: LARGE
  1312. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1313. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1314. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1315. TARGET_TIME: 2019-12-11T17:52:33.000Z
  1316. SUITE_MASK: 784
  1317. PRODUCT_TYPE: 1
  1318. USER_LCID: 0
  1319. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1320. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1321. Followup: memory_corruption
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!