API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 1st, 2017
448
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 63.91 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.4
  4. Created by: gardenman
  5. Time to analyze file(s): 00 hours and 13 minutes and 41 seconds
  6.  
  7. ================================ SYSTEM ================================
  8. MANUFACTURER: ASUS
  9. PRODUCT_NAME: All Series
  10. SKU: [Removed]
  11.  
  12. ================================= BIOS =================================
  13. VENDOR: American Megatrends Inc.
  14. VERSION: 2801
  15. DATE: 11/11/2015
  16.  
  17. ============================= MOTHERBOARD ==============================
  18. MANUFACTURER: ASUSTeK COMPUTER INC.
  19. PRODUCT: Z97-A
  20. VERSION: Rev 1.xx
  21.  
  22. ================================= RAM ==================================
  23. Size Speed Manufacturer Part No.
  24. -------------- -------------- ------------------- ----------------------
  25. 0MHz
  26. 4096MB 1600MHz 0215 CMZ8GX3M2A1600C9
  27. 0MHz
  28. 4096MB 1600MHz 0215 CMZ8GX3M2A1600C9
  29.  
  30. ================================= CPU ==================================
  31. Processor Version: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
  32. COUNT: 4
  33. MHZ: 3506
  34. VENDOR: GenuineIntel
  35. FAMILY: 6
  36. MODEL: 3c
  37. STEPPING: 3
  38. MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1A'00000000 (cache) 1A'00000000 (init)
  39.  
  40. ================================== OS ==================================
  41. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  42. Built by: 9600.18790.amd64fre.winblue_ltsb.170810-1616
  43. BUILD_VERSION: 6.3.9600.18790 (winblue_ltsb.170810-1616)
  44. BUILD: 9600
  45. SERVICEPACK: 18790
  46. PLATFORM_TYPE: x64
  47. NAME: Windows 8.1
  48. EDITION: Windows 8.1 WinNt TerminalServer SingleUserTS Personal
  49. BUILD_TIMESTAMP: 2017-08-10 21:32:19
  50. BUILDDATESTAMP: 170810-1616
  51. BUILDLAB: winblue_ltsb
  52. BUILDOSVER: 6.3.9600.18790
  53.  
  54. =============================== DEBUGGER ===============================
  55. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
  56. Copyright (c) Microsoft Corporation. All rights reserved.
  57.  
  58. =============================== COMMENTS ===============================
  59. * Information gathered from different dump files may be different. If
  60. Windows updates between two dump files, two or more OS versions may
  61. be shown above.
  62. * If the user updates the BIOS between dump files, two or more versions
  63. and dates may be shown above.
  64. * More RAM information can be found below in the full BIOS section.
  65.  
  66.  
  67. ========================================================================
  68. ==================== Dump File: 093017-4078-01.dmp =====================
  69. ========================================================================
  70. Mini Kernel Dump File: Only registers and stack trace are available
  71. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  72. Kernel base = 0xfffff800`91601000 PsLoadedModuleList = 0xfffff800`918d3650
  73. Debug session time: Sat Sep 30 03:30:00.462 2017 (UTC - 4:00)
  74. System Uptime: 0 days 6:34:54.098
  75.  
  76. BugCheck 3B, {c0000005, fffff9600024807d, ffffd00025d6eb50, 0}
  77. Probably caused by : win32k.sys ( win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19 )
  78. Followup: MachineOwner
  79.  
  80. SYSTEM_SERVICE_EXCEPTION (3b)
  81. An exception happened while executing a system service routine.
  82.  
  83. Arguments:
  84. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  85. Arg2: fffff9600024807d, Address of the instruction which caused the bugcheck
  86. Arg3: ffffd00025d6eb50, Address of the context record for the exception that caused the bugcheck
  87. Arg4: 0000000000000000, zero.
  88.  
  89. Debugging Details:
  90. DUMP_CLASS: 1
  91. DUMP_QUALIFIER: 400
  92. DUMP_TYPE: 2
  93. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  94. FAULTING_IP:
  95. win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
  96. fffff960`0024807d 488b12 mov rdx,qword ptr [rdx]
  97. CONTEXT: ffffd00025d6eb50 -- (.cxr 0xffffd00025d6eb50)
  98. rax=000000004e0f163a rbx=ffffd00025d6f6e8 rcx=ffffd00025d6f6e8
  99. rdx=ffbff90142a4e4d0 rsi=0000000000000001 rdi=fffff9014555c490
  100. rip=fffff9600024807d rsp=ffffd00025d6f580 rbp=ffffd00025d6f6b0
  101. r8=0000000000000004 r9=7ffff9014000d1d0 r10=fffff9014000d1d0
  102. r11=7ffffffffffffffc r12=ffbff90142a4e4d0 r13=0000000000000002
  103. r14=ffffd00025d6f99c r15=0000000000000000
  104. iopl=0 nv up ei ng nz na pe nc
  105. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
  106. win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+0x19:
  107. fffff960`0024807d 488b12 mov rdx,qword ptr [rdx] ds:002b:ffbff901`42a4e4d0=????????????????
  108. Resetting default scope
  109. CUSTOMER_CRASH_COUNT: 1
  110. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  111. BUGCHECK_STR: 0x3B
  112.  
  113. PROCESS_NAME: explorer.exe
  114.  
  115. CURRENT_IRQL: 0
  116. LAST_CONTROL_TRANSFER: from fffff96000248e92 to fffff9600024807d
  117. STACK_TEXT:
  118. ffffd000`25d6f580 fffff960`00248e92 : 00000000`00000000 ffffd000`25d6f6b0 00000000`00000001 fffff901`4555c490 : win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+0x19
  119. ffffd000`25d6f5b0 fffff960`0022f056 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : win32k!GreUpdateSprite+0x1c2
  120. ffffd000`25d6f7a0 fffff960`002e7fb9 : fffff901`40880400 00000000`00000002 fffff901`40880400 00000000`00000001 : win32k!UpdateSprite+0x106
  121. ffffd000`25d6f880 fffff960`002e7dbc : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000002 : win32k!zzzUpdateLayeredWindow+0x155
  122. ffffd000`25d6f940 fffff800`9175a5b3 : ffffe000`624f6880 00000000`00000001 00000000`00fef378 00000000`00000000 : win32k!NtUserUpdateLayeredWindow+0x2dc
  123. ffffd000`25d6fa90 00007fff`71944c3a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  124. 00000000`00fef088 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`71944c3a
  125. THREAD_SHA1_HASH_MOD_FUNC: d1b7aa3af2dadb38259ea7e2595f05d382929d6f
  126. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 4f444405d2497204f8f7cc35ad4f7a95931b6a20
  127. THREAD_SHA1_HASH_MOD: 687aa17141293262e126b4d8cf110b1b5dc2f610
  128. FOLLOWUP_IP:
  129. win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
  130. fffff960`0024807d 488b12 mov rdx,qword ptr [rdx]
  131. FAULT_INSTR_CODE: e8128b48
  132. SYMBOL_STACK_INDEX: 0
  133. SYMBOL_NAME: win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF+19
  134. FOLLOWUP_NAME: MachineOwner
  135. MODULE_NAME: win32k
  136.  
  137. IMAGE_NAME: win32k.sys
  138.  
  139. DEBUG_FLR_IMAGE_TIMESTAMP: 598d2497
  140. IMAGE_VERSION: 6.3.9600.18790
  141. STACK_COMMAND: .cxr 0xffffd00025d6eb50 ; kb
  142. BUCKET_ID_FUNC_OFFSET: 19
  143. FAILURE_BUCKET_ID: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
  144. BUCKET_ID: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
  145. PRIMARY_PROBLEM_CLASS: 0x3B_win32k!SFMLOGICALSURFACEREF::SFMLOGICALSURFACEREF
  146. TARGET_TIME: 2017-09-30T07:30:00.000Z
  147. SUITE_MASK: 784
  148. PRODUCT_TYPE: 1
  149. USER_LCID: 0
  150. FAILURE_ID_HASH_STRING: km:0x3b_win32k!sfmlogicalsurfaceref::sfmlogicalsurfaceref
  151. FAILURE_ID_HASH: {1ca0e9de-95a2-7880-0aef-e5fbb65d3a36}
  152. Followup: MachineOwner
  153.  
  154. ========================================================================
  155. ===================== 3RD PARTY DRIVER QUICK LIST ======================
  156. ========================================================================
  157. unavailable - ATMFD.DLL - Adobe Type Manager Font Driver https://www.microsoft.com/typography/otspec/otover.htm
  158. May 28 2012 - scmndisp.sys - NDIS User mode I/O driver (NETGEAR)
  159. Aug 22 2012 - AsIO.sys - Asus Input Output driver http://www.asus.com/
  160. Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
  161. Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
  162. May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  163. Jul 31 2013 - bcmwlhigh664.sys -
  164. Mar 14 2014 - e1d64x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  165. Apr 24 2014 - RTKVHD64.sys - Realtek Audio Driver system driver http://www.realtek.com.tw/
  166. Jun 09 2015 - lgcoretemp.sys - CPU Core Temperature Monitor http://support.logitech.com/
  167. Oct 26 2015 - btwavdt.sys -
  168. Oct 26 2015 - btwrchid.sys -
  169. Nov 23 2015 - btwampfl.sys -
  170. Dec 08 2015 - btwaudio.sys -
  171. Dec 11 2015 - btwl2cap.sys -
  172. Jan 21 2016 - bcbtums.sys -
  173. Jun 13 2016 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator Driver http://support.logitech.com/
  174. Jun 13 2016 - LGJoyXlCore.sys - Logitech Gaming Software driver http://support.logitech.com/
  175. Jun 13 2016 - LGVirHid.sys - Logitech Gamepanel Virtual HID Device driver http://support.logitech.com/
  176. Sep 15 2016 - TeeDriverW8x64.sys - Intel® Management Engine Interface
  177. Dec 27 2016 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  178. Jan 11 2017 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  179. Jan 17 2017 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  180. Jan 17 2017 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  181. Mar 11 2017 - vsdatant.sys -
  182. May 16 2017 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  183. May 28 2017 - nvvad64v.sys - Nvidia Virtual Audio Driver http://www.nvidia.com/
  184. Jun 07 2017 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  185. Jun 29 2017 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  186. Jul 17 2017 - MBAMSwissArmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  187. Aug 03 2017 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  188. Aug 07 2017 - MBAMChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  189. Aug 09 2017 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  190. Aug 15 2017 - aswbidsdrivera.sys - Avast IDS Application Activity Monitor Driver http://www.avast.com/
  191. Aug 15 2017 - aswbidsha.sys - Avast Antivirus http://www.avast.com/
  192. Aug 15 2017 - aswbloga.sys - Avast Antivirus http://www.avast.com/
  193. Aug 15 2017 - aswbuniva.sys - Avast Antivirus http://www.avast.com/
  194. Aug 22 2017 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  195. Aug 22 2017 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  196. Aug 22 2017 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  197. Aug 22 2017 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  198. Aug 22 2017 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  199. Aug 22 2017 - aswSP.sys - Avast Antivirus http://www.avast.com/
  200. Sep 15 2017 - aswStm.sys - Avast Antivirus http://www.avast.com/
  201. Sep 20 2017 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  202.  
  203. ========================================================================
  204. ========================== 3RD PARTY DRIVERS ===========================
  205. ========================================================================
  206. Image path: \SystemRoot\System32\ATMFD.DLL
  207. Image name: ATMFD.DLL
  208. Search : https://www.google.com/search?q=ATMFD.DLL
  209. ADA Info : Adobe Type Manager Font Driver https://www.microsoft.com/typography/otspec/otover.htm
  210. Timestamp : unavailable (00000000)
  211.  
  212. Image path: \SystemRoot\system32\DRIVERS\scmndisp.sys
  213. Image name: scmndisp.sys
  214. Search : https://www.google.com/search?q=scmndisp.sys
  215. ADA Info : NDIS User mode I/O driver (NETGEAR)
  216. Timestamp : Mon May 28 2012
  217.  
  218. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  219. Image name: AsIO.sys
  220. Search : https://www.google.com/search?q=AsIO.sys
  221. ADA Info : Asus Input Output driver http://www.asus.com/
  222. Timestamp : Wed Aug 22 2012
  223.  
  224. Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
  225. Image name: lvrs64.sys
  226. Search : https://www.google.com/search?q=lvrs64.sys
  227. ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
  228. Timestamp : Mon Oct 22 2012
  229.  
  230. Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
  231. Image name: lvuvc64.sys
  232. Search : https://www.google.com/search?q=lvuvc64.sys
  233. ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
  234. Timestamp : Mon Oct 22 2012
  235.  
  236. Image path: \SystemRoot\System32\drivers\ScpVBus.sys
  237. Image name: ScpVBus.sys
  238. Search : https://www.google.com/search?q=ScpVBus.sys
  239. ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  240. Timestamp : Sun May 5 2013
  241.  
  242. Image path: \SystemRoot\system32\DRIVERS\bcmwlhigh664.sys
  243. Image name: bcmwlhigh664.sys
  244. Search : https://www.google.com/search?q=bcmwlhigh664.sys
  245. Timestamp : Wed Jul 31 2013
  246.  
  247. Image path: \SystemRoot\system32\DRIVERS\e1d64x64.sys
  248. Image name: e1d64x64.sys
  249. Search : https://www.google.com/search?q=e1d64x64.sys
  250. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  251. Timestamp : Fri Mar 14 2014
  252.  
  253. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  254. Image name: RTKVHD64.sys
  255. Search : https://www.google.com/search?q=RTKVHD64.sys
  256. ADA Info : Realtek Audio Driver system driver http://www.realtek.com.tw/
  257. Timestamp : Thu Apr 24 2014
  258.  
  259. Image path: \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
  260. Image name: lgcoretemp.sys
  261. Search : https://www.google.com/search?q=lgcoretemp.sys
  262. ADA Info : CPU Core Temperature Monitor http://support.logitech.com/
  263. Timestamp : Tue Jun 9 2015
  264.  
  265. Image path: \SystemRoot\System32\drivers\btwavdt.sys
  266. Image name: btwavdt.sys
  267. Search : https://www.google.com/search?q=btwavdt.sys
  268. Timestamp : Mon Oct 26 2015
  269.  
  270. Image path: \SystemRoot\System32\drivers\btwrchid.sys
  271. Image name: btwrchid.sys
  272. Search : https://www.google.com/search?q=btwrchid.sys
  273. Timestamp : Mon Oct 26 2015
  274.  
  275. Image path: \SystemRoot\system32\DRIVERS\btwampfl.sys
  276. Image name: btwampfl.sys
  277. Search : https://www.google.com/search?q=btwampfl.sys
  278. Timestamp : Mon Nov 23 2015
  279.  
  280. Image path: \SystemRoot\system32\drivers\btwaudio.sys
  281. Image name: btwaudio.sys
  282. Search : https://www.google.com/search?q=btwaudio.sys
  283. Timestamp : Tue Dec 8 2015
  284.  
  285. Image path: \SystemRoot\system32\DRIVERS\btwl2cap.sys
  286. Image name: btwl2cap.sys
  287. Search : https://www.google.com/search?q=btwl2cap.sys
  288. Timestamp : Fri Dec 11 2015
  289.  
  290. Image path: \SystemRoot\system32\DRIVERS\bcbtums.sys
  291. Image name: bcbtums.sys
  292. Search : https://www.google.com/search?q=bcbtums.sys
  293. Timestamp : Thu Jan 21 2016
  294.  
  295. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  296. Image name: LGBusEnum.sys
  297. Search : https://www.google.com/search?q=LGBusEnum.sys
  298. ADA Info : Logitech GamePanel Virtual Bus Enumerator Driver http://support.logitech.com/
  299. Timestamp : Mon Jun 13 2016
  300.  
  301. Image path: \SystemRoot\system32\drivers\LGJoyXlCore.sys
  302. Image name: LGJoyXlCore.sys
  303. Search : https://www.google.com/search?q=LGJoyXlCore.sys
  304. ADA Info : Logitech Gaming Software driver http://support.logitech.com/
  305. Timestamp : Mon Jun 13 2016
  306.  
  307. Image path: \SystemRoot\system32\drivers\LGVirHid.sys
  308. Image name: LGVirHid.sys
  309. Search : https://www.google.com/search?q=LGVirHid.sys
  310. ADA Info : Logitech Gamepanel Virtual HID Device driver http://support.logitech.com/
  311. Timestamp : Mon Jun 13 2016
  312.  
  313. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  314. Image name: TeeDriverW8x64.sys
  315. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  316. ADA Info : Intel® Management Engine Interface
  317. Timestamp : Thu Sep 15 2016
  318.  
  319. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  320. Image name: nvvhci.sys
  321. Search : https://www.google.com/search?q=nvvhci.sys
  322. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  323. Timestamp : Tue Dec 27 2016
  324.  
  325. Image path: \??\C:\Windows\system32\drivers\mbae64.sys
  326. Image name: mbae64.sys
  327. Search : https://www.google.com/search?q=mbae64.sys
  328. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  329. Timestamp : Wed Jan 11 2017
  330.  
  331. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  332. Image name: CorsairVBusDriver.sys
  333. Search : https://www.google.com/search?q=CorsairVBusDriver.sys
  334. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  335. Timestamp : Tue Jan 17 2017
  336.  
  337. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  338. Image name: CorsairVHidDriver.sys
  339. Search : https://www.google.com/search?q=CorsairVHidDriver.sys
  340. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  341. Timestamp : Tue Jan 17 2017
  342.  
  343. Image path: \SystemRoot\System32\drivers\vsdatant.sys
  344. Image name: vsdatant.sys
  345. Search : https://www.google.com/search?q=vsdatant.sys
  346. Timestamp : Sat Mar 11 2017
  347.  
  348. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  349. Image name: nvhda64v.sys
  350. Search : https://www.google.com/search?q=nvhda64v.sys
  351. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  352. Timestamp : Tue May 16 2017
  353.  
  354. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  355. Image name: nvvad64v.sys
  356. Search : https://www.google.com/search?q=nvvad64v.sys
  357. ADA Info : Nvidia Virtual Audio Driver http://www.nvidia.com/
  358. Timestamp : Sun May 28 2017
  359.  
  360. Image path: \??\C:\Windows\system32\drivers\mbam.sys
  361. Image name: mbam.sys
  362. Search : https://www.google.com/search?q=mbam.sys
  363. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  364. Timestamp : Wed Jun 7 2017
  365.  
  366. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  367. Image name: farflt.sys
  368. Search : https://www.google.com/search?q=farflt.sys
  369. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  370. Timestamp : Thu Jun 29 2017
  371.  
  372. Image path: \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
  373. Image name: MBAMSwissArmy.sys
  374. Search : https://www.google.com/search?q=MBAMSwissArmy.sys
  375. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  376. Timestamp : Mon Jul 17 2017
  377.  
  378. Image path: \??\C:\Windows\system32\drivers\mwac.sys
  379. Image name: mwac.sys
  380. Search : https://www.google.com/search?q=mwac.sys
  381. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  382. Timestamp : Thu Aug 3 2017
  383.  
  384. Image path: \SystemRoot\system32\drivers\MBAMChameleon.sys
  385. Image name: MBAMChameleon.sys
  386. Search : https://www.google.com/search?q=MBAMChameleon.sys
  387. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  388. Timestamp : Mon Aug 7 2017
  389.  
  390. Image path: \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  391. Image name: nvlddmkm.sys
  392. Search : https://www.google.com/search?q=nvlddmkm.sys
  393. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  394. Timestamp : Wed Aug 9 2017
  395.  
  396. Image path: \SystemRoot\system32\drivers\aswbidsdrivera.sys
  397. Image name: aswbidsdrivera.sys
  398. Search : https://www.google.com/search?q=aswbidsdrivera.sys
  399. ADA Info : Avast IDS Application Activity Monitor Driver http://www.avast.com/
  400. Timestamp : Tue Aug 15 2017
  401.  
  402. Image path: \SystemRoot\system32\drivers\aswbidsha.sys
  403. Image name: aswbidsha.sys
  404. Search : https://www.google.com/search?q=aswbidsha.sys
  405. ADA Info : Avast Antivirus http://www.avast.com/
  406. Timestamp : Tue Aug 15 2017
  407.  
  408. Image path: \SystemRoot\system32\drivers\aswbloga.sys
  409. Image name: aswbloga.sys
  410. Search : https://www.google.com/search?q=aswbloga.sys
  411. ADA Info : Avast Antivirus http://www.avast.com/
  412. Timestamp : Tue Aug 15 2017
  413.  
  414. Image path: \SystemRoot\system32\drivers\aswbuniva.sys
  415. Image name: aswbuniva.sys
  416. Search : https://www.google.com/search?q=aswbuniva.sys
  417. ADA Info : Avast Antivirus http://www.avast.com/
  418. Timestamp : Tue Aug 15 2017
  419.  
  420. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  421. Image name: aswKbd.sys
  422. Search : https://www.google.com/search?q=aswKbd.sys
  423. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  424. Timestamp : Tue Aug 22 2017
  425.  
  426. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  427. Image name: aswMonFlt.sys
  428. Search : https://www.google.com/search?q=aswMonFlt.sys
  429. ADA Info : Avast Antivirus http://www.avast.com/
  430. Timestamp : Tue Aug 22 2017
  431.  
  432. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  433. Image name: aswRdr2.sys
  434. Search : https://www.google.com/search?q=aswRdr2.sys
  435. ADA Info : Avast Antivirus http://www.avast.com/
  436. Timestamp : Tue Aug 22 2017
  437.  
  438. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  439. Image name: aswRvrt.sys
  440. Search : https://www.google.com/search?q=aswRvrt.sys
  441. ADA Info : Avast Antivirus http://www.avast.com/
  442. Timestamp : Tue Aug 22 2017
  443.  
  444. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  445. Image name: aswSnx.sys
  446. Search : https://www.google.com/search?q=aswSnx.sys
  447. ADA Info : Avast Antivirus http://www.avast.com/
  448. Timestamp : Tue Aug 22 2017
  449.  
  450. Image path: \SystemRoot\system32\drivers\aswSP.sys
  451. Image name: aswSP.sys
  452. Search : https://www.google.com/search?q=aswSP.sys
  453. ADA Info : Avast Antivirus http://www.avast.com/
  454. Timestamp : Tue Aug 22 2017
  455.  
  456. Image path: \SystemRoot\system32\drivers\aswStm.sys
  457. Image name: aswStm.sys
  458. Search : https://www.google.com/search?q=aswStm.sys
  459. ADA Info : Avast Antivirus http://www.avast.com/
  460. Timestamp : Fri Sep 15 2017
  461.  
  462. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  463. Image name: aswVmm.sys
  464. Search : https://www.google.com/search?q=aswVmm.sys
  465. ADA Info : Avast Antivirus http://www.avast.com/
  466. Timestamp : Wed Sep 20 2017
  467.  
  468. If any of the above drivers are from Microsoft then please let me know.
  469. I will have them moved to the Microsoft list on the next update.
  470.  
  471. ========================================================================
  472. ========================== MICROSOFT DRIVERS ===========================
  473. ========================================================================
  474. ACPI.sys ACPI Driver for NT (Microsoft)
  475. acpiex.sys ACPIEx Driver (Microsoft)
  476. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  477. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  478. ahcache.sys Application Compatibility Cache (Microsoft)
  479. BasicDisplay.sys Basic Display driver (Microsoft)
  480. BasicRender.sys Basic Render driver (Microsoft)
  481. Beep.SYS BEEP driver (Microsoft)
  482. BOOTVID.dll VGA Boot Driver (Microsoft)
  483. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  484. BthEnum.sys Bluetooth Bus Extender
  485. BthLEEnum.sys Bluetooth LE Bus Enumerator
  486. bthmodem.sys Bluetooth Communications Driver
  487. bthpan.sys Bluetooth Personal Area Networking
  488. bthport.sys Bluetooth Bus driver (Microsoft)
  489. BTHUSB.sys Bluetooth Miniport driver (Microsoft)
  490. cdd.dll Canonical Display Driver (Microsoft)
  491. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  492. CI.dll Code Integrity Module (Microsoft)
  493. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  494. CLFS.SYS Common Log File System Driver (Microsoft)
  495. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  496. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  497. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  498. condrv.sys Console Driver (Microsoft)
  499. crashdmp.sys Crash Dump driver (Microsoft)
  500. dfsc.sys DFS Namespace Client Driver (Microsoft)
  501. disk.sys PnP Disk Driver (Microsoft)
  502. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  503. dump_diskdump.sys Crash Dump Disk Driver
  504. dump_dumpfve.sys Bitlocker Drive Encryption Crashdump Filter
  505. dump_storahci.sys MS AHCI Storport Miniport Driver
  506. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  507. dxgmms1.sys DirectX Graphics MMS
  508. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  509. fileinfo.sys FileInfo Filter Driver (Microsoft)
  510. fltmgr.sys Filesystem Filter Manager (Microsoft)
  511. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  512. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  513. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  514. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  515. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  516. hidbth.sys Bluetooth Miniport Driver for HID Devices
  517. HIDCLASS.SYS Hid Class Library (Microsoft)
  518. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  519. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  520. HTTP.sys HTTP Protocol Stack (Microsoft)
  521. intelpep.sys Intel Power Engine Plugin (Microsoft)
  522. intelppm.sys Processor Device Driver (Microsoft)
  523. kbdclass.sys Keyboard Class Driver (Microsoft)
  524. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  525. kd.dll Local Kernal Debugger (Microsoft)
  526. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  527. ks.sys Kernal CSA Library (Microsoft)
  528. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  529. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  530. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  531. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  532. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  533. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  534. monitor.sys Monitor Driver (Microsoft)
  535. mouclass.sys Mouse Class Driver (Microsoft)
  536. mouhid.sys HID Mouse Filter Driver (Microsoft)
  537. mountmgr.sys Mount Point Manager (Microsoft)
  538. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  539. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  540. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  541. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  542. Msfs.SYS Mailslot driver (Microsoft)
  543. msisadrv.sys ISA Driver (Microsoft)
  544. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  545. mssmbios.sys System Management BIOS driver (Microsoft)
  546. mup.sys Multiple UNC Provider driver (Microsoft)
  547. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  548. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  549. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  550. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  551. netbios.sys NetBIOS Interface driver (Microsoft)
  552. netbt.sys MBT Transport driver (Microsoft)
  553. NETIO.SYS Network I/O Subsystem (Microsoft)
  554. Npfs.SYS NPFS driver (Microsoft)
  555. npsvctrig.sys Named pipe service triggers (Microsoft)
  556. nsiproxy.sys NSI Proxy driver (Microsoft)
  557. Ntfs.sys NT File System Driver (Microsoft)
  558. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  559. Null.SYS NULL Driver (Microsoft)
  560. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  561. pacer.sys QoS Packet Scheduler (Microsoft)
  562. partmgr.sys Partition driver (Microsoft)
  563. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  564. pcw.sys Performance Counter Driver (Microsoft)
  565. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  566. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  567. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  568. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  569. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  570. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  571. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  572. rdyboost.sys ReadyBoost Driver (Microsoft)
  573. rfcomm.sys Bluetooth RFCOMM Driver
  574. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  575. serenum.sys Serial Port Enumerator (Microsoft)
  576. serial.sys Serial Device Driver
  577. serscan.sys Serial Imaging Device Driver (Microsoft)
  578. spaceport.sys Storage Spaces driver (Microsoft)
  579. srv.sys Server driver (Microsoft)
  580. srv2.sys Smb 2.0 Server driver (Microsoft)
  581. srvnet.sys Server Network driver (Microsoft)
  582. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  583. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  584. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  585. tcpip.sys TCP/IP Protocol driver (Microsoft)
  586. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  587. TDI.SYS TDI Wrapper driver (Microsoft)
  588. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  589. tm.sys Kernel Transaction Manager driver (Microsoft)
  590. TSDDD.dll Framebuffer Display Driver (Microsoft)
  591. tunnel.sys Microsoft Tunnel Interface driver (Microsoft)
  592. ucx01000.sys USB Controller Extension (Microsoft)
  593. umbus.sys User-Mode Bus Enumerator (Microsoft)
  594. usbaudio.sys USB Audio Class Driver (Microsoft)
  595. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  596. USBD.SYS Universal Serial Bus Driver (Microsoft)
  597. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  598. usbhub.sys Default Hub Driver for USB (Microsoft)
  599. UsbHub3.sys USB3 HUB driver (Microsoft)
  600. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  601. USBXHCI.SYS USB XHCI Driver
  602. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  603. volmgr.sys Volume Manager Driver (Microsoft)
  604. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  605. volsnap.sys Volume Shadow Copy driver (Microsoft)
  606. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  607. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  608. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  609. watchdog.sys Watchdog driver (Microsoft)
  610. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  611. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  612. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  613. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  614. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  615. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  616. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  617. Wof.sys Windows Overlay Filter (Microsoft)
  618. WppRecorder.sys WPP Trace Recorder (Microsoft)
  619. WSDPrint.sys Web Services Print Device driver (Microsoft)
  620. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  621. WudfPf.sys Windows Driver Foundation - User-mode Driver Framework Platform driver (Microsoft)
  622. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  623.  
  624. Unloaded modules:
  625. fffff801`64de0000 fffff801`64df9000 mwac.sys
  626. fffff801`64826000 fffff801`64832000 ladfGSS.sys
  627. fffff801`6484d000 fffff801`64868000 xusb22.sys
  628. fffff801`64832000 fffff801`6484d000 xusb22.sys
  629. fffff801`6480b000 fffff801`64826000 xusb22.sys
  630. fffff801`6480c000 fffff801`64de0000 iqvw64e.sys
  631. fffff801`62cf0000 fffff801`62cfa000 CorsairVHidD
  632. fffff801`64392000 fffff801`643bf000 tunnel.sys
  633. fffff801`633aa000 fffff801`633b7000 vwifibus.sys
  634. fffff801`63273000 fffff801`633aa000 bcmwlhigh664
  635. fffff801`60e00000 fffff801`60e0c000 dump_storpor
  636. fffff801`605c0000 fffff801`605dd000 dump_storahc
  637. fffff801`605dd000 fffff801`605f3000 dump_dumpfve
  638. fffff801`62b2e000 fffff801`62b6b000 WUDFRd.sys
  639. fffff801`615e1000 fffff801`615f1000 dam.sys
  640. fffff801`60e00000 fffff801`60e0c000 hwpolicy.sys
  641.  
  642. ========================================================================
  643. ============================== BIOS INFO ===============================
  644. ========================================================================
  645. [SMBIOS Data Tables v2.8]
  646. [DMI Version - 39]
  647. [2.0 Calling Convention - No]
  648. [Table Size - 3953 bytes]
  649. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  650. Vendor American Megatrends Inc.
  651. BIOS Version 2801
  652. BIOS Starting Address Segment f000
  653. BIOS Release Date 11/11/2015
  654. BIOS ROM Size 800000
  655. BIOS Characteristics
  656. 07: - PCI Supported
  657. 10: - APM Supported
  658. 11: - Upgradeable FLASH BIOS
  659. 12: - BIOS Shadowing Supported
  660. 15: - CD-Boot Supported
  661. 16: - Selectable Boot Supported
  662. 17: - BIOS ROM Socketed
  663. 19: - EDD Supported
  664. 23: - 1.2MB Floppy Supported
  665. 24: - 720KB Floppy Supported
  666. 25: - 2.88MB Floppy Supported
  667. 26: - Print Screen Device Supported
  668. 27: - Keyboard Services Supported
  669. 28: - Serial Services Supported
  670. 29: - Printer Services Supported
  671. 32: - BIOS Vendor Reserved
  672. BIOS Characteristic Extensions
  673. 00: - ACPI Supported
  674. 01: - USB Legacy Supported
  675. 08: - BIOS Boot Specification Supported
  676. 10: - Specification Reserved
  677. 11: - Specification Reserved
  678. BIOS Major Revision 4
  679. BIOS Minor Revision 6
  680. EC Firmware Major Revision 255
  681. EC Firmware Minor Revision 255
  682. [System Information (Type 1) - Length 27 - Handle 0001h]
  683. Manufacturer ASUS
  684. Product Name All Series
  685. Version System Version
  686. UUID 00000000-0000-0000-0000-000000000000
  687. Wakeup Type Power Switch
  688. SKUNumber All
  689. Family ASUS MB
  690. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  691. Manufacturer ASUSTeK COMPUTER INC.
  692. Product Z97-A
  693. Version Rev 1.xx
  694. Feature Flags 09h
  695. Chassis Handle 0003h
  696. Board Type 0ah - Processor/Memory Module
  697. Number of Child Handles 0
  698. [System Enclosure (Type 3) - Length 25 - Handle 0003h]
  699. Chassis Type Desktop
  700. Bootup State Safe
  701. Power Supply State Safe
  702. Thermal State Safe
  703. Security Status None
  704. OEM Defined 0
  705. Height 0U
  706. Number of Power Cords 1
  707. Number of Contained Elements 1
  708. Contained Element Size 3
  709. [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
  710. Number of Devices 2
  711. 01: Type Video [enabled]
  712. 02: Type Ethernet [enabled]
  713. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  714. Number of Strings 4
  715. 3 Ferrari
  716. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  717. [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
  718. Location 03h - SystemBoard/Motherboard
  719. Use 03h - System Memory
  720. Memory Error Correction 03h - None
  721. Maximum Capacity 33554432KB
  722. Number of Memory Devices 4
  723. [Memory Device (Type 17) - Length 40 - Handle 0047h]
  724. Physical Memory Array Handle 0046h
  725. Total Width 0 bits
  726. Data Width 0 bits
  727. Form Factor 09h - DIMM
  728. Device Locator DIMM_A1
  729. Bank Locator BANK 0
  730. Memory Type 02h - Unknown
  731. Type Detail 0000h -
  732. Speed 0MHz
  733. [Memory Device (Type 17) - Length 40 - Handle 0048h]
  734. Physical Memory Array Handle 0046h
  735. Total Width 64 bits
  736. Data Width 64 bits
  737. Size 4096MB
  738. Form Factor 09h - DIMM
  739. Device Locator DIMM_A2
  740. Bank Locator BANK 1
  741. Memory Type 18h - Specification Reserved
  742. Type Detail 0080h - Synchronous
  743. Speed 1600MHz
  744. Manufacturer 0215
  745. Part Number CMZ8GX3M2A1600C9
  746. [Memory Device (Type 17) - Length 40 - Handle 0049h]
  747. Physical Memory Array Handle 0046h
  748. Total Width 0 bits
  749. Data Width 0 bits
  750. Form Factor 09h - DIMM
  751. Device Locator DIMM_B1
  752. Bank Locator BANK 2
  753. Memory Type 02h - Unknown
  754. Type Detail 0000h -
  755. Speed 0MHz
  756. [Memory Device (Type 17) - Length 40 - Handle 004ah]
  757. Physical Memory Array Handle 0046h
  758. Total Width 64 bits
  759. Data Width 64 bits
  760. Size 4096MB
  761. Form Factor 09h - DIMM
  762. Device Locator DIMM_B2
  763. Bank Locator BANK 3
  764. Memory Type 18h - Specification Reserved
  765. Type Detail 0080h - Synchronous
  766. Speed 1600MHz
  767. Manufacturer 0215
  768. Part Number CMZ8GX3M2A1600C9
  769. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
  770. Starting Address 00000000h
  771. Ending Address 007fffffh
  772. Memory Array Handle 0046h
  773. Partition Width 04
  774. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
  775. Starting Address 00000000h
  776. Ending Address 003fffffh
  777. Memory Device Handle 004ah
  778. Mem Array Mapped Adr Handle 004bh
  779. Interleave Position 01
  780. Interleave Data Depth 02
  781. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
  782. Starting Address 00400000h
  783. Ending Address 007fffffh
  784. Memory Device Handle 004ah
  785. Mem Array Mapped Adr Handle 004bh
  786. Interleave Position 02
  787. Interleave Data Depth 02
  788. [Processor Information (Type 4) - Length 42 - Handle 0064h]
  789. Socket Designation SOCKET 1150
  790. Processor Type Central Processor
  791. Processor Family 01h - Other
  792. Processor Manufacturer Intel
  793. Processor ID c3060300fffbebbf
  794. Processor Version Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
  795. Processor Voltage 8ch - 1.2V
  796. External Clock 100MHz
  797. Max Speed 3800MHz
  798. Current Speed 3520MHz
  799. Status Enabled Populated
  800. Processor Upgrade Specification Reserved
  801. L1 Cache Handle 0065h
  802. L2 Cache Handle 0066h
  803. L3 Cache Handle 0067h
  804. [Cache Information (Type 7) - Length 19 - Handle 0065h]
  805. Socket Designation CPU Internal L1
  806. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  807. Maximum Cache Size 0100h - 256K
  808. Installed Size 0100h - 256K
  809. Supported SRAM Type 0020h - Synchronous
  810. Current SRAM Type 0020h - Synchronous
  811. Cache Speed 0ns
  812. Error Correction Type ParitySingle-Bit ECC
  813. System Cache Type Other
  814. Associativity 8-way Set-Associative
  815. [Cache Information (Type 7) - Length 19 - Handle 0066h]
  816. Socket Designation CPU Internal L2
  817. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  818. Maximum Cache Size 0400h - 1024K
  819. Installed Size 0400h - 1024K
  820. Supported SRAM Type 0020h - Synchronous
  821. Current SRAM Type 0020h - Synchronous
  822. Cache Speed 0ns
  823. Error Correction Type Multi-Bit ECC
  824. System Cache Type Unified
  825. Associativity 8-way Set-Associative
  826. [Cache Information (Type 7) - Length 19 - Handle 0067h]
  827. Socket Designation CPU Internal L3
  828. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  829. Maximum Cache Size 1800h - 6144K
  830. Installed Size 1800h - 6144K
  831. Supported SRAM Type 0020h - Synchronous
  832. Current SRAM Type 0020h - Synchronous
  833. Cache Speed 0ns
  834. Error Correction Type Specification Reserved
  835. System Cache Type Unified
  836. Associativity Specification Reserved
  837.  
  838. ========================================================================
  839. ==================== Dump File: 092917-4328-01.dmp =====================
  840. ========================================================================
  841. Mini Kernel Dump File: Only registers and stack trace are available
  842. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  843. Kernel base = 0xfffff801`28a76000 PsLoadedModuleList = 0xfffff801`28d48650
  844. Debug session time: Fri Sep 29 20:54:36.375 2017 (UTC - 4:00)
  845. System Uptime: 2 days 4:19:03.014
  846.  
  847. BugCheck 1E, {ffffffffc0000005, fffff801dcb6976a, 0, ffffffffffffffff}
  848. *** WARNING: Unable to verify timestamp for aswSP.sys
  849. *** ERROR: Module load completed but symbols could not be loaded for aswSP.sys
  850. Probably caused by : aswSP.sys ( aswSP+41ba4 )
  851. Followup: MachineOwner
  852.  
  853. KMODE_EXCEPTION_NOT_HANDLED (1e)
  854. This is a very common bugcheck. Usually the exception address pinpoints
  855. the driver/function that caused the problem. Always note this address
  856. as well as the link date of the driver/image that contains this address.
  857.  
  858. Arguments:
  859. Arg1: ffffffffc0000005, The exception code that was not handled
  860. Arg2: fffff801dcb6976a, The address that the exception occurred at
  861. Arg3: 0000000000000000, Parameter 0 of the exception
  862. Arg4: ffffffffffffffff, Parameter 1 of the exception
  863.  
  864. Debugging Details:
  865. DUMP_CLASS: 1
  866. DUMP_QUALIFIER: 400
  867. DUMP_TYPE: 2
  868. READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff80128dd12a8
  869. GetUlongPtrFromAddress: unable to read from fffff80128dd1520
  870. ffffffffffffffff
  871. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  872. FAULTING_IP:
  873. storport!RaidAdapterPostScatterGatherExecute+19a
  874. fffff801`dcb6976a 4c8baf88000000 mov r13,qword ptr [rdi+88h]
  875. EXCEPTION_PARAMETER2: ffffffffffffffff
  876. BUGCHECK_STR: 0x1E_c0000005_R
  877. CUSTOMER_CRASH_COUNT: 1
  878. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  879.  
  880. PROCESS_NAME: System
  881.  
  882. CURRENT_IRQL: 2
  883. EXCEPTION_RECORD: ffffc000c9d19ae0 -- (.exr 0xffffc000c9d19ae0)
  884. Cannot read Exception record @ ffffc000c9d19ae0
  885. TRAP_FRAME: 0000000000020000 -- (.trap 0x20000)
  886. Unable to read trap frame at 00000000`00020000
  887. LAST_CONTROL_TRANSFER: from fffff80128b73d91 to fffff80128bc3da0
  888. STACK_TEXT:
  889. ffffd000`25b45b38 fffff801`28b73d91 : 00000000`0000001e ffffffff`c0000005 fffff801`dcb6976a 00000000`00000000 : nt!KeBugCheckEx
  890. ffffd000`25b45b40 fffff801`28bcf9ce : ffffc000`c9d19ae0 00000000`00100089 00000000`00020000 00000000`00000000 : nt!KiDispatchException+0x1dd
  891. ffffd000`25b46230 fffff801`28bcdefe : 00000000`00000000 fffff801`28bb2c69 00000000`00000027 ffff0378`85fd9309 : nt!KiExceptionDispatch+0xce
  892. ffffd000`25b46410 fffff801`dcb6976a : 00000000`000000ff ffffe001`c0c41300 ffffe001`bb9df1a0 ffffe001`bb9df1a0 : nt!KiGeneralProtectionFault+0xfe
  893. ffffd000`25b465a0 fffff801`dcb699a2 : ffffe001`bb9df1a0 ffffe001`bf4052a8 ffffe001`c0c41010 00000000`00000000 : storport!RaidAdapterPostScatterGatherExecute+0x19a
  894. ffffd000`25b46680 fffff801`28a0ca37 : ffffe001`bf4052a8 00000000`00000018 ffffe001`bf405270 00000000`40200301 : storport!RaidpAdapterContinueScatterGather+0x42
  895. ffffd000`25b466b0 fffff801`dcb6f865 : 00000000`40200301 ffffe001`bb9df050 ffffe001`bf405270 ffffe001`c2531000 : hal!HalBuildScatterGatherListV2+0x207
  896. ffffd000`25b46750 fffff801`dcb6a197 : ffffe001`bb9fa910 ffffe001`c504a590 00000000`00000000 ffffe001`c08872c0 : storport!RaidAdapterScatterGatherExecute+0xc5
  897. ffffd000`25b467c0 fffff801`dcb6b80e : 00000000`00000001 ffffe001`00000001 ffffd000`25b46860 ffffe001`c0887200 : storport!RaUnitStartIo+0x1a7
  898. ffffd000`25b46830 fffff801`dcb6b93c : ffffd000`00010000 00000000`00000000 00000000`00000000 00000000`00000001 : storport!RaidStartIoPacket+0x236
  899. ffffd000`25b468c0 fffff801`dcb6920c : ffffe001`c504a590 00000000`00000000 ffffd000`25b46980 ffffe001`c5142590 : storport!RaidUnitSubmitRequest+0xdc
  900. ffffd000`25b46920 fffff801`dcb69585 : ffffd000`217fd270 ffffd000`217fd2f0 ffffe001`c504a590 ffffd000`25b46c08 : storport!RaUnitScsiIrp+0x2bc
  901. ffffd000`25b469f0 fffff801`dc81ac27 : ffffe001`c504a590 ffffe001`bb9033c0 ffffe001`bb9033c0 fffff801`dcf9d1be : storport!RaDriverScsiIrp+0x55
  902. ffffd000`25b46a30 fffff801`dc818147 : ffffe001`bb914910 00000000`00000007 ffffe001`c504a590 ffffe001`bbb271b0 : ACPI!ACPIIrpDispatchDeviceControl+0x97
  903. ffffd000`25b46a60 fffff801`dcd63ba4 : 00000000`00000007 ffffe001`bb9033c0 ffffe001`c137c8e0 00000000`cd7bb000 : ACPI!ACPIDispatchIrp+0x137
  904. ffffd000`25b46ad0 00000000`00000007 : ffffe001`bb9033c0 ffffe001`c137c8e0 00000000`cd7bb000 00000000`00000000 : aswSP+0x41ba4
  905. ffffd000`25b46ad8 ffffe001`bb9033c0 : ffffe001`c137c8e0 00000000`cd7bb000 00000000`00000000 fffff801`dcca2176 : 0x7
  906. ffffd000`25b46ae0 ffffe001`c137c8e0 : 00000000`cd7bb000 00000000`00000000 fffff801`dcca2176 00000000`00000000 : 0xffffe001`bb9033c0
  907. ffffd000`25b46ae8 00000000`cd7bb000 : 00000000`00000000 fffff801`dcca2176 00000000`00000000 00000000`00000000 : 0xffffe001`c137c8e0
  908. ffffd000`25b46af0 00000000`00000000 : fffff801`dcca2176 00000000`00000000 00000000`00000000 ffffe001`c137c8e0 : 0xcd7bb000
  909. STACK_COMMAND: kb
  910. THREAD_SHA1_HASH_MOD_FUNC: d5f0b8fff858bd9c09356bc5fd40d6e00dd2475c
  911. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b01b2556a913b8cea92a2f4312671af5df9daebb
  912. THREAD_SHA1_HASH_MOD: 2374d2c997598c17810cf883ac31cbf3280e0c96
  913. FOLLOWUP_IP:
  914. aswSP+41ba4
  915. fffff801`dcd63ba4 ?? ???
  916. SYMBOL_STACK_INDEX: f
  917. SYMBOL_NAME: aswSP+41ba4
  918. FOLLOWUP_NAME: MachineOwner
  919. MODULE_NAME: aswSP
  920.  
  921. IMAGE_NAME: aswSP.sys
  922.  
  923. DEBUG_FLR_IMAGE_TIMESTAMP: 599c7487
  924. BUCKET_ID_FUNC_OFFSET: 41ba4
  925. FAILURE_BUCKET_ID: 0x1E_c0000005_R_aswSP!unknown_function
  926. BUCKET_ID: 0x1E_c0000005_R_aswSP!unknown_function
  927. PRIMARY_PROBLEM_CLASS: 0x1E_c0000005_R_aswSP!unknown_function
  928. TARGET_TIME: 2017-09-30T00:54:36.000Z
  929. SUITE_MASK: 784
  930. PRODUCT_TYPE: 1
  931. USER_LCID: 0
  932. FAILURE_ID_HASH_STRING: km:0x1e_c0000005_r_aswsp!unknown_function
  933. FAILURE_ID_HASH: {200942c7-066c-c20e-f700-b1f4fd68fbe7}
  934. Followup: MachineOwner
  935.  
  936. ========================================================================
  937. ==================== Dump File: 092517-4125-01.dmp =====================
  938. ========================================================================
  939. Mini Kernel Dump File: Only registers and stack trace are available
  940. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  941. Kernel base = 0xfffff803`44802000 PsLoadedModuleList = 0xfffff803`44ad4650
  942. Debug session time: Mon Sep 25 22:04:07.439 2017 (UTC - 4:00)
  943. System Uptime: 0 days 1:51:29.076
  944.  
  945. BugCheck 3B, {c0000005, fffff80344bcb7e8, ffffd00021d5eb90, 0}
  946. Probably caused by : ntkrnlmp.exe ( nt!ObpCaptureObjectCreateInformation+238 )
  947. Followup: MachineOwner
  948.  
  949. SYSTEM_SERVICE_EXCEPTION (3b)
  950. An exception happened while executing a system service routine.
  951.  
  952. Arguments:
  953. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  954. Arg2: fffff80344bcb7e8, Address of the instruction which caused the bugcheck
  955. Arg3: ffffd00021d5eb90, Address of the context record for the exception that caused the bugcheck
  956. Arg4: 0000000000000000, zero.
  957.  
  958. Debugging Details:
  959. DUMP_CLASS: 1
  960. DUMP_QUALIFIER: 400
  961. DUMP_TYPE: 2
  962. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  963. FAULTING_IP:
  964. nt!ObpCaptureObjectCreateInformation+238
  965. fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13]
  966. CONTEXT: ffffd00021d5eb90 -- (.cxr 0xffffd00021d5eb90)
  967. rax=0000000000000000 rbx=ffffe0009e5a4220 rcx=0000000000000000
  968. rdx=ffffd00021d5f5f8 rsi=0000000000000000 rdi=ffffd00021d5f698
  969. rip=fffff80344bcb7e8 rsp=ffffd00021d5f5c0 rbp=0000000000000000
  970. r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
  971. r11=ffffc00067b9b364 r12=0000000000000000 r13=ffbfe0009e5a4240
  972. r14=0000000000000000 r15=0000000000000000
  973. iopl=0 nv up ei pl zr na po nc
  974. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
  975. nt!ObpCaptureObjectCreateInformation+0x238:
  976. fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13] ds:002b:ffbfe000`9e5a4240=????????????????
  977. Resetting default scope
  978. CUSTOMER_CRASH_COUNT: 1
  979. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  980. BUGCHECK_STR: 0x3B
  981.  
  982. PROCESS_NAME: svchost.exe
  983.  
  984. CURRENT_IRQL: 0
  985. LAST_CONTROL_TRANSFER: from fffff80344be0739 to fffff80344bcb7e8
  986. STACK_TEXT:
  987. ffffd000`21d5f5c0 fffff803`44be0739 : ffffe000`9e5a4220 ffffe000`979efaf0 ffffd000`21d5f6b0 fffff803`44be9dbc : nt!ObpCaptureObjectCreateInformation+0x238
  988. ffffd000`21d5f660 fffff803`44ca15fb : ffffd000`21d5f888 00000000`00000002 ffffe000`9c64bf00 00000000`00000000 : nt!ObCreateObject+0x79
  989. ffffd000`21d5f6e0 fffff803`44bdebe4 : ffffc000`5dd448c0 ffffd000`21d5fb80 ffffffff`ffffffff ffffffff`ffffffff : nt!SepDuplicateToken+0xfb
  990. ffffd000`21d5f7a0 fffff803`44bde3c9 : ffff0a65`fde28aeb 00000000`00000088 0000006d`d27faf50 00000000`00000000 : nt!NtOpenThreadTokenEx+0x814
  991. ffffd000`21d5fac0 fffff803`4495b5b3 : ffffe000`9e95f040 00000000`00000000 ffffe000`9e95f040 0000006d`d3c5b260 : nt!NtOpenThreadToken+0x11
  992. ffffd000`21d5fb00 00007ffd`ea5a090a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  993. 0000006d`d296e868 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`ea5a090a
  994. THREAD_SHA1_HASH_MOD_FUNC: c1c641626fdac4343193d8a05b66b8df26df2cf1
  995. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 8593abb51eeeae6ef53538159323c7c5ff270faa
  996. THREAD_SHA1_HASH_MOD: ee8fcf1fb60cb6e3e2f60ddbed2ec02b5748a693
  997. FOLLOWUP_IP:
  998. nt!ObpCaptureObjectCreateInformation+238
  999. fffff803`44bcb7e8 498b4d00 mov rcx,qword ptr [r13]
  1000. FAULT_INSTR_CODE: 4d8b49
  1001. SYMBOL_STACK_INDEX: 0
  1002. SYMBOL_NAME: nt!ObpCaptureObjectCreateInformation+238
  1003. FOLLOWUP_NAME: MachineOwner
  1004. MODULE_NAME: nt
  1005.  
  1006. IMAGE_NAME: ntkrnlmp.exe
  1007.  
  1008. DEBUG_FLR_IMAGE_TIMESTAMP: 598d0923
  1009. IMAGE_VERSION: 6.3.9600.18790
  1010. STACK_COMMAND: .cxr 0xffffd00021d5eb90 ; kb
  1011. BUCKET_ID_FUNC_OFFSET: 238
  1012. FAILURE_BUCKET_ID: 0x3B_nt!ObpCaptureObjectCreateInformation
  1013. BUCKET_ID: 0x3B_nt!ObpCaptureObjectCreateInformation
  1014. PRIMARY_PROBLEM_CLASS: 0x3B_nt!ObpCaptureObjectCreateInformation
  1015. TARGET_TIME: 2017-09-26T02:04:07.000Z
  1016. SUITE_MASK: 784
  1017. PRODUCT_TYPE: 1
  1018. USER_LCID: 0
  1019. FAILURE_ID_HASH_STRING: km:0x3b_nt!obpcaptureobjectcreateinformation
  1020. FAILURE_ID_HASH: {38cf8c42-96b1-8d22-75ea-1dc9cb7b7526}
  1021. Followup: MachineOwner
  1022.  
  1023. ========================================================================
  1024. ==================== Dump File: 092217-4437-01.dmp =====================
  1025. ========================================================================
  1026. Mini Kernel Dump File: Only registers and stack trace are available
  1027. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  1028. Kernel base = 0xfffff800`0fe70000 PsLoadedModuleList = 0xfffff800`10142650
  1029. Debug session time: Fri Sep 22 12:40:31.463 2017 (UTC - 4:00)
  1030. System Uptime: 0 days 1:45:27.101
  1031.  
  1032. BugCheck 3B, {c0000005, fffff8000ff01c5e, ffffd00023683ee0, 0}
  1033. Probably caused by : ntkrnlmp.exe ( nt!KiInsertQueueApc+1a )
  1034. Followup: MachineOwner
  1035.  
  1036. SYSTEM_SERVICE_EXCEPTION (3b)
  1037. An exception happened while executing a system service routine.
  1038.  
  1039. Arguments:
  1040. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  1041. Arg2: fffff8000ff01c5e, Address of the instruction which caused the bugcheck
  1042. Arg3: ffffd00023683ee0, Address of the context record for the exception that caused the bugcheck
  1043. Arg4: 0000000000000000, zero.
  1044.  
  1045. Debugging Details:
  1046. DUMP_CLASS: 1
  1047. DUMP_QUALIFIER: 400
  1048. DUMP_TYPE: 2
  1049. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  1050. FAULTING_IP:
  1051. nt!KiInsertQueueApc+1a
  1052. fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h]
  1053. CONTEXT: ffffd00023683ee0 -- (.cxr 0xffffd00023683ee0)
  1054. rax=0000000000000000 rbx=ffffe0019d319080 rcx=ffffe0019d319308
  1055. rdx=ff7fe0019d319080 rsi=ffffe0019d319308 rdi=ffffd00195d35180
  1056. rip=fffff8000ff01c5e rsp=ffffd00023684918 rbp=ffffe0019d319001
  1057. r8=0000000000000000 r9=7fffe0019d1c1348 r10=0000000000000003
  1058. r11=7ffffffffffffffc r12=0000000040010004 r13=ffffe00199d71080
  1059. r14=0000000000000000 r15=0000000000000011
  1060. iopl=0 nv up ei ng nz na pe nc
  1061. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
  1062. nt!KiInsertQueueApc+0x1a:
  1063. fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h] ds:002b:ff7fe001`9d3192c8=????????????????
  1064. Resetting default scope
  1065. CUSTOMER_CRASH_COUNT: 1
  1066. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  1067. BUGCHECK_STR: 0x3B
  1068.  
  1069. PROCESS_NAME: csrss.exe
  1070.  
  1071. CURRENT_IRQL: 2
  1072. LAST_CONTROL_TRANSFER: from fffff8000fed42bd to fffff8000ff01c5e
  1073. STACK_TEXT:
  1074. ffffd000`23684918 fffff800`0fed42bd : ffffe001`9d300080 ffffe001`9d300001 ffffe001`9d1c1348 fffff800`10228002 : nt!KiInsertQueueApc+0x1a
  1075. ffffd000`23684920 fffff800`102282a6 : ffffe001`9d319080 ffffe001`9d319080 00000000`00000000 00000000`40010004 : nt!KeRequestTerminationThread+0x75
  1076. ffffd000`23684960 fffff800`10227d60 : 00000000`9d1c1088 00000000`00000000 00000000`00000000 00000000`40010004 : nt!PspTerminateThreadByPointer+0x6a
  1077. ffffd000`23684990 fffff800`102283eb : ffffe001`9e123080 ffffe001`9e6603a0 ffffe001`9d1c1080 ffffe001`9d1c1080 : nt!PspTerminateAllThreads+0xf0
  1078. ffffd000`236849f0 fffff800`1047aa08 : ffffffff`ffffffff ffffd000`23684a99 ffffe001`9d1c1080 ffffe001`9e660080 : nt!PspTerminateProcess+0x67
  1079. ffffd000`23684a30 fffff800`0ffc95b3 : ffffe001`9e660080 00000000`000008e4 ffffe001`9e660080 ffffe001`9d45b160 : nt!NtTerminateProcess+0xe0
  1080. ffffd000`23684b00 00007ffc`2d1201a1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  1081. 000000b4`81e4fa48 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`2d1201a1
  1082. THREAD_SHA1_HASH_MOD_FUNC: e41bc83120cd99d69cb3e38627b9432b921c7820
  1083. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 426cc5fd96cb794f9670755e68f0bb37badddfeb
  1084. THREAD_SHA1_HASH_MOD: 30a3e915496deaace47137d5b90c3ecc03746bf6
  1085. FOLLOWUP_IP:
  1086. nt!KiInsertQueueApc+1a
  1087. fffff800`0ff01c5e 4c8b84c248020000 mov r8,qword ptr [rdx+rax*8+248h]
  1088. FAULT_INSTR_CODE: c2848b4c
  1089. SYMBOL_STACK_INDEX: 0
  1090. SYMBOL_NAME: nt!KiInsertQueueApc+1a
  1091. FOLLOWUP_NAME: MachineOwner
  1092. MODULE_NAME: nt
  1093.  
  1094. IMAGE_NAME: ntkrnlmp.exe
  1095.  
  1096. DEBUG_FLR_IMAGE_TIMESTAMP: 598d0923
  1097. IMAGE_VERSION: 6.3.9600.18790
  1098. STACK_COMMAND: .cxr 0xffffd00023683ee0 ; kb
  1099. BUCKET_ID_FUNC_OFFSET: 1a
  1100. FAILURE_BUCKET_ID: 0x3B_nt!KiInsertQueueApc
  1101. BUCKET_ID: 0x3B_nt!KiInsertQueueApc
  1102. PRIMARY_PROBLEM_CLASS: 0x3B_nt!KiInsertQueueApc
  1103. TARGET_TIME: 2017-09-22T16:40:31.000Z
  1104. SUITE_MASK: 784
  1105. PRODUCT_TYPE: 1
  1106. USER_LCID: 0
  1107. FAILURE_ID_HASH_STRING: km:0x3b_nt!kiinsertqueueapc
  1108. FAILURE_ID_HASH: {e5e6ccee-c80d-1a1b-e6e1-fae4a7a6b711}
  1109. Followup: MachineOwner
  1110.  
  1111. ========================================================================
  1112. ==================== Dump File: 092217-4406-01.dmp =====================
  1113. ========================================================================
  1114. Mini Kernel Dump File: Only registers and stack trace are available
  1115. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  1116. Kernel base = 0xfffff802`cf480000 PsLoadedModuleList = 0xfffff802`cf752650
  1117. Debug session time: Fri Sep 22 10:54:34.875 2017 (UTC - 4:00)
  1118. System Uptime: 0 days 10:49:29.511
  1119.  
  1120. BugCheck 3B, {c0000005, fffff800696fd823, ffffd0002239ace0, 0}
  1121. Probably caused by : Npfs.SYS ( Npfs!NpRemoveDataQueueEntry+93 )
  1122. Followup: MachineOwner
  1123.  
  1124. SYSTEM_SERVICE_EXCEPTION (3b)
  1125. An exception happened while executing a system service routine.
  1126.  
  1127. Arguments:
  1128. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  1129. Arg2: fffff800696fd823, Address of the instruction which caused the bugcheck
  1130. Arg3: ffffd0002239ace0, Address of the context record for the exception that caused the bugcheck
  1131. Arg4: 0000000000000000, zero.
  1132.  
  1133. Debugging Details:
  1134. DUMP_CLASS: 1
  1135. DUMP_QUALIFIER: 400
  1136. DUMP_TYPE: 2
  1137. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  1138. FAULTING_IP:
  1139. Npfs!NpRemoveDataQueueEntry+93
  1140. fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h]
  1141. CONTEXT: ffffd0002239ace0 -- (.cxr 0xffffd0002239ace0)
  1142. rax=0000000000000000 rbx=ffffc001d8d3c058 rcx=ffffc001d8d3c058
  1143. rdx=0000000000002401 rsi=ffbfe001b9845810 rdi=ffffe001b6059000
  1144. rip=fffff800696fd823 rsp=ffffd0002239b710 rbp=ffffe001bb5a2000
  1145. r8=ffffd0002239b810 r9=0000000000000000 r10=0000000000000003
  1146. r11=000000785ef35068 r12=0000000000000000 r13=0000000000000000
  1147. r14=ffffd0002239b810 r15=00000000000024d8
  1148. iopl=0 nv up ei pl zr na po nc
  1149. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
  1150. Npfs!NpRemoveDataQueueEntry+0x93:
  1151. fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h] ds:002b:ffbfe001`b9845878=????????????????
  1152. Resetting default scope
  1153. CUSTOMER_CRASH_COUNT: 1
  1154. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  1155. BUGCHECK_STR: 0x3B
  1156.  
  1157. PROCESS_NAME: chrome.exe
  1158.  
  1159. CURRENT_IRQL: 0
  1160. LAST_CONTROL_TRANSFER: from fffff800696fd622 to fffff800696fd823
  1161. STACK_TEXT:
  1162. ffffd000`2239b710 fffff800`696fd622 : 00000000`00000000 fffff802`cf52f701 ffffd000`2239b810 ffffe001`b6059000 : Npfs!NpRemoveDataQueueEntry+0x93
  1163. ffffd000`2239b750 fffff800`696fa1af : ffffd000`2239b830 ffffc001`d8d3c058 00000000`0016b001 ffffe001`b9845800 : Npfs!NpReadDataQueue+0x1a2
  1164. ffffd000`2239b7c0 fffff800`68537101 : ffffe001`ba0e4070 ffffe001`bb5a2010 00000000`00000001 ffffe001`bc7d2380 : Npfs!NpFsdRead+0x1ff
  1165. ffffd000`2239b870 fffff802`cf9178f7 : 00000000`00000000 ffffd000`2239b951 ffffe001`ba0e4070 0000001e`001a019f : fltmgr!FltpDispatch+0xf1
  1166. ffffd000`2239b8d0 fffff802`cf844454 : ffffe001`ba0e4004 ffffe001`ba0e4070 00000000`00000000 ffffe001`ba0e4070 : nt!IopSynchronousServiceTail+0x32b
  1167. ffffd000`2239b9a0 fffff802`cf5d95b3 : ffffe001`bb9bc880 00000000`00000000 00000000`00000000 00000078`58b26b18 : nt!NtReadFile+0x664
  1168. ffffd000`2239ba90 00007ff9`d6ae072a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  1169. 00000078`4897f9e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`d6ae072a
  1170. THREAD_SHA1_HASH_MOD_FUNC: 2780a04e6a04bf2d1f6ba4ed87120c660b9f58d7
  1171. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 840549a2c98dc120af632d524e95a2e2666ddff0
  1172. THREAD_SHA1_HASH_MOD: eb5dedb7162fb643366cb59527edd234699438f0
  1173. FOLLOWUP_IP:
  1174. Npfs!NpRemoveDataQueueEntry+93
  1175. fffff800`696fd823 48874668 xchg rax,qword ptr [rsi+68h]
  1176. FAULT_INSTR_CODE: 68468748
  1177. SYMBOL_STACK_INDEX: 0
  1178. SYMBOL_NAME: Npfs!NpRemoveDataQueueEntry+93
  1179. FOLLOWUP_NAME: MachineOwner
  1180. MODULE_NAME: Npfs
  1181.  
  1182. IMAGE_NAME: Npfs.SYS
  1183.  
  1184. DEBUG_FLR_IMAGE_TIMESTAMP: 5215f8a9
  1185. IMAGE_VERSION: 6.3.9600.16384
  1186. STACK_COMMAND: .cxr 0xffffd0002239ace0 ; kb
  1187. BUCKET_ID_FUNC_OFFSET: 93
  1188. FAILURE_BUCKET_ID: 0x3B_Npfs!NpRemoveDataQueueEntry
  1189. BUCKET_ID: 0x3B_Npfs!NpRemoveDataQueueEntry
  1190. PRIMARY_PROBLEM_CLASS: 0x3B_Npfs!NpRemoveDataQueueEntry
  1191. TARGET_TIME: 2017-09-22T14:54:34.000Z
  1192. SUITE_MASK: 784
  1193. PRODUCT_TYPE: 1
  1194. USER_LCID: 0
  1195. FAILURE_ID_HASH_STRING: km:0x3b_npfs!npremovedataqueueentry
  1196. FAILURE_ID_HASH: {c61b2eb0-ee0b-260d-104f-5b4a17fd8deb}
  1197. Followup: MachineOwner
  1198.  
  1199. ========================================================================
  1200. ==================== Dump File: 092117-4359-01.dmp =====================
  1201. ========================================================================
  1202. Mini Kernel Dump File: Only registers and stack trace are available
  1203. Windows 8.1 Kernel Version 9600 MP (4 procs) Free x64
  1204. Kernel base = 0xfffff801`e9815000 PsLoadedModuleList = 0xfffff801`e9ae7650
  1205. Debug session time: Fri Sep 22 00:04:37.170 2017 (UTC - 4:00)
  1206. System Uptime: 0 days 0:15:38.808
  1207.  
  1208. BugCheck A, {fffff6e8021240c8, 2, 0, fffff801e988b6f4}
  1209. *** WARNING: Unable to verify timestamp for ladfGSS.sys
  1210. *** ERROR: Module load completed but symbols could not be loaded for ladfGSS.sys
  1211. Probably caused by : ks.sys ( ks!KsProbeStreamIrp+275 )
  1212. Followup: MachineOwner
  1213.  
  1214. IRQL_NOT_LESS_OR_EQUAL (a)
  1215. An attempt was made to access a pageable (or completely invalid) address at an
  1216. interrupt request level (IRQL) that is too high. This is usually
  1217. caused by drivers using improper addresses.
  1218. If a kernel debugger is available get the stack backtrace.
  1219.  
  1220. Arguments:
  1221. Arg1: fffff6e8021240c8, memory referenced
  1222. Arg2: 0000000000000002, IRQL
  1223. Arg3: 0000000000000000, bitfield :
  1224. bit 0 : value 0 = read operation, 1 = write operation
  1225. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  1226. Arg4: fffff801e988b6f4, address which referenced memory
  1227.  
  1228. Debugging Details:
  1229. DUMP_CLASS: 1
  1230. DUMP_QUALIFIER: 400
  1231. DUMP_TYPE: 2
  1232. READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff801e9b702a8
  1233. GetUlongPtrFromAddress: unable to read from fffff801e9b70520
  1234. fffff6e8021240c8
  1235. CURRENT_IRQL: 2
  1236. FAULTING_IP:
  1237. nt!MiReplenishBitMap+54
  1238. fffff801`e988b6f4 488b1cf0 mov rbx,qword ptr [rax+rsi*8]
  1239. CUSTOMER_CRASH_COUNT: 1
  1240. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  1241. BUGCHECK_STR: AV
  1242.  
  1243. PROCESS_NAME: audiodg.exe
  1244.  
  1245. TRAP_FRAME: ffffd000230d3f30 -- (.trap 0xffffd000230d3f30)
  1246. NOTE: The trap frame does not contain all registers.
  1247. Some register values may be zeroed or incorrect.
  1248. rax=fffff6e800100000 rbx=0000000000000000 rcx=fffff801e9ad47ff
  1249. rdx=fffff801e9815000 rsi=0000000000000000 rdi=0000000000000000
  1250. rip=fffff801e988b6f4 rsp=ffffd000230d40c0 rbp=fffff801e9815000
  1251. r8=ffffd00000000901 r9=0000000000000900 r10=0000000000000000
  1252. r11=0000000000000007 r12=0000000000000000 r13=0000000000000000
  1253. r14=0000000000000000 r15=0000000000000000
  1254. iopl=0 nv up ei pl nz na pe nc
  1255. nt!MiReplenishBitMap+0x54:
  1256. fffff801`e988b6f4 488b1cf0 mov rbx,qword ptr [rax+rsi*8] ds:fffff6e8`00100000=????????????????
  1257. Resetting default scope
  1258. LAST_CONTROL_TRANSFER: from fffff801e996e8e9 to fffff801e9962da0
  1259. STACK_TEXT:
  1260. ffffd000`230d3de8 fffff801`e996e8e9 : 00000000`0000000a fffff6e8`021240c8 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
  1261. ffffd000`230d3df0 fffff801`e996d13a : 00000000`00000000 00000000`00404819 00000000`00000000 00000000`00000001 : nt!KiBugCheckDispatch+0x69
  1262. ffffd000`230d3f30 fffff801`e988b6f4 : 00404819`00000000 fffff801`e9815000 00000000`00004882 00000000`00000002 : nt!KiPageFault+0x23a
  1263. ffffd000`230d40c0 fffff801`e987ad4d : ffffe000`25b1e568 ffffe000`25bd82b8 00000000`00000002 00000000`00000801 : nt!MiReplenishBitMap+0x54
  1264. ffffd000`230d4200 fffff801`e98674af : 00000000`00000003 ffffd000`230d4340 ffffffff`ffffffff 00000000`00000001 : nt!MiEmptyPteBins+0xd5
  1265. ffffd000`230d4240 fffff801`e986568e : 00000091`e965cac0 00000091`e965b8c0 ffffe000`20ae2920 fffff801`00000000 : nt!MiReservePtes+0xbdf
  1266. ffffd000`230d4410 fffff800`abefbae5 : 00000000`00000003 ffffe000`23daf601 ffffe000`00000001 ffffe000`20ae28f0 : nt!MmMapLockedPagesSpecifyCache+0xce
  1267. ffffd000`230d44c0 fffff800`abed9c22 : ffffe000`23daf640 ffffe000`2318b2d0 ffffe000`23daf640 00000000`00000003 : ks!KsProbeStreamIrp+0x275
  1268. ffffd000`230d4540 fffff800`abefb629 : ffffe000`25dfa8d0 00000000`00000000 ffffe000`00000001 ffffd000`230d4639 : ks!CKsQueue::TransferKsIrp+0xf3
  1269. ffffd000`230d45d0 fffff800`abef7071 : ffffe000`23dafb48 00000000`00000800 fffff6e8`0011c988 ffffe000`25be8350 : ks!CKsPin::DispatchDeviceIoControl+0x1c9
  1270. ffffd000`230d4620 fffff800`aee9ef6c : ffffe000`24a37594 00000000`00000000 00000000`00000000 ffffe000`24a37594 : ks!KsDispatchIrp+0x61
  1271. ffffd000`230d46e0 ffffe000`24a37594 : 00000000`00000000 00000000`00000000 ffffe000`24a37594 ffffe000`00000001 : ladfGSS+0x6f6c
  1272. ffffd000`230d46e8 00000000`00000000 : 00000000`00000000 ffffe000`24a37594 ffffe000`00000001 ffffe000`00000001 : 0xffffe000`24a37594
  1273. STACK_COMMAND: kb
  1274. THREAD_SHA1_HASH_MOD_FUNC: 34e96c9da6cc8cbba2581632acce2795b2b092aa
  1275. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: ac8dfc0b8d8d6a31dbee56b0bfac0a51105845fe
  1276. THREAD_SHA1_HASH_MOD: 5327a243daf8f648d7ba66ce7c0ee91048ba22ae
  1277. FOLLOWUP_IP:
  1278. ks!KsProbeStreamIrp+275
  1279. fffff800`abefbae5 4885c0 test rax,rax
  1280. FAULT_INSTR_CODE: fc08548
  1281. SYMBOL_STACK_INDEX: 7
  1282. SYMBOL_NAME: ks!KsProbeStreamIrp+275
  1283. FOLLOWUP_NAME: MachineOwner
  1284. MODULE_NAME: ks
  1285.  
  1286. IMAGE_NAME: ks.sys
  1287.  
  1288. DEBUG_FLR_IMAGE_TIMESTAMP: 53b6a513
  1289. IMAGE_VERSION: 6.3.9600.17227
  1290. BUCKET_ID_FUNC_OFFSET: 275
  1291. FAILURE_BUCKET_ID: AV_ks!KsProbeStreamIrp
  1292. BUCKET_ID: AV_ks!KsProbeStreamIrp
  1293. PRIMARY_PROBLEM_CLASS: AV_ks!KsProbeStreamIrp
  1294. TARGET_TIME: 2017-09-22T04:04:37.000Z
  1295. SUITE_MASK: 784
  1296. PRODUCT_TYPE: 1
  1297. USER_LCID: 0
  1298. FAILURE_ID_HASH_STRING: km:av_ks!ksprobestreamirp
  1299. FAILURE_ID_HASH: {cb0f6d24-67b7-157c-a9e0-4af64fbd9e49}
  1300. Followup: MachineOwner
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!