========================== AUTO DUMP ANALYZER ==========================Auto D

1. ========================== AUTO DUMP ANALYZER ==========================
2. Auto Dump Analyzer
3. Version: 0.91
4. Time to analyze file(s): 00 hours and 07 minutes and 33 seconds
5.  
6. ================================= CPU ==================================
7. COUNT: 4
8. MHZ: 3600
9. VENDOR: GenuineIntel
10. FAMILY: 6
11. MODEL: 9e
12. STEPPING: b
13.  
14. ================================== OS ==================================
15. Product: WinNt, suite: TerminalServer SingleUserTS
16. Built by: 19041.1.amd64fre.vb_release.191206-1406
17. BUILD_VERSION: 10.0.19041.388 (WinBuild.160101.0800)
18. BUILD: 19041
19. SERVICEPACK: 388
20. PLATFORM_TYPE: x64
21. NAME: Windows 10
22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
23. BUILD_TIMESTAMP: unknown_date
24. BUILDDATESTAMP: 160101.0800
25. BUILDLAB: WinBuild
26. BUILDOSVER: 10.0.19041.388
27.  
28. =============================== DEBUGGER ===============================
29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
30. Copyright (c) Microsoft Corporation. All rights reserved.
31.  
32. =============================== COMMENTS ===============================
33. * Information gathered from different dump files may be different. If
34. Windows updates between two dump files, two or more OS versions may
35. be shown above.
36. * Additional BIOS information was not included in the dump file(s). This
37. can be caused by an outdated BIOS.
38.  
39. ========================================================================
40. ======================= Dump #1: ANALYZE VERBOSE =======================
41. ======================= File: 080320-6906-01.dmp =======================
42. ========================================================================
43.  
44. Mini Kernel Dump File: Only registers and stack trace are available
45. Windows 10 Kernel Version 19041 MP (4 procs) Free x64
46. Kernel base = 0xfffff804`16400000 PsLoadedModuleList = 0xfffff804`1702a310
47. Debug session time: Mon Aug 3 05:20:31.568 2020 (UTC - 4:00)
48. System Uptime: 0 days 0:02:07.254
49.  
50. BugCheck D1, {0, 2, 0, fffff8041aad8aac}
51. *** WARNING: Unable to verify timestamp for klwfp.sys
52. *** ERROR: Module load completed but symbols could not be loaded for klwfp.sys
53. Probably caused by : NETIO.SYS ( NETIO!NetioDereferenceNetBufferList+88 )
54. Followup: MachineOwner
55.  
56. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
57. An attempt was made to access a pageable (or completely invalid) address at an
58. interrupt request level (IRQL) that is too high. This is usually
59. caused by drivers using improper addresses.
60. If kernel debugger is available get stack backtrace.
61.  
62. Arguments:
63. Arg1: 0000000000000000, memory referenced
64. Arg2: 0000000000000002, IRQL
65. Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
66. Arg4: fffff8041aad8aac, address which referenced memory
67.  
68. Debugging Details:
69. DUMP_CLASS: 1
70. DUMP_QUALIFIER: 400
71. TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
72. DUMP_TYPE: 2
73. READ_ADDRESS: fffff804170fa388: Unable to get MiVisibleState
74. 0000000000000000
75. CURRENT_IRQL: 2
76. FAULTING_IP:
77. tcpip!FlpReturnNetBufferListChain+6f71c
78. fffff804`1aad8aac 488b01 mov rax,qword ptr [rcx]
79. CUSTOMER_CRASH_COUNT: 1
80. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
81. BUGCHECK_STR: AV
82.  
83. PROCESS_NAME: System
84.  
85. TRAP_FRAME: fffff48ccfadf170 -- (.trap 0xfffff48ccfadf170)
86. NOTE: The trap frame does not contain all registers.
87. Some register values may be zeroed or incorrect.
88. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
89. rdx=00000000000000c8 rsi=0000000000000000 rdi=0000000000000000
90. rip=fffff8041aad8aac rsp=fffff48ccfadf300 rbp=ffffd58c4bff3c10
91. r8=00000000000001f0 r9=0000000000000000 r10=ffffd58c48393768
92. r11=00000000000000b7 r12=0000000000000000 r13=0000000000000000
93. r14=0000000000000000 r15=0000000000000000
94. iopl=0 nv up ei ng nz na pe nc
95. tcpip!FlpReturnNetBufferListChain+0x6f71c:
96. fffff804`1aad8aac 488b01 mov rax,qword ptr [rcx] ds:00000000`00000000=????????????????
97. Resetting default scope
98. LAST_CONTROL_TRANSFER: from fffff804167efa29 to fffff804167ddb60
99. STACK_TEXT:
100. fffff48c`cfadf028 fffff804`167efa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
101. fffff48c`cfadf030 fffff804`167ebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
102. fffff48c`cfadf170 fffff804`1aad8aac : ffffd58c`48373f10 00000000`00000000 ffffd58c`4bcb3d80 00000000`00000000 : nt!KiPageFault+0x469
103. fffff48c`cfadf300 fffff804`1a925d98 : ffffd58c`45645300 ffffd58c`4bff3c10 00000000`00000000 fffff804`1a922504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
104. fffff48c`cfadf360 fffff804`1a925bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff48c`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
105. fffff48c`cfadf3b0 fffff804`1aa3ae96 : 00000000`00000000 fffff48c`cfadf400 00000000`00000000 ffffd58c`43eba000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
106. fffff48c`cfadf430 fffff804`1aa3747f : fffff804`1abfa230 ffffd58c`43d6c8a0 ffffd58c`43eba000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
107. fffff48c`cfadf530 fffff804`1ab617a2 : ffffd58c`4ab32710 ffffd58c`4bcb3d80 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
108. fffff48c`cfadf650 fffff804`1ab61624 : ffffd58c`43b53040 fffff48c`cfadf900 fffff48c`cfadf900 ffffd58c`43d50400 : tcpip!IppInspectInjectReceiveEx+0x172
109. fffff48c`cfadf6a0 fffff804`1ad087b6 : fffff804`1ad086a0 fffff48c`cfadf900 00000000`00000000 fffff804`1663739e : tcpip!IppInspectInjectReceive+0x24
110. fffff48c`cfadf700 fffff804`16637218 : fffff48c`cfadf900 ffffd58c`43d50480 00000000`00000003 ffffd58c`4a47f3b0 : fwpkclnt!FwppInjectionStackCallout+0x116
111. fffff48c`cfadf790 fffff804`1663718d : fffff804`1ad086a0 fffff48c`cfadf900 ffffd58c`43c9c3c0 ffffd58c`4dff78f0 : nt!KeExpandKernelStackAndCalloutInternal+0x78
112. fffff48c`cfadf800 fffff804`1ad0a2b4 : 00000000`00000001 fffff804`1acf16e3 ffffd58c`4a47f3b0 fffff804`1cf35530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
113. fffff48c`cfadf840 fffff804`1ad09ea4 : 00000000`00000000 fffff48c`cfadf979 00000000`00000001 ffffd58c`4bcb3d80 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
114. fffff48c`cfadf880 fffff804`1cf35685 : ffffd58c`452dc2e0 ffffd58c`4a47f3b0 ffffffff`00000000 ffffd58c`4a47f3b0 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
115. fffff48c`cfadf9c0 ffffd58c`452dc2e0 : ffffd58c`4a47f3b0 ffffffff`00000000 ffffd58c`4a47f3b0 01010101`00000002 : klwfp+0x5685
116. fffff48c`cfadf9c8 ffffd58c`4a47f3b0 : ffffffff`00000000 ffffd58c`4a47f3b0 01010101`00000002 00000000`00000001 : 0xffffd58c`452dc2e0
117. fffff48c`cfadf9d0 ffffffff`00000000 : ffffd58c`4a47f3b0 01010101`00000002 00000000`00000001 00000000`00000011 : 0xffffd58c`4a47f3b0
118. fffff48c`cfadf9d8 ffffd58c`4a47f3b0 : 01010101`00000002 00000000`00000001 00000000`00000011 00000000`00000000 : 0xffffffff`00000000
119. fffff48c`cfadf9e0 01010101`00000002 : 00000000`00000001 00000000`00000011 00000000`00000000 ffffd58c`00000000 : 0xffffd58c`4a47f3b0
120. fffff48c`cfadf9e8 00000000`00000001 : 00000000`00000011 00000000`00000000 ffffd58c`00000000 fffff804`1cf35530 : 0x01010101`00000002
121. fffff48c`cfadf9f0 00000000`00000011 : 00000000`00000000 ffffd58c`00000000 fffff804`1cf35530 ffffd58c`4a47f3b0 : 0x1
122. fffff48c`cfadf9f8 00000000`00000000 : ffffd58c`00000000 fffff804`1cf35530 ffffd58c`4a47f3b0 ffffd58c`452caff0 : 0x11
123. STACK_COMMAND: kb
124. THREAD_SHA1_HASH_MOD_FUNC: ba0cd6b4cdf456ab1f345f4a868c50ff0dc07d3d
125. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: d993a4663540889d31e12f91daa50cf6a36edfe7
126. THREAD_SHA1_HASH_MOD: 1e2611d0f57659d8711f1f61624d86e427b7c3cb
127. FOLLOWUP_IP:
128. NETIO!NetioDereferenceNetBufferList+88
129. fffff804`1a925d98 4885ff test rdi,rdi
130. FAULT_INSTR_CODE: 74ff8548
131. SYMBOL_STACK_INDEX: 4
132. SYMBOL_NAME: NETIO!NetioDereferenceNetBufferList+88
133. FOLLOWUP_NAME: MachineOwner
134. MODULE_NAME: NETIO
135.  
136. IMAGE_NAME: NETIO.SYS
137.  
138. DEBUG_FLR_IMAGE_TIMESTAMP: 6e89bcc
139. IMAGE_VERSION: 10.0.19041.208
140. BUCKET_ID_FUNC_OFFSET: 88
141. FAILURE_BUCKET_ID: OLD_IMAGE_NETIO.SYS
142. BUCKET_ID: OLD_IMAGE_NETIO.SYS
143. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_NETIO.SYS
144. TARGET_TIME: 2020-08-03T09:20:31.000Z
145. SUITE_MASK: 272
146. PRODUCT_TYPE: 1
147. USER_LCID: 0
148. FAILURE_ID_HASH_STRING: km:old_image_netio.sys
149. FAILURE_ID_HASH: {248567a9-afbb-75e2-4d3a-e2178362efb0}
150. Followup: MachineOwner
151.  
152. ====================== Dump #1: 3RD PARTY DRIVERS ======================
153.  
154. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
155. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
156. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
157. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
158. May 28 2015 - netr28ux.sys - Ralink Wireless Adapter driver https://www.mediatek.com/
159. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
160. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
161. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
162. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
163. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
164. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
165. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
166. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
167. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
168. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
169. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
170. Jun 19 2020 - klgse.sys - Kaspersky Security Extender driver
171. Jun 19 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
172. Jun 29 2020 - vgk.sys - Vanguard Anti-Cheat driver
173. Jul 17 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
174. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
175. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
176. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
177. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
178. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
179. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
180.  
181. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
182.  
183. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
184. Image name: klmouflt.sys
185. Search : https://www.google.com/search?q=klmouflt.sys
186. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
187. Timestamp : Fri Sep 12 1975
188.  
189. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
190. Image name: klwtp.sys
191. Search : https://www.google.com/search?q=klwtp.sys
192. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
193. Timestamp : Sat May 5 2007
194.  
195. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
196. Image name: klbackupdisk.sys
197. Search : https://www.google.com/search?q=klbackupdisk.sys
198. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
199. Timestamp : Sun Apr 13 2008
200.  
201. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
202. Image name: klim6.sys
203. Search : https://www.google.com/search?q=klim6.sys
204. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
205. Timestamp : Wed Jan 7 2015
206.  
207. Mapped memory image file: C:\ProgramData\dbg\sym\netr28ux.sys\55672624229000\netr28ux.sys
208. Image path: \SystemRoot\System32\drivers\netr28ux.sys
209. Image name: netr28ux.sys
210. Search : https://www.google.com/search?q=netr28ux.sys
211. ADA Info : Ralink Wireless Adapter driver https://www.mediatek.com/
212. Timestamp : Thu May 28 2015
213. File version: 5.1.22.0
214. Product version: 5.1.22.0
215. File flags: 8 (Mask 3F) Private
216. File OS: 40004 NT Win32
217. File type: 3.6 Driver
218. File date: 00000000.00000000
219. CompanyName: MediaTek Inc.
220. ProductName: MediaTek 802.11n Wireless Adapters
221. InternalName: netr28ux.sys
222. OriginalFilename: netr28ux.sys
223. ProductVersion: 5.01.22.0000
224. FileVersion: 5.01.22.0000
225. FileDescription: MediaTek 802.11n Wireless Adapter Driver
226. LegalCopyright: MediaTek Inc. (C)2015. All rights reserved.
227.  
228. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
229. Image name: cm_km.sys
230. Search : https://www.google.com/search?q=cm_km.sys
231. ADA Info : Kaspersky Cryptographic Module Driver
232. Timestamp : Fri Feb 15 2019
233.  
234. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
235. Image name: klwfp.sys
236. Search : https://www.google.com/search?q=klwfp.sys
237. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
238. Timestamp : Tue Feb 26 2019
239.  
240. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
241. Image name: nvhda64v.sys
242. Search : https://www.google.com/search?q=nvhda64v.sys
243. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
244. Timestamp : Tue Mar 19 2019
245.  
246. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
247. Image name: TeeDriverW8x64.sys
248. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
249. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
250. Timestamp : Thu Apr 4 2019
251.  
252. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
253. Image name: RTKVHD64.sys
254. Search : https://www.google.com/search?q=RTKVHD64.sys
255. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
256. Timestamp : Tue May 14 2019
257.  
258. Image path: \SystemRoot\System32\drivers\rt640x64.sys
259. Image name: rt640x64.sys
260. Search : https://www.google.com/search?q=rt640x64.sys
261. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
262. Timestamp : Mon Jul 1 2019
263.  
264. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
265. Image name: nvlddmkm.sys
266. Search : https://www.google.com/search?q=nvlddmkm.sys
267. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
268. Timestamp : Wed Oct 2 2019
269.  
270. Image path: \SystemRoot\system32\DRIVERS\klif.sys
271. Image name: klif.sys
272. Search : https://www.google.com/search?q=klif.sys
273. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
274. Timestamp : Fri Mar 13 2020
275.  
276. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
277. Image name: klupd_klif_mark.sys
278. Search : https://www.google.com/search?q=klupd_klif_mark.sys
279. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
280. Timestamp : Fri Mar 20 2020
281.  
282. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
283. Image name: klupd_klif_arkmon.sys
284. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
285. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
286. Timestamp : Sun Mar 22 2020
287.  
288. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
289. Image name: klupd_klif_klbg.sys
290. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
291. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
292. Timestamp : Wed Jun 17 2020
293.  
294. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
295. Image name: klgse.sys
296. Search : https://www.google.com/search?q=klgse.sys
297. ADA Info : Kaspersky Security Extender driver
298. Timestamp : Fri Jun 19 2020
299.  
300. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
301. Image name: klhk.sys
302. Search : https://www.google.com/search?q=klhk.sys
303. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
304. Timestamp : Fri Jun 19 2020
305.  
306. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
307. Image name: vgk.sys
308. Search : https://www.google.com/search?q=vgk.sys
309. ADA Info : Vanguard Anti-Cheat driver
310. Timestamp : Mon Jun 29 2020
311.  
312. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
313. Image name: klids.sys
314. Search : https://www.google.com/search?q=klids.sys
315. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
316. Timestamp : Fri Jul 17 2020
317.  
318. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
319. Image name: klkbdflt.sys
320. Search : https://www.google.com/search?q=klkbdflt.sys
321. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
322. Timestamp : Tue Nov 16 2021
323.  
324. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
325. Image name: klpd.sys
326. Search : https://www.google.com/search?q=klpd.sys
327. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
328. Timestamp : Tue Mar 13 2029
329.  
330. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
331. Image name: klflt.sys
332. Search : https://www.google.com/search?q=klflt.sys
333. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
334. Timestamp : Mon Aug 13 2029
335.  
336. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
337. Image name: klbackupflt.sys
338. Search : https://www.google.com/search?q=klbackupflt.sys
339. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
340. Timestamp : ***** Invalid (946E4501)
341.  
342. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
343. Image name: kldisk.sys
344. Search : https://www.google.com/search?q=kldisk.sys
345. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
346. Timestamp : ***** Invalid (B1F414C8)
347.  
348. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
349. Image name: kneps.sys
350. Search : https://www.google.com/search?q=kneps.sys
351. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
352. Timestamp : ***** Invalid (E34C73F4)
353.  
354. ====================== Dump #1: MICROSOFT DRIVERS ======================
355.  
356. ACPI.sys ACPI Driver for NT (Microsoft)
357. acpiex.sys ACPIEx Driver (Microsoft)
358. acpitime.sys ACPI Wake Alarm (Microsoft)
359. afd.sys Ancillary Function Driver for WinSock (Microsoft)
360. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
361. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
362. ahcache.sys Application Compatibility Cache (Microsoft)
363. bam.sys BAM Kernal driver (Microsoft)
364. BasicDisplay.sys Basic Display driver (Microsoft)
365. BasicRender.sys Basic Render driver (Microsoft)
366. Beep.SYS BEEP driver (Microsoft)
367. bindflt.sys Windows Bind Filter driver (Microsoft)
368. BOOTVID.dll VGA Boot Driver (Microsoft)
369. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
370. cdd.dll Canonical Display Driver (Microsoft)
371. cdrom.sys SCSI CD-ROM Driver (Microsoft)
372. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
373. CI.dll Code Integrity Module (Microsoft)
374. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
375. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
376. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
377. CLFS.SYS Common Log File System Driver (Microsoft)
378. clipsp.sys CLIP Service (Microsoft)
379. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
380. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
381. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
382. condrv.sys Console Driver (Microsoft)
383. crashdmp.sys Crash Dump driver (Microsoft)
384. csc.sys Windows Client Side Caching driver (Microsoft)
385. dfsc.sys DFS Namespace Client Driver (Microsoft)
386. disk.sys PnP Disk Driver (Microsoft)
387. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
388. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
389. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
390. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
391. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
392. dxgmms2.sys DirectX Graphics MMS
393. fastfat.SYS Fast FAT File System Driver (Microsoft)
394. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
395. fileinfo.sys FileInfo Filter Driver (Microsoft)
396. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
397. Fs_Rec.sys File System Recognizer Driver (Microsoft)
398. FsDepends.sys File System Dependency Manager Mini Filter driver (Microsoft)
399. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
400. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
401. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
402. hal.dll Hardware Abstraction Layer DLL (Microsoft)
403. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
404. HIDCLASS.SYS Hid Class Library (Microsoft)
405. HIDPARSE.SYS Hid Parsing Library (Microsoft)
406. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
407. HTTP.sys HTTP Protocol Stack (Microsoft)
408. hvservice.sys Hypervisor Boot driver (Microsoft)
409. hvsocket.sys Hyper-V Socket Provider (Microsoft)
410. hvsocketcontrol.sys Hyper-V Socket Provider Control driver (Microsoft)
411. intelpep.sys Intel Power Engine Plugin (Microsoft)
412. intelppm.sys Processor Device Driver (Microsoft)
413. IntelTA.sys Intel Telemetry Driver
414. iorate.sys I/O rate control Filter (Microsoft)
415. kbdclass.sys Keyboard Class Driver (Microsoft)
416. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
417. kd.dll Local Kernal Debugger (Microsoft)
418. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
419. ks.sys Kernal CSA Library (Microsoft)
420. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
421. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
422. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
423. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
424. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
425. mmcss.sys MMCSS Driver (Microsoft)
426. monitor.sys Monitor Driver (Microsoft)
427. mouclass.sys Mouse Class Driver (Microsoft)
428. mouhid.sys HID Mouse Filter Driver (Microsoft)
429. mountmgr.sys Mount Point Manager (Microsoft)
430. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
431. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
432. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
433. Msfs.SYS Mailslot driver (Microsoft)
434. msisadrv.sys ISA Driver (Microsoft)
435. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
436. msquic.sys Windows QUIC Driver
437. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
438. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
439. mssmbios.sys System Management BIOS driver (Microsoft)
440. mup.sys Multiple UNC Provider driver (Microsoft)
441. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
442. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
443. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
444. ndisuio.sys NDIS User mode I/O driver (Microsoft)
445. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
446. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
447. NDProxy.sys NDIS Proxy driver (Microsoft)
448. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
449. netbios.sys NetBIOS Interface driver (Microsoft)
450. netbt.sys MBT Transport driver (Microsoft)
451. NETIO.SYS Network I/O Subsystem (Microsoft)
452. Npfs.SYS NPFS driver (Microsoft)
453. npsvctrig.sys Named pipe service triggers (Microsoft)
454. nsiproxy.sys NSI Proxy driver (Microsoft)
455. Ntfs.sys NT File System Driver (Microsoft)
456. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
457. ntosext.sys NTOS Extension Host driver (Microsoft)
458. Null.SYS NULL Driver (Microsoft)
459. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
460. pacer.sys QoS Packet Scheduler (Microsoft)
461. partmgr.sys Partition driver (Microsoft)
462. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
463. pcw.sys Performance Counter Driver (Microsoft)
464. pdc.sys Power Dependency Coordinator Driver (Microsoft)
465. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
466. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
467. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
468. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
469. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
470. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
471. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
472. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
473. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
474. rdyboost.sys ReadyBoost Driver (Microsoft)
475. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
476. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
477. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
478. spaceport.sys Storage Spaces driver (Microsoft)
479. srv2.sys Smb 2.0 Server driver (Microsoft)
480. srvnet.sys Server Network driver (Microsoft)
481. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
482. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
483. storqosflt.sys Storage QoS Filter driver (Microsoft)
484. storvsp.sys Storage vsp Driver (Microsoft)
485. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
486. tbs.sys Export driver for kernel mode TPM API (Microsoft)
487. tcpip.sys TCP/IP Protocol driver (Microsoft)
488. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
489. TDI.SYS TDI Wrapper driver (Microsoft)
490. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
491. tm.sys Kernel Transaction Manager driver (Microsoft)
492. ucx01000.sys USB Controller Extension (Microsoft)
493. umbus.sys User-Mode Bus Enumerator (Microsoft)
494. usbaudio.sys USB Audio Class Driver (Microsoft)
495. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
496. USBD.SYS Universal Serial Bus Driver (Microsoft)
497. UsbHub3.sys USB3 HUB driver (Microsoft)
498. usbvideo.sys USB Video Class Driver (Microsoft)
499. USBXHCI.SYS USB XHCI driver (Microsoft)
500. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
501. vfpext.sys Microsoft Azure VFP Extension (Microsoft)
502. vhdmp.sys VHD Miniport driver (Microsoft)
503. vhdparser.sys VHD Parser driver (Microsoft)
504. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
505. vkrnlintvsp.sys Microsoft Hyper-V NT Kernel Integration VSP Driver
506. vmbkmclr.sys Hyper-V VMBus Root KMCL (Microsoft)
507. vmbusr.sys Microsoft Hyper-V Virtual Machine Bus Root driver (Microsoft)
508. VmsProxy.sys VMSwitch Proxy Driver
509. VmsProxyHNic.sys VmSwitch NIC Proxy Driver
510. vmswitch.sys Network Virtualization Service Provider (Microsoft)
511. volmgr.sys Volume Manager Driver (Microsoft)
512. volmgrx.sys Volume Manager Extension Driver (Microsoft)
513. volsnap.sys Volume Shadow Copy driver (Microsoft)
514. volume.sys Volume driver (Microsoft)
515. vpcivsp.sys Virtual PCI VSP driver (Microsoft)
516. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
517. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
518. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
519. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
520. watchdog.sys Watchdog driver (Microsoft)
521. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
522. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
523. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
524. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
525. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
526. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
527. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
528. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
529. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
530. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
531. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
532. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
533. winnat.sys Windows NAT Driver
534. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
535. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
536. Wof.sys Windows Overlay Filter (Microsoft)
537. WppRecorder.sys WPP Trace Recorder (Microsoft)
538.  
539. ====================== Dump #1: UNLOADED MODULES =======================
540.  
541. fffff804`1d060000 fffff804`1d099000 klids.sys
542. fffff804`5a1b0000 fffff804`5a1bb000 klpnpflt.sys
543. fffff804`5a190000 fffff804`5a1a1000 MSKSSRV.sys
544. fffff804`5a9a0000 fffff804`5a9b7000 klupd_klif_k
545. fffff804`1a3d0000 fffff804`1a3ed000 EhStorClass.
546. fffff804`1b610000 fffff804`1b61f000 dump_storpor
547. fffff804`1b660000 fffff804`1b693000 dump_storahc
548. fffff804`1b6c0000 fffff804`1b6de000 dump_dumpfve
549. fffff804`1bdd0000 fffff804`1bddb000 klpnpflt.sys
550. fffff804`1d5c0000 fffff804`1d5cc000 WdmCompanion
551. fffff804`20fe0000 fffff804`20feb000 klpnpflt.sys
552. fffff804`1f890000 fffff804`1f89b000 klpnpflt.sys
553. fffff804`1d100000 fffff804`1d11c000 dam.sys
554. fffff804`19e90000 fffff804`19ea2000 WdBoot.sys
555. fffff804`19e80000 fffff804`19e8e000 klelam.sys
556. fffff804`1b030000 fffff804`1b040000 hwpolicy.sys
557. fffff804`139f0000 fffff804`13c80000 mcupdate.dll
558.  
559. ====================== Dump #1: BIOS INFORMATION =======================
560.  
561. sysinfo: could not find necessary interfaces.
562. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
563.  
564. ========================== Dump #1: Extra #1 ===========================
565.  
566. 1: kd> !verifier
567. Verify Flags Level 0x00000000
568. STANDARD FLAGS:
569. [X] (0x00000000) Automatic Checks
570. [ ] (0x00000001) Special pool
571. [ ] (0x00000002) Force IRQL checking
572. [ ] (0x00000008) Pool tracking
573. [ ] (0x00000010) I/O verification
574. [ ] (0x00000020) Deadlock detection
575. [ ] (0x00000080) DMA checking
576. [ ] (0x00000100) Security checks
577. [ ] (0x00000800) Miscellaneous checks
578. [ ] (0x00020000) DDI compliance checking
579. ADDITIONAL FLAGS:
580. [ ] (0x00000004) Randomized low resources simulation
581. [ ] (0x00000200) Force pending I/O requests
582. [ ] (0x00000400) IRP logging
583. [ ] (0x00002000) Invariant MDL checking for stack
584. [ ] (0x00004000) Invariant MDL checking for driver
585. [ ] (0x00008000) Power framework delay fuzzing
586. [ ] (0x00010000) Port/miniport interface checking
587. [ ] (0x00040000) Systematic low resources simulation
588. [ ] (0x00080000) DDI compliance checking (additional)
589. [ ] (0x00200000) NDIS/WIFI verification
590. [ ] (0x00800000) Kernel synchronization delay fuzzing
591. [ ] (0x01000000) VM switch verification
592. [ ] (0x02000000) Code integrity checks
593. [X] Indicates flag is enabled
594. Summary of All Verifier Statistics
595. RaiseIrqls 0x0
596. AcquireSpinLocks 0x0
597. Synch Executions 0x0
598. Trims 0x0
599. Pool Allocations Attempted 0x0
600. Pool Allocations Succeeded 0x0
601. Pool Allocations Succeeded SpecialPool 0x0
602. Pool Allocations With NO TAG 0x0
603. Pool Allocations Failed 0x0
604. Current paged pool allocations 0x0 for 00000000 bytes
605. Peak paged pool allocations 0x0 for 00000000 bytes
606. Current nonpaged pool allocations 0x0 for 00000000 bytes
607. Peak nonpaged pool allocations 0x0 for 00000000 bytes
608.  
609. ========================== Dump #1: Extra #2 ===========================
610.  
611. 1: kd> !thread
612. THREAD ffffd58c43b53040 Cid 0004.01f4 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 1
613. Not impersonating
614. GetUlongFromAddress: unable to read from fffff8041701143c
615. Owning Process ffffd58c43282080 Image: System
616. Attached Process N/A Image: N/A
617. fffff78000000000: Unable to get shared data
618. Wait Start TickCount 8144
619. Context Switch Count 1228 IdealProcessor: 2
620. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
621. UserTime 00:00:00.000
622. KernelTime 00:00:00.000
623. *** WARNING: Unable to verify timestamp for klflt.sys
624. *** ERROR: Module load completed but symbols could not be loaded for klflt.sys
625. Win32 Start Address klflt (0xfffff8041c8cf710)
626. Stack Init fffff48ccfadfb90 Current fffff48ccfadf710
627. Base fffff48ccfae0000 Limit fffff48ccfad9000 Call 0000000000000000
628. Priority 12 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
629. Child-SP RetAddr : Args to Child : Call Site
630. fffff48c`cfadf028 fffff804`167efa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
631. fffff48c`cfadf030 fffff804`167ebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
632. fffff48c`cfadf170 fffff804`1aad8aac : ffffd58c`48373f10 00000000`00000000 ffffd58c`4bcb3d80 00000000`00000000 : nt!KiPageFault+0x469 (TrapFrame @ fffff48c`cfadf170)
633. fffff48c`cfadf300 fffff804`1a925d98 : ffffd58c`45645300 ffffd58c`4bff3c10 00000000`00000000 fffff804`1a922504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
634. fffff48c`cfadf360 fffff804`1a925bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff48c`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
635. fffff48c`cfadf3b0 fffff804`1aa3ae96 : 00000000`00000000 fffff48c`cfadf400 00000000`00000000 ffffd58c`43eba000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
636. fffff48c`cfadf430 fffff804`1aa3747f : fffff804`1abfa230 ffffd58c`43d6c8a0 ffffd58c`43eba000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
637. fffff48c`cfadf530 fffff804`1ab617a2 : ffffd58c`4ab32710 ffffd58c`4bcb3d80 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
638. fffff48c`cfadf650 fffff804`1ab61624 : ffffd58c`43b53040 fffff48c`cfadf900 fffff48c`cfadf900 ffffd58c`43d50400 : tcpip!IppInspectInjectReceiveEx+0x172
639. fffff48c`cfadf6a0 fffff804`1ad087b6 : fffff804`1ad086a0 fffff48c`cfadf900 00000000`00000000 fffff804`1663739e : tcpip!IppInspectInjectReceive+0x24
640. fffff48c`cfadf700 fffff804`16637218 : fffff48c`cfadf900 ffffd58c`43d50480 00000000`00000003 ffffd58c`4a47f3b0 : fwpkclnt!FwppInjectionStackCallout+0x116
641. fffff48c`cfadf790 fffff804`1663718d : fffff804`1ad086a0 fffff48c`cfadf900 ffffd58c`43c9c3c0 ffffd58c`4dff78f0 : nt!KeExpandKernelStackAndCalloutInternal+0x78
642. fffff48c`cfadf800 fffff804`1ad0a2b4 : 00000000`00000001 fffff804`1acf16e3 ffffd58c`4a47f3b0 fffff804`1cf35530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
643. fffff48c`cfadf840 fffff804`1ad09ea4 : 00000000`00000000 fffff48c`cfadf979 00000000`00000001 ffffd58c`4bcb3d80 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
644. fffff48c`cfadf880 fffff804`1cf35685 : ffffd58c`452dc2e0 ffffd58c`4a47f3b0 ffffffff`00000000 ffffd58c`4a47f3b0 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
645. fffff48c`cfadf9c0 ffffd58c`452dc2e0 : ffffd58c`4a47f3b0 ffffffff`00000000 ffffd58c`4a47f3b0 01010101`00000002 : klwfp+0x5685
646. fffff48c`cfadf9c8 ffffd58c`4a47f3b0 : ffffffff`00000000 ffffd58c`4a47f3b0 01010101`00000002 00000000`00000001 : 0xffffd58c`452dc2e0
647. fffff48c`cfadf9d0 ffffffff`00000000 : ffffd58c`4a47f3b0 01010101`00000002 00000000`00000001 00000000`00000011 : 0xffffd58c`4a47f3b0
648. fffff48c`cfadf9d8 ffffd58c`4a47f3b0 : 01010101`00000002 00000000`00000001 00000000`00000011 00000000`00000000 : 0xffffffff`00000000
649. fffff48c`cfadf9e0 01010101`00000002 : 00000000`00000001 00000000`00000011 00000000`00000000 ffffd58c`00000000 : 0xffffd58c`4a47f3b0
650. fffff48c`cfadf9e8 00000000`00000001 : 00000000`00000011 00000000`00000000 ffffd58c`00000000 fffff804`1cf35530 : 0x01010101`00000002
651. fffff48c`cfadf9f0 00000000`00000011 : 00000000`00000000 ffffd58c`00000000 fffff804`1cf35530 ffffd58c`4a47f3b0 : 0x1
652. fffff48c`cfadf9f8 00000000`00000000 : ffffd58c`00000000 fffff804`1cf35530 ffffd58c`4a47f3b0 ffffd58c`452caff0 : 0x11
653.  
654.  
655. ========================================================================
656. ======================= Dump #2: ANALYZE VERBOSE =======================
657. ======================= File: 080320-6796-01.dmp =======================
658. ========================================================================
659.  
660. Mini Kernel Dump File: Only registers and stack trace are available
661. Windows 10 Kernel Version 19041 MP (4 procs) Free x64
662. Kernel base = 0xfffff802`51400000 PsLoadedModuleList = 0xfffff802`5202a310
663. Debug session time: Mon Aug 3 05:38:19.322 2020 (UTC - 4:00)
664. System Uptime: 0 days 0:00:42.008
665.  
666. BugCheck D1, {0, 2, 0, fffff802540d8aac}
667. *** WARNING: Unable to verify timestamp for klwfp.sys
668. *** ERROR: Module load completed but symbols could not be loaded for klwfp.sys
669. Probably caused by : NETIO.SYS ( NETIO!NetioDereferenceNetBufferList+88 )
670. Followup: MachineOwner
671.  
672. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
673. An attempt was made to access a pageable (or completely invalid) address at an
674. interrupt request level (IRQL) that is too high. This is usually
675. caused by drivers using improper addresses.
676. If kernel debugger is available get stack backtrace.
677.  
678. Arguments:
679. Arg1: 0000000000000000, memory referenced
680. Arg2: 0000000000000002, IRQL
681. Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
682. Arg4: fffff802540d8aac, address which referenced memory
683.  
684. Debugging Details:
685. DUMP_CLASS: 1
686. DUMP_QUALIFIER: 400
687. TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
688. DUMP_TYPE: 2
689. READ_ADDRESS: fffff802520fa388: Unable to get MiVisibleState
690. 0000000000000000
691. CURRENT_IRQL: 2
692. FAULTING_IP:
693. tcpip!FlpReturnNetBufferListChain+6f71c
694. fffff802`540d8aac 488b01 mov rax,qword ptr [rcx]
695. CUSTOMER_CRASH_COUNT: 1
696. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
697. BUGCHECK_STR: AV
698.  
699. PROCESS_NAME: System
700.  
701. TRAP_FRAME: ffff850b32ea7170 -- (.trap 0xffff850b32ea7170)
702. NOTE: The trap frame does not contain all registers.
703. Some register values may be zeroed or incorrect.
704. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
705. rdx=00000000000000c8 rsi=0000000000000000 rdi=0000000000000000
706. rip=fffff802540d8aac rsp=ffff850b32ea7300 rbp=ffff8601b74f8650
707. r8=00000000000001f0 r9=0000000000000000 r10=ffff8601b3653628
708. r11=0000000000000253 r12=0000000000000000 r13=0000000000000000
709. r14=0000000000000000 r15=0000000000000000
710. iopl=0 nv up ei ng nz na pe nc
711. tcpip!FlpReturnNetBufferListChain+0x6f71c:
712. fffff802`540d8aac 488b01 mov rax,qword ptr [rcx] ds:00000000`00000000=????????????????
713. Resetting default scope
714. LAST_CONTROL_TRANSFER: from fffff802517efa29 to fffff802517ddb60
715. STACK_TEXT:
716. ffff850b`32ea7028 fffff802`517efa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
717. ffff850b`32ea7030 fffff802`517ebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
718. ffff850b`32ea7170 fffff802`540d8aac : ffff8601`b35d9c00 00000000`00000000 ffff8601`b7328cb0 00000000`00000000 : nt!KiPageFault+0x469
719. ffff850b`32ea7300 fffff802`53f25d98 : ffff8601`b7402cf0 ffff8601`b74f8650 00000000`00000000 fffff802`53f22504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
720. ffff850b`32ea7360 fffff802`53f25bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff850b`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
721. ffff850b`32ea73b0 fffff802`5403ae96 : 00000000`00000000 ffff850b`32ea7400 00000000`00000000 ffff8601`ae4ce000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
722. ffff850b`32ea7430 fffff802`5403747f : fffff802`541fa230 ffff8601`ae4cd030 ffff8601`ae4ce000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
723. ffff850b`32ea7530 fffff802`541617a2 : ffff8601`b4440b10 ffff8601`b7328cb0 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
724. ffff850b`32ea7650 fffff802`54161624 : ffff8601`ae13a040 ffff850b`32ea7900 ffff850b`32ea7900 ffff8601`ac83c600 : tcpip!IppInspectInjectReceiveEx+0x172
725. ffff850b`32ea76a0 fffff802`543087b6 : fffff802`543086a0 ffff850b`32ea7900 00000000`00000000 fffff802`5163739e : tcpip!IppInspectInjectReceive+0x24
726. ffff850b`32ea7700 fffff802`51637218 : ffff850b`32ea7900 ffff8601`ac83c6c0 00000000`00000003 ffff8601`b6c9f140 : fwpkclnt!FwppInjectionStackCallout+0x116
727. ffff850b`32ea7790 fffff802`5163718d : fffff802`543086a0 ffff850b`32ea7900 ffff8601`ae1a2f60 ffff8601`b353a550 : nt!KeExpandKernelStackAndCalloutInternal+0x78
728. ffff850b`32ea7800 fffff802`5430a2b4 : 00000000`00000001 fffff802`542f16e3 ffff8601`b6c9f140 fffff802`550f5530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
729. ffff850b`32ea7840 fffff802`54309ea4 : 00000000`00000000 ffff850b`32ea7979 00000000`00000001 ffff8601`b7328cb0 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
730. ffff850b`32ea7880 fffff802`550f5685 : ffff8601`ae9231d0 ffff8601`b6c9f140 ffffffff`00000000 ffff8601`b6c9f140 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
731. ffff850b`32ea79c0 ffff8601`ae9231d0 : ffff8601`b6c9f140 ffffffff`00000000 ffff8601`b6c9f140 01010101`00000002 : klwfp+0x5685
732. ffff850b`32ea79c8 ffff8601`b6c9f140 : ffffffff`00000000 ffff8601`b6c9f140 01010101`00000002 00000000`00000001 : 0xffff8601`ae9231d0
733. ffff850b`32ea79d0 ffffffff`00000000 : ffff8601`b6c9f140 01010101`00000002 00000000`00000001 00000000`0000001a : 0xffff8601`b6c9f140
734. ffff850b`32ea79d8 ffff8601`b6c9f140 : 01010101`00000002 00000000`00000001 00000000`0000001a 00000000`00000000 : 0xffffffff`00000000
735. ffff850b`32ea79e0 01010101`00000002 : 00000000`00000001 00000000`0000001a 00000000`00000000 ffff8601`00000000 : 0xffff8601`b6c9f140
736. ffff850b`32ea79e8 00000000`00000001 : 00000000`0000001a 00000000`00000000 ffff8601`00000000 fffff802`550f5530 : 0x01010101`00000002
737. ffff850b`32ea79f0 00000000`0000001a : 00000000`00000000 ffff8601`00000000 fffff802`550f5530 ffff8601`b6c9f140 : 0x1
738. ffff850b`32ea79f8 00000000`00000000 : ffff8601`00000000 fffff802`550f5530 ffff8601`b6c9f140 ffff8601`ae912d30 : 0x1a
739. STACK_COMMAND: kb
740. THREAD_SHA1_HASH_MOD_FUNC: ba0cd6b4cdf456ab1f345f4a868c50ff0dc07d3d
741. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: d993a4663540889d31e12f91daa50cf6a36edfe7
742. THREAD_SHA1_HASH_MOD: 1e2611d0f57659d8711f1f61624d86e427b7c3cb
743. FOLLOWUP_IP:
744. NETIO!NetioDereferenceNetBufferList+88
745. fffff802`53f25d98 4885ff test rdi,rdi
746. FAULT_INSTR_CODE: 74ff8548
747. SYMBOL_STACK_INDEX: 4
748. SYMBOL_NAME: NETIO!NetioDereferenceNetBufferList+88
749. FOLLOWUP_NAME: MachineOwner
750. MODULE_NAME: NETIO
751.  
752. IMAGE_NAME: NETIO.SYS
753.  
754. DEBUG_FLR_IMAGE_TIMESTAMP: 6e89bcc
755. IMAGE_VERSION: 10.0.19041.208
756. BUCKET_ID_FUNC_OFFSET: 88
757. FAILURE_BUCKET_ID: OLD_IMAGE_NETIO.SYS
758. BUCKET_ID: OLD_IMAGE_NETIO.SYS
759. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_NETIO.SYS
760. TARGET_TIME: 2020-08-03T09:38:19.000Z
761. SUITE_MASK: 272
762. PRODUCT_TYPE: 1
763. USER_LCID: 0
764. FAILURE_ID_HASH_STRING: km:old_image_netio.sys
765. FAILURE_ID_HASH: {248567a9-afbb-75e2-4d3a-e2178362efb0}
766. Followup: MachineOwner
767.  
768. ====================== Dump #2: 3RD PARTY DRIVERS ======================
769.  
770. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
771. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
772. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
773. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
774. May 28 2015 - netr28ux.sys - Ralink Wireless Adapter driver https://www.mediatek.com/
775. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
776. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
777. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
778. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
779. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
780. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
781. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
782. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
783. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
784. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
785. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
786. Jun 19 2020 - klgse.sys - Kaspersky Security Extender driver
787. Jun 19 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
788. Jul 17 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
789. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
790. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
791. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
792. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
793. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
794. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
795.  
796. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
797.  
798. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
799. Image name: klmouflt.sys
800. Search : https://www.google.com/search?q=klmouflt.sys
801. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
802. Timestamp : Fri Sep 12 1975
803.  
804. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
805. Image name: klwtp.sys
806. Search : https://www.google.com/search?q=klwtp.sys
807. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
808. Timestamp : Sat May 5 2007
809.  
810. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
811. Image name: klbackupdisk.sys
812. Search : https://www.google.com/search?q=klbackupdisk.sys
813. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
814. Timestamp : Sun Apr 13 2008
815.  
816. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
817. Image name: klim6.sys
818. Search : https://www.google.com/search?q=klim6.sys
819. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
820. Timestamp : Wed Jan 7 2015
821.  
822. Mapped memory image file: C:\ProgramData\dbg\sym\netr28ux.sys\55672624229000\netr28ux.sys
823. Image path: \SystemRoot\System32\drivers\netr28ux.sys
824. Image name: netr28ux.sys
825. Search : https://www.google.com/search?q=netr28ux.sys
826. ADA Info : Ralink Wireless Adapter driver https://www.mediatek.com/
827. Timestamp : Thu May 28 2015
828. File version: 5.1.22.0
829. Product version: 5.1.22.0
830. File flags: 8 (Mask 3F) Private
831. File OS: 40004 NT Win32
832. File type: 3.6 Driver
833. File date: 00000000.00000000
834. CompanyName: MediaTek Inc.
835. ProductName: MediaTek 802.11n Wireless Adapters
836. InternalName: netr28ux.sys
837. OriginalFilename: netr28ux.sys
838. ProductVersion: 5.01.22.0000
839. FileVersion: 5.01.22.0000
840. FileDescription: MediaTek 802.11n Wireless Adapter Driver
841. LegalCopyright: MediaTek Inc. (C)2015. All rights reserved.
842.  
843. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
844. Image name: cm_km.sys
845. Search : https://www.google.com/search?q=cm_km.sys
846. ADA Info : Kaspersky Cryptographic Module Driver
847. Timestamp : Fri Feb 15 2019
848.  
849. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
850. Image name: klwfp.sys
851. Search : https://www.google.com/search?q=klwfp.sys
852. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
853. Timestamp : Tue Feb 26 2019
854.  
855. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
856. Image name: nvhda64v.sys
857. Search : https://www.google.com/search?q=nvhda64v.sys
858. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
859. Timestamp : Tue Mar 19 2019
860.  
861. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
862. Image name: TeeDriverW8x64.sys
863. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
864. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
865. Timestamp : Thu Apr 4 2019
866.  
867. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
868. Image name: RTKVHD64.sys
869. Search : https://www.google.com/search?q=RTKVHD64.sys
870. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
871. Timestamp : Tue May 14 2019
872.  
873. Image path: \SystemRoot\System32\drivers\rt640x64.sys
874. Image name: rt640x64.sys
875. Search : https://www.google.com/search?q=rt640x64.sys
876. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
877. Timestamp : Mon Jul 1 2019
878.  
879. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
880. Image name: nvlddmkm.sys
881. Search : https://www.google.com/search?q=nvlddmkm.sys
882. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
883. Timestamp : Wed Oct 2 2019
884.  
885. Image path: \SystemRoot\system32\DRIVERS\klif.sys
886. Image name: klif.sys
887. Search : https://www.google.com/search?q=klif.sys
888. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
889. Timestamp : Fri Mar 13 2020
890.  
891. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
892. Image name: klupd_klif_mark.sys
893. Search : https://www.google.com/search?q=klupd_klif_mark.sys
894. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
895. Timestamp : Fri Mar 20 2020
896.  
897. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
898. Image name: klupd_klif_arkmon.sys
899. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
900. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
901. Timestamp : Sun Mar 22 2020
902.  
903. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
904. Image name: klupd_klif_klbg.sys
905. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
906. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
907. Timestamp : Wed Jun 17 2020
908.  
909. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
910. Image name: klgse.sys
911. Search : https://www.google.com/search?q=klgse.sys
912. ADA Info : Kaspersky Security Extender driver
913. Timestamp : Fri Jun 19 2020
914.  
915. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
916. Image name: klhk.sys
917. Search : https://www.google.com/search?q=klhk.sys
918. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
919. Timestamp : Fri Jun 19 2020
920.  
921. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
922. Image name: klids.sys
923. Search : https://www.google.com/search?q=klids.sys
924. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
925. Timestamp : Fri Jul 17 2020
926.  
927. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
928. Image name: klkbdflt.sys
929. Search : https://www.google.com/search?q=klkbdflt.sys
930. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
931. Timestamp : Tue Nov 16 2021
932.  
933. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
934. Image name: klpd.sys
935. Search : https://www.google.com/search?q=klpd.sys
936. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
937. Timestamp : Tue Mar 13 2029
938.  
939. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
940. Image name: klflt.sys
941. Search : https://www.google.com/search?q=klflt.sys
942. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
943. Timestamp : Mon Aug 13 2029
944.  
945. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
946. Image name: klbackupflt.sys
947. Search : https://www.google.com/search?q=klbackupflt.sys
948. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
949. Timestamp : ***** Invalid (946E4501)
950.  
951. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
952. Image name: kldisk.sys
953. Search : https://www.google.com/search?q=kldisk.sys
954. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
955. Timestamp : ***** Invalid (B1F414C8)
956.  
957. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
958. Image name: kneps.sys
959. Search : https://www.google.com/search?q=kneps.sys
960. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
961. Timestamp : ***** Invalid (E34C73F4)
962.  
963. ====================== Dump #2: MICROSOFT DRIVERS ======================
964.  
965. ACPI.sys ACPI Driver for NT (Microsoft)
966. acpiex.sys ACPIEx Driver (Microsoft)
967. acpitime.sys ACPI Wake Alarm (Microsoft)
968. afd.sys Ancillary Function Driver for WinSock (Microsoft)
969. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
970. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
971. ahcache.sys Application Compatibility Cache (Microsoft)
972. bam.sys BAM Kernal driver (Microsoft)
973. BasicDisplay.sys Basic Display driver (Microsoft)
974. BasicRender.sys Basic Render driver (Microsoft)
975. Beep.SYS BEEP driver (Microsoft)
976. bindflt.sys Windows Bind Filter driver (Microsoft)
977. BOOTVID.dll VGA Boot Driver (Microsoft)
978. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
979. cdd.dll Canonical Display Driver (Microsoft)
980. cdrom.sys SCSI CD-ROM Driver (Microsoft)
981. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
982. CI.dll Code Integrity Module (Microsoft)
983. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
984. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
985. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
986. CLFS.SYS Common Log File System Driver (Microsoft)
987. clipsp.sys CLIP Service (Microsoft)
988. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
989. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
990. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
991. condrv.sys Console Driver (Microsoft)
992. crashdmp.sys Crash Dump driver (Microsoft)
993. csc.sys Windows Client Side Caching driver (Microsoft)
994. dfsc.sys DFS Namespace Client Driver (Microsoft)
995. disk.sys PnP Disk Driver (Microsoft)
996. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
997. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
998. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
999. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1000. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
1001. dxgmms2.sys DirectX Graphics MMS
1002. fastfat.SYS Fast FAT File System Driver (Microsoft)
1003. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
1004. fileinfo.sys FileInfo Filter Driver (Microsoft)
1005. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
1006. Fs_Rec.sys File System Recognizer Driver (Microsoft)
1007. FsDepends.sys File System Dependency Manager Mini Filter driver (Microsoft)
1008. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
1009. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
1010. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
1011. hal.dll Hardware Abstraction Layer DLL (Microsoft)
1012. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
1013. HIDCLASS.SYS Hid Class Library (Microsoft)
1014. HIDPARSE.SYS Hid Parsing Library (Microsoft)
1015. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
1016. HTTP.sys HTTP Protocol Stack (Microsoft)
1017. hvservice.sys Hypervisor Boot driver (Microsoft)
1018. hvsocket.sys Hyper-V Socket Provider (Microsoft)
1019. hvsocketcontrol.sys Hyper-V Socket Provider Control driver (Microsoft)
1020. intelpep.sys Intel Power Engine Plugin (Microsoft)
1021. intelppm.sys Processor Device Driver (Microsoft)
1022. IntelTA.sys Intel Telemetry Driver
1023. iorate.sys I/O rate control Filter (Microsoft)
1024. kbdclass.sys Keyboard Class Driver (Microsoft)
1025. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
1026. kd.dll Local Kernal Debugger (Microsoft)
1027. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
1028. ks.sys Kernal CSA Library (Microsoft)
1029. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
1030. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
1031. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
1032. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
1033. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
1034. mmcss.sys MMCSS Driver (Microsoft)
1035. monitor.sys Monitor Driver (Microsoft)
1036. mouclass.sys Mouse Class Driver (Microsoft)
1037. mouhid.sys HID Mouse Filter Driver (Microsoft)
1038. mountmgr.sys Mount Point Manager (Microsoft)
1039. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
1040. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
1041. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
1042. Msfs.SYS Mailslot driver (Microsoft)
1043. msisadrv.sys ISA Driver (Microsoft)
1044. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
1045. msquic.sys Windows QUIC Driver
1046. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
1047. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
1048. mssmbios.sys System Management BIOS driver (Microsoft)
1049. mup.sys Multiple UNC Provider driver (Microsoft)
1050. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
1051. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
1052. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
1053. ndisuio.sys NDIS User mode I/O driver (Microsoft)
1054. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
1055. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
1056. NDProxy.sys NDIS Proxy driver (Microsoft)
1057. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
1058. netbios.sys NetBIOS Interface driver (Microsoft)
1059. netbt.sys MBT Transport driver (Microsoft)
1060. NETIO.SYS Network I/O Subsystem (Microsoft)
1061. Npfs.SYS NPFS driver (Microsoft)
1062. npsvctrig.sys Named pipe service triggers (Microsoft)
1063. nsiproxy.sys NSI Proxy driver (Microsoft)
1064. Ntfs.sys NT File System Driver (Microsoft)
1065. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
1066. ntosext.sys NTOS Extension Host driver (Microsoft)
1067. Null.SYS NULL Driver (Microsoft)
1068. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
1069. pacer.sys QoS Packet Scheduler (Microsoft)
1070. partmgr.sys Partition driver (Microsoft)
1071. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
1072. pcw.sys Performance Counter Driver (Microsoft)
1073. pdc.sys Power Dependency Coordinator Driver (Microsoft)
1074. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
1075. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
1076. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
1077. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
1078. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
1079. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
1080. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
1081. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
1082. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
1083. rdyboost.sys ReadyBoost Driver (Microsoft)
1084. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
1085. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
1086. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
1087. spaceport.sys Storage Spaces driver (Microsoft)
1088. srv2.sys Smb 2.0 Server driver (Microsoft)
1089. srvnet.sys Server Network driver (Microsoft)
1090. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
1091. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
1092. storqosflt.sys Storage QoS Filter driver (Microsoft)
1093. storvsp.sys Storage vsp Driver (Microsoft)
1094. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
1095. tbs.sys Export driver for kernel mode TPM API (Microsoft)
1096. tcpip.sys TCP/IP Protocol driver (Microsoft)
1097. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
1098. TDI.SYS TDI Wrapper driver (Microsoft)
1099. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
1100. tm.sys Kernel Transaction Manager driver (Microsoft)
1101. ucx01000.sys USB Controller Extension (Microsoft)
1102. umbus.sys User-Mode Bus Enumerator (Microsoft)
1103. usbaudio.sys USB Audio Class Driver (Microsoft)
1104. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
1105. USBD.SYS Universal Serial Bus Driver (Microsoft)
1106. UsbHub3.sys USB3 HUB driver (Microsoft)
1107. usbvideo.sys USB Video Class Driver (Microsoft)
1108. USBXHCI.SYS USB XHCI driver (Microsoft)
1109. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
1110. vfpext.sys Microsoft Azure VFP Extension (Microsoft)
1111. vhdmp.sys VHD Miniport driver (Microsoft)
1112. vhdparser.sys VHD Parser driver (Microsoft)
1113. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
1114. vkrnlintvsp.sys Microsoft Hyper-V NT Kernel Integration VSP Driver
1115. vmbkmclr.sys Hyper-V VMBus Root KMCL (Microsoft)
1116. vmbusr.sys Microsoft Hyper-V Virtual Machine Bus Root driver (Microsoft)
1117. VmsProxy.sys VMSwitch Proxy Driver
1118. VmsProxyHNic.sys VmSwitch NIC Proxy Driver
1119. vmswitch.sys Network Virtualization Service Provider (Microsoft)
1120. volmgr.sys Volume Manager Driver (Microsoft)
1121. volmgrx.sys Volume Manager Extension Driver (Microsoft)
1122. volsnap.sys Volume Shadow Copy driver (Microsoft)
1123. volume.sys Volume driver (Microsoft)
1124. vpcivsp.sys Virtual PCI VSP driver (Microsoft)
1125. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
1126. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
1127. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
1128. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
1129. watchdog.sys Watchdog driver (Microsoft)
1130. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
1131. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
1132. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
1133. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
1134. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
1135. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
1136. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
1137. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
1138. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
1139. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
1140. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
1141. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
1142. winnat.sys Windows NAT Driver
1143. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
1144. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
1145. Wof.sys Windows Overlay Filter (Microsoft)
1146. WppRecorder.sys WPP Trace Recorder (Microsoft)
1147.  
1148. ====================== Dump #2: UNLOADED MODULES =======================
1149.  
1150. fffff802`55c80000 fffff802`55cb9000 klids.sys
1151. fffff802`5a400000 fffff802`5a40b000 klpnpflt.sys
1152. fffff802`5a3e0000 fffff802`5a3f1000 MSKSSRV.sys
1153. fffff802`539d0000 fffff802`539ed000 EhStorClass.
1154. fffff802`98bc0000 fffff802`98bd7000 klupd_klif_k
1155. fffff802`59ea0000 fffff802`59eab000 klpnpflt.sys
1156. fffff802`5abc0000 fffff802`5abcc000 WdmCompanion
1157. fffff802`55780000 fffff802`5578f000 dump_storpor
1158. fffff802`54c00000 fffff802`54c33000 dump_storahc
1159. fffff802`54c60000 fffff802`54c7e000 dump_dumpfve
1160. fffff802`5ab00000 fffff802`5ab0b000 klpnpflt.sys
1161. fffff802`59df0000 fffff802`59dfb000 klpnpflt.sys
1162. fffff802`55d20000 fffff802`55d3c000 dam.sys
1163. fffff802`54c80000 fffff802`55199000 vgk.sys
1164. fffff802`53490000 fffff802`534a2000 WdBoot.sys
1165. fffff802`53480000 fffff802`5348e000 klelam.sys
1166. fffff802`54630000 fffff802`54640000 hwpolicy.sys
1167. fffff802`4d120000 fffff802`4d3b0000 mcupdate.dll
1168.  
1169. ====================== Dump #2: BIOS INFORMATION =======================
1170.  
1171. sysinfo: could not find necessary interfaces.
1172. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
1173.  
1174. ========================== Dump #2: Extra #1 ===========================
1175.  
1176. 3: kd> !verifier
1177. Verify Flags Level 0x00000000
1178. STANDARD FLAGS:
1179. [X] (0x00000000) Automatic Checks
1180. [ ] (0x00000001) Special pool
1181. [ ] (0x00000002) Force IRQL checking
1182. [ ] (0x00000008) Pool tracking
1183. [ ] (0x00000010) I/O verification
1184. [ ] (0x00000020) Deadlock detection
1185. [ ] (0x00000080) DMA checking
1186. [ ] (0x00000100) Security checks
1187. [ ] (0x00000800) Miscellaneous checks
1188. [ ] (0x00020000) DDI compliance checking
1189. ADDITIONAL FLAGS:
1190. [ ] (0x00000004) Randomized low resources simulation
1191. [ ] (0x00000200) Force pending I/O requests
1192. [ ] (0x00000400) IRP logging
1193. [ ] (0x00002000) Invariant MDL checking for stack
1194. [ ] (0x00004000) Invariant MDL checking for driver
1195. [ ] (0x00008000) Power framework delay fuzzing
1196. [ ] (0x00010000) Port/miniport interface checking
1197. [ ] (0x00040000) Systematic low resources simulation
1198. [ ] (0x00080000) DDI compliance checking (additional)
1199. [ ] (0x00200000) NDIS/WIFI verification
1200. [ ] (0x00800000) Kernel synchronization delay fuzzing
1201. [ ] (0x01000000) VM switch verification
1202. [ ] (0x02000000) Code integrity checks
1203. [X] Indicates flag is enabled
1204. Summary of All Verifier Statistics
1205. RaiseIrqls 0x0
1206. AcquireSpinLocks 0x0
1207. Synch Executions 0x0
1208. Trims 0x0
1209. Pool Allocations Attempted 0x0
1210. Pool Allocations Succeeded 0x0
1211. Pool Allocations Succeeded SpecialPool 0x0
1212. Pool Allocations With NO TAG 0x0
1213. Pool Allocations Failed 0x0
1214. Current paged pool allocations 0x0 for 00000000 bytes
1215. Peak paged pool allocations 0x0 for 00000000 bytes
1216. Current nonpaged pool allocations 0x0 for 00000000 bytes
1217. Peak nonpaged pool allocations 0x0 for 00000000 bytes
1218.  
1219. ========================== Dump #2: Extra #2 ===========================
1220.  
1221. 3: kd> !thread
1222. THREAD ffff8601ae13a040 Cid 0004.01e4 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 3
1223. Not impersonating
1224. GetUlongFromAddress: unable to read from fffff8025201143c
1225. Owning Process ffff8601ac87a040 Image: System
1226. Attached Process N/A Image: N/A
1227. fffff78000000000: Unable to get shared data
1228. Wait Start TickCount 2687
1229. Context Switch Count 1314 IdealProcessor: 1
1230. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
1231. UserTime 00:00:00.000
1232. KernelTime 00:00:00.000
1233. *** WARNING: Unable to verify timestamp for klflt.sys
1234. *** ERROR: Module load completed but symbols could not be loaded for klflt.sys
1235. Win32 Start Address klflt (0xfffff8025524f710)
1236. Stack Init ffff850b32ea7b90 Current ffff850b32ea7710
1237. Base ffff850b32ea8000 Limit ffff850b32ea1000 Call 0000000000000000
1238. Priority 12 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
1239. Child-SP RetAddr : Args to Child : Call Site
1240. ffff850b`32ea7028 fffff802`517efa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
1241. ffff850b`32ea7030 fffff802`517ebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
1242. ffff850b`32ea7170 fffff802`540d8aac : ffff8601`b35d9c00 00000000`00000000 ffff8601`b7328cb0 00000000`00000000 : nt!KiPageFault+0x469 (TrapFrame @ ffff850b`32ea7170)
1243. ffff850b`32ea7300 fffff802`53f25d98 : ffff8601`b7402cf0 ffff8601`b74f8650 00000000`00000000 fffff802`53f22504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
1244. ffff850b`32ea7360 fffff802`53f25bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff850b`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
1245. ffff850b`32ea73b0 fffff802`5403ae96 : 00000000`00000000 ffff850b`32ea7400 00000000`00000000 ffff8601`ae4ce000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
1246. ffff850b`32ea7430 fffff802`5403747f : fffff802`541fa230 ffff8601`ae4cd030 ffff8601`ae4ce000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
1247. ffff850b`32ea7530 fffff802`541617a2 : ffff8601`b4440b10 ffff8601`b7328cb0 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
1248. ffff850b`32ea7650 fffff802`54161624 : ffff8601`ae13a040 ffff850b`32ea7900 ffff850b`32ea7900 ffff8601`ac83c600 : tcpip!IppInspectInjectReceiveEx+0x172
1249. ffff850b`32ea76a0 fffff802`543087b6 : fffff802`543086a0 ffff850b`32ea7900 00000000`00000000 fffff802`5163739e : tcpip!IppInspectInjectReceive+0x24
1250. ffff850b`32ea7700 fffff802`51637218 : ffff850b`32ea7900 ffff8601`ac83c6c0 00000000`00000003 ffff8601`b6c9f140 : fwpkclnt!FwppInjectionStackCallout+0x116
1251. ffff850b`32ea7790 fffff802`5163718d : fffff802`543086a0 ffff850b`32ea7900 ffff8601`ae1a2f60 ffff8601`b353a550 : nt!KeExpandKernelStackAndCalloutInternal+0x78
1252. ffff850b`32ea7800 fffff802`5430a2b4 : 00000000`00000001 fffff802`542f16e3 ffff8601`b6c9f140 fffff802`550f5530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
1253. ffff850b`32ea7840 fffff802`54309ea4 : 00000000`00000000 ffff850b`32ea7979 00000000`00000001 ffff8601`b7328cb0 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
1254. ffff850b`32ea7880 fffff802`550f5685 : ffff8601`ae9231d0 ffff8601`b6c9f140 ffffffff`00000000 ffff8601`b6c9f140 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
1255. ffff850b`32ea79c0 ffff8601`ae9231d0 : ffff8601`b6c9f140 ffffffff`00000000 ffff8601`b6c9f140 01010101`00000002 : klwfp+0x5685
1256. ffff850b`32ea79c8 ffff8601`b6c9f140 : ffffffff`00000000 ffff8601`b6c9f140 01010101`00000002 00000000`00000001 : 0xffff8601`ae9231d0
1257. ffff850b`32ea79d0 ffffffff`00000000 : ffff8601`b6c9f140 01010101`00000002 00000000`00000001 00000000`0000001a : 0xffff8601`b6c9f140
1258. ffff850b`32ea79d8 ffff8601`b6c9f140 : 01010101`00000002 00000000`00000001 00000000`0000001a 00000000`00000000 : 0xffffffff`00000000
1259. ffff850b`32ea79e0 01010101`00000002 : 00000000`00000001 00000000`0000001a 00000000`00000000 ffff8601`00000000 : 0xffff8601`b6c9f140
1260. ffff850b`32ea79e8 00000000`00000001 : 00000000`0000001a 00000000`00000000 ffff8601`00000000 fffff802`550f5530 : 0x01010101`00000002
1261. ffff850b`32ea79f0 00000000`0000001a : 00000000`00000000 ffff8601`00000000 fffff802`550f5530 ffff8601`b6c9f140 : 0x1
1262. ffff850b`32ea79f8 00000000`00000000 : ffff8601`00000000 fffff802`550f5530 ffff8601`b6c9f140 ffff8601`ae912d30 : 0x1a
1263.  
1264.  
1265. ========================================================================
1266. ======================= Dump #3: ANALYZE VERBOSE =======================
1267. ====================== File: 080320-12609-01.dmp =======================
1268. ========================================================================
1269.  
1270. Mini Kernel Dump File: Only registers and stack trace are available
1271. Windows 10 Kernel Version 19041 MP (4 procs) Free x64
1272. Kernel base = 0xfffff804`0da00000 PsLoadedModuleList = 0xfffff804`0e62a310
1273. Debug session time: Mon Aug 3 05:15:55.695 2020 (UTC - 4:00)
1274. System Uptime: 0 days 6:03:21.381
1275.  
1276. BugCheck D1, {0, 2, 0, fffff80410ed8aac}
1277. *** WARNING: Unable to verify timestamp for klwfp.sys
1278. *** ERROR: Module load completed but symbols could not be loaded for klwfp.sys
1279. Probably caused by : NETIO.SYS ( NETIO!NetioDereferenceNetBufferList+88 )
1280. Followup: MachineOwner
1281.  
1282. DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
1283. An attempt was made to access a pageable (or completely invalid) address at an
1284. interrupt request level (IRQL) that is too high. This is usually
1285. caused by drivers using improper addresses.
1286. If kernel debugger is available get stack backtrace.
1287.  
1288. Arguments:
1289. Arg1: 0000000000000000, memory referenced
1290. Arg2: 0000000000000002, IRQL
1291. Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
1292. Arg4: fffff80410ed8aac, address which referenced memory
1293.  
1294. Debugging Details:
1295. DUMP_CLASS: 1
1296. DUMP_QUALIFIER: 400
1297. TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
1298. DUMP_TYPE: 2
1299. READ_ADDRESS: fffff8040e6fa388: Unable to get MiVisibleState
1300. 0000000000000000
1301. CURRENT_IRQL: 2
1302. FAULTING_IP:
1303. tcpip!FlpReturnNetBufferListChain+6f71c
1304. fffff804`10ed8aac 488b01 mov rax,qword ptr [rcx]
1305. CUSTOMER_CRASH_COUNT: 1
1306. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
1307. BUGCHECK_STR: AV
1308.  
1309. PROCESS_NAME: System
1310.  
1311. TRAP_FRAME: fffff40e5e4e7170 -- (.trap 0xfffff40e5e4e7170)
1312. NOTE: The trap frame does not contain all registers.
1313. Some register values may be zeroed or incorrect.
1314. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
1315. rdx=0000000000000088 rsi=0000000000000000 rdi=0000000000000000
1316. rip=fffff80410ed8aac rsp=fffff40e5e4e7300 rbp=ffff8804ed80aa70
1317. r8=00000000000001f0 r9=0000000000000000 r10=ffff8804f0d96968
1318. r11=000000000000016b r12=0000000000000000 r13=0000000000000000
1319. r14=0000000000000000 r15=0000000000000000
1320. iopl=0 nv up ei ng nz na pe nc
1321. tcpip!FlpReturnNetBufferListChain+0x6f71c:
1322. fffff804`10ed8aac 488b01 mov rax,qword ptr [rcx] ds:00000000`00000000=????????????????
1323. Resetting default scope
1324. LAST_CONTROL_TRANSFER: from fffff8040ddefa29 to fffff8040ddddb60
1325. STACK_TEXT:
1326. fffff40e`5e4e7028 fffff804`0ddefa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
1327. fffff40e`5e4e7030 fffff804`0ddebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
1328. fffff40e`5e4e7170 fffff804`10ed8aac : ffff8804`f08f41d0 00000000`00000000 ffff8804`ef8192d0 00000000`00000000 : nt!KiPageFault+0x469
1329. fffff40e`5e4e7300 fffff804`10d25d98 : ffff8804`f190da40 ffff8804`ed80aa70 00000000`00000000 fffff804`10d22504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
1330. fffff40e`5e4e7360 fffff804`10d25bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff40e`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
1331. fffff40e`5e4e73b0 fffff804`10e3ae96 : 00000000`00000000 fffff40e`5e4e7400 00000000`00000000 ffff8804`e2cac000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
1332. fffff40e`5e4e7430 fffff804`10e3747f : fffff804`10ffa230 ffff8804`e2b3a010 ffff8804`e2cac000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
1333. fffff40e`5e4e7530 fffff804`10f617a2 : ffff8804`f005b8a0 ffff8804`ef8192d0 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
1334. fffff40e`5e4e7650 fffff804`10f61624 : ffff8804`e2fba040 fffff40e`5e4e7900 fffff40e`5e4e7900 ffff8804`e2b40300 : tcpip!IppInspectInjectReceiveEx+0x172
1335. fffff40e`5e4e76a0 fffff804`111087b6 : fffff804`111086a0 fffff40e`5e4e7900 00000000`00000000 fffff804`0dc3739e : tcpip!IppInspectInjectReceive+0x24
1336. fffff40e`5e4e7700 fffff804`0dc37218 : fffff40e`5e4e7900 ffff8804`e2b40360 00000000`00000003 ffff8804`f31afc40 : fwpkclnt!FwppInjectionStackCallout+0x116
1337. fffff40e`5e4e7790 fffff804`0dc3718d : fffff804`111086a0 fffff40e`5e4e7900 ffff8804`e29a30a0 ffff8804`eeb24e10 : nt!KeExpandKernelStackAndCalloutInternal+0x78
1338. fffff40e`5e4e7800 fffff804`1110a2b4 : 00000000`00000001 fffff804`110f16e3 ffff8804`f31afc40 fffff804`12b45530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
1339. fffff40e`5e4e7840 fffff804`11109ea4 : 00000000`00000000 fffff40e`5e4e7979 00000000`00000001 ffff8804`ef8192d0 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
1340. fffff40e`5e4e7880 fffff804`12b45685 : ffff8804`e4226f60 ffff8804`f31afc40 ffffffff`00000000 ffff8804`f31afc40 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
1341. fffff40e`5e4e79c0 ffff8804`e4226f60 : ffff8804`f31afc40 ffffffff`00000000 ffff8804`f31afc40 01010101`00000002 : klwfp+0x5685
1342. fffff40e`5e4e79c8 ffff8804`f31afc40 : ffffffff`00000000 ffff8804`f31afc40 01010101`00000002 00000000`00000001 : 0xffff8804`e4226f60
1343. fffff40e`5e4e79d0 ffffffff`00000000 : ffff8804`f31afc40 01010101`00000002 00000000`00000001 00000000`0000000d : 0xffff8804`f31afc40
1344. fffff40e`5e4e79d8 ffff8804`f31afc40 : 01010101`00000002 00000000`00000001 00000000`0000000d 00000000`00000000 : 0xffffffff`00000000
1345. fffff40e`5e4e79e0 01010101`00000002 : 00000000`00000001 00000000`0000000d 00000000`00000000 ffff8804`00000000 : 0xffff8804`f31afc40
1346. fffff40e`5e4e79e8 00000000`00000001 : 00000000`0000000d 00000000`00000000 ffff8804`00000000 fffff804`12b45530 : 0x01010101`00000002
1347. fffff40e`5e4e79f0 00000000`0000000d : 00000000`00000000 ffff8804`00000000 fffff804`12b45530 ffff8804`f31afc40 : 0x1
1348. fffff40e`5e4e79f8 00000000`00000000 : ffff8804`00000000 fffff804`12b45530 ffff8804`f31afc40 ffff8804`e2fdee70 : 0xd
1349. STACK_COMMAND: kb
1350. THREAD_SHA1_HASH_MOD_FUNC: ba0cd6b4cdf456ab1f345f4a868c50ff0dc07d3d
1351. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: d993a4663540889d31e12f91daa50cf6a36edfe7
1352. THREAD_SHA1_HASH_MOD: 1e2611d0f57659d8711f1f61624d86e427b7c3cb
1353. FOLLOWUP_IP:
1354. NETIO!NetioDereferenceNetBufferList+88
1355. fffff804`10d25d98 4885ff test rdi,rdi
1356. FAULT_INSTR_CODE: 74ff8548
1357. SYMBOL_STACK_INDEX: 4
1358. SYMBOL_NAME: NETIO!NetioDereferenceNetBufferList+88
1359. FOLLOWUP_NAME: MachineOwner
1360. MODULE_NAME: NETIO
1361.  
1362. IMAGE_NAME: NETIO.SYS
1363.  
1364. DEBUG_FLR_IMAGE_TIMESTAMP: 6e89bcc
1365. IMAGE_VERSION: 10.0.19041.208
1366. BUCKET_ID_FUNC_OFFSET: 88
1367. FAILURE_BUCKET_ID: OLD_IMAGE_NETIO.SYS
1368. BUCKET_ID: OLD_IMAGE_NETIO.SYS
1369. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_NETIO.SYS
1370. TARGET_TIME: 2020-08-03T09:15:55.000Z
1371. SUITE_MASK: 272
1372. PRODUCT_TYPE: 1
1373. USER_LCID: 0
1374. FAILURE_ID_HASH_STRING: km:old_image_netio.sys
1375. FAILURE_ID_HASH: {248567a9-afbb-75e2-4d3a-e2178362efb0}
1376. Followup: MachineOwner
1377.  
1378. ====================== Dump #3: 3RD PARTY DRIVERS ======================
1379.  
1380. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
1381. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
1382. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
1383. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
1384. May 28 2015 - netr28ux.sys - Ralink Wireless Adapter driver https://www.mediatek.com/
1385. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
1386. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
1387. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
1388. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
1389. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
1390. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
1391. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
1392. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
1393. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
1394. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
1395. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
1396. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
1397. Jun 19 2020 - klgse.sys - Kaspersky Security Extender driver
1398. Jun 19 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
1399. Jun 29 2020 - vgk.sys - Vanguard Anti-Cheat driver
1400. Jul 17 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
1401. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
1402. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
1403. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
1404. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
1405. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
1406. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
1407.  
1408. ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
1409.  
1410. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
1411. Image name: klmouflt.sys
1412. Search : https://www.google.com/search?q=klmouflt.sys
1413. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
1414. Timestamp : Fri Sep 12 1975
1415.  
1416. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
1417. Image name: klwtp.sys
1418. Search : https://www.google.com/search?q=klwtp.sys
1419. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
1420. Timestamp : Sat May 5 2007
1421.  
1422. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
1423. Image name: klbackupdisk.sys
1424. Search : https://www.google.com/search?q=klbackupdisk.sys
1425. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
1426. Timestamp : Sun Apr 13 2008
1427.  
1428. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
1429. Image name: klim6.sys
1430. Search : https://www.google.com/search?q=klim6.sys
1431. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
1432. Timestamp : Wed Jan 7 2015
1433.  
1434. Mapped memory image file: C:\ProgramData\dbg\sym\netr28ux.sys\55672624229000\netr28ux.sys
1435. Image path: \SystemRoot\System32\drivers\netr28ux.sys
1436. Image name: netr28ux.sys
1437. Search : https://www.google.com/search?q=netr28ux.sys
1438. ADA Info : Ralink Wireless Adapter driver https://www.mediatek.com/
1439. Timestamp : Thu May 28 2015
1440. File version: 5.1.22.0
1441. Product version: 5.1.22.0
1442. File flags: 8 (Mask 3F) Private
1443. File OS: 40004 NT Win32
1444. File type: 3.6 Driver
1445. File date: 00000000.00000000
1446. CompanyName: MediaTek Inc.
1447. ProductName: MediaTek 802.11n Wireless Adapters
1448. InternalName: netr28ux.sys
1449. OriginalFilename: netr28ux.sys
1450. ProductVersion: 5.01.22.0000
1451. FileVersion: 5.01.22.0000
1452. FileDescription: MediaTek 802.11n Wireless Adapter Driver
1453. LegalCopyright: MediaTek Inc. (C)2015. All rights reserved.
1454.  
1455. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
1456. Image name: cm_km.sys
1457. Search : https://www.google.com/search?q=cm_km.sys
1458. ADA Info : Kaspersky Cryptographic Module Driver
1459. Timestamp : Fri Feb 15 2019
1460.  
1461. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
1462. Image name: klwfp.sys
1463. Search : https://www.google.com/search?q=klwfp.sys
1464. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
1465. Timestamp : Tue Feb 26 2019
1466.  
1467. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
1468. Image name: nvhda64v.sys
1469. Search : https://www.google.com/search?q=nvhda64v.sys
1470. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
1471. Timestamp : Tue Mar 19 2019
1472.  
1473. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
1474. Image name: TeeDriverW8x64.sys
1475. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
1476. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
1477. Timestamp : Thu Apr 4 2019
1478.  
1479. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
1480. Image name: RTKVHD64.sys
1481. Search : https://www.google.com/search?q=RTKVHD64.sys
1482. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
1483. Timestamp : Tue May 14 2019
1484.  
1485. Image path: \SystemRoot\System32\drivers\rt640x64.sys
1486. Image name: rt640x64.sys
1487. Search : https://www.google.com/search?q=rt640x64.sys
1488. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
1489. Timestamp : Mon Jul 1 2019
1490.  
1491. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
1492. Image name: nvlddmkm.sys
1493. Search : https://www.google.com/search?q=nvlddmkm.sys
1494. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
1495. Timestamp : Wed Oct 2 2019
1496.  
1497. Image path: \SystemRoot\system32\DRIVERS\klif.sys
1498. Image name: klif.sys
1499. Search : https://www.google.com/search?q=klif.sys
1500. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
1501. Timestamp : Fri Mar 13 2020
1502.  
1503. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
1504. Image name: klupd_klif_klark.sys
1505. Search : https://www.google.com/search?q=klupd_klif_klark.sys
1506. ADA Info : Kaspersky https://www.kaspersky.com/
1507. Timestamp : Fri Mar 20 2020
1508.  
1509. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
1510. Image name: klupd_klif_mark.sys
1511. Search : https://www.google.com/search?q=klupd_klif_mark.sys
1512. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
1513. Timestamp : Fri Mar 20 2020
1514.  
1515. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
1516. Image name: klupd_klif_arkmon.sys
1517. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
1518. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
1519. Timestamp : Sun Mar 22 2020
1520.  
1521. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
1522. Image name: klupd_klif_klbg.sys
1523. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
1524. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
1525. Timestamp : Wed Jun 17 2020
1526.  
1527. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
1528. Image name: klgse.sys
1529. Search : https://www.google.com/search?q=klgse.sys
1530. ADA Info : Kaspersky Security Extender driver
1531. Timestamp : Fri Jun 19 2020
1532.  
1533. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
1534. Image name: klhk.sys
1535. Search : https://www.google.com/search?q=klhk.sys
1536. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
1537. Timestamp : Fri Jun 19 2020
1538.  
1539. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
1540. Image name: vgk.sys
1541. Search : https://www.google.com/search?q=vgk.sys
1542. ADA Info : Vanguard Anti-Cheat driver
1543. Timestamp : Mon Jun 29 2020
1544.  
1545. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
1546. Image name: klids.sys
1547. Search : https://www.google.com/search?q=klids.sys
1548. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
1549. Timestamp : Fri Jul 17 2020
1550.  
1551. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
1552. Image name: klkbdflt.sys
1553. Search : https://www.google.com/search?q=klkbdflt.sys
1554. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
1555. Timestamp : Tue Nov 16 2021
1556.  
1557. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
1558. Image name: klpd.sys
1559. Search : https://www.google.com/search?q=klpd.sys
1560. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
1561. Timestamp : Tue Mar 13 2029
1562.  
1563. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
1564. Image name: klflt.sys
1565. Search : https://www.google.com/search?q=klflt.sys
1566. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
1567. Timestamp : Mon Aug 13 2029
1568.  
1569. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
1570. Image name: klbackupflt.sys
1571. Search : https://www.google.com/search?q=klbackupflt.sys
1572. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
1573. Timestamp : ***** Invalid (946E4501)
1574.  
1575. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
1576. Image name: kldisk.sys
1577. Search : https://www.google.com/search?q=kldisk.sys
1578. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
1579. Timestamp : ***** Invalid (B1F414C8)
1580.  
1581. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
1582. Image name: kneps.sys
1583. Search : https://www.google.com/search?q=kneps.sys
1584. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
1585. Timestamp : ***** Invalid (E34C73F4)
1586.  
1587. ====================== Dump #3: MICROSOFT DRIVERS ======================
1588.  
1589. ACPI.sys ACPI Driver for NT (Microsoft)
1590. acpiex.sys ACPIEx Driver (Microsoft)
1591. acpitime.sys ACPI Wake Alarm (Microsoft)
1592. afd.sys Ancillary Function Driver for WinSock (Microsoft)
1593. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
1594. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
1595. ahcache.sys Application Compatibility Cache (Microsoft)
1596. bam.sys BAM Kernal driver (Microsoft)
1597. BasicDisplay.sys Basic Display driver (Microsoft)
1598. BasicRender.sys Basic Render driver (Microsoft)
1599. Beep.SYS BEEP driver (Microsoft)
1600. bindflt.sys Windows Bind Filter driver (Microsoft)
1601. BOOTVID.dll VGA Boot Driver (Microsoft)
1602. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
1603. cdd.dll Canonical Display Driver (Microsoft)
1604. cdrom.sys SCSI CD-ROM Driver (Microsoft)
1605. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
1606. CI.dll Code Integrity Module (Microsoft)
1607. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
1608. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
1609. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
1610. CLFS.SYS Common Log File System Driver (Microsoft)
1611. clipsp.sys CLIP Service (Microsoft)
1612. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
1613. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
1614. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
1615. condrv.sys Console Driver (Microsoft)
1616. crashdmp.sys Crash Dump driver (Microsoft)
1617. csc.sys Windows Client Side Caching driver (Microsoft)
1618. dfsc.sys DFS Namespace Client Driver (Microsoft)
1619. disk.sys PnP Disk Driver (Microsoft)
1620. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
1621. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1622. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1623. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
1624. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
1625. dxgmms2.sys DirectX Graphics MMS
1626. fastfat.SYS Fast FAT File System Driver (Microsoft)
1627. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
1628. fileinfo.sys FileInfo Filter Driver (Microsoft)
1629. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
1630. Fs_Rec.sys File System Recognizer Driver (Microsoft)
1631. FsDepends.sys File System Dependency Manager Mini Filter driver (Microsoft)
1632. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
1633. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
1634. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
1635. hal.dll Hardware Abstraction Layer DLL (Microsoft)
1636. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
1637. HIDCLASS.SYS Hid Class Library (Microsoft)
1638. HIDPARSE.SYS Hid Parsing Library (Microsoft)
1639. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
1640. HTTP.sys HTTP Protocol Stack (Microsoft)
1641. hvservice.sys Hypervisor Boot driver (Microsoft)
1642. hvsocket.sys Hyper-V Socket Provider (Microsoft)
1643. hvsocketcontrol.sys Hyper-V Socket Provider Control driver (Microsoft)
1644. intelpep.sys Intel Power Engine Plugin (Microsoft)
1645. intelppm.sys Processor Device Driver (Microsoft)
1646. IntelTA.sys Intel Telemetry Driver
1647. iorate.sys I/O rate control Filter (Microsoft)
1648. kbdclass.sys Keyboard Class Driver (Microsoft)
1649. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
1650. kd.dll Local Kernal Debugger (Microsoft)
1651. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
1652. ks.sys Kernal CSA Library (Microsoft)
1653. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
1654. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
1655. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
1656. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
1657. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
1658. mmcss.sys MMCSS Driver (Microsoft)
1659. monitor.sys Monitor Driver (Microsoft)
1660. mouclass.sys Mouse Class Driver (Microsoft)
1661. mouhid.sys HID Mouse Filter Driver (Microsoft)
1662. mountmgr.sys Mount Point Manager (Microsoft)
1663. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
1664. mrxdav.sys Microsoft Windows XP Web Distributed Authoring and Versioning (Microsoft)
1665. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
1666. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
1667. Msfs.SYS Mailslot driver (Microsoft)
1668. msisadrv.sys ISA Driver (Microsoft)
1669. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
1670. msquic.sys Windows QUIC Driver
1671. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
1672. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
1673. mssmbios.sys System Management BIOS driver (Microsoft)
1674. mup.sys Multiple UNC Provider driver (Microsoft)
1675. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
1676. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
1677. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
1678. ndisuio.sys NDIS User mode I/O driver (Microsoft)
1679. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
1680. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
1681. NDProxy.sys NDIS Proxy driver (Microsoft)
1682. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
1683. netbios.sys NetBIOS Interface driver (Microsoft)
1684. netbt.sys MBT Transport driver (Microsoft)
1685. NETIO.SYS Network I/O Subsystem (Microsoft)
1686. Npfs.SYS NPFS driver (Microsoft)
1687. npsvctrig.sys Named pipe service triggers (Microsoft)
1688. nsiproxy.sys NSI Proxy driver (Microsoft)
1689. Ntfs.sys NT File System Driver (Microsoft)
1690. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
1691. ntosext.sys NTOS Extension Host driver (Microsoft)
1692. Null.SYS NULL Driver (Microsoft)
1693. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
1694. pacer.sys QoS Packet Scheduler (Microsoft)
1695. partmgr.sys Partition driver (Microsoft)
1696. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
1697. pcw.sys Performance Counter Driver (Microsoft)
1698. pdc.sys Power Dependency Coordinator Driver (Microsoft)
1699. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
1700. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
1701. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
1702. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
1703. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
1704. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
1705. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
1706. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
1707. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
1708. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
1709. rdyboost.sys ReadyBoost Driver (Microsoft)
1710. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
1711. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
1712. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
1713. spaceport.sys Storage Spaces driver (Microsoft)
1714. srv2.sys Smb 2.0 Server driver (Microsoft)
1715. srvnet.sys Server Network driver (Microsoft)
1716. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
1717. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
1718. storqosflt.sys Storage QoS Filter driver (Microsoft)
1719. storvsp.sys Storage vsp Driver (Microsoft)
1720. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
1721. tbs.sys Export driver for kernel mode TPM API (Microsoft)
1722. tcpip.sys TCP/IP Protocol driver (Microsoft)
1723. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
1724. TDI.SYS TDI Wrapper driver (Microsoft)
1725. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
1726. tm.sys Kernel Transaction Manager driver (Microsoft)
1727. ucx01000.sys USB Controller Extension (Microsoft)
1728. umbus.sys User-Mode Bus Enumerator (Microsoft)
1729. usbaudio.sys USB Audio Class Driver (Microsoft)
1730. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
1731. USBD.SYS Universal Serial Bus Driver (Microsoft)
1732. UsbHub3.sys USB3 HUB driver (Microsoft)
1733. usbvideo.sys USB Video Class Driver (Microsoft)
1734. USBXHCI.SYS USB XHCI driver (Microsoft)
1735. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
1736. vfpext.sys Microsoft Azure VFP Extension (Microsoft)
1737. vhdmp.sys VHD Miniport driver (Microsoft)
1738. vhdparser.sys VHD Parser driver (Microsoft)
1739. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
1740. vkrnlintvsp.sys Microsoft Hyper-V NT Kernel Integration VSP Driver
1741. vmbkmclr.sys Hyper-V VMBus Root KMCL (Microsoft)
1742. vmbusr.sys Microsoft Hyper-V Virtual Machine Bus Root driver (Microsoft)
1743. VmsProxy.sys VMSwitch Proxy Driver
1744. VmsProxyHNic.sys VmSwitch NIC Proxy Driver
1745. vmswitch.sys Network Virtualization Service Provider (Microsoft)
1746. volmgr.sys Volume Manager Driver (Microsoft)
1747. volmgrx.sys Volume Manager Extension Driver (Microsoft)
1748. volsnap.sys Volume Shadow Copy driver (Microsoft)
1749. volume.sys Volume driver (Microsoft)
1750. vpcivsp.sys Virtual PCI VSP driver (Microsoft)
1751. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
1752. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
1753. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
1754. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
1755. watchdog.sys Watchdog driver (Microsoft)
1756. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
1757. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
1758. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
1759. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
1760. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
1761. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
1762. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
1763. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
1764. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
1765. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
1766. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
1767. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
1768. winnat.sys Windows NAT Driver
1769. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
1770. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
1771. Wof.sys Windows Overlay Filter (Microsoft)
1772. WppRecorder.sys WPP Trace Recorder (Microsoft)
1773.  
1774. ====================== Dump #3: UNLOADED MODULES =======================
1775.  
1776. fffff804`13240000 fffff804`13257000 klupd_klif_k
1777. fffff804`14220000 fffff804`1422b000 klpnpflt.sys
1778. fffff804`13220000 fffff804`13231000 MSKSSRV.sys
1779. fffff804`14200000 fffff804`14213000 klkbdflt.sys
1780. fffff804`14d20000 fffff804`14d32000 kbdhid.sys
1781. fffff804`13fb0000 fffff804`13fc7000 klupd_klif_k
1782. fffff804`14220000 fffff804`1422b000 klpnpflt.sys
1783. fffff804`13f90000 fffff804`13fa1000 MSKSSRV.sys
1784. fffff804`13f90000 fffff804`13fc8000 VBoxUSBMon.s
1785. fffff804`13200000 fffff804`13313000 VBoxDrv.sys
1786. fffff804`12c50000 fffff804`12ca7000 VBoxNetLwf.s
1787. fffff804`13560000 fffff804`135b3000 VBoxNetAdp6.
1788. fffff804`14220000 fffff804`1422b000 klpnpflt.sys
1789. fffff804`13e20000 fffff804`13e31000 MSKSSRV.sys
1790. fffff804`14d20000 fffff804`14d33000 klkbdflt.sys
1791. fffff804`14200000 fffff804`14212000 kbdhid.sys
1792. fffff804`14220000 fffff804`1422b000 klpnpflt.sys
1793. fffff804`13e00000 fffff804`13e11000 MSKSSRV.sys
1794. fffff804`13e20000 fffff804`13e33000 klkbdflt.sys
1795. fffff804`13e00000 fffff804`13e12000 kbdhid.sys
1796. fffff804`14220000 fffff804`1422b000 klpnpflt.sys
1797. fffff804`14200000 fffff804`14211000 MSKSSRV.sys
1798. fffff804`133b0000 fffff804`133e9000 klids.sys
1799. fffff804`14d20000 fffff804`14d37000 klupd_klif_k
1800. fffff804`107d0000 fffff804`107ed000 EhStorClass.
1801. fffff804`12550000 fffff804`1255f000 dump_storpor
1802. fffff804`125a0000 fffff804`125d3000 dump_storahc
1803. fffff804`11c00000 fffff804`11c1e000 dump_dumpfve
1804. fffff804`15a20000 fffff804`15a2b000 klpnpflt.sys
1805. fffff804`15950000 fffff804`1595c000 WdmCompanion
1806. fffff804`15a20000 fffff804`15a2b000 klpnpflt.sys
1807. fffff804`15950000 fffff804`1595b000 klpnpflt.sys
1808. fffff804`13450000 fffff804`1346c000 dam.sys
1809. fffff804`10290000 fffff804`102a2000 WdBoot.sys
1810. fffff804`10280000 fffff804`1028e000 klelam.sys
1811. fffff804`11430000 fffff804`11440000 hwpolicy.sys
1812. fffff804`09f70000 fffff804`0a200000 mcupdate.dll
1813.  
1814. ====================== Dump #3: BIOS INFORMATION =======================
1815.  
1816. sysinfo: could not find necessary interfaces.
1817. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
1818.  
1819. ========================== Dump #3: Extra #1 ===========================
1820.  
1821. 1: kd> !verifier
1822. Verify Flags Level 0x00000000
1823. STANDARD FLAGS:
1824. [X] (0x00000000) Automatic Checks
1825. [ ] (0x00000001) Special pool
1826. [ ] (0x00000002) Force IRQL checking
1827. [ ] (0x00000008) Pool tracking
1828. [ ] (0x00000010) I/O verification
1829. [ ] (0x00000020) Deadlock detection
1830. [ ] (0x00000080) DMA checking
1831. [ ] (0x00000100) Security checks
1832. [ ] (0x00000800) Miscellaneous checks
1833. [ ] (0x00020000) DDI compliance checking
1834. ADDITIONAL FLAGS:
1835. [ ] (0x00000004) Randomized low resources simulation
1836. [ ] (0x00000200) Force pending I/O requests
1837. [ ] (0x00000400) IRP logging
1838. [ ] (0x00002000) Invariant MDL checking for stack
1839. [ ] (0x00004000) Invariant MDL checking for driver
1840. [ ] (0x00008000) Power framework delay fuzzing
1841. [ ] (0x00010000) Port/miniport interface checking
1842. [ ] (0x00040000) Systematic low resources simulation
1843. [ ] (0x00080000) DDI compliance checking (additional)
1844. [ ] (0x00200000) NDIS/WIFI verification
1845. [ ] (0x00800000) Kernel synchronization delay fuzzing
1846. [ ] (0x01000000) VM switch verification
1847. [ ] (0x02000000) Code integrity checks
1848. [X] Indicates flag is enabled
1849. Summary of All Verifier Statistics
1850. RaiseIrqls 0x0
1851. AcquireSpinLocks 0x0
1852. Synch Executions 0x0
1853. Trims 0x0
1854. Pool Allocations Attempted 0x0
1855. Pool Allocations Succeeded 0x0
1856. Pool Allocations Succeeded SpecialPool 0x0
1857. Pool Allocations With NO TAG 0x0
1858. Pool Allocations Failed 0x0
1859. Current paged pool allocations 0x0 for 00000000 bytes
1860. Peak paged pool allocations 0x0 for 00000000 bytes
1861. Current nonpaged pool allocations 0x0 for 00000000 bytes
1862. Peak nonpaged pool allocations 0x0 for 00000000 bytes
1863.  
1864. ========================== Dump #3: Extra #2 ===========================
1865.  
1866. 1: kd> !thread
1867. THREAD ffff8804e2fba040 Cid 0004.01f8 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 1
1868. Not impersonating
1869. GetUlongFromAddress: unable to read from fffff8040e61143c
1870. Owning Process ffff8804e2080040 Image: System
1871. Attached Process N/A Image: N/A
1872. fffff78000000000: Unable to get shared data
1873. Wait Start TickCount 1395287
1874. Context Switch Count 53757 IdealProcessor: 3
1875. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
1876. UserTime 00:00:00.000
1877. KernelTime 00:00:00.000
1878. *** WARNING: Unable to verify timestamp for klflt.sys
1879. *** ERROR: Module load completed but symbols could not be loaded for klflt.sys
1880. Win32 Start Address klflt (0xfffff804121ef710)
1881. Stack Init fffff40e5e4e7b90 Current fffff40e5e4e7710
1882. Base fffff40e5e4e8000 Limit fffff40e5e4e1000 Call 0000000000000000
1883. Priority 12 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
1884. Child-SP RetAddr : Args to Child : Call Site
1885. fffff40e`5e4e7028 fffff804`0ddefa29 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
1886. fffff40e`5e4e7030 fffff804`0ddebd29 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
1887. fffff40e`5e4e7170 fffff804`10ed8aac : ffff8804`f08f41d0 00000000`00000000 ffff8804`ef8192d0 00000000`00000000 : nt!KiPageFault+0x469 (TrapFrame @ fffff40e`5e4e7170)
1888. fffff40e`5e4e7300 fffff804`10d25d98 : ffff8804`f190da40 ffff8804`ed80aa70 00000000`00000000 fffff804`10d22504 : tcpip!FlpReturnNetBufferListChain+0x6f71c
1889. fffff40e`5e4e7360 fffff804`10d25bb8 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff40e`00000000 : NETIO!NetioDereferenceNetBufferList+0x88
1890. fffff40e`5e4e73b0 fffff804`10e3ae96 : 00000000`00000000 fffff40e`5e4e7400 00000000`00000000 ffff8804`e2cac000 : NETIO!NetioDereferenceNetBufferListChain+0x1c8
1891. fffff40e`5e4e7430 fffff804`10e3747f : fffff804`10ffa230 ffff8804`e2b3a010 ffff8804`e2cac000 00000000`00000000 : tcpip!IppReceiveHeaderBatch+0x2b6
1892. fffff40e`5e4e7530 fffff804`10f617a2 : ffff8804`f005b8a0 ffff8804`ef8192d0 00000000`00000001 00000000`00000000 : tcpip!IppFlcReceivePacketsCore+0x32f
1893. fffff40e`5e4e7650 fffff804`10f61624 : ffff8804`e2fba040 fffff40e`5e4e7900 fffff40e`5e4e7900 ffff8804`e2b40300 : tcpip!IppInspectInjectReceiveEx+0x172
1894. fffff40e`5e4e76a0 fffff804`111087b6 : fffff804`111086a0 fffff40e`5e4e7900 00000000`00000000 fffff804`0dc3739e : tcpip!IppInspectInjectReceive+0x24
1895. fffff40e`5e4e7700 fffff804`0dc37218 : fffff40e`5e4e7900 ffff8804`e2b40360 00000000`00000003 ffff8804`f31afc40 : fwpkclnt!FwppInjectionStackCallout+0x116
1896. fffff40e`5e4e7790 fffff804`0dc3718d : fffff804`111086a0 fffff40e`5e4e7900 ffff8804`e29a30a0 ffff8804`eeb24e10 : nt!KeExpandKernelStackAndCalloutInternal+0x78
1897. fffff40e`5e4e7800 fffff804`1110a2b4 : 00000000`00000001 fffff804`110f16e3 ffff8804`f31afc40 fffff804`12b45530 : nt!KeExpandKernelStackAndCalloutEx+0x1d
1898. fffff40e`5e4e7840 fffff804`11109ea4 : 00000000`00000000 fffff40e`5e4e7979 00000000`00000001 ffff8804`ef8192d0 : fwpkclnt!NetioExpandKernelStackAndCallout+0x58
1899. fffff40e`5e4e7880 fffff804`12b45685 : ffff8804`e4226f60 ffff8804`f31afc40 ffffffff`00000000 ffff8804`f31afc40 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x304
1900. fffff40e`5e4e79c0 ffff8804`e4226f60 : ffff8804`f31afc40 ffffffff`00000000 ffff8804`f31afc40 01010101`00000002 : klwfp+0x5685
1901. fffff40e`5e4e79c8 ffff8804`f31afc40 : ffffffff`00000000 ffff8804`f31afc40 01010101`00000002 00000000`00000001 : 0xffff8804`e4226f60
1902. fffff40e`5e4e79d0 ffffffff`00000000 : ffff8804`f31afc40 01010101`00000002 00000000`00000001 00000000`0000000d : 0xffff8804`f31afc40
1903. fffff40e`5e4e79d8 ffff8804`f31afc40 : 01010101`00000002 00000000`00000001 00000000`0000000d 00000000`00000000 : 0xffffffff`00000000
1904. fffff40e`5e4e79e0 01010101`00000002 : 00000000`00000001 00000000`0000000d 00000000`00000000 ffff8804`00000000 : 0xffff8804`f31afc40
1905. fffff40e`5e4e79e8 00000000`00000001 : 00000000`0000000d 00000000`00000000 ffff8804`00000000 fffff804`12b45530 : 0x01010101`00000002
1906. fffff40e`5e4e79f0 00000000`0000000d : 00000000`00000000 ffff8804`00000000 fffff804`12b45530 ffff8804`f31afc40 : 0x1
1907. fffff40e`5e4e79f8 00000000`00000000 : ffff8804`00000000 fffff804`12b45530 ffff8804`f31afc40 ffff8804`e2fdee70 : 0xd