API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 24th, 2020
64
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.56 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 00 minutes and 59 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: 8
  8. MHZ: 4008
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 5e
  12. STEPPING: 3
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.778 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 778
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  23. BUILD_TIMESTAMP: 2015-10-23 02:39:54
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.778
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information was not included in the dump file(s). This
  37. can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ======================= Dump #1: ANALYZE VERBOSE =======================
  41. ====================== File: $R12LOKB - Copy.dmp =======================
  42. ========================================================================
  43.  
  44. Mini Kernel Dump File: Only registers and stack trace are available
  45. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  46. Kernel base = 0xfffff803`7ba00000 PsLoadedModuleList = 0xfffff803`7be48150
  47. Debug session time: Sun Apr 19 16:06:20.387 2020 (UTC - 4:00)
  48. System Uptime: 0 days 0:27:48.091
  49.  
  50. BugCheck DA, {504, ffffd24080e43d40, 0, 1c87a8}
  51. *** WARNING: Unable to verify timestamp for EasyAntiCheat.sys
  52. *** ERROR: Module load completed but symbols could not be loaded for EasyAntiCheat.sys
  53. Probably caused by : memory_corruption
  54. Followup: memory_corruption
  55.  
  56. SYSTEM_PTE_MISUSE (da)
  57. A driver has corrupted system PTEs.
  58. Set HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\TrackPtes
  59. to a DWORD 3 value and reboot. If the same bugcheck occurs again the stack trace will
  60. identify the offending driver.
  61.  
  62. Arguments:
  63. Arg1: 0000000000000504, Type of error.
  64. Arg2: ffffd24080e43d40
  65. Arg3: 0000000000000000
  66. Arg4: 00000000001c87a8
  67.  
  68. Debugging Details:
  69. DUMP_CLASS: 1
  70. DUMP_QUALIFIER: 400
  71. DUMP_TYPE: 2
  72. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  73. BUGCHECK_STR: 0xDA
  74.  
  75. PROCESS_NAME: svchost.exe
  76.  
  77. CURRENT_IRQL: 2
  78. LAST_CONTROL_TRANSFER: from fffff8037bbf0fb1 to fffff8037bbc2390
  79. STACK_TEXT:
  80. ffffcc82`62d8e3f8 fffff803`7bbf0fb1 : 00000000`000000da 00000000`00000504 ffffd240`80e43d40 00000000`00000000 : nt!KeBugCheckEx
  81. ffffcc82`62d8e400 fffff803`7ba35d94 : ffffd272`c3b11008 fffff803`7bb2d8c6 00000000`00000000 ffffe587`62201010 : nt!MiReplenishBitMap+0x1bb171
  82. ffffcc82`62d8e570 fffff803`7baba0a7 : 001c9d5e`0001c840 ffffe587`00000001 00000000`00000081 ffffd272`c3b11000 : nt!MiEmptyPteBins+0x124
  83. ffffcc82`62d8e5d0 fffff803`7bab956c : 00000000`00000001 ffffe587`00000003 ffffcc82`62d8e780 ffffe587`6acbd010 : nt!MiReservePtes+0x447
  84. ffffcc82`62d8e6a0 fffff803`7bfd7942 : ffffe587`6acbd010 00000000`00080000 00000000`00080000 ffffcc82`62d8e780 : nt!MmMapLockedPagesSpecifyCache+0xcc
  85. ffffcc82`62d8e700 fffff803`7c30aff4 : 00000000`00080000 00000000`00000000 ffffcc82`62d8e7d0 00000000`00000000 : nt!ExLockUserBuffer+0xfe
  86. ffffcc82`62d8e750 fffff803`7c1fcb8a : ffffe587`62180010 00000000`00000081 00000000`00081000 00000000`00000000 : nt!ExpGetHandleInformation+0x40
  87. ffffcc82`62d8e7a0 fffff803`7c0aab8b : ffffe587`6bf47000 fffff803`d5ffb765 ffffe587`6bf47080 00000000`00080010 : nt!ExpQuerySystemInformation+0x151eda
  88. ffffcc82`62d8e9b0 fffff803`d5fdf679 : ffffcc82`62d8ea78 fffff803`d5feea32 00000000`00080000 00000000`00080010 : nt!NtQuerySystemInformation+0x2b
  89. ffffcc82`62d8e9f0 ffffcc82`62d8ea78 : fffff803`d5feea32 00000000`00080000 00000000`00080010 00000000`00000010 : EasyAntiCheat+0xf679
  90. ffffcc82`62d8e9f8 fffff803`d5feea32 : 00000000`00080000 00000000`00080010 00000000`00000010 00000000`000030dc : 0xffffcc82`62d8ea78
  91. ffffcc82`62d8ea00 00000000`00080000 : 00000000`00080010 00000000`00000010 00000000`000030dc 00000000`00080000 : EasyAntiCheat+0x1ea32
  92. ffffcc82`62d8ea08 00000000`00080010 : 00000000`00000010 00000000`000030dc 00000000`00080000 fffff803`d5fe8044 : 0x80000
  93. ffffcc82`62d8ea10 00000000`00000010 : 00000000`000030dc 00000000`00080000 fffff803`d5fe8044 ffffe587`62180010 : 0x80010
  94. ffffcc82`62d8ea18 00000000`000030dc : 00000000`00080000 fffff803`d5fe8044 ffffe587`62180010 00000000`01000000 : 0x10
  95. ffffcc82`62d8ea20 00000000`00080000 : fffff803`d5fe8044 ffffe587`62180010 00000000`01000000 00000000`00000000 : 0x30dc
  96. ffffcc82`62d8ea28 fffff803`d5fe8044 : ffffe587`62180010 00000000`01000000 00000000`00000000 fffff803`7bb11c32 : 0x80000
  97. ffffcc82`62d8ea30 ffffe587`62180010 : 00000000`01000000 00000000`00000000 fffff803`7bb11c32 00000000`00000001 : EasyAntiCheat+0x18044
  98. ffffcc82`62d8ea38 00000000`01000000 : 00000000`00000000 fffff803`7bb11c32 00000000`00000001 00000000`000030dc : 0xffffe587`62180010
  99. ffffcc82`62d8ea40 00000000`00000000 : fffff803`7bb11c32 00000000`00000001 00000000`000030dc 00000000`00000000 : 0x1000000
  100. STACK_COMMAND: kb
  101. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  102. fffff8037bab9585-fffff8037bab9586 2 bytes - nt!MmMapLockedPagesSpecifyCache+e5
  103. [ 80 f6:00 d2 ]
  104. fffff8037bb2d558-fffff8037bb2d55c 5 bytes - nt!MiProbeAndLockPages+98 (+0x73fd3)
  105. [ d0 be 7d fb f6:40 9a 34 69 d2 ]
  106. fffff8037bb2d56a-fffff8037bb2d56e 5 bytes - nt!MiProbeAndLockPages+aa (+0x12)
  107. [ d7 be 7d fb f6:47 9a 34 69 d2 ]
  108. fffff8037bb2d975-fffff8037bb2d976 2 bytes - nt!MiProbeAndLockPages+4b5 (+0x40b)
  109. [ 80 f6:00 d2 ]
  110. fffff8037bbf1022-fffff8037bbf1023 2 bytes - nt!MiExpandPtes+1ba97a (+0xc36ad)
  111. [ 80 f6:00 d2 ]
  112. fffff8037bbf104e-fffff8037bbf104f 2 bytes - nt!MiExpandPtes+1ba9a6 (+0x2c)
  113. [ 80 f6:00 d2 ]
  114. 18 errors : !nt (fffff8037bab9585-fffff8037bbf104f)
  115. MODULE_NAME: memory_corruption
  116.  
  117. IMAGE_NAME: memory_corruption
  118.  
  119. FOLLOWUP_NAME: memory_corruption
  120. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  121. MEMORY_CORRUPTOR: LARGE
  122. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  123. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  124. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  125. TARGET_TIME: 2020-04-19T20:06:20.000Z
  126. SUITE_MASK: 784
  127. PRODUCT_TYPE: 1
  128. USER_LCID: 0
  129. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  130. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  131. Followup: memory_corruption
  132.  
  133. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  134.  
  135. Oct 03 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  136. May 04 2018 - ibtusb.sys - Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
  137. Oct 22 2018 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  138. May 14 2019 - sshid.sys - SteelSeries Engine HID driver https://steelseries.com/
  139. Jun 21 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  140. Jul 02 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  141. Aug 27 2019 - Netwtw04.sys - Intel Wireless Wifi Link driver https://downloadcenter.intel.com/
  142. Jan 16 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  143. Apr 16 2020 - EasyAntiCheat.sys - EasyAntiCheat is a anti-cheat driver (EasyAntiCheat Oy.) https://support.easyanticheat.net/
  144.  
  145. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  146.  
  147. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  148. Image name: TeeDriverW8x64.sys
  149. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  150. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  151. Timestamp : Tue Oct 3 2017
  152.  
  153. Image path: \SystemRoot\System32\drivers\ibtusb.sys
  154. Image name: ibtusb.sys
  155. Search : https://www.google.com/search?q=ibtusb.sys
  156. ADA Info : Intel(R) Wireless Bluetooth(R) Filter driver (Intel Corporation)
  157. Timestamp : Fri May 4 2018
  158.  
  159. Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5BCDE005a6000\rt640x64.sys
  160. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  161. Image name: rt640x64.sys
  162. Search : https://www.google.com/search?q=rt640x64.sys
  163. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  164. Timestamp : Mon Oct 22 2018
  165. File version: 9.1.409.2015
  166. Product version: 9.1.409.2015
  167. File flags: 8 (Mask 3F) Private
  168. File OS: 40004 NT Win32
  169. File type: 3.6 Driver
  170. File date: 00000000.00000000
  171. CompanyName: Realtek
  172. ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
  173. InternalName: rt640x64.sys
  174. OriginalFilename: rt640x64.sys
  175. ProductVersion: 9.001.0409.2015
  176. FileVersion: 9.001.0409.2015
  177. FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
  178. LegalCopyright: Copyright (C) 2018 Realtek Semiconductor Corporation. All Right Reserved.
  179.  
  180. Image path: \SystemRoot\System32\drivers\sshid.sys
  181. Image name: sshid.sys
  182. Search : https://www.google.com/search?q=sshid.sys
  183. ADA Info : SteelSeries Engine HID driver https://steelseries.com/
  184. Timestamp : Tue May 14 2019
  185.  
  186. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  187. Image name: nvhda64v.sys
  188. Search : https://www.google.com/search?q=nvhda64v.sys
  189. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  190. Timestamp : Fri Jun 21 2019
  191.  
  192. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  193. Image name: RTKVHD64.sys
  194. Search : https://www.google.com/search?q=RTKVHD64.sys
  195. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  196. Timestamp : Tue Jul 2 2019
  197.  
  198. Image path: \SystemRoot\System32\drivers\Netwtw04.sys
  199. Image name: Netwtw04.sys
  200. Search : https://www.google.com/search?q=Netwtw04.sys
  201. ADA Info : Intel Wireless Wifi Link driver https://downloadcenter.intel.com/
  202. Timestamp : Tue Aug 27 2019
  203.  
  204. Image path: \SystemRoot\System32\DriverStore\FileRepository\nvhdc.inf_amd64_89d2f741860f43c6\nvlddmkm.sys
  205. Image name: nvlddmkm.sys
  206. Search : https://www.google.com/search?q=nvlddmkm.sys
  207. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  208. Timestamp : Thu Jan 16 2020
  209.  
  210. Image path: \??\C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys
  211. Image name: EasyAntiCheat.sys
  212. Search : https://www.google.com/search?q=EasyAntiCheat.sys
  213. ADA Info : EasyAntiCheat is a anti-cheat driver (EasyAntiCheat Oy.) https://support.easyanticheat.net/
  214. Timestamp : Thu Apr 16 2020
  215.  
  216. ====================== Dump #1: MICROSOFT DRIVERS ======================
  217.  
  218. ACPI.sys ACPI Driver for NT (Microsoft)
  219. acpiex.sys ACPIEx Driver (Microsoft)
  220. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  221. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  222. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  223. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  224. ahcache.sys Application Compatibility Cache (Microsoft)
  225. bam.sys BAM Kernal driver (Microsoft)
  226. BasicDisplay.sys Basic Display driver (Microsoft)
  227. BasicRender.sys Basic Render driver (Microsoft)
  228. Beep.SYS BEEP driver (Microsoft)
  229. bindflt.sys Windows Bind Filter driver (Microsoft)
  230. BOOTVID.dll VGA Boot Driver (Microsoft)
  231. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  232. BthEnum.sys Bluetooth Bus Extender
  233. bthpan.sys Bluetooth Personal Area Networking
  234. bthport.sys Bluetooth Bus driver (Microsoft)
  235. BTHUSB.sys Bluetooth Miniport driver (Microsoft)
  236. cdd.dll Canonical Display Driver (Microsoft)
  237. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  238. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  239. CI.dll Code Integrity Module (Microsoft)
  240. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  241. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  242. CLFS.SYS Common Log File System Driver (Microsoft)
  243. clipsp.sys CLIP Service (Microsoft)
  244. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  245. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  246. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  247. condrv.sys Console Driver (Microsoft)
  248. crashdmp.sys Crash Dump driver (Microsoft)
  249. dfsc.sys DFS Namespace Client Driver (Microsoft)
  250. disk.sys PnP Disk Driver (Microsoft)
  251. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  252. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  253. dump_dumpstorport.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  254. dump_stornvme.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  255. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  256. dxgmms2.sys DirectX Graphics MMS
  257. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  258. fastfat.SYS Fast FAT File System Driver (Microsoft)
  259. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  260. fileinfo.sys FileInfo Filter Driver (Microsoft)
  261. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  262. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  263. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  264. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  265. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  266. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  267. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  268. HIDCLASS.SYS Hid Class Library (Microsoft)
  269. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  270. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  271. HTTP.sys HTTP Protocol Stack (Microsoft)
  272. intelpep.sys Intel Power Engine Plugin (Microsoft)
  273. intelppm.sys Processor Device Driver (Microsoft)
  274. iorate.sys I/O rate control Filter (Microsoft)
  275. kbdclass.sys Keyboard Class Driver (Microsoft)
  276. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  277. kd.dll Local Kernal Debugger (Microsoft)
  278. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  279. ks.sys Kernal CSA Library (Microsoft)
  280. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  281. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  282. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  283. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  284. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  285. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  286. Microsoft.Bluetooth.Legacy.LEEnumerator.sys Microsoft Bluetooth Legacy LE Enumerator driver (Microsoft)
  287. mmcss.sys MMCSS Driver (Microsoft)
  288. monitor.sys Monitor Driver (Microsoft)
  289. mouclass.sys Mouse Class Driver (Microsoft)
  290. mouhid.sys HID Mouse Filter Driver (Microsoft)
  291. mountmgr.sys Mount Point Manager (Microsoft)
  292. MpKslDrv.sys Microsoft Anti-malware Protection driver
  293. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  294. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  295. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  296. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  297. Msfs.SYS Mailslot driver (Microsoft)
  298. mshidkmdf.sys Pass-through HID to KMDF Filter driver (Microsoft)
  299. msisadrv.sys ISA Driver (Microsoft)
  300. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  301. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  302. mssmbios.sys System Management BIOS driver (Microsoft)
  303. mup.sys Multiple UNC Provider driver (Microsoft)
  304. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  305. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  306. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  307. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  308. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  309. NDProxy.sys NDIS Proxy driver (Microsoft)
  310. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  311. netbios.sys NetBIOS Interface driver (Microsoft)
  312. netbt.sys MBT Transport driver (Microsoft)
  313. NETIO.SYS Network I/O Subsystem (Microsoft)
  314. Npfs.SYS NPFS driver (Microsoft)
  315. npsvctrig.sys Named pipe service triggers (Microsoft)
  316. nsiproxy.sys NSI Proxy driver (Microsoft)
  317. Ntfs.sys NT File System Driver (Microsoft)
  318. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  319. ntosext.sys NTOS Extension Host driver (Microsoft)
  320. Null.SYS NULL Driver (Microsoft)
  321. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  322. pacer.sys QoS Packet Scheduler (Microsoft)
  323. partmgr.sys Partition driver (Microsoft)
  324. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  325. pcw.sys Performance Counter Driver (Microsoft)
  326. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  327. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  328. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  329. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  330. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  331. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  332. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  333. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  334. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  335. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  336. rdyboost.sys ReadyBoost Driver (Microsoft)
  337. rfcomm.sys Bluetooth RFCOMM driver (Microsoft)
  338. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  339. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  340. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  341. spaceport.sys Storage Spaces driver (Microsoft)
  342. srv2.sys Smb 2.0 Server driver (Microsoft)
  343. srvnet.sys Server Network driver (Microsoft)
  344. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  345. stornvme.sys NVM Express Storport Miniport driver (Microsoft)
  346. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  347. storqosflt.sys Storage QoS Filter driver (Microsoft)
  348. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  349. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  350. tcpip.sys TCP/IP Protocol driver (Microsoft)
  351. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  352. TDI.SYS TDI Wrapper driver (Microsoft)
  353. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  354. tm.sys Kernel Transaction Manager driver (Microsoft)
  355. tpm.sys Trusted Platform Module Device driver (Microsoft)
  356. ucx01000.sys USB Controller Extension (Microsoft)
  357. UEFI.sys UEFI NT driver (Microsoft)
  358. umbus.sys User-Mode Bus Enumerator (Microsoft)
  359. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  360. USBD.SYS Universal Serial Bus Driver (Microsoft)
  361. UsbHub3.sys USB3 HUB driver (Microsoft)
  362. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  363. USBXHCI.SYS USB XHCI driver (Microsoft)
  364. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  365. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  366. volmgr.sys Volume Manager Driver (Microsoft)
  367. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  368. volsnap.sys Volume Shadow Copy driver (Microsoft)
  369. volume.sys Volume driver (Microsoft)
  370. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  371. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  372. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  373. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  374. watchdog.sys Watchdog driver (Microsoft)
  375. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  376. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  377. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  378. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  379. wdiwifi.sys WDI Driver Framework driver (Microsoft)
  380. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  381. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  382. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  383. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  384. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  385. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  386. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  387. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  388. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  389. winquic.sys QUIC Transport Protocol driver (Microsoft)
  390. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  391. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  392. Wof.sys Windows Overlay Filter (Microsoft)
  393. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  394. WppRecorder.sys WPP Trace Recorder (Microsoft)
  395. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  396.  
  397. ====================== Dump #1: UNLOADED MODULES =======================
  398.  
  399. fffff803`923a0000 fffff803`923af000 dump_storpor
  400. fffff803`923e0000 fffff803`92408000 dump_stornvm
  401. fffff803`92430000 fffff803`9244e000 dump_dumpfve
  402. fffff803`d5da0000 fffff803`d5f0f000 EasyAntiChea
  403. fffff803`90920000 fffff803`9092f000 dump_storpor
  404. fffff803`90960000 fffff803`90988000 dump_stornvm
  405. fffff803`909b0000 fffff803`909ce000 dump_dumpfve
  406. fffff803`90bd0000 fffff803`90bee000 dam.sys
  407. fffff803`7d630000 fffff803`7d641000 WdBoot.sys
  408. fffff803`7e5d0000 fffff803`7e5e1000 hwpolicy.sys
  409.  
  410. ====================== Dump #1: BIOS INFORMATION =======================
  411.  
  412. sysinfo: could not find necessary interfaces.
  413. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  414.  
  415. ========================== Dump #1: Extra #1 ===========================
  416.  
  417. 4: kd> !verifier
  418. Verify Flags Level 0x00000000
  419. STANDARD FLAGS:
  420. [X] (0x00000000) Automatic Checks
  421. [ ] (0x00000001) Special pool
  422. [ ] (0x00000002) Force IRQL checking
  423. [ ] (0x00000008) Pool tracking
  424. [ ] (0x00000010) I/O verification
  425. [ ] (0x00000020) Deadlock detection
  426. [ ] (0x00000080) DMA checking
  427. [ ] (0x00000100) Security checks
  428. [ ] (0x00000800) Miscellaneous checks
  429. [ ] (0x00020000) DDI compliance checking
  430. ADDITIONAL FLAGS:
  431. [ ] (0x00000004) Randomized low resources simulation
  432. [ ] (0x00000200) Force pending I/O requests
  433. [ ] (0x00000400) IRP logging
  434. [ ] (0x00002000) Invariant MDL checking for stack
  435. [ ] (0x00004000) Invariant MDL checking for driver
  436. [ ] (0x00008000) Power framework delay fuzzing
  437. [ ] (0x00010000) Port/miniport interface checking
  438. [ ] (0x00040000) Systematic low resources simulation
  439. [ ] (0x00080000) DDI compliance checking (additional)
  440. [ ] (0x00200000) NDIS/WIFI verification
  441. [ ] (0x00800000) Kernel synchronization delay fuzzing
  442. [ ] (0x01000000) VM switch verification
  443. [ ] (0x02000000) Code integrity checks
  444. [X] Indicates flag is enabled
  445. Summary of All Verifier Statistics
  446. RaiseIrqls 0x0
  447. AcquireSpinLocks 0x0
  448. Synch Executions 0x0
  449. Trims 0x0
  450. Pool Allocations Attempted 0x0
  451. Pool Allocations Succeeded 0x0
  452. Pool Allocations Succeeded SpecialPool 0x0
  453. Pool Allocations With NO TAG 0x0
  454. Pool Allocations Failed 0x0
  455. Current paged pool allocations 0x0 for 00000000 bytes
  456. Peak paged pool allocations 0x0 for 00000000 bytes
  457. Current nonpaged pool allocations 0x0 for 00000000 bytes
  458. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  459.  
  460. ========================== Dump #1: Extra #2 ===========================
  461.  
  462. 4: kd> !thread
  463. THREAD ffffe5876bf47080 Cid 30dc.0ba8 Teb: 000000d7a067b000 Win32Thread: 0000000000000000 RUNNING on processor 4
  464. Impersonation token: ffffa883bfe57730 (Level Impersonation)
  465. GetUlongFromAddress: unable to read from fffff8037be2ca14
  466. Owning Process ffffe5876dde5080 Image: svchost.exe
  467. Attached Process N/A Image: N/A
  468. fffff78000000000: Unable to get shared data
  469. Wait Start TickCount 106757
  470. Context Switch Count 18 IdealProcessor: 0
  471. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  472. UserTime 00:00:00.000
  473. KernelTime 00:00:00.000
  474. Win32 Start Address 0x00007ffaf0713ce0
  475. Stack Init ffffcc8262d8fb90 Current ffffcc8262d8e140
  476. Base ffffcc8262d90000 Limit ffffcc8262d89000 Call 0000000000000000
  477. Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  478. Child-SP RetAddr : Args to Child : Call Site
  479. ffffcc82`62d8e3f8 fffff803`7bbf0fb1 : 00000000`000000da 00000000`00000504 ffffd240`80e43d40 00000000`00000000 : nt!KeBugCheckEx
  480. ffffcc82`62d8e400 fffff803`7ba35d94 : ffffd272`c3b11008 fffff803`7bb2d8c6 00000000`00000000 ffffe587`62201010 : nt!MiReplenishBitMap+0x1bb171
  481. ffffcc82`62d8e570 fffff803`7baba0a7 : 001c9d5e`0001c840 ffffe587`00000001 00000000`00000081 ffffd272`c3b11000 : nt!MiEmptyPteBins+0x124
  482. ffffcc82`62d8e5d0 fffff803`7bab956c : 00000000`00000001 ffffe587`00000003 ffffcc82`62d8e780 ffffe587`6acbd010 : nt!MiReservePtes+0x447
  483. ffffcc82`62d8e6a0 fffff803`7bfd7942 : ffffe587`6acbd010 00000000`00080000 00000000`00080000 ffffcc82`62d8e780 : nt!MmMapLockedPagesSpecifyCache+0xcc
  484. ffffcc82`62d8e700 fffff803`7c30aff4 : 00000000`00080000 00000000`00000000 ffffcc82`62d8e7d0 00000000`00000000 : nt!ExLockUserBuffer+0xfe
  485. ffffcc82`62d8e750 fffff803`7c1fcb8a : ffffe587`62180010 00000000`00000081 00000000`00081000 00000000`00000000 : nt!ExpGetHandleInformation+0x40
  486. ffffcc82`62d8e7a0 fffff803`7c0aab8b : ffffe587`6bf47000 fffff803`d5ffb765 ffffe587`6bf47080 00000000`00080010 : nt!ExpQuerySystemInformation+0x151eda
  487. ffffcc82`62d8e9b0 fffff803`d5fdf679 : ffffcc82`62d8ea78 fffff803`d5feea32 00000000`00080000 00000000`00080010 : nt!NtQuerySystemInformation+0x2b
  488. ffffcc82`62d8e9f0 ffffcc82`62d8ea78 : fffff803`d5feea32 00000000`00080000 00000000`00080010 00000000`00000010 : EasyAntiCheat+0xf679
  489. ffffcc82`62d8e9f8 fffff803`d5feea32 : 00000000`00080000 00000000`00080010 00000000`00000010 00000000`000030dc : 0xffffcc82`62d8ea78
  490. ffffcc82`62d8ea00 00000000`00080000 : 00000000`00080010 00000000`00000010 00000000`000030dc 00000000`00080000 : EasyAntiCheat+0x1ea32
  491. ffffcc82`62d8ea08 00000000`00080010 : 00000000`00000010 00000000`000030dc 00000000`00080000 fffff803`d5fe8044 : 0x80000
  492. ffffcc82`62d8ea10 00000000`00000010 : 00000000`000030dc 00000000`00080000 fffff803`d5fe8044 ffffe587`62180010 : 0x80010
  493. ffffcc82`62d8ea18 00000000`000030dc : 00000000`00080000 fffff803`d5fe8044 ffffe587`62180010 00000000`01000000 : 0x10
  494. ffffcc82`62d8ea20 00000000`00080000 : fffff803`d5fe8044 ffffe587`62180010 00000000`01000000 00000000`00000000 : 0x30dc
  495. ffffcc82`62d8ea28 fffff803`d5fe8044 : ffffe587`62180010 00000000`01000000 00000000`00000000 fffff803`7bb11c32 : 0x80000
  496. ffffcc82`62d8ea30 ffffe587`62180010 : 00000000`01000000 00000000`00000000 fffff803`7bb11c32 00000000`00000001 : EasyAntiCheat+0x18044
  497. ffffcc82`62d8ea38 00000000`01000000 : 00000000`00000000 fffff803`7bb11c32 00000000`00000001 00000000`000030dc : 0xffffe587`62180010
  498. ffffcc82`62d8ea40 00000000`00000000 : fffff803`7bb11c32 00000000`00000001 00000000`000030dc 00000000`00000000 : 0x1000000
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!