Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.4
- Created by: gardenman
- Time to analyze file(s): 00 hours and 13 minutes and 41 seconds
- ================================ SYSTEM ================================
- MANUFACTURER: ASUS
- PRODUCT_NAME: All Series
- SKU: [Removed]
- ================================= BIOS =================================
- VENDOR: American Megatrends Inc.
- VERSION: 2801
- DATE: 11/11/2015
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: ASUSTeK COMPUTER INC.
- PRODUCT: Z97-A
- VERSION: Rev 1.xx
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 0MHz
- 4096MB 1600MHz 0215 CMZ8GX3M2A1600C9
- 0MHz
- 4096MB 1600MHz 0215 CMZ8GX3M2A1600C9
- ================================= CPU ==================================
- Processor Version: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
- COUNT: 4
- MHZ: 3506
- VENDOR: GenuineIntel
- FAMILY: 6
- MODEL: 3c
- STEPPING: 3
- MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1A'00000000 (cache) 1A'00000000 (init)
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS Personal
- Built by: 9600.18790.amd64fre.winblue_ltsb.170810-1616
- BUILD_VERSION: 6.3.9600.18790 (winblue_ltsb.170810-1616)
- BUILD: 9600
- SERVICEPACK: 18790
- PLATFORM_TYPE: x64
- NAME: Windows 8.1
- EDITION: Windows 8.1 WinNt TerminalServer SingleUserTS Personal
- BUILD_TIMESTAMP: 2017-08-10 21:32:19
- BUILDDATESTAMP: 170810-1616
- BUILDLAB: winblue_ltsb
- BUILDOSVER: 6.3.9600.18790
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in the full BIOS section.
- ========================================================================
- ==================== Dump File: 093017-4078-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff800`91601000 PsLoadedModuleList = 0xfffff800`918d3650
- Debug session time: Sat Sep 30 03:30:00.462 2017 (UTC - 4:00)
- System Uptime: 0 days 6:34:54.098
- BugCheck 3B, {c0000005, fffff9600024807d, ffffd00025d6eb50, 0}
- Probably caused by : win32k.sys ( win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19 )
- Followup: MachineOwner
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff9600024807d, Address of the instruction which caused the bugcheck
- Arg3: ffffd00025d6eb50, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
- fffff960`0024807d 488b12 mov rdx,qword ptr [rdx]
- CONTEXT: ffffd00025d6eb50 -- (.cxr 0xffffd00025d6eb50)
- rax=000000004e0f163a rbx=ffffd00025d6f6e8 rcx=ffffd00025d6f6e8
- rdx=ffbff90142a4e4d0 rsi=0000000000000001 rdi=fffff9014555c490
- rip=fffff9600024807d rsp=ffffd00025d6f580 rbp=ffffd00025d6f6b0
- r8=0000000000000004 r9=7ffff9014000d1d0 r10=fffff9014000d1d0
- r11=7ffffffffffffffc r12=ffbff90142a4e4d0 r13=0000000000000002
- r14=ffffd00025d6f99c r15=0000000000000000
- iopl=0 nv up ei ng nz na pe nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
- win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+0x19:
- fffff960`0024807d 488b12 mov rdx,qword ptr [rdx] ds:002b:ffbff901`42a4e4d0=????????????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: explorer.exe
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff96000248e92 to fffff9600024807d
- STACK_TEXT:
- ffffd000`25d6f580 fffff960`00248e92 : 00000000`00000000 ffffd000`25d6f6b0 00000000`00000001 fffff901`4555c490 : win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+0x19
- ffffd000`25d6f5b0 fffff960`0022f056 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!GreUpdateSprite+0x1c2
- ffffd000`25d6f7a0 fffff960`002e7fb9 : fffff901`40880400 00000000`00000002 fffff901`40880400 00000000`00000001 : win32k!UpdateSprite+0x106
- ffffd000`25d6f880 fffff960`002e7dbc : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000002 : win32k!zzzUpdateLayeredWindow+0x155
- ffffd000`25d6f940 fffff800`9175a5b3 : ffffe000`624f6880 00000000`00000001 00000000`00fef378 00000000`00000000 : win32k!NtUserUpdateLayeredWindow+0x2dc
- ffffd000`25d6fa90 00007fff`71944c3a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
- 00000000`00fef088 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`71944c3a
- THREAD_SHA1_HASH_MOD_FUNC: d1b7aa3af2dadb38259ea7e2595f05d382929d6f
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 4f444405d2497204f8f7cc35ad4f7a95931b6a20
- THREAD_SHA1_HASH_MOD: 687aa17141293262e126b4d8cf110b1b5dc2f610
- FOLLOWUP_IP:
- win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
- fffff960`0024807d 488b12 mov rdx,qword ptr [rdx]
- FAULT_INSTR_CODE: e8128b48
- SYMBOL_STACK_INDEX: 0
- SYMBOL_NAME: win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: win32k
- IMAGE_NAME: win32k.sys
- DEBUG_FLR_IMAGE_TIMESTAMP: 598d2497
- IMAGE_VERSION: 6.3.9600.18790
- STACK_COMMAND: .cxr 0xffffd00025d6eb50 ; kb
- BUCKET_ID_FUNC_OFFSET: 19
- FAILURE_BUCKET_ID: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
- BUCKET_ID: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
- PRIMARY_PROBLEM_CLASS: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
- TARGET_TIME: 2017-09-30T07:30:00.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0x3b_win32k!sfmlogicalsurfaceref::sfmlogicalsurfaceref
- FAILURE_ID_HASH: {1ca0e9de-95a2-7880-0aef-e5fbb65d3a36}
- Followup: MachineOwner
- ========================================================================
- ===================== 3RD PARTY DRIVER QUICK LIST ======================
- ========================================================================
- unavailable - ATMFD.DLL - Adobe Type Manager Font Driver https://www.microsoft.com/typography/otspec/otover.htm
- May 28 2012 - scmndisp.sys - NDIS User mode I/O driver (NETGEAR)
- Aug 22 2012 - AsIO.sys - Asus Input Output driver http://www.asus.com/
- Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
- Jul 31 2013 - bcmwlhigh664.sys -
- Mar 14 2014 - e1d64x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio Driver system driver http://www.realtek.com.tw/
- Jun 09 2015 - lgcoretemp.sys - CPU Core Temperature Monitor http://support.logitech.com/
- Oct 26 2015 - btwavdt.sys -
- Oct 26 2015 - btwrchid.sys -
- Nov 23 2015 - btwampfl.sys -
- Dec 08 2015 - btwaudio.sys -
- Dec 11 2015 - btwl2cap.sys -
- Jan 21 2016 - bcbtums.sys -
- Jun 13 2016 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator Driver http://support.logitech.com/
- Jun 13 2016 - LGJoyXlCore.sys - Logitech Gaming Software driver http://support.logitech.com/
- Jun 13 2016 - LGVirHid.sys - Logitech Gamepanel Virtual HID Device driver http://support.logitech.com/
- Sep 15 2016 - TeeDriverW8x64.sys - Intel® Management Engine Interface
- Dec 27 2016 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jan 11 2017 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
- Jan 17 2017 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
- Jan 17 2017 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
- Mar 11 2017 - vsdatant.sys -
- May 16 2017 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- May 28 2017 - nvvad64v.sys - Nvidia Virtual Audio Driver http://www.nvidia.com/
- Jun 07 2017 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Jun 29 2017 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- Jul 17 2017 - MBAMSwissArmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Aug 03 2017 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
- Aug 07 2017 - MBAMChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Aug 09 2017 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Aug 15 2017 - aswbidsdrivera.sys - Avast IDS Application Activity Monitor Driver http://www.avast.com/
- Aug 15 2017 - aswbidsha.sys - Avast Antivirus http://www.avast.com/
- Aug 15 2017 - aswbloga.sys - Avast Antivirus http://www.avast.com/
- Aug 15 2017 - aswbuniva.sys - Avast Antivirus http://www.avast.com/
- Aug 22 2017 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Aug 22 2017 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Aug 22 2017 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Aug 22 2017 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Aug 22 2017 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Aug 22 2017 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Sep 15 2017 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Sep 20 2017 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- ========================================================================
- ========================== 3RD PARTY DRIVERS ===========================
- ========================================================================
- Image path: \SystemRoot\System32\ATMFD.DLL
- Image name: ATMFD.DLL
- Search : https://www.google.com/search?q=ATMFD.DLL
- ADA Info : Adobe Type Manager Font Driver https://www.microsoft.com/typography/otspec/otover.htm
- Timestamp : unavailable (00000000)
- Image path: \SystemRoot\system32\DRIVERS\scmndisp.sys
- Image name: scmndisp.sys
- Search : https://www.google.com/search?q=scmndisp.sys
- ADA Info : NDIS User mode I/O driver (NETGEAR)
- Timestamp : Mon May 28 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : Asus Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
- Image name: lvrs64.sys
- Search : https://www.google.com/search?q=lvrs64.sys
- ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
- Image name: lvuvc64.sys
- Search : https://www.google.com/search?q=lvuvc64.sys
- ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\System32\drivers\ScpVBus.sys
- Image name: ScpVBus.sys
- Search : https://www.google.com/search?q=ScpVBus.sys
- ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
- Timestamp : Sun May 5 2013
- Image path: \SystemRoot\system32\DRIVERS\bcmwlhigh664.sys
- Image name: bcmwlhigh664.sys
- Search : https://www.google.com/search?q=bcmwlhigh664.sys
- Timestamp : Wed Jul 31 2013
- Image path: \SystemRoot\system32\DRIVERS\e1d64x64.sys
- Image name: e1d64x64.sys
- Search : https://www.google.com/search?q=e1d64x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Fri Mar 14 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio Driver system driver http://www.realtek.com.tw/
- Timestamp : Thu Apr 24 2014
- Image path: \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
- Image name: lgcoretemp.sys
- Search : https://www.google.com/search?q=lgcoretemp.sys
- ADA Info : CPU Core Temperature Monitor http://support.logitech.com/
- Timestamp : Tue Jun 9 2015
- Image path: \SystemRoot\System32\drivers\btwavdt.sys
- Image name: btwavdt.sys
- Search : https://www.google.com/search?q=btwavdt.sys
- Timestamp : Mon Oct 26 2015
- Image path: \SystemRoot\System32\drivers\btwrchid.sys
- Image name: btwrchid.sys
- Search : https://www.google.com/search?q=btwrchid.sys
- Timestamp : Mon Oct 26 2015
- Image path: \SystemRoot\system32\DRIVERS\btwampfl.sys
- Image name: btwampfl.sys
- Search : https://www.google.com/search?q=btwampfl.sys
- Timestamp : Mon Nov 23 2015
- Image path: \SystemRoot\system32\drivers\btwaudio.sys
- Image name: btwaudio.sys
- Search : https://www.google.com/search?q=btwaudio.sys
- Timestamp : Tue Dec 8 2015
- Image path: \SystemRoot\system32\DRIVERS\btwl2cap.sys
- Image name: btwl2cap.sys
- Search : https://www.google.com/search?q=btwl2cap.sys
- Timestamp : Fri Dec 11 2015
- Image path: \SystemRoot\system32\DRIVERS\bcbtums.sys
- Image name: bcbtums.sys
- Search : https://www.google.com/search?q=bcbtums.sys
- Timestamp : Thu Jan 21 2016
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator Driver http://support.logitech.com/
- Timestamp : Mon Jun 13 2016
- Image path: \SystemRoot\system32\drivers\LGJoyXlCore.sys
- Image name: LGJoyXlCore.sys
- Search : https://www.google.com/search?q=LGJoyXlCore.sys
- ADA Info : Logitech Gaming Software driver http://support.logitech.com/
- Timestamp : Mon Jun 13 2016
- Image path: \SystemRoot\system32\drivers\LGVirHid.sys
- Image name: LGVirHid.sys
- Search : https://www.google.com/search?q=LGVirHid.sys
- ADA Info : Logitech Gamepanel Virtual HID Device driver http://support.logitech.com/
- Timestamp : Mon Jun 13 2016
- Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
- Image name: TeeDriverW8x64.sys
- Search : https://www.google.com/search?q=TeeDriverW8x64.sys
- ADA Info : Intel® Management Engine Interface
- Timestamp : Thu Sep 15 2016
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Tue Dec 27 2016
- Image path: \??\C:\Windows\system32\drivers\mbae64.sys
- Image name: mbae64.sys
- Search : https://www.google.com/search?q=mbae64.sys
- ADA Info : Malwarebytes driver https://www.malwarebytes.com/
- Timestamp : Wed Jan 11 2017
- Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
- Image name: CorsairVBusDriver.sys
- Search : https://www.google.com/search?q=CorsairVBusDriver.sys
- ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
- Timestamp : Tue Jan 17 2017
- Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
- Image name: CorsairVHidDriver.sys
- Search : https://www.google.com/search?q=CorsairVHidDriver.sys
- ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
- Timestamp : Tue Jan 17 2017
- Image path: \SystemRoot\System32\drivers\vsdatant.sys
- Image name: vsdatant.sys
- Search : https://www.google.com/search?q=vsdatant.sys
- Timestamp : Sat Mar 11 2017
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue May 16 2017
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio Driver http://www.nvidia.com/
- Timestamp : Sun May 28 2017
- Image path: \??\C:\Windows\system32\drivers\mbam.sys
- Image name: mbam.sys
- Search : https://www.google.com/search?q=mbam.sys
- ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Timestamp : Wed Jun 7 2017
- Image path: \SystemRoot\system32\DRIVERS\farflt.sys
- Image name: farflt.sys
- Search : https://www.google.com/search?q=farflt.sys
- ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- Timestamp : Thu Jun 29 2017
- Image path: \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
- Image name: MBAMSwissArmy.sys
- Search : https://www.google.com/search?q=MBAMSwissArmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Mon Jul 17 2017
- Image path: \??\C:\Windows\system32\drivers\mwac.sys
- Image name: mwac.sys
- Search : https://www.google.com/search?q=mwac.sys
- ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
- Timestamp : Thu Aug 3 2017
- Image path: \SystemRoot\system32\drivers\MBAMChameleon.sys
- Image name: MBAMChameleon.sys
- Search : https://www.google.com/search?q=MBAMChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Mon Aug 7 2017
- Image path: \SystemRoot\system32\DRIVERS\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Aug 9 2017
- Image path: \SystemRoot\system32\drivers\aswbidsdrivera.sys
- Image name: aswbidsdrivera.sys
- Search : https://www.google.com/search?q=aswbidsdrivera.sys
- ADA Info : Avast IDS Application Activity Monitor Driver http://www.avast.com/
- Timestamp : Tue Aug 15 2017
- Image path: \SystemRoot\system32\drivers\aswbidsha.sys
- Image name: aswbidsha.sys
- Search : https://www.google.com/search?q=aswbidsha.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 15 2017
- Image path: \SystemRoot\system32\drivers\aswbloga.sys
- Image name: aswbloga.sys
- Search : https://www.google.com/search?q=aswbloga.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 15 2017
- Image path: \SystemRoot\system32\drivers\aswbuniva.sys
- Image name: aswbuniva.sys
- Search : https://www.google.com/search?q=aswbuniva.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 15 2017
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Aug 22 2017
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Fri Sep 15 2017
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Wed Sep 20 2017
- If any of the above drivers are from Microsoft then please let me know.
- I will have them moved to the Microsoft list on the next update.
- ========================================================================
- ========================== MICROSOFT DRIVERS ===========================
- ========================================================================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- BthEnum.sys Bluetooth Bus Extender
- BthLEEnum.sys Bluetooth LE Bus Enumerator
- bthmodem.sys Bluetooth Communications Driver
- bthpan.sys Bluetooth Personal Area Networking
- bthport.sys Bluetooth Bus driver (Microsoft)
- BTHUSB.sys Bluetooth Miniport driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys Crash Dump Disk Driver
- dump_dumpfve.sys Bitlocker Drive Encryption Crashdump Filter
- dump_storahci.sys MS AHCI Storport Miniport Driver
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms1.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- fltmgr.sys Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- hidbth.sys Bluetooth Miniport Driver for HID Devices
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rfcomm.sys Bluetooth RFCOMM Driver
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- TSDDD.dll Framebuffer Display Driver (Microsoft)
- tunnel.sys Microsoft Tunnel Interface driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbaudio.sys USB Audio Class Driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI Driver
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- vwifibus.sys Virtual Wireless Bus driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WSDPrint.sys Web Services Print Device driver (Microsoft)
- WSDScan.sys Web Service Based Scan Device driver (Microsoft)
- WudfPf.sys Windows Driver Foundation - User-mode Driver Framework Platform driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- Unloaded modules:
- fffff801`64de0000 fffff801`64df9000 mwac.sys
- fffff801`64826000 fffff801`64832000 ladfGSS.sys
- fffff801`6484d000 fffff801`64868000 xusb22.sys
- fffff801`64832000 fffff801`6484d000 xusb22.sys
- fffff801`6480b000 fffff801`64826000 xusb22.sys
- fffff801`6480c000 fffff801`64de0000 iqvw64e.sys
- fffff801`62cf0000 fffff801`62cfa000 CorsairVHidD
- fffff801`64392000 fffff801`643bf000 tunnel.sys
- fffff801`633aa000 fffff801`633b7000 vwifibus.sys
- fffff801`63273000 fffff801`633aa000 bcmwlhigh664
- fffff801`60e00000 fffff801`60e0c000 dump_storpor
- fffff801`605c0000 fffff801`605dd000 dump_storahc
- fffff801`605dd000 fffff801`605f3000 dump_dumpfve
- fffff801`62b2e000 fffff801`62b6b000 WUDFRd.sys
- fffff801`615e1000 fffff801`615f1000 dam.sys
- fffff801`60e00000 fffff801`60e0c000 hwpolicy.sys
- ========================================================================
- ============================== BIOS INFO ===============================
- ========================================================================
- [SMBIOS Data Tables v2.8]
- [DMI Version - 39]
- [2.0 Calling Convention - No]
- [Table Size - 3953 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 2801
- BIOS Starting Address Segment f000
- BIOS Release Date 11/11/2015
- BIOS ROM Size 800000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 4
- BIOS Minor Revision 6
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer ASUS
- Product Name All Series
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber All
- Family ASUS MB
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product Z97-A
- Version Rev 1.xx
- Feature Flags 09h
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 25 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 1
- Contained Element Size 3
- [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
- Number of Devices 2
- 01: Type Video [enabled]
- 02: Type Ethernet [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0029h]
- Number of Strings 4
- 3 Ferrari
- [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
- [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 33554432KB
- Number of Memory Devices 4
- [Memory Device (Type 17) - Length 40 - Handle 0047h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_A1
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0048h]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 4096MB
- Form Factor 09h - DIMM
- Device Locator DIMM_A2
- Bank Locator BANK 1
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMZ8GX3M2A1600C9
- [Memory Device (Type 17) - Length 40 - Handle 0049h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_B1
- Bank Locator BANK 2
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 004ah]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 4096MB
- Form Factor 09h - DIMM
- Device Locator DIMM_B2
- Bank Locator BANK 3
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMZ8GX3M2A1600C9
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Array Handle 0046h
- Partition Width 04
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
- Starting Address 00000000h
- Ending Address 003fffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 01
- Interleave Data Depth 02
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
- Starting Address 00400000h
- Ending Address 007fffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 02
- Interleave Data Depth 02
- [Processor Information (Type 4) - Length 42 - Handle 0064h]
- Socket Designation SOCKET 1150
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer Intel
- Processor ID c3060300fffbebbf
- Processor Version Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
- Processor Voltage 8ch - 1.2V
- External Clock 100MHz
- Max Speed 3800MHz
- Current Speed 3520MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 0065h
- L2 Cache Handle 0066h
- L3 Cache Handle 0067h
- [Cache Information (Type 7) - Length 19 - Handle 0065h]
- Socket Designation CPU Internal L1
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type ParitySingle-Bit ECC
- System Cache Type Other
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0066h]
- Socket Designation CPU Internal L2
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0067h]
- Socket Designation CPU Internal L3
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 1800h - 6144K
- Installed Size 1800h - 6144K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity Specification Reserved
- ========================================================================
- ==================== Dump File: 092917-4328-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff801`28a76000 PsLoadedModuleList = 0xfffff801`28d48650
- Debug session time: Fri Sep 29 20:54:36.375 2017 (UTC - 4:00)
- System Uptime: 2 days 4:19:03.014
- BugCheck 1E, {ffffffffc0000005, fffff801dcb6976a, 0, ffffffffffffffff}
- *** WARNING: Unable to verify timestamp for aswSP.sys
- *** ERROR: Module load completed but symbols could not be loaded for aswSP.sys
- Probably caused by : aswSP.sys ( aswSP+41ba4 )
- Followup: MachineOwner
- KMODE_EXCEPTION_NOT_HANDLED (1e)
- This is a very common bugcheck. Usually the exception address pinpoints
- the driver/function that caused the problem. Always note this address
- as well as the link date of the driver/image that contains this address.
- Arguments:
- Arg1: ffffffffc0000005, The exception code that was not handled
- Arg2: fffff801dcb6976a, The address that the exception occurred at
- Arg3: 0000000000000000, Parameter 0 of the exception
- Arg4: ffffffffffffffff, Parameter 1 of the exception
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff80128dd12a8
- GetUlongPtrFromAddress: unable to read from fffff80128dd1520
- ffffffffffffffff
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- storport!RaidAdapterPostScatterGatherExecute+19a
- fffff801`dcb6976a 4c8baf88000000 mov r13,qword ptr [rdi+88h]
- EXCEPTION_PARAMETER2: ffffffffffffffff
- BUGCHECK_STR: 0x1E_c0000005_R
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- EXCEPTION_RECORD: ffffc000c9d19ae0 -- (.exr 0xffffc000c9d19ae0)
- Cannot read Exception record @ ffffc000c9d19ae0
- TRAP_FRAME: 0000000000020000 -- (.trap 0x20000)
- Unable to read trap frame at 00000000`00020000
- LAST_CONTROL_TRANSFER: from fffff80128b73d91 to fffff80128bc3da0
- STACK_TEXT:
- ffffd000`25b45b38 fffff801`28b73d91 : 00000000`0000001e ffffffff`c0000005 fffff801`dcb6976a 00000000`00000000 : nt!KeBugCheckEx
- ffffd000`25b45b40 fffff801`28bcf9ce : ffffc000`c9d19ae0 00000000`00100089 00000000`00020000 00000000`00000000 : nt!KiDispatchException+0x1dd
- ffffd000`25b46230 fffff801`28bcdefe : 00000000`00000000 fffff801`28bb2c69 00000000`00000027 ffff0378`85fd9309 : nt!KiExceptionDispatch+0xce
- ffffd000`25b46410 fffff801`dcb6976a : 00000000`000000ff ffffe001`c0c41300 ffffe001`bb9df1a0 ffffe001`bb9df1a0 : nt!KiGeneralProtectionFault+0xfe
- ffffd000`25b465a0 fffff801`dcb699a2 : ffffe001`bb9df1a0 ffffe001`bf4052a8 ffffe001`c0c41010 00000000`00000000 : storport!RaidAdapterPostScatterGatherExecute+0x19a
- ffffd000`25b46680 fffff801`28a0ca37 : ffffe001`bf4052a8 00000000`00000018 ffffe001`bf405270 00000000`40200301 : storport!RaidpAdapterContinueScatterGather+0x42
- ffffd000`25b466b0 fffff801`dcb6f865 : 00000000`40200301 ffffe001`bb9df050 ffffe001`bf405270 ffffe001`c2531000 : hal!HalBuildScatterGatherListV2+0x207
- ffffd000`25b46750 fffff801`dcb6a197 : ffffe001`bb9fa910 ffffe001`c504a590 00000000`00000000 ffffe001`c08872c0 : storport!RaidAdapterScatterGatherExecute+0xc5
- ffffd000`25b467c0 fffff801`dcb6b80e : 00000000`00000001 ffffe001`00000001 ffffd000`25b46860 ffffe001`c0887200 : storport!RaUnitStartIo+0x1a7
- ffffd000`25b46830 fffff801`dcb6b93c : ffffd000`00010000 00000000`00000000 00000000`00000000 00000000`00000001 : storport!RaidStartIoPacket+0x236
- ffffd000`25b468c0 fffff801`dcb6920c : ffffe001`c504a590 00000000`00000000 ffffd000`25b46980 ffffe001`c5142590 : storport!RaidUnitSubmitRequest+0xdc
- ffffd000`25b46920 fffff801`dcb69585 : ffffd000`217fd270 ffffd000`217fd2f0 ffffe001`c504a590 ffffd000`25b46c08 : storport!RaUnitScsiIrp+0x2bc
- ffffd000`25b469f0 fffff801`dc81ac27 : ffffe001`c504a590 ffffe001`bb9033c0 ffffe001`bb9033c0 fffff801`dcf9d1be : storport!RaDriverScsiIrp+0x55
- ffffd000`25b46a30 fffff801`dc818147 : ffffe001`bb914910 00000000`00000007 ffffe001`c504a590 ffffe001`bbb271b0 : ACPI!ACPIIrpDispatchDeviceControl+0x97
- ffffd000`25b46a60 fffff801`dcd63ba4 : 00000000`00000007 ffffe001`bb9033c0 ffffe001`c137c8e0 00000000`cd7bb000 : ACPI!ACPIDispatchIrp+0x137
- ffffd000`25b46ad0 00000000`00000007 : ffffe001`bb9033c0 ffffe001`c137c8e0 00000000`cd7bb000 00000000`00000000 : aswSP+0x41ba4
- ffffd000`25b46ad8 ffffe001`bb9033c0 : ffffe001`c137c8e0 00000000`cd7bb000 00000000`00000000 fffff801`dcca2176 : 0x7
- ffffd000`25b46ae0 ffffe001`c137c8e0 : 00000000`cd7bb000 00000000`00000000 fffff801`dcca2176 00000000`00000000 : 0xffffe001`bb9033c0
- ffffd000`25b46ae8 00000000`cd7bb000 : 00000000`00000000 fffff801`dcca2176 00000000`00000000 00000000`00000000 : 0xffffe001`c137c8e0
- ffffd000`25b46af0 00000000`00000000 : fffff801`dcca2176 00000000`00000000 00000000`00000000 ffffe001`c137c8e0 : 0xcd7bb000
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: d5f0b8fff858bd9c09356bc5fd40d6e00dd2475c
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b01b2556a913b8cea92a2f4312671af5df9daebb
- THREAD_SHA1_HASH_MOD: 2374d2c997598c17810cf883ac31cbf3280e0c96
- FOLLOWUP_IP:
- aswSP+41ba4
- fffff801`dcd63ba4 ?? ???
- SYMBOL_STACK_INDEX: f
- SYMBOL_NAME: aswSP+41ba4
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: aswSP
- IMAGE_NAME: aswSP.sys
- DEBUG_FLR_IMAGE_TIMESTAMP: 599c7487
- BUCKET_ID_FUNC_OFFSET: 41ba4
- FAILURE_BUCKET_ID: 0x1E_c0000005_R_aswSP!unknown_function
- BUCKET_ID: 0x1E_c0000005_R_aswSP!unknown_function
- PRIMARY_PROBLEM_CLASS: 0x1E_c0000005_R_aswSP!unknown_function
- TARGET_TIME: 2017-09-30T00:54:36.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0x1e_c0000005_r_aswsp!unknown_function
- FAILURE_ID_HASH: {200942c7-066c-c20e-f700-b1f4fd68fbe7}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 092517-4125-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff803`44802000 PsLoadedModuleList = 0xfffff803`44ad4650
- Debug session time: Mon Sep 25 22:04:07.439 2017 (UTC - 4:00)
- System Uptime: 0 days 1:51:29.076
- BugCheck 3B, {c0000005, fffff80344bcb7e8, ffffd00021d5eb90, 0}
- Probably caused by : ntkrnlmp.exe ( nt!ObpCaptureObjectCreateInformation+238 )
- Followup: MachineOwner
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff80344bcb7e8, Address of the instruction which caused the bugcheck
- Arg3: ffffd00021d5eb90, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- nt!ObpCaptureObjectCreateInformation+238
- fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13]
- CONTEXT: ffffd00021d5eb90 -- (.cxr 0xffffd00021d5eb90)
- rax=0000000000000000 rbx=ffffe0009e5a4220 rcx=0000000000000000
- rdx=ffffd00021d5f5f8 rsi=0000000000000000 rdi=ffffd00021d5f698
- rip=fffff80344bcb7e8 rsp=ffffd00021d5f5c0 rbp=0000000000000000
- r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
- r11=ffffc00067b9b364 r12=0000000000000000 r13=ffbfe0009e5a4240
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl zr na po nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
- nt!ObpCaptureObjectCreateInformation+0x238:
- fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13] ds:002b:ffbfe000`9e5a4240=????????????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: svchost.exe
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff80344be0739 to fffff80344bcb7e8
- STACK_TEXT:
- ffffd000`21d5f5c0 fffff803`44be0739 : ffffe000`9e5a4220 ffffe000`979efaf0 ffffd000`21d5f6b0 fffff803`44be9dbc : nt!ObpCaptureObjectCreateInformation+0x238
- ffffd000`21d5f660 fffff803`44ca15fb : ffffd000`21d5f888 00000000`00000002 ffffe000`9c64bf00 00000000`00000000 : nt!ObCreateObject+0x79
- ffffd000`21d5f6e0 fffff803`44bdebe4 : ffffc000`5dd448c0 ffffd000`21d5fb80 ffffffff`ffffffff ffffffff`ffffffff : nt!SepDuplicateToken+0xfb
- ffffd000`21d5f7a0 fffff803`44bde3c9 : ffff0a65`fde28aeb 00000000`00000088 0000006d`d27faf50 00000000`00000000 : nt!NtOpenThreadTokenEx+0x814
- ffffd000`21d5fac0 fffff803`4495b5b3 : ffffe000`9e95f040 00000000`00000000 ffffe000`9e95f040 0000006d`d3c5b260 : nt!NtOpenThreadToken+0x11
- ffffd000`21d5fb00 00007ffd`ea5a090a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
- 0000006d`d296e868 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`ea5a090a
- THREAD_SHA1_HASH_MOD_FUNC: c1c641626fdac4343193d8a05b66b8df26df2cf1
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 8593abb51eeeae6ef53538159323c7c5ff270faa
- THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
- FOLLOWUP_IP:
- nt!ObpCaptureObjectCreateInformation+238
- fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13]
- FAULT_INSTR_CODE: 4d8b49
- SYMBOL_STACK_INDEX: 0
- SYMBOL_NAME: nt!ObpCaptureObjectCreateInformation+238
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 598d0923
- IMAGE_VERSION: 6.3.9600.18790
- STACK_COMMAND: .cxr 0xffffd00021d5eb90 ; kb
- BUCKET_ID_FUNC_OFFSET: 238
- FAILURE_BUCKET_ID: 0x3B_nt!ObpCaptureObjectCreateInformation
- BUCKET_ID: 0x3B_nt!ObpCaptureObjectCreateInformation
- PRIMARY_PROBLEM_CLASS: 0x3B_nt!ObpCaptureObjectCreateInformation
- TARGET_TIME: 2017-09-26T02:04:07.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0x3b_nt!obpcaptureobjectcreateinformation
- FAILURE_ID_HASH: {38cf8c42-96b1-8d22-75ea-1dc9cb7b7526}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 092217-4437-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff800`0fe70000 PsLoadedModuleList = 0xfffff800`10142650
- Debug session time: Fri Sep 22 12:40:31.463 2017 (UTC - 4:00)
- System Uptime: 0 days 1:45:27.101
- BugCheck 3B, {c0000005, fffff8000ff01c5e, ffffd00023683ee0, 0}
- Probably caused by : ntkrnlmp.exe ( nt!KiInsertQueueApc+1a )
- Followup: MachineOwner
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff8000ff01c5e, Address of the instruction which caused the bugcheck
- Arg3: ffffd00023683ee0, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- nt!KiInsertQueueApc+1a
- fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h]
- CONTEXT: ffffd00023683ee0 -- (.cxr 0xffffd00023683ee0)
- rax=0000000000000000 rbx=ffffe0019d319080 rcx=ffffe0019d319308
- rdx=ff7fe0019d319080 rsi=ffffe0019d319308 rdi=ffffd00195d35180
- rip=fffff8000ff01c5e rsp=ffffd00023684918 rbp=ffffe0019d319001
- r8=0000000000000000 r9=7fffe0019d1c1348 r10=0000000000000003
- r11=7ffffffffffffffc r12=0000000040010004 r13=ffffe00199d71080
- r14=0000000000000000 r15=0000000000000011
- iopl=0 nv up ei ng nz na pe nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
- nt!KiInsertQueueApc+0x1a:
- fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h] ds:002b:ff7fe001`9d3192c8=????????????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: csrss.exe
- CURRENT_IRQL: 2
- LAST_CONTROL_TRANSFER: from fffff8000fed42bd to fffff8000ff01c5e
- STACK_TEXT:
- ffffd000`23684918 fffff800`0fed42bd : ffffe001`9d300080 ffffe001`9d300001 ffffe001`9d1c1348 fffff800`10228002 : nt!KiInsertQueueApc+0x1a
- ffffd000`23684920 fffff800`102282a6 : ffffe001`9d319080 ffffe001`9d319080 00000000`00000000 00000000`40010004 : nt!KeRequestTerminationThread+0x75
- ffffd000`23684960 fffff800`10227d60 : 00000000`9d1c1088 00000000`00000000 00000000`00000000 00000000`40010004 : nt!PspTerminateThreadByPointer+0x6a
- ffffd000`23684990 fffff800`102283eb : ffffe001`9e123080 ffffe001`9e6603a0 ffffe001`9d1c1080 ffffe001`9d1c1080 : nt!PspTerminateAllThreads+0xf0
- ffffd000`236849f0 fffff800`1047aa08 : ffffffff`ffffffff ffffd000`23684a99 ffffe001`9d1c1080 ffffe001`9e660080 : nt!PspTerminateProcess+0x67
- ffffd000`23684a30 fffff800`0ffc95b3 : ffffe001`9e660080 00000000`000008e4 ffffe001`9e660080 ffffe001`9d45b160 : nt!NtTerminateProcess+0xe0
- ffffd000`23684b00 00007ffc`2d1201a1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
- 000000b4`81e4fa48 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`2d1201a1
- THREAD_SHA1_HASH_MOD_FUNC: e41bc83120cd99d69cb3e38627b9432b921c7820
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 426cc5fd96cb794f9670755e68f0bb37badddfeb
- THREAD_SHA1_HASH_MOD: 30a3e915496deaace47137d5b90c3ecc03746bf6
- FOLLOWUP_IP:
- nt!KiInsertQueueApc+1a
- fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h]
- FAULT_INSTR_CODE: c2848b4c
- SYMBOL_STACK_INDEX: 0
- SYMBOL_NAME: nt!KiInsertQueueApc+1a
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: nt
- IMAGE_NAME: ntkrnlmp.exe
- DEBUG_FLR_IMAGE_TIMESTAMP: 598d0923
- IMAGE_VERSION: 6.3.9600.18790
- STACK_COMMAND: .cxr 0xffffd00023683ee0 ; kb
- BUCKET_ID_FUNC_OFFSET: 1a
- FAILURE_BUCKET_ID: 0x3B_nt!KiInsertQueueApc
- BUCKET_ID: 0x3B_nt!KiInsertQueueApc
- PRIMARY_PROBLEM_CLASS: 0x3B_nt!KiInsertQueueApc
- TARGET_TIME: 2017-09-22T16:40:31.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0x3b_nt!kiinsertqueueapc
- FAILURE_ID_HASH: {e5e6ccee-c80d-1a1b-e6e1-fae4a7a6b711}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 092217-4406-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff802`cf480000 PsLoadedModuleList = 0xfffff802`cf752650
- Debug session time: Fri Sep 22 10:54:34.875 2017 (UTC - 4:00)
- System Uptime: 0 days 10:49:29.511
- BugCheck 3B, {c0000005, fffff800696fd823, ffffd0002239ace0, 0}
- Probably caused by : Npfs.SYS ( Npfs!NpRemoveDataQueueEntry+93 )
- Followup: MachineOwner
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff800696fd823, Address of the instruction which caused the bugcheck
- Arg3: ffffd0002239ace0, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- Npfs!NpRemoveDataQueueEntry+93
- fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h]
- CONTEXT: ffffd0002239ace0 -- (.cxr 0xffffd0002239ace0)
- rax=0000000000000000 rbx=ffffc001d8d3c058 rcx=ffffc001d8d3c058
- rdx=0000000000002401 rsi=ffbfe001b9845810 rdi=ffffe001b6059000
- rip=fffff800696fd823 rsp=ffffd0002239b710 rbp=ffffe001bb5a2000
- r8=ffffd0002239b810 r9=0000000000000000 r10=0000000000000003
- r11=000000785ef35068 r12=0000000000000000 r13=0000000000000000
- r14=ffffd0002239b810 r15=00000000000024d8
- iopl=0 nv up ei pl zr na po nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
- Npfs!NpRemoveDataQueueEntry+0x93:
- fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h] ds:002b:ffbfe001`b9845878=????????????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: chrome.exe
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff800696fd622 to fffff800696fd823
- STACK_TEXT:
- ffffd000`2239b710 fffff800`696fd622 : 00000000`00000000 fffff802`cf52f701 ffffd000`2239b810 ffffe001`b6059000 : Npfs!NpRemoveDataQueueEntry+0x93
- ffffd000`2239b750 fffff800`696fa1af : ffffd000`2239b830 ffffc001`d8d3c058 00000000`0016b001 ffffe001`b9845800 : Npfs!NpReadDataQueue+0x1a2
- ffffd000`2239b7c0 fffff800`68537101 : ffffe001`ba0e4070 ffffe001`bb5a2010 00000000`00000001 ffffe001`bc7d2380 : Npfs!NpFsdRead+0x1ff
- ffffd000`2239b870 fffff802`cf9178f7 : 00000000`00000000 ffffd000`2239b951 ffffe001`ba0e4070 0000001e`001a019f : fltmgr!FltpDispatch+0xf1
- ffffd000`2239b8d0 fffff802`cf844454 : ffffe001`ba0e4004 ffffe001`ba0e4070 00000000`00000000 ffffe001`ba0e4070 : nt!IopSynchronousServiceTail+0x32b
- ffffd000`2239b9a0 fffff802`cf5d95b3 : ffffe001`bb9bc880 00000000`00000000 00000000`00000000 00000078`58b26b18 : nt!NtReadFile+0x664
- ffffd000`2239ba90 00007ff9`d6ae072a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
- 00000078`4897f9e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`d6ae072a
- THREAD_SHA1_HASH_MOD_FUNC: 2780a04e6a04bf2d1f6ba4ed87120c660b9f58d7
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 840549a2c98dc120af632d524e95a2e2666ddff0
- THREAD_SHA1_HASH_MOD: eb5dedb7162fb643366cb59527edd234699438f0
- FOLLOWUP_IP:
- Npfs!NpRemoveDataQueueEntry+93
- fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h]
- FAULT_INSTR_CODE: 68468748
- SYMBOL_STACK_INDEX: 0
- SYMBOL_NAME: Npfs!NpRemoveDataQueueEntry+93
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: Npfs
- IMAGE_NAME: Npfs.SYS
- DEBUG_FLR_IMAGE_TIMESTAMP: 5215f8a9
- IMAGE_VERSION: 6.3.9600.16384
- STACK_COMMAND: .cxr 0xffffd0002239ace0 ; kb
- BUCKET_ID_FUNC_OFFSET: 93
- FAILURE_BUCKET_ID: 0x3B_Npfs!NpRemoveDataQueueEntry
- BUCKET_ID: 0x3B_Npfs!NpRemoveDataQueueEntry
- PRIMARY_PROBLEM_CLASS: 0x3B_Npfs!NpRemoveDataQueueEntry
- TARGET_TIME: 2017-09-22T14:54:34.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:0x3b_npfs!npremovedataqueueentry
- FAILURE_ID_HASH: {c61b2eb0-ee0b-260d-104f-5b4a17fd8deb}
- Followup: MachineOwner
- ========================================================================
- ==================== Dump File: 092117-4359-01.dmp =====================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
- Kernel base = 0xfffff801`e9815000 PsLoadedModuleList = 0xfffff801`e9ae7650
- Debug session time: Fri Sep 22 00:04:37.170 2017 (UTC - 4:00)
- System Uptime: 0 days 0:15:38.808
- BugCheck A, {fffff6e8021240c8, 2, 0, fffff801e988b6f4}
- *** WARNING: Unable to verify timestamp for ladfGSS.sys
- *** ERROR: Module load completed but symbols could not be loaded for ladfGSS.sys
- Probably caused by : ks.sys ( ks!KsProbeStreamIrp+275 )
- Followup: MachineOwner
- IRQL_NOT_LESS_OR_EQUAL (a)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If a kernel debugger is available get the stack backtrace.
- Arguments:
- Arg1: fffff6e8021240c8, memory referenced
- Arg2: 0000000000000002, IRQL
- Arg3: 0000000000000000, bitfield :
- bit 0 : value 0 = read operation, 1 = write operation
- bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
- Arg4: fffff801e988b6f4, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff801e9b702a8
- GetUlongPtrFromAddress: unable to read from fffff801e9b70520
- fffff6e8021240c8
- CURRENT_IRQL: 2
- FAULTING_IP:
- nt!MiReplenishBitMap+54
- fffff801`e988b6f4 488b1cf0 mov rbx,qword ptr [rax+rsi*8]
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
- BUGCHECK_STR: AV
- PROCESS_NAME: audiodg.exe
- TRAP_FRAME: ffffd000230d3f30 -- (.trap 0xffffd000230d3f30)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=fffff6e800100000 rbx=0000000000000000 rcx=fffff801e9ad47ff
- rdx=fffff801e9815000 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff801e988b6f4 rsp=ffffd000230d40c0 rbp=fffff801e9815000
- r8=ffffd00000000901 r9=0000000000000900 r10=0000000000000000
- r11=0000000000000007 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl nz na pe nc
- nt!MiReplenishBitMap+0x54:
- fffff801`e988b6f4 488b1cf0 mov rbx,qword ptr [rax+rsi*8] ds:fffff6e8`00100000=????????????????
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff801e996e8e9 to fffff801e9962da0
- STACK_TEXT:
- ffffd000`230d3de8 fffff801`e996e8e9 : 00000000`0000000a fffff6e8`021240c8 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
- ffffd000`230d3df0 fffff801`e996d13a : 00000000`00000000 00000000`00404819 00000000`00000000 00000000`00000001 : nt!KiBugCheckDispatch+0x69
- ffffd000`230d3f30 fffff801`e988b6f4 : 00404819`00000000 fffff801`e9815000 00000000`00004882 00000000`00000002 : nt!KiPageFault+0x23a
- ffffd000`230d40c0 fffff801`e987ad4d : ffffe000`25b1e568 ffffe000`25bd82b8 00000000`00000002 00000000`00000801 : nt!MiReplenishBitMap+0x54
- ffffd000`230d4200 fffff801`e98674af : 00000000`00000003 ffffd000`230d4340 ffffffff`ffffffff 00000000`00000001 : nt!MiEmptyPteBins+0xd5
- ffffd000`230d4240 fffff801`e986568e : 00000091`e965cac0 00000091`e965b8c0 ffffe000`20ae2920 fffff801`00000000 : nt!MiReservePtes+0xbdf
- ffffd000`230d4410 fffff800`abefbae5 : 00000000`00000003 ffffe000`23daf601 ffffe000`00000001 ffffe000`20ae28f0 : nt!MmMapLockedPagesSpecifyCache+0xce
- ffffd000`230d44c0 fffff800`abed9c22 : ffffe000`23daf640 ffffe000`2318b2d0 ffffe000`23daf640 00000000`00000003 : ks!KsProbeStreamIrp+0x275
- ffffd000`230d4540 fffff800`abefb629 : ffffe000`25dfa8d0 00000000`00000000 ffffe000`00000001 ffffd000`230d4639 : ks!CKsQueue::TransferKsIrp+0xf3
- ffffd000`230d45d0 fffff800`abef7071 : ffffe000`23dafb48 00000000`00000800 fffff6e8`0011c988 ffffe000`25be8350 : ks!CKsPin::DispatchDeviceIoControl+0x1c9
- ffffd000`230d4620 fffff800`aee9ef6c : ffffe000`24a37594 00000000`00000000 00000000`00000000 ffffe000`24a37594 : ks!KsDispatchIrp+0x61
- ffffd000`230d46e0 ffffe000`24a37594 : 00000000`00000000 00000000`00000000 ffffe000`24a37594 ffffe000`00000001 : ladfGSS+0x6f6c
- ffffd000`230d46e8 00000000`00000000 : 00000000`00000000 ffffe000`24a37594 ffffe000`00000001 ffffe000`00000001 : 0xffffe000`24a37594
- STACK_COMMAND: kb
- THREAD_SHA1_HASH_MOD_FUNC: 34e96c9da6cc8cbba2581632acce2795b2b092aa
- THREAD_SHA1_HASH_MOD_FUNC_OFFSET: ac8dfc0b8d8d6a31dbee56b0bfac0a51105845fe
- THREAD_SHA1_HASH_MOD: 5327a243daf8f648d7ba66ce7c0ee91048ba22ae
- FOLLOWUP_IP:
- ks!KsProbeStreamIrp+275
- fffff800`abefbae5 4885c0 test rax,rax
- FAULT_INSTR_CODE: fc08548
- SYMBOL_STACK_INDEX: 7
- SYMBOL_NAME: ks!KsProbeStreamIrp+275
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: ks
- IMAGE_NAME: ks.sys
- DEBUG_FLR_IMAGE_TIMESTAMP: 53b6a513
- IMAGE_VERSION: 6.3.9600.17227
- BUCKET_ID_FUNC_OFFSET: 275
- FAILURE_BUCKET_ID: AV_ks!KsProbeStreamIrp
- BUCKET_ID: AV_ks!KsProbeStreamIrp
- PRIMARY_PROBLEM_CLASS: AV_ks!KsProbeStreamIrp
- TARGET_TIME: 2017-09-22T04:04:37.000Z
- SUITE_MASK: 784
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:av_ks!ksprobestreamirp
- FAILURE_ID_HASH: {cb0f6d24-67b7-157c-a9e0-4af64fbd9e49}
- Followup: MachineOwner
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement