API tools faq
paste
Guest User

Untitled

a guest
Jul 26th, 2020
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 209.64 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 04 minutes and 40 seconds
  5.  
  6. ================================= BIOS =================================
  7. VENDOR: American Megatrends Inc.
  8. VERSION: 5406
  9. DATE: 11/13/2019
  10.  
  11. ============================= MOTHERBOARD ==============================
  12. MANUFACTURER: ASUSTeK COMPUTER INC.
  13. PRODUCT: ROG STRIX B350-F GAMING
  14. VERSION: Rev X.0x
  15.  
  16. ================================= RAM ==================================
  17. Size Speed Manufacturer Part No.
  18. -------------- -------------- ------------------- ----------------------
  19. 8192MB 3200MHz Corsair CMW16GX4M2C3200C16
  20. 0MHz Unknown Unknown
  21. 8192MB 3200MHz Corsair CMW16GX4M2C3200C16
  22. 0MHz Unknown Unknown
  23.  
  24. ================================= CPU ==================================
  25. Processor Version: AMD Ryzen 5 3600 6-Core Processor
  26. COUNT: c
  27. MHZ: 3593
  28. VENDOR: AuthenticAMD
  29. FAMILY: 17
  30. MODEL: 71
  31. STEPPING: 0
  32.  
  33. ================================== OS ==================================
  34. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  35. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  36. BUILD_VERSION: 10.0.18362.959 (WinBuild.160101.0800)
  37. BUILD: 18362
  38. SERVICEPACK: 959
  39. PLATFORM_TYPE: x64
  40. NAME: Windows 10
  41. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  42. BUILD_TIMESTAMP: unknown_date
  43. BUILDDATESTAMP: 160101.0800
  44. BUILDLAB: WinBuild
  45. BUILDOSVER: 10.0.18362.959
  46.  
  47. =============================== DEBUGGER ===============================
  48. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  49. Copyright (c) Microsoft Corporation. All rights reserved.
  50.  
  51. =============================== COMMENTS ===============================
  52. * Information gathered from different dump files may be different. If
  53. Windows updates between two dump files, two or more OS versions may
  54. be shown above.
  55. * If the user updates the BIOS between dump files, two or more versions
  56. and dates may be shown above.
  57. * More RAM information can be found below in a full BIOS section.
  58.  
  59. ========================================================================
  60. ======================= Dump #1: ANALYZE VERBOSE =======================
  61. ====================== File: 072420-10109-01.dmp =======================
  62. ========================================================================
  63.  
  64. Mini Kernel Dump File: Only registers and stack trace are available
  65. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  66. Kernel base = 0xfffff802`2d600000 PsLoadedModuleList = 0xfffff802`2da48190
  67. Debug session time: Fri Jul 24 12:08:20.867 2020 (UTC - 4:00)
  68. System Uptime: 0 days 4:32:05.525
  69.  
  70. BugCheck 50, {fffffe55d4b62ab2, 10, fffffe55d4b62ab2, 2}
  71. *** WARNING: Unable to verify timestamp for win32kfull.sys
  72. *** ERROR: Module load completed but symbols could not be loaded for win32kfull.sys
  73. Could not read faulting driver name
  74. *** WARNING: Unable to verify timestamp for win32k.sys
  75. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  76. Probably caused by : memory_corruption
  77. Followup: memory_corruption
  78.  
  79. PAGE_FAULT_IN_NONPAGED_AREA (50)
  80. Invalid system memory was referenced. This cannot be protected by try-except.
  81. Typically the address is just plain bad or it is pointing at freed memory.
  82.  
  83. Arguments:
  84. Arg1: fffffe55d4b62ab2, memory referenced.
  85. Arg2: 0000000000000010, value 0 = read operation, 1 = write operation.
  86. Arg3: fffffe55d4b62ab2, If non-zero, the instruction address which referenced the bad memory
  87. address.
  88. Arg4: 0000000000000002, (reserved)
  89.  
  90. Debugging Details:
  91. Could not read faulting driver name
  92. DUMP_CLASS: 1
  93. DUMP_QUALIFIER: 400
  94. DUMP_TYPE: 2
  95. READ_ADDRESS: fffff8022db733b8: Unable to get MiVisibleState
  96. fffffe55d4b62ab2
  97. FAULTING_IP:
  98. win32kfull+162ab2
  99. fffffe55`d4b62ab2 ?? ???
  100. MM_INTERNAL_CODE: 2
  101. CUSTOMER_CRASH_COUNT: 1
  102. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  103. BUGCHECK_STR: AV
  104.  
  105. PROCESS_NAME: Medal.exe
  106.  
  107. CURRENT_IRQL: 0
  108. TRAP_FRAME: ffffa681cfd24f20 -- (.trap 0xffffa681cfd24f20)
  109. NOTE: The trap frame does not contain all registers.
  110. Some register values may be zeroed or incorrect.
  111. rax=0000000000000102 rbx=0000000000000000 rcx=418e234b086e0000
  112. rdx=000000007457624f rsi=0000000000000000 rdi=0000000000000000
  113. rip=fffffe55d4b62ab2 rsp=ffffa681cfd250b0 rbp=0000000000000001
  114. r8=0000000000000000 r9=fffff8022d600000 r10=0000fffff8022d73
  115. r11=ffffa681cfd24878 r12=0000000000000000 r13=0000000000000000
  116. r14=0000000000000000 r15=0000000000000000
  117. iopl=0 nv up ei pl zr na po nc
  118. win32kfull+0x162ab2:
  119. fffffe55`d4b62ab2 ?? ???
  120. Resetting default scope
  121. LAST_CONTROL_TRANSFER: from fffff8022d7ecf0a to fffff8022d7c23c0
  122. FAILED_INSTRUCTION_ADDRESS:
  123. win32kfull+162ab2
  124. fffffe55`d4b62ab2 ?? ???
  125. STACK_TEXT:
  126. ffffa681`cfd24c78 fffff802`2d7ecf0a : 00000000`00000050 fffffe55`d4b62ab2 00000000`00000010 ffffa681`cfd24f20 : nt!KeBugCheckEx
  127. ffffa681`cfd24c80 fffff802`2d65875f : 00000000`00000000 00000000`00000010 00000000`00000000 fffffe55`d4b62ab2 : nt!MiSystemFault+0x1c5aaa
  128. ffffa681`cfd24d80 fffff802`2d7d041e : 00000000`00000001 00000000`00000003 00000000`00000001 00000000`00000000 : nt!MmAccessFault+0x34f
  129. ffffa681`cfd24f20 fffffe55`d4b62ab2 : 00000000`00000000 ffffe389`0bfab3f0 fffffe2e`02f0e920 ffffa681`cfd250d0 : nt!KiPageFault+0x35e
  130. ffffa681`cfd250b0 00000000`00000000 : ffffe389`0bfab3f0 fffffe2e`02f0e920 ffffa681`cfd250d0 ffffe389`130ea001 : win32kfull+0x162ab2
  131. STACK_COMMAND: kb
  132. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  133. fffff8022d65878b-fffff8022d65878f 5 bytes - nt!MmAccessFault+37b
  134. [ df be 7d fb f6:bf 71 e3 c6 8d ]
  135. fffff8022d6587b8-fffff8022d6587bc 5 bytes - nt!MmAccessFault+3a8 (+0x2d)
  136. [ d7 be 7d fb f6:b7 71 e3 c6 8d ]
  137. fffff8022d7ecfbf - nt!MiSystemFault+1c5b5f (+0x194807)
  138. [ f6:8d ]
  139. fffff8022d7ecfd5 - nt!MiSystemFault+1c5b75 (+0x16)
  140. [ f6:8d ]
  141. 12 errors : !nt (fffff8022d65878b-fffff8022d7ecfd5)
  142. MODULE_NAME: memory_corruption
  143.  
  144. IMAGE_NAME: memory_corruption
  145.  
  146. FOLLOWUP_NAME: memory_corruption
  147. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  148. MEMORY_CORRUPTOR: LARGE
  149. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  150. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  151. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  152. TARGET_TIME: 2020-07-24T16:08:20.000Z
  153. SUITE_MASK: 784
  154. PRODUCT_TYPE: 1
  155. USER_LCID: 0
  156. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  157. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  158. Followup: memory_corruption
  159.  
  160. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  161.  
  162. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  163. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  164. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  165. Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  166. Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  167. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  168. Feb 12 2018 - msio64.sys - MSI Gaming App driver
  169. Mar 26 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  170. Apr 09 2019 - AsIO2.sys - Asus Input Output driver
  171. Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
  172. Apr 22 2019 - OCULUSUD.sys - Oculus VR Headset driver
  173. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  174. Jun 06 2019 - IUProcessFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  175. Sep 05 2019 - e1r65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  176. Oct 14 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  177. Nov 06 2019 - IUFileFilter.sys - IObit Uninstaller driver (IObit)
  178. Nov 06 2019 - IURegistryFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  179. Nov 15 2019 - AtihdWT6.sys - AMD High Definition Audio Function driver http://support.amd.com/
  180. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  181. Nov 27 2019 - teVirtualMIDI64.sys - teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  182. Dec 05 2019 - cpuz149_x64.sys - CPUID driver
  183. Jan 14 2020 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  184. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  185. Feb 10 2020 - bcmwl63a.sys - Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  186. Feb 12 2020 - HWiNFO64A_150.SYS - HWiNFO driver https://www.hwinfo.com/
  187. Feb 14 2020 - CorsairLLAccess64.sys - CORSAIR iCUE Software driver
  188. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  189. Mar 26 2020 - amdxe.sys - AMD Link Xinput Emulation driver
  190. Apr 10 2020 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
  191. May 07 2020 - CorsairGamingAudio64.sys - Corsair Gaming Audio 64-bit driver
  192. May 25 2020 - amdkmdag.sys - AMD Graphics driver
  193. May 28 2020 - oculusvad.sys - Oculus VAD driver
  194. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  195. Jun 09 2020 - amdlog.sys - AMD LOG driver
  196. Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  197. Jun 30 2020 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  198. Jun 30 2020 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  199. Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  200. Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  201.  
  202. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  203.  
  204. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  205. Image name: AsIO.sys
  206. Search : https://www.google.com/search?q=AsIO.sys
  207. ADA Info : ASUS Input Output driver http://www.asus.com/
  208. Timestamp : Wed Aug 22 2012
  209.  
  210. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  211. Image name: amd_sata.sys
  212. Search : https://www.google.com/search?q=amd_sata.sys
  213. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  214. Timestamp : Thu Mar 19 2015
  215.  
  216. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  217. Image name: amd_xata.sys
  218. Search : https://www.google.com/search?q=amd_xata.sys
  219. ADA Info : AMD Stor Filter driver http://support.amd.com/
  220. Timestamp : Thu Mar 19 2015
  221.  
  222. Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
  223. Image name: HWiNFO64A.SYS
  224. Search : https://www.google.com/search?q=HWiNFO64A.SYS
  225. ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  226. Timestamp : Tue Mar 31 2015
  227.  
  228. Image path: \SystemRoot\System32\drivers\amdgpio3.sys
  229. Image name: amdgpio3.sys
  230. Search : https://www.google.com/search?q=amdgpio3.sys
  231. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  232. Timestamp : Mon Mar 14 2016
  233.  
  234. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  235. Image name: Oculus_ViGEmBus.sys
  236. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  237. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  238. Timestamp : Wed Aug 2 2017
  239.  
  240. Image path: \??\C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys
  241. Image name: msio64.sys
  242. Search : https://www.google.com/search?q=msio64.sys
  243. ADA Info : MSI Gaming App driver
  244. Timestamp : Mon Feb 12 2018
  245.  
  246. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  247. Image name: RTKVHD64.sys
  248. Search : https://www.google.com/search?q=RTKVHD64.sys
  249. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  250. Timestamp : Tue Mar 26 2019
  251.  
  252. Image path: \??\C:\WINDOWS\system32\drivers\AsIO2.sys
  253. Image name: AsIO2.sys
  254. Search : https://www.google.com/search?q=AsIO2.sys
  255. ADA Info : Asus Input Output driver
  256. Timestamp : Tue Apr 9 2019
  257.  
  258. Image path: \??\C:\WINDOWS\system32\drivers\GLCKIO2.sys
  259. Image name: GLCKIO2.sys
  260. Search : https://www.google.com/search?q=GLCKIO2.sys
  261. ADA Info : ASUS RGB driver
  262. Timestamp : Mon Apr 22 2019
  263.  
  264. Image path: \SystemRoot\System32\drivers\OCULUSUD.sys
  265. Image name: OCULUSUD.sys
  266. Search : https://www.google.com/search?q=OCULUSUD.sys
  267. ADA Info : Oculus VR Headset driver
  268. Timestamp : Mon Apr 22 2019
  269.  
  270. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  271. Image name: mbae64.sys
  272. Search : https://www.google.com/search?q=mbae64.sys
  273. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  274. Timestamp : Thu Apr 25 2019
  275.  
  276. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys
  277. Image name: IUProcessFilter.sys
  278. Search : https://www.google.com/search?q=IUProcessFilter.sys
  279. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  280. Timestamp : Thu Jun 6 2019
  281.  
  282. Image path: \SystemRoot\system32\DRIVERS\e1r65x64.sys
  283. Image name: e1r65x64.sys
  284. Search : https://www.google.com/search?q=e1r65x64.sys
  285. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  286. Timestamp : Thu Sep 5 2019
  287.  
  288. Image path: \??\C:\WINDOWS\system32\drivers\ene.sys
  289. Image name: ene.sys
  290. Search : https://www.google.com/search?q=ene.sys
  291. ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  292. Timestamp : Mon Oct 14 2019
  293.  
  294. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys
  295. Image name: IUFileFilter.sys
  296. Search : https://www.google.com/search?q=IUFileFilter.sys
  297. ADA Info : IObit Uninstaller driver (IObit)
  298. Timestamp : Wed Nov 6 2019
  299.  
  300. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys
  301. Image name: IURegistryFilter.sys
  302. Search : https://www.google.com/search?q=IURegistryFilter.sys
  303. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  304. Timestamp : Wed Nov 6 2019
  305.  
  306. Image path: \SystemRoot\system32\drivers\AtihdWT6.sys
  307. Image name: AtihdWT6.sys
  308. Search : https://www.google.com/search?q=AtihdWT6.sys
  309. ADA Info : AMD High Definition Audio Function driver http://support.amd.com/
  310. Timestamp : Fri Nov 15 2019
  311.  
  312. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  313. Image name: mbamswissarmy.sys
  314. Search : https://www.google.com/search?q=mbamswissarmy.sys
  315. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  316. Timestamp : Wed Nov 20 2019
  317.  
  318. Image path: \SystemRoot\System32\drivers\teVirtualMIDI64.sys
  319. Image name: teVirtualMIDI64.sys
  320. Search : https://www.google.com/search?q=teVirtualMIDI64.sys
  321. ADA Info : teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  322. Timestamp : Wed Nov 27 2019
  323.  
  324. Image path: \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys
  325. Image name: cpuz149_x64.sys
  326. Search : https://www.google.com/search?q=cpuz149_x64.sys
  327. ADA Info : CPUID driver
  328. Timestamp : Thu Dec 5 2019
  329.  
  330. Image path: \SystemRoot\System32\drivers\amdgpio2.sys
  331. Image name: amdgpio2.sys
  332. Search : https://www.google.com/search?q=amdgpio2.sys
  333. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  334. Timestamp : Tue Jan 14 2020
  335.  
  336. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  337. Image name: amdkmpfd.sys
  338. Search : https://www.google.com/search?q=amdkmpfd.sys
  339. ADA Info : AMD Kernel Miniport Filter driver
  340. Timestamp : Thu Jan 16 2020
  341.  
  342. Image path: \SystemRoot\system32\DRIVERS\bcmwl63a.sys
  343. Image name: bcmwl63a.sys
  344. Search : https://www.google.com/search?q=bcmwl63a.sys
  345. ADA Info : Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  346. Timestamp : Mon Feb 10 2020
  347.  
  348. Image path: \??\C:\Users\andre\AppData\Local\Temp\HWiNFO64A_150.SYS
  349. Image name: HWiNFO64A_150.SYS
  350. Search : https://www.google.com/search?q=HWiNFO64A_150.SYS
  351. ADA Info : HWiNFO driver https://www.hwinfo.com/
  352. Timestamp : Wed Feb 12 2020
  353.  
  354. Image path: \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys
  355. Image name: CorsairLLAccess64.sys
  356. Search : https://www.google.com/search?q=CorsairLLAccess64.sys
  357. ADA Info : CORSAIR iCUE Software driver
  358. Timestamp : Fri Feb 14 2020
  359.  
  360. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  361. Image name: amdpsp.sys
  362. Search : https://www.google.com/search?q=amdpsp.sys
  363. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  364. Timestamp : Fri Mar 6 2020
  365.  
  366. Image path: \SystemRoot\System32\drivers\amdxe.sys
  367. Image name: amdxe.sys
  368. Search : https://www.google.com/search?q=amdxe.sys
  369. ADA Info : AMD Link Xinput Emulation driver
  370. Timestamp : Thu Mar 26 2020
  371.  
  372. Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
  373. Image name: AMDPCIDev.sys
  374. Search : https://www.google.com/search?q=AMDPCIDev.sys
  375. ADA Info : Advanced Micro Devices PCI Device driver
  376. Timestamp : Fri Apr 10 2020
  377.  
  378. Image path: \SystemRoot\system32\DRIVERS\CorsairGamingAudio64.sys
  379. Image name: CorsairGamingAudio64.sys
  380. Search : https://www.google.com/search?q=CorsairGamingAudio64.sys
  381. ADA Info : Corsair Gaming Audio 64-bit driver
  382. Timestamp : Thu May 7 2020
  383.  
  384. Image path: \SystemRoot\System32\DriverStore\FileRepository\u0356013.inf_amd64_61ba7b1fb4cf4aec\B355483\amdkmdag.sys
  385. Image name: amdkmdag.sys
  386. Search : https://www.google.com/search?q=amdkmdag.sys
  387. ADA Info : AMD Graphics driver
  388. Timestamp : Mon May 25 2020
  389.  
  390. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  391. Image name: oculusvad.sys
  392. Search : https://www.google.com/search?q=oculusvad.sys
  393. ADA Info : Oculus VAD driver
  394. Timestamp : Thu May 28 2020
  395.  
  396. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  397. Image name: MbamChameleon.sys
  398. Search : https://www.google.com/search?q=MbamChameleon.sys
  399. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  400. Timestamp : Thu Jun 4 2020
  401.  
  402. Image path: \SystemRoot\System32\drivers\amdlog.sys
  403. Image name: amdlog.sys
  404. Search : https://www.google.com/search?q=amdlog.sys
  405. ADA Info : AMD LOG driver
  406. Timestamp : Tue Jun 9 2020
  407.  
  408. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  409. Image name: mwac.sys
  410. Search : https://www.google.com/search?q=mwac.sys
  411. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  412. Timestamp : Mon Jun 22 2020
  413.  
  414. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  415. Image name: CorsairVBusDriver.sys
  416. Search : https://www.google.com/search?q=CorsairVBusDriver.sys
  417. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  418. Timestamp : Tue Jun 30 2020
  419.  
  420. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  421. Image name: CorsairVHidDriver.sys
  422. Search : https://www.google.com/search?q=CorsairVHidDriver.sys
  423. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  424. Timestamp : Tue Jun 30 2020
  425.  
  426. Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
  427. Image name: mbam.sys
  428. Search : https://www.google.com/search?q=mbam.sys
  429. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  430. Timestamp : Tue Jul 7 2020
  431.  
  432. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  433. Image name: farflt.sys
  434. Search : https://www.google.com/search?q=farflt.sys
  435. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  436. Timestamp : Fri Jul 17 2020
  437.  
  438. ====================== Dump #1: MICROSOFT DRIVERS ======================
  439.  
  440. ACPI.sys ACPI Driver for NT (Microsoft)
  441. acpiex.sys ACPIEx Driver (Microsoft)
  442. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  443. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  444. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  445. ahcache.sys Application Compatibility Cache (Microsoft)
  446. amdppm.sys Processor Device Driver
  447. bam.sys BAM Kernal driver (Microsoft)
  448. BasicDisplay.sys Basic Display driver (Microsoft)
  449. BasicRender.sys Basic Render driver (Microsoft)
  450. Beep.SYS BEEP driver (Microsoft)
  451. bindflt.sys Windows Bind Filter driver (Microsoft)
  452. BOOTVID.dll VGA Boot Driver (Microsoft)
  453. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  454. cdd.dll Canonical Display Driver (Microsoft)
  455. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  456. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  457. CI.dll Code Integrity Module (Microsoft)
  458. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  459. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  460. CLFS.SYS Common Log File System Driver (Microsoft)
  461. clipsp.sys CLIP Service (Microsoft)
  462. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  463. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  464. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  465. condrv.sys Console Driver (Microsoft)
  466. crashdmp.sys Crash Dump driver (Microsoft)
  467. dfsc.sys DFS Namespace Client Driver (Microsoft)
  468. disk.sys PnP Disk Driver (Microsoft)
  469. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  470. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  471. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  472. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  473. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  474. dxgmms2.sys DirectX Graphics MMS
  475. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  476. fastfat.SYS Fast FAT File System Driver (Microsoft)
  477. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  478. fileinfo.sys FileInfo Filter Driver (Microsoft)
  479. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  480. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  481. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  482. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  483. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  484. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  485. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  486. HIDCLASS.SYS Hid Class Library (Microsoft)
  487. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  488. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  489. HTTP.sys HTTP Protocol Stack (Microsoft)
  490. intelpep.sys Intel Power Engine Plugin (Microsoft)
  491. iorate.sys I/O rate control Filter (Microsoft)
  492. kbdclass.sys Keyboard Class Driver (Microsoft)
  493. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  494. kd.dll Local Kernal Debugger (Microsoft)
  495. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  496. ks.sys Kernal CSA Library (Microsoft)
  497. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  498. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  499. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  500. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  501. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  502. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  503. mmcss.sys MMCSS Driver (Microsoft)
  504. monitor.sys Monitor Driver (Microsoft)
  505. mouclass.sys Mouse Class Driver (Microsoft)
  506. mouhid.sys HID Mouse Filter Driver (Microsoft)
  507. mountmgr.sys Mount Point Manager (Microsoft)
  508. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  509. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  510. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  511. Msfs.SYS Mailslot driver (Microsoft)
  512. msgpioclx.sys GPIO Class Extension Driver (Microsoft)
  513. msisadrv.sys ISA Driver (Microsoft)
  514. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  515. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  516. mssmbios.sys System Management BIOS driver (Microsoft)
  517. mup.sys Multiple UNC Provider driver (Microsoft)
  518. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  519. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  520. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  521. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  522. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  523. NDProxy.sys NDIS Proxy driver (Microsoft)
  524. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  525. netbios.sys NetBIOS Interface driver (Microsoft)
  526. netbt.sys MBT Transport driver (Microsoft)
  527. NETIO.SYS Network I/O Subsystem (Microsoft)
  528. Npfs.SYS NPFS driver (Microsoft)
  529. npsvctrig.sys Named pipe service triggers (Microsoft)
  530. nsiproxy.sys NSI Proxy driver (Microsoft)
  531. Ntfs.sys NT File System Driver (Microsoft)
  532. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  533. ntosext.sys NTOS Extension Host driver (Microsoft)
  534. Null.SYS NULL Driver (Microsoft)
  535. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  536. pacer.sys QoS Packet Scheduler (Microsoft)
  537. partmgr.sys Partition driver (Microsoft)
  538. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  539. pcw.sys Performance Counter Driver (Microsoft)
  540. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  541. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  542. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  543. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  544. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  545. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  546. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  547. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  548. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  549. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  550. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  551. rdyboost.sys ReadyBoost Driver (Microsoft)
  552. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  553. serenum.sys Serial Port Enumerator (Microsoft)
  554. serial.sys Serial Device Driver
  555. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  556. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  557. spaceport.sys Storage Spaces driver (Microsoft)
  558. srv2.sys Smb 2.0 Server driver (Microsoft)
  559. srvnet.sys Server Network driver (Microsoft)
  560. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  561. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  562. storqosflt.sys Storage QoS Filter driver (Microsoft)
  563. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  564. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  565. tcpip.sys TCP/IP Protocol driver (Microsoft)
  566. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  567. TDI.SYS TDI Wrapper driver (Microsoft)
  568. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  569. tm.sys Kernel Transaction Manager driver (Microsoft)
  570. ucx01000.sys USB Controller Extension (Microsoft)
  571. UEFI.sys UEFI NT driver (Microsoft)
  572. umbus.sys User-Mode Bus Enumerator (Microsoft)
  573. usbaudio.sys USB Audio Class Driver (Microsoft)
  574. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  575. USBD.SYS Universal Serial Bus Driver (Microsoft)
  576. UsbHub3.sys USB3 HUB driver (Microsoft)
  577. usbser.sys USB Serial driver (Microsoft)
  578. usbvideo.sys USB Video Class Driver (Microsoft)
  579. USBXHCI.SYS USB XHCI driver (Microsoft)
  580. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  581. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  582. volmgr.sys Volume Manager Driver (Microsoft)
  583. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  584. volsnap.sys Volume Shadow Copy driver (Microsoft)
  585. volume.sys Volume driver (Microsoft)
  586. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  587. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  588. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  589. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  590. watchdog.sys Watchdog driver (Microsoft)
  591. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  592. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  593. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  594. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  595. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  596. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  597. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  598. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  599. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  600. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  601. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  602. winquic.sys QUIC Transport Protocol driver (Microsoft)
  603. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  604. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  605. Wof.sys Windows Overlay Filter (Microsoft)
  606. WppRecorder.sys WPP Trace Recorder (Microsoft)
  607. WSDPrint.sys Web Services Print Device driver (Microsoft)
  608. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  609.  
  610. ====================== Dump #1: UNLOADED MODULES =======================
  611.  
  612. fffff802`2acc0000 fffff802`2acce000 WSDScan.sys
  613. fffff802`2acb0000 fffff802`2acbe000 WSDPrint.sys
  614. fffff802`2aca0000 fffff802`2acae000 WSDScan.sys
  615. fffff802`2ac90000 fffff802`2ac9e000 WSDPrint.sys
  616. fffff802`2ac80000 fffff802`2ac8e000 WSDScan.sys
  617. fffff802`2ac70000 fffff802`2ac7e000 WSDPrint.sys
  618. fffff802`2ac60000 fffff802`2ac6e000 WSDScan.sys
  619. fffff802`2ac50000 fffff802`2ac5e000 WSDPrint.sys
  620. fffff802`2ac40000 fffff802`2ac4e000 WSDScan.sys
  621. fffff802`2ac30000 fffff802`2ac3e000 WSDPrint.sys
  622. fffff802`2ac20000 fffff802`2ac2e000 WSDScan.sys
  623. fffff802`2ac10000 fffff802`2ac1e000 WSDPrint.sys
  624. fffff802`2ac00000 fffff802`2ac0e000 WSDScan.sys
  625. fffff802`2abf0000 fffff802`2abfe000 WSDPrint.sys
  626. fffff802`2abe0000 fffff802`2abee000 WSDScan.sys
  627. fffff802`2abd0000 fffff802`2abde000 WSDPrint.sys
  628. fffff802`2abc0000 fffff802`2abce000 WSDScan.sys
  629. fffff802`2abb0000 fffff802`2abbe000 WSDPrint.sys
  630. fffff802`2aba0000 fffff802`2abae000 WSDScan.sys
  631. fffff802`2ab90000 fffff802`2ab9e000 WSDPrint.sys
  632. fffff802`2ab80000 fffff802`2ab8e000 WSDScan.sys
  633. fffff802`2ab70000 fffff802`2ab7e000 WSDPrint.sys
  634. fffff802`2ab60000 fffff802`2ab6e000 WSDScan.sys
  635. fffff802`2ab50000 fffff802`2ab5e000 WSDPrint.sys
  636. fffff802`2ab40000 fffff802`2ab4e000 WSDScan.sys
  637. fffff802`2ab30000 fffff802`2ab3e000 WSDPrint.sys
  638. fffff802`2ab20000 fffff802`2ab2e000 WSDScan.sys
  639. fffff802`2ab10000 fffff802`2ab1e000 WSDPrint.sys
  640. fffff802`2ab00000 fffff802`2ab0e000 WSDScan.sys
  641. fffff802`2aaf0000 fffff802`2aafe000 WSDPrint.sys
  642. fffff802`2aae0000 fffff802`2aaee000 WSDScan.sys
  643. fffff802`2aad0000 fffff802`2aade000 WSDPrint.sys
  644. fffff802`2aac0000 fffff802`2aace000 WSDScan.sys
  645. fffff802`2aab0000 fffff802`2aabe000 WSDPrint.sys
  646. fffff802`2aaa0000 fffff802`2aaae000 WSDScan.sys
  647. fffff802`2aa90000 fffff802`2aa9e000 WSDPrint.sys
  648. fffff802`2aa80000 fffff802`2aa8e000 WSDScan.sys
  649. fffff802`2aa70000 fffff802`2aa7e000 WSDPrint.sys
  650. fffff802`2aa60000 fffff802`2aa6e000 WSDScan.sys
  651. fffff802`2aa50000 fffff802`2aa5e000 WSDPrint.sys
  652. fffff802`2aa40000 fffff802`2aa4e000 WSDScan.sys
  653. fffff802`2aa30000 fffff802`2aa3e000 WSDPrint.sys
  654. fffff802`2aa20000 fffff802`2aa2e000 WSDScan.sys
  655. fffff802`2aa10000 fffff802`2aa1e000 WSDPrint.sys
  656. fffff802`2aa00000 fffff802`2aa0e000 WSDScan.sys
  657. fffff802`2a9f0000 fffff802`2a9fe000 WSDPrint.sys
  658. fffff802`2a9e0000 fffff802`2a9ee000 WSDScan.sys
  659. fffff802`2a9d0000 fffff802`2a9de000 WSDPrint.sys
  660. fffff802`2a9c0000 fffff802`2a9ce000 WSDScan.sys
  661. fffff802`2a9b0000 fffff802`2a9be000 WSDPrint.sys
  662.  
  663. ====================== Dump #1: BIOS INFORMATION =======================
  664.  
  665. [SMBIOS Data Tables v3.1]
  666. [DMI Version - 0]
  667. [2.0 Calling Convention - No]
  668. [Table Size - 2505 bytes]
  669. [BIOS Information (Type 0) - Length 26 - Handle 0000h]
  670. Vendor American Megatrends Inc.
  671. BIOS Version 5406
  672. BIOS Starting Address Segment f000
  673. BIOS Release Date 11/13/2019
  674. BIOS ROM Size 1000000
  675. BIOS Characteristics
  676. 07: - PCI Supported
  677. 10: - APM Supported
  678. 11: - Upgradeable FLASH BIOS
  679. 12: - BIOS Shadowing Supported
  680. 15: - CD-Boot Supported
  681. 16: - Selectable Boot Supported
  682. 17: - BIOS ROM Socketed
  683. 19: - EDD Supported
  684. 23: - 1.2MB Floppy Supported
  685. 24: - 720KB Floppy Supported
  686. 25: - 2.88MB Floppy Supported
  687. 26: - Print Screen Device Supported
  688. 27: - Keyboard Services Supported
  689. 28: - Serial Services Supported
  690. 29: - Printer Services Supported
  691. 32: - BIOS Vendor Reserved
  692. BIOS Characteristic Extensions
  693. 00: - ACPI Supported
  694. 01: - USB Legacy Supported
  695. 08: - BIOS Boot Specification Supported
  696. 10: - Specification Reserved
  697. 11: - Specification Reserved
  698. BIOS Major Revision 5
  699. BIOS Minor Revision 13
  700. EC Firmware Major Revision 255
  701. EC Firmware Minor Revision 255
  702. [System Information (Type 1) - Length 27 - Handle 0001h]
  703. Manufacturer System manufacturer
  704. Product Name System Product Name
  705. Version System Version
  706. UUID 00000000-0000-0000-0000-000000000000
  707. Wakeup Type Power Switch
  708. SKUNumber SKU
  709. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  710. Manufacturer ASUSTeK COMPUTER INC.
  711. Product ROG STRIX B350-F GAMING
  712. Version Rev X.0x
  713. Feature Flags 09h
  714. -863389984: - -863389936: - «
  715. ø
  716. Location Default string
  717. Chassis Handle 0003h
  718. Board Type 0ah - Processor/Memory Module
  719. Number of Child Handles 0
  720. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  721. Manufacturer Default string
  722. Chassis Type Desktop
  723. Version Default string
  724. Bootup State Safe
  725. Power Supply State Safe
  726. Thermal State Safe
  727. Security Status None
  728. OEM Defined 0
  729. Height 0U
  730. Number of Power Cords 1
  731. Number of Contained Elements 0
  732. Contained Element Size 3
  733. [Onboard Devices Information (Type 10) - Length 6 - Handle 0020h]
  734. Number of Devices 1
  735. 01: Type Video [enabled]
  736. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  737. Number of Strings 8
  738. 1 Default string
  739. 2 Default string
  740. 3 CHOPIN
  741. 4 Default string
  742. 5 FFFFFFFFFFFFF
  743. 6 FFFFFFFFFFFFF
  744. 7 FFFFFFFFFFFFF
  745. 8 Default string
  746. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  747. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0026h]
  748. [Physical Memory Array (Type 16) - Length 23 - Handle 0027h]
  749. Location 03h - SystemBoard/Motherboard
  750. Use 03h - System Memory
  751. Memory Error Correction 03h - None
  752. Maximum Capacity 134217728KB
  753. Memory Error Inf Handle 0026h
  754. Number of Memory Devices 4
  755. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0028h]
  756. Starting Address 00000000h
  757. Ending Address 0037ffffh
  758. Memory Array Handle 0027h
  759. Partition Width 02
  760. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0029h]
  761. Starting Address 00400000h
  762. Ending Address 0107ffffh
  763. Memory Array Handle 0027h
  764. Partition Width 02
  765. [Cache Information (Type 7) - Length 19 - Handle 002ah]
  766. Socket Designation L1 - Cache
  767. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  768. Maximum Cache Size 0180h - 384K
  769. Installed Size 0180h - 384K
  770. Supported SRAM Type 0010h - Pipeline-Burst
  771. Current SRAM Type 0010h - Pipeline-Burst
  772. Cache Speed 1ns
  773. Error Correction Type Specification Reserved
  774. System Cache Type Unified
  775. Associativity 8-way Set-Associative
  776. [Cache Information (Type 7) - Length 19 - Handle 002bh]
  777. Socket Designation L2 - Cache
  778. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  779. Maximum Cache Size 0c00h - 3072K
  780. Installed Size 0c00h - 3072K
  781. Supported SRAM Type 0010h - Pipeline-Burst
  782. Current SRAM Type 0010h - Pipeline-Burst
  783. Cache Speed 1ns
  784. Error Correction Type Specification Reserved
  785. System Cache Type Unified
  786. Associativity 8-way Set-Associative
  787. [Cache Information (Type 7) - Length 19 - Handle 002ch]
  788. Socket Designation L3 - Cache
  789. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  790. Maximum Cache Size 8200h - 32768K
  791. Installed Size 8200h - 32768K
  792. Supported SRAM Type 0010h - Pipeline-Burst
  793. Current SRAM Type 0010h - Pipeline-Burst
  794. Cache Speed 1ns
  795. Error Correction Type Specification Reserved
  796. System Cache Type Unified
  797. Associativity 16-way Set-Associative
  798. [Processor Information (Type 4) - Length 48 - Handle 002dh]
  799. Socket Designation AM4
  800. Processor Type Central Processor
  801. Processor Family 6bh - Specification Reserved
  802. Processor Manufacturer Advanced Micro Devices, Inc.
  803. Processor ID 100f8700fffb8b17
  804. Processor Version AMD Ryzen 5 3600 6-Core Processor
  805. Processor Voltage 8bh - 1.1V
  806. External Clock 100MHz
  807. Max Speed 4200MHz
  808. Current Speed 3600MHz
  809. Status Enabled Populated
  810. Processor Upgrade Specification Reserved
  811. L1 Cache Handle 002ah
  812. L2 Cache Handle 002bh
  813. L3 Cache Handle 002ch
  814. Part Number Unknown
  815. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 002eh]
  816. [Memory Device (Type 17) - Length 40 - Handle 002fh]
  817. Physical Memory Array Handle 0027h
  818. Memory Error Info Handle 002eh
  819. Total Width 64 bits
  820. Data Width 64 bits
  821. Size 8192MB
  822. Form Factor 09h - DIMM
  823. Device Locator DIMM_A1
  824. Bank Locator BANK 0
  825. Memory Type 1ah - Specification Reserved
  826. Type Detail 4080h - Synchronous
  827. Speed 3200MHz
  828. Manufacturer Corsair
  829. Part Number CMW16GX4M2C3200C16
  830. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0030h]
  831. Starting Address 00000000h
  832. Ending Address 00ffffffh
  833. Memory Device Handle 002fh
  834. Mem Array Mapped Adr Handle 0029h
  835. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0031h]
  836. [Memory Device (Type 17) - Length 40 - Handle 0032h]
  837. Physical Memory Array Handle 0027h
  838. Memory Error Info Handle 0031h
  839. Form Factor 02h - Unknown
  840. Device Locator DIMM_A2
  841. Bank Locator BANK 1
  842. Memory Type 02h - Unknown
  843. Type Detail 0004h - Unknown
  844. Speed 0MHz
  845. Manufacturer Unknown
  846. Part Number Unknown
  847. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0033h]
  848. [Memory Device (Type 17) - Length 40 - Handle 0034h]
  849. Physical Memory Array Handle 0027h
  850. Memory Error Info Handle 0033h
  851. Total Width 64 bits
  852. Data Width 64 bits
  853. Size 8192MB
  854. Form Factor 09h - DIMM
  855. Device Locator DIMM_B1
  856. Bank Locator BANK 2
  857. Memory Type 1ah - Specification Reserved
  858. Type Detail 4080h - Synchronous
  859. Speed 3200MHz
  860. Manufacturer Corsair
  861. Part Number CMW16GX4M2C3200C16
  862. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0035h]
  863. Starting Address 00000000h
  864. Ending Address 00ffffffh
  865. Memory Device Handle 0034h
  866. Mem Array Mapped Adr Handle 0029h
  867. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0036h]
  868. [Memory Device (Type 17) - Length 40 - Handle 0037h]
  869. Physical Memory Array Handle 0027h
  870. Memory Error Info Handle 0036h
  871. Form Factor 02h - Unknown
  872. Device Locator DIMM_B2
  873. Bank Locator BANK 3
  874. Memory Type 02h - Unknown
  875. Type Detail 0004h - Unknown
  876. Speed 0MHz
  877. Manufacturer Unknown
  878. Part Number Unknown
  879.  
  880. ========================== Dump #1: Extra #1 ===========================
  881.  
  882. 9: kd> !verifier
  883. Verify Flags Level 0x00000000
  884. STANDARD FLAGS:
  885. [X] (0x00000000) Automatic Checks
  886. [ ] (0x00000001) Special pool
  887. [ ] (0x00000002) Force IRQL checking
  888. [ ] (0x00000008) Pool tracking
  889. [ ] (0x00000010) I/O verification
  890. [ ] (0x00000020) Deadlock detection
  891. [ ] (0x00000080) DMA checking
  892. [ ] (0x00000100) Security checks
  893. [ ] (0x00000800) Miscellaneous checks
  894. [ ] (0x00020000) DDI compliance checking
  895. ADDITIONAL FLAGS:
  896. [ ] (0x00000004) Randomized low resources simulation
  897. [ ] (0x00000200) Force pending I/O requests
  898. [ ] (0x00000400) IRP logging
  899. [ ] (0x00002000) Invariant MDL checking for stack
  900. [ ] (0x00004000) Invariant MDL checking for driver
  901. [ ] (0x00008000) Power framework delay fuzzing
  902. [ ] (0x00010000) Port/miniport interface checking
  903. [ ] (0x00040000) Systematic low resources simulation
  904. [ ] (0x00080000) DDI compliance checking (additional)
  905. [ ] (0x00200000) NDIS/WIFI verification
  906. [ ] (0x00800000) Kernel synchronization delay fuzzing
  907. [ ] (0x01000000) VM switch verification
  908. [ ] (0x02000000) Code integrity checks
  909. [X] Indicates flag is enabled
  910. Summary of All Verifier Statistics
  911. RaiseIrqls 0x0
  912. AcquireSpinLocks 0x0
  913. Synch Executions 0x0
  914. Trims 0x0
  915. Pool Allocations Attempted 0x0
  916. Pool Allocations Succeeded 0x0
  917. Pool Allocations Succeeded SpecialPool 0x0
  918. Pool Allocations With NO TAG 0x0
  919. Pool Allocations Failed 0x0
  920. Current paged pool allocations 0x0 for 00000000 bytes
  921. Peak paged pool allocations 0x0 for 00000000 bytes
  922. Current nonpaged pool allocations 0x0 for 00000000 bytes
  923. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  924.  
  925. ========================== Dump #1: Extra #2 ===========================
  926.  
  927. 9: kd> !thread
  928. THREAD ffffe389130ea080 Cid 3278.3810 Teb: 0000008b8ff7e000 Win32Thread: ffffe3891318d1b0 RUNNING on processor 9
  929. Not impersonating
  930. GetUlongFromAddress: unable to read from fffff8022da2ca14
  931. Owning Process ffffe38911c650c0 Image: Medal.exe
  932. Attached Process N/A Image: N/A
  933. fffff78000000000: Unable to get shared data
  934. Wait Start TickCount 1044833
  935. Context Switch Count 8468919 IdealProcessor: 8
  936. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  937. UserTime 00:00:00.000
  938. KernelTime 00:00:00.000
  939. Win32 Start Address 0x00007ff611ecf4d0
  940. Stack Init ffffa681cfd25c90 Current ffffa681cfd24700
  941. Base ffffa681cfd26000 Limit ffffa681cfd20000 Call 0000000000000000
  942. Priority 10 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  943. Child-SP RetAddr : Args to Child : Call Site
  944. ffffa681`cfd24c78 fffff802`2d7ecf0a : 00000000`00000050 fffffe55`d4b62ab2 00000000`00000010 ffffa681`cfd24f20 : nt!KeBugCheckEx
  945. ffffa681`cfd24c80 fffff802`2d65875f : 00000000`00000000 00000000`00000010 00000000`00000000 fffffe55`d4b62ab2 : nt!MiSystemFault+0x1c5aaa
  946. ffffa681`cfd24d80 fffff802`2d7d041e : 00000000`00000001 00000000`00000003 00000000`00000001 00000000`00000000 : nt!MmAccessFault+0x34f
  947. ffffa681`cfd24f20 fffffe55`d4b62ab2 : 00000000`00000000 ffffe389`0bfab3f0 fffffe2e`02f0e920 ffffa681`cfd250d0 : nt!KiPageFault+0x35e (TrapFrame @ ffffa681`cfd24f20)
  948. ffffa681`cfd250b0 00000000`00000000 : ffffe389`0bfab3f0 fffffe2e`02f0e920 ffffa681`cfd250d0 ffffe389`130ea001 : win32kfull+0x162ab2
  949.  
  950.  
  951. ========================================================================
  952. ======================= Dump #2: ANALYZE VERBOSE =======================
  953. ======================= File: 072320-8546-01.dmp =======================
  954. ========================================================================
  955.  
  956. Mini Kernel Dump File: Only registers and stack trace are available
  957. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  958. Kernel base = 0xfffff806`6960a000 PsLoadedModuleList = 0xfffff806`69a52190
  959. Debug session time: Thu Jul 23 08:11:42.974 2020 (UTC - 4:00)
  960. System Uptime: 0 days 0:00:06.705
  961.  
  962. BugCheck C4, {62, ffffba08d72a4ab8, ffffba08d398c3e0, 1}
  963. *** ERROR: Module load completed but symbols could not be loaded for vgk.sys
  964. Probably caused by : memory_corruption
  965. Followup: memory_corruption
  966.  
  967. DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
  968. A device driver attempting to corrupt the system has been caught. This is
  969. because the driver was specified in the registry as being suspect (by the
  970. administrator) and the kernel has enabled substantial checking of this driver.
  971. If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
  972. be among the most commonly seen crashes.
  973.  
  974. Arguments:
  975. Arg1: 0000000000000062, A driver has forgotten to free its pool allocations prior to unloading.
  976. Arg2: ffffba08d72a4ab8, name of the driver having the issue.
  977. Arg3: ffffba08d398c3e0, verifier internal structure with driver information.
  978. Arg4: 0000000000000001, total # of (paged+nonpaged) allocations that weren't freed.
  979. Type !verifier 3 drivername.sys for info on the allocations
  980. that were leaked that caused the bugcheck.
  981.  
  982. Debugging Details:
  983. DUMP_CLASS: 1
  984. DUMP_QUALIFIER: 400
  985. DUMP_TYPE: 2
  986. BUGCHECK_STR: 0xc4_62
  987. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  988. FAULTING_MODULE: fffff804ec3f0000 vgk
  989. VERIFIER_DRIVER_ENTRY: dt nt!_MI_VERIFIER_DRIVER_ENTRY ffffba08d398c3e0
  990. Symbol nt!_MI_VERIFIER_DRIVER_ENTRY not found.
  991. CUSTOMER_CRASH_COUNT: 1
  992. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  993.  
  994. PROCESS_NAME: System
  995.  
  996. CURRENT_IRQL: 2
  997. LAST_CONTROL_TRANSFER: from fffff80669f7a6e3 to fffff806697cc3c0
  998. STACK_TEXT:
  999. ffff8689`8f806548 fffff806`69f7a6e3 : 00000000`000000c4 00000000`00000062 ffffba08`d72a4ab8 ffffba08`d398c3e0 : nt!KeBugCheckEx
  1000. ffff8689`8f806550 fffff806`69f89492 : ffffba08`d398c3e0 ffff8689`8f806640 ffffba08`d72a48e0 ffffba08`d3984da0 : nt!VerifierBugCheckIfAppropriate+0xdf
  1001. ffff8689`8f806590 fffff806`69879b66 : ffffba08`d398c3e0 00000000`ffffffff 00000000`00000001 fffff804`ec3f1000 : nt!VfPoolCheckForLeaks+0x46
  1002. ffff8689`8f8065d0 fffff806`69f6c4be : 00000000`00518000 ffffba08`d72a48e0 fffff806`69a41c10 fffff806`69a41c10 : nt!VfTargetDriversRemove+0xf2516
  1003. ffff8689`8f806650 fffff806`69c70ad3 : ffffba08`d72a48e0 ffff8689`8f806780 ffffa40a`994edcc0 ffffba08`d72a48e0 : nt!VfDriverUnloadImage+0x3e
  1004. ffff8689`8f806680 fffff806`69d50930 : 00000000`00000518 00000000`ffffffff ffffa40a`994edcc0 fffff77c`02761f80 : nt!MiUnloadSystemImage+0x38b
  1005. ffff8689`8f806810 fffff806`69d8d450 : ffffba08`d726ad80 fffff806`69722d6e ffffba08`d726ad80 ffffba08`d726adb0 : nt!MmUnloadSystemImage+0x20
  1006. ffff8689`8f806840 fffff806`69c22910 : ffffba08`d726ad80 00000000`00000000 00000000`00000000 ffff8689`8f8068b0 : nt!IopDeleteDriver+0x40
  1007. ffff8689`8f806890 fffff806`696ab024 : 00000000`00000000 00000000`00000000 ffff8689`8f806a30 ffffba08`d726adb0 : nt!ObpRemoveObjectRoutine+0x80
  1008. ffff8689`8f8068f0 fffff806`69d035bc : 00000000`00000000 ffffba08`d726adb0 ffffba08`c0000365 ffffffff`800001d8 : nt!ObfDereferenceObject+0xa4
  1009. ffff8689`8f806930 fffff806`6a01bf91 : ffffba08`d398f150 ffffba08`d398f150 ffff8689`8f806b80 00000000`00000000 : nt!IopLoadDriver+0x710
  1010. ffff8689`8f806b10 fffff806`6a01b182 : fffff806`c0000365 ffffa40a`99c28fc0 00000000`00000000 fffff806`67fb9330 : nt!IopInitializeSystemDrivers+0x151
  1011. ffff8689`8f806bb0 fffff806`69d62b62 : fffff806`67fb9330 fffff806`67fb9330 fffff806`69d62b20 fffff806`67fb9330 : nt!IoInitSystem+0x12
  1012. ffff8689`8f806be0 fffff806`69728155 : ffffba08`cfabe040 fffff806`69d62b20 fffff806`67fb9330 00000000`00000000 : nt!Phase1Initialization+0x42
  1013. ffff8689`8f806c10 fffff806`697d39c8 : fffff806`6836a180 ffffba08`cfabe040 fffff806`69728100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  1014. ffff8689`8f806c60 00000000`00000000 : ffff8689`8f807000 ffff8689`8f801000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  1015. STACK_COMMAND: kb
  1016. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1017. fffff80669d62b2f-fffff80669d62b30 2 bytes - nt!Phase1Initialization+f
  1018. [ 48 ff:4c 8b ]
  1019. fffff80669d62b36-fffff80669d62b3a 5 bytes - nt!Phase1Initialization+16 (+0x07)
  1020. [ 0f 1f 44 00 00:e8 e5 b8 bf ff ]
  1021. 7 errors : !nt (fffff80669d62b2f-fffff80669d62b3a)
  1022. MODULE_NAME: memory_corruption
  1023.  
  1024. IMAGE_NAME: memory_corruption
  1025.  
  1026. FOLLOWUP_NAME: memory_corruption
  1027. MEMORY_CORRUPTOR: LARGE
  1028. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1029. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1030. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1031. TARGET_TIME: 2020-07-23T12:11:42.000Z
  1032. SUITE_MASK: 784
  1033. PRODUCT_TYPE: 1
  1034. USER_LCID: 0
  1035. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1036. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1037. Followup: memory_corruption
  1038.  
  1039. ====================== Dump #2: 3RD PARTY DRIVERS ======================
  1040.  
  1041. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  1042. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  1043. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1044. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  1045. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  1046. Jun 29 2020 - vgk.sys - Vanguard Anti-Cheat driver
  1047.  
  1048. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
  1049.  
  1050. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  1051. Image name: amd_sata.sys
  1052. Search : https://www.google.com/search?q=amd_sata.sys
  1053. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  1054. Timestamp : Thu Mar 19 2015
  1055.  
  1056. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  1057. Image name: amd_xata.sys
  1058. Search : https://www.google.com/search?q=amd_xata.sys
  1059. ADA Info : AMD Stor Filter driver http://support.amd.com/
  1060. Timestamp : Thu Mar 19 2015
  1061.  
  1062. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  1063. Image name: mbamswissarmy.sys
  1064. Search : https://www.google.com/search?q=mbamswissarmy.sys
  1065. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1066. Timestamp : Wed Nov 20 2019
  1067.  
  1068. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  1069. Image name: amdkmpfd.sys
  1070. Search : https://www.google.com/search?q=amdkmpfd.sys
  1071. ADA Info : AMD Kernel Miniport Filter driver
  1072. Timestamp : Thu Jan 16 2020
  1073.  
  1074. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  1075. Image name: amdpsp.sys
  1076. Search : https://www.google.com/search?q=amdpsp.sys
  1077. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  1078. Timestamp : Fri Mar 6 2020
  1079.  
  1080. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
  1081. Image name: vgk.sys
  1082. Search : https://www.google.com/search?q=vgk.sys
  1083. ADA Info : Vanguard Anti-Cheat driver
  1084. Timestamp : Mon Jun 29 2020
  1085.  
  1086. ====================== Dump #2: MICROSOFT DRIVERS ======================
  1087.  
  1088. ACPI.sys ACPI Driver for NT (Microsoft)
  1089. acpiex.sys ACPIEx Driver (Microsoft)
  1090. BOOTVID.dll VGA Boot Driver (Microsoft)
  1091. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1092. CI.dll Code Integrity Module (Microsoft)
  1093. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1094. CLFS.SYS Common Log File System Driver (Microsoft)
  1095. clipsp.sys CLIP Service (Microsoft)
  1096. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1097. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1098. crashdmp.sys Crash Dump driver (Microsoft)
  1099. disk.sys PnP Disk Driver (Microsoft)
  1100. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1101. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1102. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1103. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  1104. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1105. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1106. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1107. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1108. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1109. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1110. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1111. iorate.sys I/O rate control Filter (Microsoft)
  1112. kd.dll Local Kernal Debugger (Microsoft)
  1113. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1114. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1115. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  1116. mountmgr.sys Mount Point Manager (Microsoft)
  1117. msisadrv.sys ISA Driver (Microsoft)
  1118. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1119. mup.sys Multiple UNC Provider driver (Microsoft)
  1120. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1121. NETIO.SYS Network I/O Subsystem (Microsoft)
  1122. Ntfs.sys NT File System Driver (Microsoft)
  1123. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  1124. ntosext.sys NTOS Extension Host driver (Microsoft)
  1125. partmgr.sys Partition driver (Microsoft)
  1126. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1127. pcw.sys Performance Counter Driver (Microsoft)
  1128. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1129. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1130. rdyboost.sys ReadyBoost Driver (Microsoft)
  1131. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1132. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1133. spaceport.sys Storage Spaces driver (Microsoft)
  1134. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  1135. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  1136. tcpip.sys TCP/IP Protocol driver (Microsoft)
  1137. tm.sys Kernel Transaction Manager driver (Microsoft)
  1138. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  1139. VerifierExt.sys Driver Verifier Extension
  1140. volmgr.sys Volume Manager Driver (Microsoft)
  1141. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  1142. volsnap.sys Volume Shadow Copy driver (Microsoft)
  1143. volume.sys Volume driver (Microsoft)
  1144. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  1145. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  1146. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  1147. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  1148. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  1149. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  1150. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  1151. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  1152. Wof.sys Windows Overlay Filter (Microsoft)
  1153. WppRecorder.sys WPP Trace Recorder (Microsoft)
  1154.  
  1155. ====================== Dump #2: UNLOADED MODULES =======================
  1156.  
  1157. fffff806`6aa30000 fffff806`6aa41000 WdBoot.sys
  1158. fffff806`6aa20000 fffff806`6aa29000 MbamElam.sys
  1159. fffff806`6bb50000 fffff806`6bb61000 hwpolicy.sys
  1160.  
  1161. ====================== Dump #2: BIOS INFORMATION =======================
  1162.  
  1163. sysinfo: could not find necessary interfaces.
  1164. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  1165.  
  1166. ========================== Dump #2: Extra #1 ===========================
  1167.  
  1168. 11: kd> !verifier
  1169. Verify Flags Level 0x001209bb
  1170. STANDARD FLAGS:
  1171. [X] (0x00000000) Automatic Checks
  1172. [X] (0x00000001) Special pool
  1173. [X] (0x00000002) Force IRQL checking
  1174. [X] (0x00000008) Pool tracking
  1175. [X] (0x00000010) I/O verification
  1176. [X] (0x00000020) Deadlock detection
  1177. [X] (0x00000080) DMA checking
  1178. [X] (0x00000100) Security checks
  1179. [X] (0x00000800) Miscellaneous checks
  1180. [X] (0x00020000) DDI compliance checking
  1181. ADDITIONAL FLAGS:
  1182. [ ] (0x00000004) Randomized low resources simulation
  1183. [ ] (0x00000200) Force pending I/O requests
  1184. [ ] (0x00000400) IRP logging
  1185. [ ] (0x00002000) Invariant MDL checking for stack
  1186. [ ] (0x00004000) Invariant MDL checking for driver
  1187. [ ] (0x00008000) Power framework delay fuzzing
  1188. [ ] (0x00010000) Port/miniport interface checking
  1189. [ ] (0x00040000) Systematic low resources simulation
  1190. [ ] (0x00080000) DDI compliance checking (additional)
  1191. [ ] (0x00200000) NDIS/WIFI verification
  1192. [ ] (0x00800000) Kernel synchronization delay fuzzing
  1193. [ ] (0x01000000) VM switch verification
  1194. [ ] (0x02000000) Code integrity checks
  1195. RESERVED FLAGS (use of these flags is unsupported):
  1196. [X] (0x00100000) Unused or reserved flag
  1197. [X] Indicates flag is enabled
  1198. Summary of All Verifier Statistics
  1199. RaiseIrqls 0xace6
  1200. AcquireSpinLocks 0x2d111
  1201. Synch Executions 0x4
  1202. Trims 0xf3a
  1203. Pool Allocations Attempted 0x1c846
  1204. Pool Allocations Succeeded 0x1c846
  1205. Pool Allocations Succeeded SpecialPool 0x1c846
  1206. Pool Allocations With NO TAG 0x9
  1207. Pool Allocations Failed 0x0
  1208. Current paged pool allocations 0x651 for 0019FBAB bytes
  1209. Peak paged pool allocations 0x722 for 001E2357 bytes
  1210. Current nonpaged pool allocations 0x1889 for 00D454AC bytes
  1211. Peak nonpaged pool allocations 0x1895 for 023709CC bytes
  1212.  
  1213. ========================== Dump #2: Extra #2 ===========================
  1214.  
  1215. 11: kd> !thread
  1216. THREAD ffffba08cfabe040 Cid 0004.0008 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor b
  1217. Not impersonating
  1218. GetUlongFromAddress: unable to read from fffff80669a36a14
  1219. Owning Process ffffba08cfa91040 Image: System
  1220. Attached Process N/A Image: N/A
  1221. fffff78000000000: Unable to get shared data
  1222. Wait Start TickCount 429
  1223. Context Switch Count 814 IdealProcessor: 11
  1224. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  1225. UserTime 00:00:00.000
  1226. KernelTime 00:00:00.000
  1227. Win32 Start Address nt!Phase1Initialization (0xfffff80669d62b20)
  1228. Stack Init ffff86898f806c90 Current ffff86898f806310
  1229. Base ffff86898f807000 Limit ffff86898f801000 Call 0000000000000000
  1230. Priority 31 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  1231. Child-SP RetAddr : Args to Child : Call Site
  1232. ffff8689`8f806548 fffff806`69f7a6e3 : 00000000`000000c4 00000000`00000062 ffffba08`d72a4ab8 ffffba08`d398c3e0 : nt!KeBugCheckEx
  1233. ffff8689`8f806550 fffff806`69f89492 : ffffba08`d398c3e0 ffff8689`8f806640 ffffba08`d72a48e0 ffffba08`d3984da0 : nt!VerifierBugCheckIfAppropriate+0xdf
  1234. ffff8689`8f806590 fffff806`69879b66 : ffffba08`d398c3e0 00000000`ffffffff 00000000`00000001 fffff804`ec3f1000 : nt!VfPoolCheckForLeaks+0x46
  1235. ffff8689`8f8065d0 fffff806`69f6c4be : 00000000`00518000 ffffba08`d72a48e0 fffff806`69a41c10 fffff806`69a41c10 : nt!VfTargetDriversRemove+0xf2516
  1236. ffff8689`8f806650 fffff806`69c70ad3 : ffffba08`d72a48e0 ffff8689`8f806780 ffffa40a`994edcc0 ffffba08`d72a48e0 : nt!VfDriverUnloadImage+0x3e
  1237. ffff8689`8f806680 fffff806`69d50930 : 00000000`00000518 00000000`ffffffff ffffa40a`994edcc0 fffff77c`02761f80 : nt!MiUnloadSystemImage+0x38b
  1238. ffff8689`8f806810 fffff806`69d8d450 : ffffba08`d726ad80 fffff806`69722d6e ffffba08`d726ad80 ffffba08`d726adb0 : nt!MmUnloadSystemImage+0x20
  1239. ffff8689`8f806840 fffff806`69c22910 : ffffba08`d726ad80 00000000`00000000 00000000`00000000 ffff8689`8f8068b0 : nt!IopDeleteDriver+0x40
  1240. ffff8689`8f806890 fffff806`696ab024 : 00000000`00000000 00000000`00000000 ffff8689`8f806a30 ffffba08`d726adb0 : nt!ObpRemoveObjectRoutine+0x80
  1241. ffff8689`8f8068f0 fffff806`69d035bc : 00000000`00000000 ffffba08`d726adb0 ffffba08`c0000365 ffffffff`800001d8 : nt!ObfDereferenceObject+0xa4
  1242. ffff8689`8f806930 fffff806`6a01bf91 : ffffba08`d398f150 ffffba08`d398f150 ffff8689`8f806b80 00000000`00000000 : nt!IopLoadDriver+0x710
  1243. ffff8689`8f806b10 fffff806`6a01b182 : fffff806`c0000365 ffffa40a`99c28fc0 00000000`00000000 fffff806`67fb9330 : nt!IopInitializeSystemDrivers+0x151
  1244. ffff8689`8f806bb0 fffff806`69d62b62 : fffff806`67fb9330 fffff806`67fb9330 fffff806`69d62b20 fffff806`67fb9330 : nt!IoInitSystem+0x12
  1245. ffff8689`8f806be0 fffff806`69728155 : ffffba08`cfabe040 fffff806`69d62b20 fffff806`67fb9330 00000000`00000000 : nt!Phase1Initialization+0x42
  1246. ffff8689`8f806c10 fffff806`697d39c8 : fffff806`6836a180 ffffba08`cfabe040 fffff806`69728100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  1247. ffff8689`8f806c60 00000000`00000000 : ffff8689`8f807000 ffff8689`8f801000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  1248.  
  1249.  
  1250. ========================================================================
  1251. ======================= Dump #3: ANALYZE VERBOSE =======================
  1252. ====================== File: 072320-10656-01.dmp =======================
  1253. ========================================================================
  1254.  
  1255. Mini Kernel Dump File: Only registers and stack trace are available
  1256. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  1257. Kernel base = 0xfffff800`406a5000 PsLoadedModuleList = 0xfffff800`40aed190
  1258. Debug session time: Thu Jul 23 09:19:29.302 2020 (UTC - 4:00)
  1259. System Uptime: 0 days 0:00:06.033
  1260.  
  1261. BugCheck C4, {62, ffff9a8ad3676d98, ffff9a8acecfe640, 1}
  1262. *** ERROR: Module load completed but symbols could not be loaded for vgk.sys
  1263. Probably caused by : memory_corruption
  1264. Followup: memory_corruption
  1265.  
  1266. DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
  1267. A device driver attempting to corrupt the system has been caught. This is
  1268. because the driver was specified in the registry as being suspect (by the
  1269. administrator) and the kernel has enabled substantial checking of this driver.
  1270. If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
  1271. be among the most commonly seen crashes.
  1272.  
  1273. Arguments:
  1274. Arg1: 0000000000000062, A driver has forgotten to free its pool allocations prior to unloading.
  1275. Arg2: ffff9a8ad3676d98, name of the driver having the issue.
  1276. Arg3: ffff9a8acecfe640, verifier internal structure with driver information.
  1277. Arg4: 0000000000000001, total # of (paged+nonpaged) allocations that weren't freed.
  1278. Type !verifier 3 drivername.sys for info on the allocations
  1279. that were leaked that caused the bugcheck.
  1280.  
  1281. Debugging Details:
  1282. DUMP_CLASS: 1
  1283. DUMP_QUALIFIER: 400
  1284. DUMP_TYPE: 2
  1285. BUGCHECK_STR: 0xc4_62
  1286. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1287. FAULTING_MODULE: fffff80d8ce00000 vgk
  1288. VERIFIER_DRIVER_ENTRY: dt nt!_MI_VERIFIER_DRIVER_ENTRY ffff9a8acecfe640
  1289. Symbol nt!_MI_VERIFIER_DRIVER_ENTRY not found.
  1290. CUSTOMER_CRASH_COUNT: 1
  1291. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1292.  
  1293. PROCESS_NAME: System
  1294.  
  1295. CURRENT_IRQL: 2
  1296. LAST_CONTROL_TRANSFER: from fffff800410156e3 to fffff800408673c0
  1297. STACK_TEXT:
  1298. ffffd18b`d6806548 fffff800`410156e3 : 00000000`000000c4 00000000`00000062 ffff9a8a`d3676d98 ffff9a8a`cecfe640 : nt!KeBugCheckEx
  1299. ffffd18b`d6806550 fffff800`41024492 : ffff9a8a`cecfe640 ffffd18b`d6806640 ffff9a8a`d3676bc0 ffff9a8a`cf36b320 : nt!VerifierBugCheckIfAppropriate+0xdf
  1300. ffffd18b`d6806590 fffff800`40914b66 : ffff9a8a`cecfe640 00000000`ffffffff 00000000`00000001 fffff80d`8ce01000 : nt!VfPoolCheckForLeaks+0x46
  1301. ffffd18b`d68065d0 fffff800`410074be : 00000000`00518000 ffff9a8a`d3676bc0 fffff800`40adcc10 fffff800`40adcc10 : nt!VfTargetDriversRemove+0xf2516
  1302. ffffd18b`d6806650 fffff800`40d0bad3 : ffff9a8a`d3676bc0 ffffd18b`d6806780 ffffc189`a56edf40 ffff9a8a`d3676bc0 : nt!VfDriverUnloadImage+0x3e
  1303. ffffd18b`d6806680 fffff800`40deb930 : 00000000`00000518 00000000`ffffffff ffffc189`a56edf40 fffff9fc`06c67000 : nt!MiUnloadSystemImage+0x38b
  1304. ffffd18b`d6806810 fffff800`40e28450 : ffff9a8a`d36ebc40 fffff800`407bdd6e ffff9a8a`d36ebc40 ffff9a8a`d36ebc70 : nt!MmUnloadSystemImage+0x20
  1305. ffffd18b`d6806840 fffff800`40cbd910 : ffff9a8a`d36ebc40 00000000`00000000 00000000`00000000 ffffd18b`d68068b0 : nt!IopDeleteDriver+0x40
  1306. ffffd18b`d6806890 fffff800`40746024 : 00000000`00000000 00000000`00000000 ffffd18b`d6806a30 ffff9a8a`d36ebc70 : nt!ObpRemoveObjectRoutine+0x80
  1307. ffffd18b`d68068f0 fffff800`40d9e5bc : 00000000`00000000 ffff9a8a`d36ebc70 ffff9a8a`c0000365 ffffffff`800001d4 : nt!ObfDereferenceObject+0xa4
  1308. ffffd18b`d6806930 fffff800`410b6f91 : ffff9a8a`d37c55a0 ffff9a8a`d37c55a0 ffffd18b`d6806b80 00000000`00000000 : nt!IopLoadDriver+0x710
  1309. ffffd18b`d6806b10 fffff800`410b6182 : fffff800`c0000365 ffffc189`a5e24fc0 00000000`00000000 fffff800`3f03f330 : nt!IopInitializeSystemDrivers+0x151
  1310. ffffd18b`d6806bb0 fffff800`40dfdb62 : fffff800`3f03f330 fffff800`3f03f330 fffff800`40dfdb20 fffff800`3f03f330 : nt!IoInitSystem+0x12
  1311. ffffd18b`d6806be0 fffff800`407c3155 : ffff9a8a`cc48a300 fffff800`40dfdb20 fffff800`3f03f330 eec624b2`e28624b6 : nt!Phase1Initialization+0x42
  1312. ffffd18b`d6806c10 fffff800`4086e9c8 : fffff800`3f3f0180 ffff9a8a`cc48a300 fffff800`407c3100 cefe0170`c2be0174 : nt!PspSystemThreadStartup+0x55
  1313. ffffd18b`d6806c60 00000000`00000000 : ffffd18b`d6807000 ffffd18b`d6801000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  1314. STACK_COMMAND: kb
  1315. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  1316. fffff80040621465-fffff8004062146a 6 bytes - hal!HalpIommuAllocateDmaDomain+10189
  1317. [ ff 15 a5 94 05 00:e8 36 7e 3d 00 90 ]
  1318. fffff800406214e9-fffff800406214ee 6 bytes - hal!HalpIommuEnableInterrupts+10169 (+0x84)
  1319. [ ff 15 21 94 05 00:e8 b2 7d 3d 00 90 ]
  1320. fffff8004063cf7e-fffff8004063cf7f 2 bytes - hal!HalpIommuGetHardwareDomain+14e (+0x1ba95)
  1321. [ 48 ff:4c 8b ]
  1322. fffff8004063cf85-fffff8004063cf88 4 bytes - hal!HalpIommuGetHardwareDomain+155 (+0x07)
  1323. [ 0f 1f 44 00:e8 96 c4 3b ]
  1324. fffff8004063d88b-fffff8004063d88c 2 bytes - hal!HalpIommuAcquireNewDomain+57 (+0x906)
  1325. [ 48 ff:4c 8b ]
  1326. fffff8004063d892-fffff8004063d895 4 bytes - hal!HalpIommuAcquireNewDomain+5e (+0x07)
  1327. [ 0f 1f 44 00:e8 89 bb 3b ]
  1328. fffff8004063d8bc-fffff8004063d8c1 6 bytes - hal!HalpIommuAcquireNewDomain+88 (+0x2a)
  1329. [ ff 15 4e d0 03 00:e8 df b9 3b 00 90 ]
  1330. fffff8004063d8ca-fffff8004063d8cb 2 bytes - hal!HalpIommuAcquireNewDomain+96 (+0x0e)
  1331. [ 48 ff:4c 8b ]
  1332. fffff8004063d8d1-fffff8004063d8d4 4 bytes - hal!HalpIommuAcquireNewDomain+9d (+0x07)
  1333. [ 0f 1f 44 00:e8 4a bb 3b ]
  1334. fffff8004063d91b-fffff8004063d920 6 bytes - hal!HalpIommuAttachDeviceDomain+1f (+0x4a)
  1335. [ ff 15 ef cf 03 00:e8 80 b9 3b 00 90 ]
  1336. 42 errors : !hal (fffff80040621465-fffff8004063d920)
  1337. MODULE_NAME: memory_corruption
  1338.  
  1339. IMAGE_NAME: memory_corruption
  1340.  
  1341. FOLLOWUP_NAME: memory_corruption
  1342. MEMORY_CORRUPTOR: LARGE
  1343. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1344. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1345. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1346. TARGET_TIME: 2020-07-23T13:19:29.000Z
  1347. SUITE_MASK: 784
  1348. PRODUCT_TYPE: 1
  1349. USER_LCID: 0
  1350. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1351. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1352. Followup: memory_corruption
  1353.  
  1354. ====================== Dump #3: 3RD PARTY DRIVERS ======================
  1355.  
  1356. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  1357. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  1358. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1359. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  1360. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  1361. Jun 29 2020 - vgk.sys - Vanguard Anti-Cheat driver
  1362.  
  1363. ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
  1364.  
  1365. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  1366. Image name: amd_sata.sys
  1367. Search : https://www.google.com/search?q=amd_sata.sys
  1368. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  1369. Timestamp : Thu Mar 19 2015
  1370.  
  1371. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  1372. Image name: amd_xata.sys
  1373. Search : https://www.google.com/search?q=amd_xata.sys
  1374. ADA Info : AMD Stor Filter driver http://support.amd.com/
  1375. Timestamp : Thu Mar 19 2015
  1376.  
  1377. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  1378. Image name: mbamswissarmy.sys
  1379. Search : https://www.google.com/search?q=mbamswissarmy.sys
  1380. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1381. Timestamp : Wed Nov 20 2019
  1382.  
  1383. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  1384. Image name: amdkmpfd.sys
  1385. Search : https://www.google.com/search?q=amdkmpfd.sys
  1386. ADA Info : AMD Kernel Miniport Filter driver
  1387. Timestamp : Thu Jan 16 2020
  1388.  
  1389. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  1390. Image name: amdpsp.sys
  1391. Search : https://www.google.com/search?q=amdpsp.sys
  1392. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  1393. Timestamp : Fri Mar 6 2020
  1394.  
  1395. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
  1396. Image name: vgk.sys
  1397. Search : https://www.google.com/search?q=vgk.sys
  1398. ADA Info : Vanguard Anti-Cheat driver
  1399. Timestamp : Mon Jun 29 2020
  1400.  
  1401. ====================== Dump #3: MICROSOFT DRIVERS ======================
  1402.  
  1403. ACPI.sys ACPI Driver for NT (Microsoft)
  1404. acpiex.sys ACPIEx Driver (Microsoft)
  1405. BOOTVID.dll VGA Boot Driver (Microsoft)
  1406. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1407. CI.dll Code Integrity Module (Microsoft)
  1408. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1409. CLFS.SYS Common Log File System Driver (Microsoft)
  1410. clipsp.sys CLIP Service (Microsoft)
  1411. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1412. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1413. crashdmp.sys Crash Dump driver (Microsoft)
  1414. disk.sys PnP Disk Driver (Microsoft)
  1415. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1416. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1417. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1418. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  1419. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1420. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1421. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1422. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1423. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1424. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1425. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1426. iorate.sys I/O rate control Filter (Microsoft)
  1427. kd.dll Local Kernal Debugger (Microsoft)
  1428. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1429. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1430. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  1431. mountmgr.sys Mount Point Manager (Microsoft)
  1432. msisadrv.sys ISA Driver (Microsoft)
  1433. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1434. mup.sys Multiple UNC Provider driver (Microsoft)
  1435. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1436. NETIO.SYS Network I/O Subsystem (Microsoft)
  1437. Ntfs.sys NT File System Driver (Microsoft)
  1438. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  1439. ntosext.sys NTOS Extension Host driver (Microsoft)
  1440. partmgr.sys Partition driver (Microsoft)
  1441. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1442. pcw.sys Performance Counter Driver (Microsoft)
  1443. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1444. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1445. rdyboost.sys ReadyBoost Driver (Microsoft)
  1446. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1447. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1448. spaceport.sys Storage Spaces driver (Microsoft)
  1449. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  1450. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  1451. tcpip.sys TCP/IP Protocol driver (Microsoft)
  1452. tm.sys Kernel Transaction Manager driver (Microsoft)
  1453. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  1454. VerifierExt.sys Driver Verifier Extension
  1455. volmgr.sys Volume Manager Driver (Microsoft)
  1456. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  1457. volsnap.sys Volume Shadow Copy driver (Microsoft)
  1458. volume.sys Volume driver (Microsoft)
  1459. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  1460. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  1461. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  1462. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  1463. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  1464. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  1465. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  1466. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  1467. Wof.sys Windows Overlay Filter (Microsoft)
  1468. WppRecorder.sys WPP Trace Recorder (Microsoft)
  1469.  
  1470. ====================== Dump #3: UNLOADED MODULES =======================
  1471.  
  1472. fffff800`41960000 fffff800`41971000 WdBoot.sys
  1473. fffff800`41950000 fffff800`41959000 MbamElam.sys
  1474. fffff800`42b50000 fffff800`42b61000 hwpolicy.sys
  1475.  
  1476. ====================== Dump #3: BIOS INFORMATION =======================
  1477.  
  1478. sysinfo: could not find necessary interfaces.
  1479. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  1480.  
  1481. ========================== Dump #3: Extra #1 ===========================
  1482.  
  1483. 11: kd> !verifier
  1484. Verify Flags Level 0x001209bb
  1485. STANDARD FLAGS:
  1486. [X] (0x00000000) Automatic Checks
  1487. [X] (0x00000001) Special pool
  1488. [X] (0x00000002) Force IRQL checking
  1489. [X] (0x00000008) Pool tracking
  1490. [X] (0x00000010) I/O verification
  1491. [X] (0x00000020) Deadlock detection
  1492. [X] (0x00000080) DMA checking
  1493. [X] (0x00000100) Security checks
  1494. [X] (0x00000800) Miscellaneous checks
  1495. [X] (0x00020000) DDI compliance checking
  1496. ADDITIONAL FLAGS:
  1497. [ ] (0x00000004) Randomized low resources simulation
  1498. [ ] (0x00000200) Force pending I/O requests
  1499. [ ] (0x00000400) IRP logging
  1500. [ ] (0x00002000) Invariant MDL checking for stack
  1501. [ ] (0x00004000) Invariant MDL checking for driver
  1502. [ ] (0x00008000) Power framework delay fuzzing
  1503. [ ] (0x00010000) Port/miniport interface checking
  1504. [ ] (0x00040000) Systematic low resources simulation
  1505. [ ] (0x00080000) DDI compliance checking (additional)
  1506. [ ] (0x00200000) NDIS/WIFI verification
  1507. [ ] (0x00800000) Kernel synchronization delay fuzzing
  1508. [ ] (0x01000000) VM switch verification
  1509. [ ] (0x02000000) Code integrity checks
  1510. RESERVED FLAGS (use of these flags is unsupported):
  1511. [X] (0x00100000) Unused or reserved flag
  1512. [X] Indicates flag is enabled
  1513. Summary of All Verifier Statistics
  1514. RaiseIrqls 0xabf7
  1515. AcquireSpinLocks 0x2d14e
  1516. Synch Executions 0x2
  1517. Trims 0xf2a
  1518. Pool Allocations Attempted 0xead9
  1519. Pool Allocations Succeeded 0xead9
  1520. Pool Allocations Succeeded SpecialPool 0xead9
  1521. Pool Allocations With NO TAG 0x9
  1522. Pool Allocations Failed 0x0
  1523. Current paged pool allocations 0x64f for 0019FB2B bytes
  1524. Peak paged pool allocations 0x721 for 001E2357 bytes
  1525. Current nonpaged pool allocations 0x1882 for 00D43CC4 bytes
  1526. Peak nonpaged pool allocations 0x188d for 0236FDA4 bytes
  1527.  
  1528. ========================== Dump #3: Extra #2 ===========================
  1529.  
  1530. 11: kd> !thread
  1531. THREAD ffff9a8acc48a300 Cid 0004.0008 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor b
  1532. Not impersonating
  1533. GetUlongFromAddress: unable to read from fffff80040ad1a14
  1534. Owning Process ffff9a8acc4c2040 Image: System
  1535. Attached Process N/A Image: N/A
  1536. fffff78000000000: Unable to get shared data
  1537. Wait Start TickCount 386
  1538. Context Switch Count 967 IdealProcessor: 11
  1539. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  1540. UserTime 00:00:00.000
  1541. KernelTime 00:00:00.000
  1542. Win32 Start Address nt!Phase1Initialization (0xfffff80040dfdb20)
  1543. Stack Init ffffd18bd6806c90 Current ffffd18bd6806310
  1544. Base ffffd18bd6807000 Limit ffffd18bd6801000 Call 0000000000000000
  1545. Priority 31 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  1546. Child-SP RetAddr : Args to Child : Call Site
  1547. ffffd18b`d6806548 fffff800`410156e3 : 00000000`000000c4 00000000`00000062 ffff9a8a`d3676d98 ffff9a8a`cecfe640 : nt!KeBugCheckEx
  1548. ffffd18b`d6806550 fffff800`41024492 : ffff9a8a`cecfe640 ffffd18b`d6806640 ffff9a8a`d3676bc0 ffff9a8a`cf36b320 : nt!VerifierBugCheckIfAppropriate+0xdf
  1549. ffffd18b`d6806590 fffff800`40914b66 : ffff9a8a`cecfe640 00000000`ffffffff 00000000`00000001 fffff80d`8ce01000 : nt!VfPoolCheckForLeaks+0x46
  1550. ffffd18b`d68065d0 fffff800`410074be : 00000000`00518000 ffff9a8a`d3676bc0 fffff800`40adcc10 fffff800`40adcc10 : nt!VfTargetDriversRemove+0xf2516
  1551. ffffd18b`d6806650 fffff800`40d0bad3 : ffff9a8a`d3676bc0 ffffd18b`d6806780 ffffc189`a56edf40 ffff9a8a`d3676bc0 : nt!VfDriverUnloadImage+0x3e
  1552. ffffd18b`d6806680 fffff800`40deb930 : 00000000`00000518 00000000`ffffffff ffffc189`a56edf40 fffff9fc`06c67000 : nt!MiUnloadSystemImage+0x38b
  1553. ffffd18b`d6806810 fffff800`40e28450 : ffff9a8a`d36ebc40 fffff800`407bdd6e ffff9a8a`d36ebc40 ffff9a8a`d36ebc70 : nt!MmUnloadSystemImage+0x20
  1554. ffffd18b`d6806840 fffff800`40cbd910 : ffff9a8a`d36ebc40 00000000`00000000 00000000`00000000 ffffd18b`d68068b0 : nt!IopDeleteDriver+0x40
  1555. ffffd18b`d6806890 fffff800`40746024 : 00000000`00000000 00000000`00000000 ffffd18b`d6806a30 ffff9a8a`d36ebc70 : nt!ObpRemoveObjectRoutine+0x80
  1556. ffffd18b`d68068f0 fffff800`40d9e5bc : 00000000`00000000 ffff9a8a`d36ebc70 ffff9a8a`c0000365 ffffffff`800001d4 : nt!ObfDereferenceObject+0xa4
  1557. ffffd18b`d6806930 fffff800`410b6f91 : ffff9a8a`d37c55a0 ffff9a8a`d37c55a0 ffffd18b`d6806b80 00000000`00000000 : nt!IopLoadDriver+0x710
  1558. ffffd18b`d6806b10 fffff800`410b6182 : fffff800`c0000365 ffffc189`a5e24fc0 00000000`00000000 fffff800`3f03f330 : nt!IopInitializeSystemDrivers+0x151
  1559. ffffd18b`d6806bb0 fffff800`40dfdb62 : fffff800`3f03f330 fffff800`3f03f330 fffff800`40dfdb20 fffff800`3f03f330 : nt!IoInitSystem+0x12
  1560. ffffd18b`d6806be0 fffff800`407c3155 : ffff9a8a`cc48a300 fffff800`40dfdb20 fffff800`3f03f330 eec624b2`e28624b6 : nt!Phase1Initialization+0x42
  1561. ffffd18b`d6806c10 fffff800`4086e9c8 : fffff800`3f3f0180 ffff9a8a`cc48a300 fffff800`407c3100 cefe0170`c2be0174 : nt!PspSystemThreadStartup+0x55
  1562. ffffd18b`d6806c60 00000000`00000000 : ffffd18b`d6807000 ffffd18b`d6801000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  1563.  
  1564.  
  1565. ========================================================================
  1566. ======================= Dump #4: ANALYZE VERBOSE =======================
  1567. ====================== File: 072220-10671-01.dmp =======================
  1568. ========================================================================
  1569.  
  1570. Mini Kernel Dump File: Only registers and stack trace are available
  1571. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  1572. Kernel base = 0xfffff801`05000000 PsLoadedModuleList = 0xfffff801`05448190
  1573. Debug session time: Wed Jul 22 07:31:42.672 2020 (UTC - 4:00)
  1574. System Uptime: 1 days 0:16:15.504
  1575.  
  1576. BugCheck A, {0, 2, 1, fffff8010502acff}
  1577. *** WARNING: Unable to verify timestamp for win32k.sys
  1578. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  1579. Probably caused by : memory_corruption
  1580. Followup: memory_corruption
  1581.  
  1582. IRQL_NOT_LESS_OR_EQUAL (a)
  1583. An attempt was made to access a pageable (or completely invalid) address at an
  1584. interrupt request level (IRQL) that is too high. This is usually
  1585. caused by drivers using improper addresses.
  1586. If a kernel debugger is available get the stack backtrace.
  1587.  
  1588. Arguments:
  1589. Arg1: 0000000000000000, memory referenced
  1590. Arg2: 0000000000000002, IRQL
  1591. Arg3: 0000000000000001, bitfield :
  1592. bit 0 : value 0 = read operation, 1 = write operation
  1593. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  1594. Arg4: fffff8010502acff, address which referenced memory
  1595.  
  1596. Debugging Details:
  1597. DUMP_CLASS: 1
  1598. DUMP_QUALIFIER: 400
  1599. DUMP_TYPE: 2
  1600. WRITE_ADDRESS: fffff801055733b8: Unable to get MiVisibleState
  1601. 0000000000000000
  1602. CURRENT_IRQL: 2
  1603. FAULTING_IP:
  1604. nt!KiAcquireKobjectLockSafe+f
  1605. fffff801`0502acff f00fba2907 lock bts dword ptr [rcx],7
  1606. CUSTOMER_CRASH_COUNT: 1
  1607. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1608. BUGCHECK_STR: AV
  1609.  
  1610. PROCESS_NAME: System
  1611.  
  1612. TRAP_FRAME: fffff40e54099780 -- (.trap 0xfffff40e54099780)
  1613. NOTE: The trap frame does not contain all registers.
  1614. Some register values may be zeroed or incorrect.
  1615. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
  1616. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
  1617. rip=fffff8010502acff rsp=fffff40e54099910 rbp=ffff9e07e48bc7b0
  1618. r8=0000000000000f0c r9=0000000000000000 r10=0000000000000fff
  1619. r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  1620. r14=0000000000000000 r15=0000000000000000
  1621. iopl=0 nv up ei pl zr na po nc
  1622. nt!KiAcquireKobjectLockSafe+0xf:
  1623. fffff801`0502acff f00fba2907 lock bts dword ptr [rcx],7 ds:00000000`00000000=????????
  1624. Resetting default scope
  1625. LAST_CONTROL_TRANSFER: from fffff801051d41e9 to fffff801051c23c0
  1626. STACK_TEXT:
  1627. fffff40e`54099638 fffff801`051d41e9 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
  1628. fffff40e`54099640 fffff801`051d0529 : 00000000`00000000 00000000`00000000 00000000`00000fff fffff801`052b0245 : nt!KiBugCheckDispatch+0x69
  1629. fffff40e`54099780 fffff801`0502acff : ffffc180`2b139180 00000000`0000000e fffff801`01992800 00000000`00000000 : nt!KiPageFault+0x469
  1630. fffff40e`54099910 fffff801`050513b0 : ffff9e07`e48bc720 ffff9e07`dac881f0 00000001`00000002 ffff9e07`d41de010 : nt!KiAcquireKobjectLockSafe+0xf
  1631. fffff40e`54099940 fffff801`05050059 : 00000000`00000006 00000000`00989680 00000000`0032dbf6 00000000`0000000e : nt!KiProcessExpiredTimerList+0x220
  1632. fffff40e`54099a30 fffff801`051c5eee : ffffffff`00000000 ffffc180`2b139180 ffffc180`2b14a340 ffff9e07`dabe6080 : nt!KiRetireDpcList+0x4e9
  1633. fffff40e`54099c60 00000000`00000000 : fffff40e`5409a000 fffff40e`54094000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
  1634. STACK_COMMAND: kb
  1635. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1636. fffff8010503fb50-fffff8010503fb51 2 bytes - nt!MiDeletePteRun+af0
  1637. [ fb f6:f2 e4 ]
  1638. fffff8010503fb79-fffff8010503fb7d 5 bytes - nt!MiDeletePteRun+b19 (+0x29)
  1639. [ d0 be 7d fb f6:90 3c 79 f2 e4 ]
  1640. fffff8010503fbb8 - nt!MiDeletePteRun+b58 (+0x3f)
  1641. [ fa:81 ]
  1642. fffff8010503fbd1-fffff8010503fbd5 5 bytes - nt!MiDeletePteRun+b71 (+0x19)
  1643. [ d7 be 7d fb f6:97 3c 79 f2 e4 ]
  1644. fffff8010503fc13 - nt!MiDeletePteRun+bb3 (+0x42)
  1645. [ f6:e4 ]
  1646. fffff80105077ce8 - nt!MiTerminateWsleCluster+b8 (+0x380d5)
  1647. [ f6:e4 ]
  1648. fffff80105077d4f-fffff80105077d53 5 bytes - nt!MiTerminateWsleCluster+11f (+0x67)
  1649. [ d7 be 7d fb f6:97 3c 79 f2 e4 ]
  1650. fffff80105077d5d - nt!MiTerminateWsleCluster+12d (+0x0e)
  1651. [ fa:81 ]
  1652. fffff80105077d7c - nt!MiTerminateWsleCluster+14c (+0x1f)
  1653. [ f6:e4 ]
  1654. fffff80105077d82-fffff80105077d86 5 bytes - nt!MiTerminateWsleCluster+152 (+0x06)
  1655. [ d0 be 7d fb f6:90 3c 79 f2 e4 ]
  1656. 27 errors : !nt (fffff8010503fb50-fffff80105077d86)
  1657. MODULE_NAME: memory_corruption
  1658.  
  1659. IMAGE_NAME: memory_corruption
  1660.  
  1661. FOLLOWUP_NAME: memory_corruption
  1662. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1663. MEMORY_CORRUPTOR: LARGE
  1664. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1665. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1666. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1667. TARGET_TIME: 2020-07-22T11:31:42.000Z
  1668. SUITE_MASK: 784
  1669. PRODUCT_TYPE: 1
  1670. USER_LCID: 0
  1671. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1672. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1673. Followup: memory_corruption
  1674.  
  1675. ====================== Dump #4: 3RD PARTY DRIVERS ======================
  1676.  
  1677. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  1678. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  1679. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  1680. Mar 30 2015 - Hamdrv.sys - LogMeIn Hamachi Virtual Miniport driver http://www.logmein.com/
  1681. Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  1682. Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  1683. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  1684. Feb 12 2018 - msio64.sys - MSI Gaming App driver
  1685. Mar 26 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  1686. Apr 09 2019 - AsIO2.sys - Asus Input Output driver
  1687. Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
  1688. Apr 22 2019 - OCULUSUD.sys - Oculus VR Headset driver
  1689. Jun 06 2019 - IUProcessFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  1690. Sep 05 2019 - e1r65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  1691. Oct 14 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  1692. Nov 06 2019 - IUFileFilter.sys - IObit Uninstaller driver (IObit)
  1693. Nov 06 2019 - IURegistryFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  1694. Nov 15 2019 - AtihdWT6.sys - AMD High Definition Audio Function driver http://support.amd.com/
  1695. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1696. Nov 27 2019 - teVirtualMIDI64.sys - teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  1697. Dec 05 2019 - cpuz149_x64.sys - CPUID driver
  1698. Jan 14 2020 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  1699. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  1700. Feb 10 2020 - bcmwl63a.sys - Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  1701. Feb 12 2020 - HWiNFO64A_150.SYS - HWiNFO driver https://www.hwinfo.com/
  1702. Feb 14 2020 - CorsairLLAccess64.sys - CORSAIR iCUE Software driver
  1703. Feb 25 2020 - oculusvad.sys - Oculus VAD driver
  1704. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  1705. Mar 26 2020 - amdxe.sys - AMD Link Xinput Emulation driver
  1706. Apr 10 2020 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
  1707. May 07 2020 - CorsairGamingAudio64.sys - Corsair Gaming Audio 64-bit driver
  1708. May 25 2020 - amdkmdag.sys - AMD Graphics driver
  1709. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  1710. Jun 09 2020 - amdlog.sys - AMD LOG driver
  1711. Jun 30 2020 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  1712. Jun 30 2020 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  1713.  
  1714. ================== Dump #4: 3RD PARTY DRIVERS (FULL) ===================
  1715.  
  1716. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  1717. Image name: AsIO.sys
  1718. Search : https://www.google.com/search?q=AsIO.sys
  1719. ADA Info : ASUS Input Output driver http://www.asus.com/
  1720. Timestamp : Wed Aug 22 2012
  1721.  
  1722. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  1723. Image name: amd_sata.sys
  1724. Search : https://www.google.com/search?q=amd_sata.sys
  1725. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  1726. Timestamp : Thu Mar 19 2015
  1727.  
  1728. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  1729. Image name: amd_xata.sys
  1730. Search : https://www.google.com/search?q=amd_xata.sys
  1731. ADA Info : AMD Stor Filter driver http://support.amd.com/
  1732. Timestamp : Thu Mar 19 2015
  1733.  
  1734. Image path: \SystemRoot\system32\DRIVERS\Hamdrv.sys
  1735. Image name: Hamdrv.sys
  1736. Search : https://www.google.com/search?q=Hamdrv.sys
  1737. ADA Info : LogMeIn Hamachi Virtual Miniport driver http://www.logmein.com/
  1738. Timestamp : Mon Mar 30 2015
  1739.  
  1740. Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
  1741. Image name: HWiNFO64A.SYS
  1742. Search : https://www.google.com/search?q=HWiNFO64A.SYS
  1743. ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  1744. Timestamp : Tue Mar 31 2015
  1745.  
  1746. Image path: \SystemRoot\System32\drivers\amdgpio3.sys
  1747. Image name: amdgpio3.sys
  1748. Search : https://www.google.com/search?q=amdgpio3.sys
  1749. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  1750. Timestamp : Mon Mar 14 2016
  1751.  
  1752. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  1753. Image name: Oculus_ViGEmBus.sys
  1754. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  1755. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  1756. Timestamp : Wed Aug 2 2017
  1757.  
  1758. Image path: \??\C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys
  1759. Image name: msio64.sys
  1760. Search : https://www.google.com/search?q=msio64.sys
  1761. ADA Info : MSI Gaming App driver
  1762. Timestamp : Mon Feb 12 2018
  1763.  
  1764. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  1765. Image name: RTKVHD64.sys
  1766. Search : https://www.google.com/search?q=RTKVHD64.sys
  1767. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  1768. Timestamp : Tue Mar 26 2019
  1769.  
  1770. Image path: \??\C:\WINDOWS\system32\drivers\AsIO2.sys
  1771. Image name: AsIO2.sys
  1772. Search : https://www.google.com/search?q=AsIO2.sys
  1773. ADA Info : Asus Input Output driver
  1774. Timestamp : Tue Apr 9 2019
  1775.  
  1776. Image path: \??\C:\WINDOWS\system32\drivers\GLCKIO2.sys
  1777. Image name: GLCKIO2.sys
  1778. Search : https://www.google.com/search?q=GLCKIO2.sys
  1779. ADA Info : ASUS RGB driver
  1780. Timestamp : Mon Apr 22 2019
  1781.  
  1782. Image path: \SystemRoot\System32\drivers\OCULUSUD.sys
  1783. Image name: OCULUSUD.sys
  1784. Search : https://www.google.com/search?q=OCULUSUD.sys
  1785. ADA Info : Oculus VR Headset driver
  1786. Timestamp : Mon Apr 22 2019
  1787.  
  1788. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys
  1789. Image name: IUProcessFilter.sys
  1790. Search : https://www.google.com/search?q=IUProcessFilter.sys
  1791. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  1792. Timestamp : Thu Jun 6 2019
  1793.  
  1794. Image path: \SystemRoot\system32\DRIVERS\e1r65x64.sys
  1795. Image name: e1r65x64.sys
  1796. Search : https://www.google.com/search?q=e1r65x64.sys
  1797. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  1798. Timestamp : Thu Sep 5 2019
  1799.  
  1800. Image path: \??\C:\WINDOWS\system32\drivers\ene.sys
  1801. Image name: ene.sys
  1802. Search : https://www.google.com/search?q=ene.sys
  1803. ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  1804. Timestamp : Mon Oct 14 2019
  1805.  
  1806. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys
  1807. Image name: IUFileFilter.sys
  1808. Search : https://www.google.com/search?q=IUFileFilter.sys
  1809. ADA Info : IObit Uninstaller driver (IObit)
  1810. Timestamp : Wed Nov 6 2019
  1811.  
  1812. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys
  1813. Image name: IURegistryFilter.sys
  1814. Search : https://www.google.com/search?q=IURegistryFilter.sys
  1815. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  1816. Timestamp : Wed Nov 6 2019
  1817.  
  1818. Image path: \SystemRoot\system32\drivers\AtihdWT6.sys
  1819. Image name: AtihdWT6.sys
  1820. Search : https://www.google.com/search?q=AtihdWT6.sys
  1821. ADA Info : AMD High Definition Audio Function driver http://support.amd.com/
  1822. Timestamp : Fri Nov 15 2019
  1823.  
  1824. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  1825. Image name: mbamswissarmy.sys
  1826. Search : https://www.google.com/search?q=mbamswissarmy.sys
  1827. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  1828. Timestamp : Wed Nov 20 2019
  1829.  
  1830. Image path: \SystemRoot\System32\drivers\teVirtualMIDI64.sys
  1831. Image name: teVirtualMIDI64.sys
  1832. Search : https://www.google.com/search?q=teVirtualMIDI64.sys
  1833. ADA Info : teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  1834. Timestamp : Wed Nov 27 2019
  1835.  
  1836. Image path: \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys
  1837. Image name: cpuz149_x64.sys
  1838. Search : https://www.google.com/search?q=cpuz149_x64.sys
  1839. ADA Info : CPUID driver
  1840. Timestamp : Thu Dec 5 2019
  1841.  
  1842. Image path: \SystemRoot\System32\drivers\amdgpio2.sys
  1843. Image name: amdgpio2.sys
  1844. Search : https://www.google.com/search?q=amdgpio2.sys
  1845. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  1846. Timestamp : Tue Jan 14 2020
  1847.  
  1848. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  1849. Image name: amdkmpfd.sys
  1850. Search : https://www.google.com/search?q=amdkmpfd.sys
  1851. ADA Info : AMD Kernel Miniport Filter driver
  1852. Timestamp : Thu Jan 16 2020
  1853.  
  1854. Image path: \SystemRoot\system32\DRIVERS\bcmwl63a.sys
  1855. Image name: bcmwl63a.sys
  1856. Search : https://www.google.com/search?q=bcmwl63a.sys
  1857. ADA Info : Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  1858. Timestamp : Mon Feb 10 2020
  1859.  
  1860. Image path: \??\C:\Users\andre\AppData\Local\Temp\HWiNFO64A_150.SYS
  1861. Image name: HWiNFO64A_150.SYS
  1862. Search : https://www.google.com/search?q=HWiNFO64A_150.SYS
  1863. ADA Info : HWiNFO driver https://www.hwinfo.com/
  1864. Timestamp : Wed Feb 12 2020
  1865.  
  1866. Image path: \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys
  1867. Image name: CorsairLLAccess64.sys
  1868. Search : https://www.google.com/search?q=CorsairLLAccess64.sys
  1869. ADA Info : CORSAIR iCUE Software driver
  1870. Timestamp : Fri Feb 14 2020
  1871.  
  1872. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  1873. Image name: oculusvad.sys
  1874. Search : https://www.google.com/search?q=oculusvad.sys
  1875. ADA Info : Oculus VAD driver
  1876. Timestamp : Tue Feb 25 2020
  1877.  
  1878. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  1879. Image name: amdpsp.sys
  1880. Search : https://www.google.com/search?q=amdpsp.sys
  1881. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  1882. Timestamp : Fri Mar 6 2020
  1883.  
  1884. Image path: \SystemRoot\System32\drivers\amdxe.sys
  1885. Image name: amdxe.sys
  1886. Search : https://www.google.com/search?q=amdxe.sys
  1887. ADA Info : AMD Link Xinput Emulation driver
  1888. Timestamp : Thu Mar 26 2020
  1889.  
  1890. Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
  1891. Image name: AMDPCIDev.sys
  1892. Search : https://www.google.com/search?q=AMDPCIDev.sys
  1893. ADA Info : Advanced Micro Devices PCI Device driver
  1894. Timestamp : Fri Apr 10 2020
  1895.  
  1896. Image path: \SystemRoot\system32\DRIVERS\CorsairGamingAudio64.sys
  1897. Image name: CorsairGamingAudio64.sys
  1898. Search : https://www.google.com/search?q=CorsairGamingAudio64.sys
  1899. ADA Info : Corsair Gaming Audio 64-bit driver
  1900. Timestamp : Thu May 7 2020
  1901.  
  1902. Image path: \SystemRoot\System32\DriverStore\FileRepository\u0356013.inf_amd64_61ba7b1fb4cf4aec\B355483\amdkmdag.sys
  1903. Image name: amdkmdag.sys
  1904. Search : https://www.google.com/search?q=amdkmdag.sys
  1905. ADA Info : AMD Graphics driver
  1906. Timestamp : Mon May 25 2020
  1907.  
  1908. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  1909. Image name: MbamChameleon.sys
  1910. Search : https://www.google.com/search?q=MbamChameleon.sys
  1911. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  1912. Timestamp : Thu Jun 4 2020
  1913.  
  1914. Image path: \SystemRoot\System32\drivers\amdlog.sys
  1915. Image name: amdlog.sys
  1916. Search : https://www.google.com/search?q=amdlog.sys
  1917. ADA Info : AMD LOG driver
  1918. Timestamp : Tue Jun 9 2020
  1919.  
  1920. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  1921. Image name: CorsairVBusDriver.sys
  1922. Search : https://www.google.com/search?q=CorsairVBusDriver.sys
  1923. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  1924. Timestamp : Tue Jun 30 2020
  1925.  
  1926. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  1927. Image name: CorsairVHidDriver.sys
  1928. Search : https://www.google.com/search?q=CorsairVHidDriver.sys
  1929. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  1930. Timestamp : Tue Jun 30 2020
  1931.  
  1932. ====================== Dump #4: MICROSOFT DRIVERS ======================
  1933.  
  1934. ACPI.sys ACPI Driver for NT (Microsoft)
  1935. acpiex.sys ACPIEx Driver (Microsoft)
  1936. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  1937. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  1938. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  1939. ahcache.sys Application Compatibility Cache (Microsoft)
  1940. amdppm.sys Processor Device Driver
  1941. bam.sys BAM Kernal driver (Microsoft)
  1942. BasicDisplay.sys Basic Display driver (Microsoft)
  1943. BasicRender.sys Basic Render driver (Microsoft)
  1944. Beep.SYS BEEP driver (Microsoft)
  1945. bindflt.sys Windows Bind Filter driver (Microsoft)
  1946. BOOTVID.dll VGA Boot Driver (Microsoft)
  1947. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  1948. cdd.dll Canonical Display Driver (Microsoft)
  1949. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  1950. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1951. CI.dll Code Integrity Module (Microsoft)
  1952. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1953. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  1954. CLFS.SYS Common Log File System Driver (Microsoft)
  1955. clipsp.sys CLIP Service (Microsoft)
  1956. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1957. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1958. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  1959. condrv.sys Console Driver (Microsoft)
  1960. crashdmp.sys Crash Dump driver (Microsoft)
  1961. dfsc.sys DFS Namespace Client Driver (Microsoft)
  1962. disk.sys PnP Disk Driver (Microsoft)
  1963. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  1964. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1965. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1966. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1967. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  1968. dxgmms2.sys DirectX Graphics MMS
  1969. fastfat.SYS Fast FAT File System Driver (Microsoft)
  1970. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  1971. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1972. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1973. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1974. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1975. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1976. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  1977. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1978. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  1979. HIDCLASS.SYS Hid Class Library (Microsoft)
  1980. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  1981. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  1982. HTTP.sys HTTP Protocol Stack (Microsoft)
  1983. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1984. iorate.sys I/O rate control Filter (Microsoft)
  1985. kbdclass.sys Keyboard Class Driver (Microsoft)
  1986. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  1987. kd.dll Local Kernal Debugger (Microsoft)
  1988. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  1989. ks.sys Kernal CSA Library (Microsoft)
  1990. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1991. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1992. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  1993. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  1994. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  1995. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  1996. mmcss.sys MMCSS Driver (Microsoft)
  1997. monitor.sys Monitor Driver (Microsoft)
  1998. mouclass.sys Mouse Class Driver (Microsoft)
  1999. mouhid.sys HID Mouse Filter Driver (Microsoft)
  2000. mountmgr.sys Mount Point Manager (Microsoft)
  2001. MpKsld4eaee01.sys Microsoft Anti-malware Protection driver
  2002. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  2003. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  2004. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  2005. Msfs.SYS Mailslot driver (Microsoft)
  2006. msgpioclx.sys GPIO Class Extension Driver (Microsoft)
  2007. msisadrv.sys ISA Driver (Microsoft)
  2008. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  2009. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  2010. mssmbios.sys System Management BIOS driver (Microsoft)
  2011. mup.sys Multiple UNC Provider driver (Microsoft)
  2012. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  2013. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  2014. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  2015. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  2016. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  2017. NDProxy.sys NDIS Proxy driver (Microsoft)
  2018. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  2019. netbios.sys NetBIOS Interface driver (Microsoft)
  2020. netbt.sys MBT Transport driver (Microsoft)
  2021. NETIO.SYS Network I/O Subsystem (Microsoft)
  2022. Npfs.SYS NPFS driver (Microsoft)
  2023. npsvctrig.sys Named pipe service triggers (Microsoft)
  2024. nsiproxy.sys NSI Proxy driver (Microsoft)
  2025. Ntfs.sys NT File System Driver (Microsoft)
  2026. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  2027. ntosext.sys NTOS Extension Host driver (Microsoft)
  2028. Null.SYS NULL Driver (Microsoft)
  2029. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  2030. pacer.sys QoS Packet Scheduler (Microsoft)
  2031. partmgr.sys Partition driver (Microsoft)
  2032. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  2033. pcw.sys Performance Counter Driver (Microsoft)
  2034. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  2035. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  2036. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  2037. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  2038. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  2039. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  2040. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  2041. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  2042. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  2043. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  2044. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  2045. rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
  2046. rdyboost.sys ReadyBoost Driver (Microsoft)
  2047. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  2048. serenum.sys Serial Port Enumerator (Microsoft)
  2049. serial.sys Serial Device Driver
  2050. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  2051. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  2052. spaceport.sys Storage Spaces driver (Microsoft)
  2053. srv2.sys Smb 2.0 Server driver (Microsoft)
  2054. srvnet.sys Server Network driver (Microsoft)
  2055. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  2056. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  2057. storqosflt.sys Storage QoS Filter driver (Microsoft)
  2058. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  2059. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  2060. tcpip.sys TCP/IP Protocol driver (Microsoft)
  2061. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  2062. TDI.SYS TDI Wrapper driver (Microsoft)
  2063. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  2064. tm.sys Kernel Transaction Manager driver (Microsoft)
  2065. ucx01000.sys USB Controller Extension (Microsoft)
  2066. UEFI.sys UEFI NT driver (Microsoft)
  2067. umbus.sys User-Mode Bus Enumerator (Microsoft)
  2068. usbaudio.sys USB Audio Class Driver (Microsoft)
  2069. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  2070. USBD.SYS Universal Serial Bus Driver (Microsoft)
  2071. UsbHub3.sys USB3 HUB driver (Microsoft)
  2072. usbser.sys USB Serial driver (Microsoft)
  2073. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  2074. usbvideo.sys USB Video Class Driver (Microsoft)
  2075. USBXHCI.SYS USB XHCI driver (Microsoft)
  2076. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  2077. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  2078. volmgr.sys Volume Manager Driver (Microsoft)
  2079. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  2080. volsnap.sys Volume Shadow Copy driver (Microsoft)
  2081. volume.sys Volume driver (Microsoft)
  2082. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  2083. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  2084. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  2085. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  2086. watchdog.sys Watchdog driver (Microsoft)
  2087. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  2088. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  2089. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  2090. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  2091. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  2092. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  2093. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  2094. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  2095. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  2096. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  2097. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  2098. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  2099. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  2100. winquic.sys QUIC Transport Protocol driver (Microsoft)
  2101. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  2102. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  2103. Wof.sys Windows Overlay Filter (Microsoft)
  2104. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  2105. WppRecorder.sys WPP Trace Recorder (Microsoft)
  2106. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  2107.  
  2108. ====================== Dump #4: UNLOADED MODULES =======================
  2109.  
  2110. fffff801`04820000 fffff801`04831000 MSKSSRV.sys
  2111. fffff801`0fe70000 fffff801`0fe7f000 Hamdrv.sys
  2112. fffff801`04750000 fffff801`0475f000 hiber_storpo
  2113. fffff801`04760000 fffff801`0477e000 hiber_amd_sa
  2114. fffff801`04780000 fffff801`0479e000 hiber_dumpfv
  2115. fffff801`17a70000 fffff801`17a8e000 AtihdWT6.sys
  2116. fffff801`046d0000 fffff801`04720000 usbvideo.sys
  2117. fffff801`04720000 fffff801`04731000 MSKSSRV.sys
  2118. fffff801`043a0000 fffff801`043f0000 usbvideo.sys
  2119. fffff801`046b0000 fffff801`046c1000 MSKSSRV.sys
  2120. fffff801`04690000 fffff801`046a1000 MSKSSRV.sys
  2121. fffff801`04500000 fffff801`0466a000 EasyAntiChea
  2122. fffff801`17ba0000 fffff801`17bb2000 CorsairGamin
  2123. fffff801`0fc90000 fffff801`0fca1000 MpKslDrv.sys
  2124. fffff801`04460000 fffff801`04471000 MpKsle9e11df
  2125. fffff801`043f0000 fffff801`04401000 MSKSSRV.sys
  2126. fffff801`17940000 fffff801`1794a000 CorsairVHidD
  2127. fffff801`04330000 fffff801`0433e000 WSDScan.sys
  2128. fffff801`04320000 fffff801`0432e000 WSDPrint.sys
  2129. fffff801`0fa10000 fffff801`0fa1f000 dump_storpor
  2130. fffff801`0fa40000 fffff801`0fa5e000 dump_amd_sat
  2131. fffff801`0fa80000 fffff801`0fa9e000 dump_dumpfve
  2132. fffff801`08630000 fffff801`0864c000 EhStorClass.
  2133. fffff801`0fd20000 fffff801`0fd3e000 dam.sys
  2134. fffff801`0faa0000 fffff801`0ffb9000 vgk.sys
  2135. fffff801`08190000 fffff801`081a1000 WdBoot.sys
  2136. fffff801`08180000 fffff801`08189000 MbamElam.sys
  2137. fffff801`092b0000 fffff801`092c1000 hwpolicy.sys
  2138.  
  2139. ====================== Dump #4: BIOS INFORMATION =======================
  2140.  
  2141. [SMBIOS Data Tables v3.1]
  2142. [DMI Version - 0]
  2143. [2.0 Calling Convention - No]
  2144. [Table Size - 2505 bytes]
  2145. [BIOS Information (Type 0) - Length 26 - Handle 0000h]
  2146. Vendor American Megatrends Inc.
  2147. BIOS Version 5406
  2148. BIOS Starting Address Segment f000
  2149. BIOS Release Date 11/13/2019
  2150. BIOS ROM Size 1000000
  2151. BIOS Characteristics
  2152. 07: - PCI Supported
  2153. 10: - APM Supported
  2154. 11: - Upgradeable FLASH BIOS
  2155. 12: - BIOS Shadowing Supported
  2156. 15: - CD-Boot Supported
  2157. 16: - Selectable Boot Supported
  2158. 17: - BIOS ROM Socketed
  2159. 19: - EDD Supported
  2160. 23: - 1.2MB Floppy Supported
  2161. 24: - 720KB Floppy Supported
  2162. 25: - 2.88MB Floppy Supported
  2163. 26: - Print Screen Device Supported
  2164. 27: - Keyboard Services Supported
  2165. 28: - Serial Services Supported
  2166. 29: - Printer Services Supported
  2167. 32: - BIOS Vendor Reserved
  2168. BIOS Characteristic Extensions
  2169. 00: - ACPI Supported
  2170. 01: - USB Legacy Supported
  2171. 08: - BIOS Boot Specification Supported
  2172. 10: - Specification Reserved
  2173. 11: - Specification Reserved
  2174. BIOS Major Revision 5
  2175. BIOS Minor Revision 13
  2176. EC Firmware Major Revision 255
  2177. EC Firmware Minor Revision 255
  2178. [System Information (Type 1) - Length 27 - Handle 0001h]
  2179. Manufacturer System manufacturer
  2180. Product Name System Product Name
  2181. Version System Version
  2182. UUID 00000000-0000-0000-0000-000000000000
  2183. Wakeup Type Power Switch
  2184. SKUNumber SKU
  2185. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  2186. Manufacturer ASUSTeK COMPUTER INC.
  2187. Product ROG STRIX B350-F GAMING
  2188. Version Rev X.0x
  2189. Feature Flags 09h
  2190. -815483168: - -815483120: - «
  2191. ø
  2192. Location Default string
  2193. Chassis Handle 0003h
  2194. Board Type 0ah - Processor/Memory Module
  2195. Number of Child Handles 0
  2196. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  2197. Manufacturer Default string
  2198. Chassis Type Desktop
  2199. Version Default string
  2200. Bootup State Safe
  2201. Power Supply State Safe
  2202. Thermal State Safe
  2203. Security Status None
  2204. OEM Defined 0
  2205. Height 0U
  2206. Number of Power Cords 1
  2207. Number of Contained Elements 0
  2208. Contained Element Size 3
  2209. [Onboard Devices Information (Type 10) - Length 6 - Handle 0020h]
  2210. Number of Devices 1
  2211. 01: Type Video [enabled]
  2212. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  2213. Number of Strings 8
  2214. 1 Default string
  2215. 2 Default string
  2216. 3 CHOPIN
  2217. 4 Default string
  2218. 5 FFFFFFFFFFFFF
  2219. 6 FFFFFFFFFFFFF
  2220. 7 FFFFFFFFFFFFF
  2221. 8 Default string
  2222. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  2223. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0026h]
  2224. [Physical Memory Array (Type 16) - Length 23 - Handle 0027h]
  2225. Location 03h - SystemBoard/Motherboard
  2226. Use 03h - System Memory
  2227. Memory Error Correction 03h - None
  2228. Maximum Capacity 134217728KB
  2229. Memory Error Inf Handle 0026h
  2230. Number of Memory Devices 4
  2231. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0028h]
  2232. Starting Address 00000000h
  2233. Ending Address 0037ffffh
  2234. Memory Array Handle 0027h
  2235. Partition Width 02
  2236. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0029h]
  2237. Starting Address 00400000h
  2238. Ending Address 0107ffffh
  2239. Memory Array Handle 0027h
  2240. Partition Width 02
  2241. [Cache Information (Type 7) - Length 19 - Handle 002ah]
  2242. Socket Designation L1 - Cache
  2243. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  2244. Maximum Cache Size 0180h - 384K
  2245. Installed Size 0180h - 384K
  2246. Supported SRAM Type 0010h - Pipeline-Burst
  2247. Current SRAM Type 0010h - Pipeline-Burst
  2248. Cache Speed 1ns
  2249. Error Correction Type Specification Reserved
  2250. System Cache Type Unified
  2251. Associativity 8-way Set-Associative
  2252. [Cache Information (Type 7) - Length 19 - Handle 002bh]
  2253. Socket Designation L2 - Cache
  2254. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  2255. Maximum Cache Size 0c00h - 3072K
  2256. Installed Size 0c00h - 3072K
  2257. Supported SRAM Type 0010h - Pipeline-Burst
  2258. Current SRAM Type 0010h - Pipeline-Burst
  2259. Cache Speed 1ns
  2260. Error Correction Type Specification Reserved
  2261. System Cache Type Unified
  2262. Associativity 8-way Set-Associative
  2263. [Cache Information (Type 7) - Length 19 - Handle 002ch]
  2264. Socket Designation L3 - Cache
  2265. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  2266. Maximum Cache Size 8200h - 32768K
  2267. Installed Size 8200h - 32768K
  2268. Supported SRAM Type 0010h - Pipeline-Burst
  2269. Current SRAM Type 0010h - Pipeline-Burst
  2270. Cache Speed 1ns
  2271. Error Correction Type Specification Reserved
  2272. System Cache Type Unified
  2273. Associativity 16-way Set-Associative
  2274. [Processor Information (Type 4) - Length 48 - Handle 002dh]
  2275. Socket Designation AM4
  2276. Processor Type Central Processor
  2277. Processor Family 6bh - Specification Reserved
  2278. Processor Manufacturer Advanced Micro Devices, Inc.
  2279. Processor ID 100f8700fffb8b17
  2280. Processor Version AMD Ryzen 5 3600 6-Core Processor
  2281. Processor Voltage 8bh - 1.1V
  2282. External Clock 100MHz
  2283. Max Speed 4200MHz
  2284. Current Speed 3600MHz
  2285. Status Enabled Populated
  2286. Processor Upgrade Specification Reserved
  2287. L1 Cache Handle 002ah
  2288. L2 Cache Handle 002bh
  2289. L3 Cache Handle 002ch
  2290. Part Number Unknown
  2291. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 002eh]
  2292. [Memory Device (Type 17) - Length 40 - Handle 002fh]
  2293. Physical Memory Array Handle 0027h
  2294. Memory Error Info Handle 002eh
  2295. Total Width 64 bits
  2296. Data Width 64 bits
  2297. Size 8192MB
  2298. Form Factor 09h - DIMM
  2299. Device Locator DIMM_A1
  2300. Bank Locator BANK 0
  2301. Memory Type 1ah - Specification Reserved
  2302. Type Detail 4080h - Synchronous
  2303. Speed 3200MHz
  2304. Manufacturer Corsair
  2305. Part Number CMW16GX4M2C3200C16
  2306. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0030h]
  2307. Starting Address 00000000h
  2308. Ending Address 00ffffffh
  2309. Memory Device Handle 002fh
  2310. Mem Array Mapped Adr Handle 0029h
  2311. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0031h]
  2312. [Memory Device (Type 17) - Length 40 - Handle 0032h]
  2313. Physical Memory Array Handle 0027h
  2314. Memory Error Info Handle 0031h
  2315. Form Factor 02h - Unknown
  2316. Device Locator DIMM_A2
  2317. Bank Locator BANK 1
  2318. Memory Type 02h - Unknown
  2319. Type Detail 0004h - Unknown
  2320. Speed 0MHz
  2321. Manufacturer Unknown
  2322. Part Number Unknown
  2323. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0033h]
  2324. [Memory Device (Type 17) - Length 40 - Handle 0034h]
  2325. Physical Memory Array Handle 0027h
  2326. Memory Error Info Handle 0033h
  2327. Total Width 64 bits
  2328. Data Width 64 bits
  2329. Size 8192MB
  2330. Form Factor 09h - DIMM
  2331. Device Locator DIMM_B1
  2332. Bank Locator BANK 2
  2333. Memory Type 1ah - Specification Reserved
  2334. Type Detail 4080h - Synchronous
  2335. Speed 3200MHz
  2336. Manufacturer Corsair
  2337. Part Number CMW16GX4M2C3200C16
  2338. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0035h]
  2339. Starting Address 00000000h
  2340. Ending Address 00ffffffh
  2341. Memory Device Handle 0034h
  2342. Mem Array Mapped Adr Handle 0029h
  2343. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0036h]
  2344. [Memory Device (Type 17) - Length 40 - Handle 0037h]
  2345. Physical Memory Array Handle 0027h
  2346. Memory Error Info Handle 0036h
  2347. Form Factor 02h - Unknown
  2348. Device Locator DIMM_B2
  2349. Bank Locator BANK 3
  2350. Memory Type 02h - Unknown
  2351. Type Detail 0004h - Unknown
  2352. Speed 0MHz
  2353. Manufacturer Unknown
  2354. Part Number Unknown
  2355.  
  2356. ========================== Dump #4: Extra #1 ===========================
  2357.  
  2358. 9: kd> !verifier
  2359. Verify Flags Level 0x00000000
  2360. STANDARD FLAGS:
  2361. [X] (0x00000000) Automatic Checks
  2362. [ ] (0x00000001) Special pool
  2363. [ ] (0x00000002) Force IRQL checking
  2364. [ ] (0x00000008) Pool tracking
  2365. [ ] (0x00000010) I/O verification
  2366. [ ] (0x00000020) Deadlock detection
  2367. [ ] (0x00000080) DMA checking
  2368. [ ] (0x00000100) Security checks
  2369. [ ] (0x00000800) Miscellaneous checks
  2370. [ ] (0x00020000) DDI compliance checking
  2371. ADDITIONAL FLAGS:
  2372. [ ] (0x00000004) Randomized low resources simulation
  2373. [ ] (0x00000200) Force pending I/O requests
  2374. [ ] (0x00000400) IRP logging
  2375. [ ] (0x00002000) Invariant MDL checking for stack
  2376. [ ] (0x00004000) Invariant MDL checking for driver
  2377. [ ] (0x00008000) Power framework delay fuzzing
  2378. [ ] (0x00010000) Port/miniport interface checking
  2379. [ ] (0x00040000) Systematic low resources simulation
  2380. [ ] (0x00080000) DDI compliance checking (additional)
  2381. [ ] (0x00200000) NDIS/WIFI verification
  2382. [ ] (0x00800000) Kernel synchronization delay fuzzing
  2383. [ ] (0x01000000) VM switch verification
  2384. [ ] (0x02000000) Code integrity checks
  2385. [X] Indicates flag is enabled
  2386. Summary of All Verifier Statistics
  2387. RaiseIrqls 0x0
  2388. AcquireSpinLocks 0x0
  2389. Synch Executions 0x0
  2390. Trims 0x0
  2391. Pool Allocations Attempted 0x0
  2392. Pool Allocations Succeeded 0x0
  2393. Pool Allocations Succeeded SpecialPool 0x0
  2394. Pool Allocations With NO TAG 0x0
  2395. Pool Allocations Failed 0x0
  2396. Current paged pool allocations 0x0 for 00000000 bytes
  2397. Peak paged pool allocations 0x0 for 00000000 bytes
  2398. Current nonpaged pool allocations 0x0 for 00000000 bytes
  2399. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  2400.  
  2401. ========================== Dump #4: Extra #2 ===========================
  2402.  
  2403. 9: kd> !thread
  2404. THREAD ffffc1802b14a340 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 9
  2405. Not impersonating
  2406. GetUlongFromAddress: unable to read from fffff8010542ca14
  2407. Owning Process fffff8010558e9c0 Image: System Process
  2408. Attached Process ffff9e07ce0b0080 Image: System
  2409. fffff78000000000: Unable to get shared data
  2410. Wait Start TickCount 5592032
  2411. Context Switch Count 126114234 IdealProcessor: 9
  2412. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  2413. UserTime 00:00:00.000
  2414. KernelTime 00:00:00.000
  2415. Win32 Start Address nt!KiIdleLoop (0xfffff801051c5e70)
  2416. Stack Init fffff40e54099c90 Current fffff40e54099c20
  2417. Base fffff40e5409a000 Limit fffff40e54094000 Call 0000000000000000
  2418. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
  2419. Child-SP RetAddr : Args to Child : Call Site
  2420. fffff40e`54099638 fffff801`051d41e9 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
  2421. fffff40e`54099640 fffff801`051d0529 : 00000000`00000000 00000000`00000000 00000000`00000fff fffff801`052b0245 : nt!KiBugCheckDispatch+0x69
  2422. fffff40e`54099780 fffff801`0502acff : ffffc180`2b139180 00000000`0000000e fffff801`01992800 00000000`00000000 : nt!KiPageFault+0x469 (TrapFrame @ fffff40e`54099780)
  2423. fffff40e`54099910 fffff801`050513b0 : ffff9e07`e48bc720 ffff9e07`dac881f0 00000001`00000002 ffff9e07`d41de010 : nt!KiAcquireKobjectLockSafe+0xf
  2424. fffff40e`54099940 fffff801`05050059 : 00000000`00000006 00000000`00989680 00000000`0032dbf6 00000000`0000000e : nt!KiProcessExpiredTimerList+0x220
  2425. fffff40e`54099a30 fffff801`051c5eee : ffffffff`00000000 ffffc180`2b139180 ffffc180`2b14a340 ffff9e07`dabe6080 : nt!KiRetireDpcList+0x4e9
  2426. fffff40e`54099c60 00000000`00000000 : fffff40e`5409a000 fffff40e`54094000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
  2427.  
  2428.  
  2429. ========================================================================
  2430. ======================= Dump #5: ANALYZE VERBOSE =======================
  2431. ====================== File: 072120-11187-01.dmp =======================
  2432. ========================================================================
  2433.  
  2434. Mini Kernel Dump File: Only registers and stack trace are available
  2435. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  2436. Kernel base = 0xfffff805`26800000 PsLoadedModuleList = 0xfffff805`26c48190
  2437. Debug session time: Tue Jul 21 07:13:32.268 2020 (UTC - 4:00)
  2438. System Uptime: 0 days 21:27:08.926
  2439.  
  2440. BugCheck A, {ffff9b93ba88a9d8, ff, 6e, fffff80526af064d}
  2441. *** WARNING: Unable to verify timestamp for win32k.sys
  2442. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  2443. Probably caused by : memory_corruption
  2444. Followup: memory_corruption
  2445.  
  2446. IRQL_NOT_LESS_OR_EQUAL (a)
  2447. An attempt was made to access a pageable (or completely invalid) address at an
  2448. interrupt request level (IRQL) that is too high. This is usually
  2449. caused by drivers using improper addresses.
  2450. If a kernel debugger is available get the stack backtrace.
  2451.  
  2452. Arguments:
  2453. Arg1: ffff9b93ba88a9d8, memory referenced
  2454. Arg2: 00000000000000ff, IRQL
  2455. Arg3: 000000000000006e, bitfield :
  2456. bit 0 : value 0 = read operation, 1 = write operation
  2457. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  2458. Arg4: fffff80526af064d, address which referenced memory
  2459.  
  2460. Debugging Details:
  2461. DUMP_CLASS: 1
  2462. DUMP_QUALIFIER: 400
  2463. DUMP_TYPE: 2
  2464. READ_ADDRESS: fffff80526d733b8: Unable to get MiVisibleState
  2465. ffff9b93ba88a9d8
  2466. CURRENT_IRQL: 0
  2467. FAULTING_IP:
  2468. nt!PpmIdleUpdateConcurrency+55
  2469. fffff805`26af064d 4a014ccb20 add qword ptr [rbx+r9*8+20h],rcx
  2470. CUSTOMER_CRASH_COUNT: 1
  2471. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  2472. BUGCHECK_STR: AV
  2473.  
  2474. PROCESS_NAME: System
  2475.  
  2476. TRAP_FRAME: fffff8052b46b610 -- (.trap 0xfffff8052b46b610)
  2477. NOTE: The trap frame does not contain all registers.
  2478. Some register values may be zeroed or incorrect.
  2479. rax=000000b3d3cc5504 rbx=0000000000000000 rcx=0000000000000006
  2480. rdx=000000b3d3cc550a rsi=0000000000000000 rdi=0000000000000000
  2481. rip=fffff80526af064d rsp=fffff8052b46b7a0 rbp=ffff9b8bbf139001
  2482. r8=0000000000000000 r9=00000000ffffffff r10=fffff805268f0170
  2483. r11=ffff76fcefa00000 r12=0000000000000000 r13=0000000000000000
  2484. r14=0000000000000000 r15=0000000000000000
  2485. iopl=0 nv up di pl nz na pe nc
  2486. nt!PpmIdleUpdateConcurrency+0x55:
  2487. fffff805`26af064d 4a014ccb20 add qword ptr [rbx+r9*8+20h],rcx ds:00000008`00000018=????????????????
  2488. Resetting default scope
  2489. LAST_CONTROL_TRANSFER: from fffff805269d41e9 to fffff805269c23c0
  2490. STACK_TEXT:
  2491. fffff805`2b46b4c8 fffff805`269d41e9 : 00000000`0000000a ffff9b93`ba88a9d8 00000000`000000ff 00000000`0000006e : nt!KeBugCheckEx
  2492. fffff805`2b46b4d0 fffff805`269d0529 : 00000000`00000002 fffff805`2b46b7f8 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
  2493. fffff805`2b46b610 fffff805`26af064d : 00000000`00000200 fffff805`2675d8f8 fffff805`235f9180 00000000`00000000 : nt!KiPageFault+0x469
  2494. fffff805`2b46b7a0 fffff805`269fc0b8 : 000092fe`cb6a86c6 ffff9b8b`bf139080 00000000`00000000 00000000`00000000 : nt!PpmIdleUpdateConcurrency+0x55
  2495. fffff805`2b46b7e0 fffff805`2684a38e : 00000000`00000003 00000000`00000002 00000000`00000000 01d65f4f`f80d40f2 : nt!PpmIdleExecuteTransition+0x1b1b88
  2496. fffff805`2b46bb00 fffff805`269c5eb4 : 00000000`00000000 fffff805`235f9180 ffff9b8b`ce5860c0 00000000`00000438 : nt!PoIdle+0x36e
  2497. fffff805`2b46bc60 00000000`00000000 : fffff805`2b46c000 fffff805`2b466000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x44
  2498. STACK_COMMAND: kb
  2499. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  2500. fffff8052675d956-fffff8052675d95b 6 bytes - hal!KeQueryPerformanceCounter+e6
  2501. [ ff 15 b4 7f 07 00:e8 45 69 3f 00 90 ]
  2502. 6 errors : !hal (fffff8052675d956-fffff8052675d95b)
  2503. MODULE_NAME: memory_corruption
  2504.  
  2505. IMAGE_NAME: memory_corruption
  2506.  
  2507. FOLLOWUP_NAME: memory_corruption
  2508. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  2509. MEMORY_CORRUPTOR: LARGE
  2510. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  2511. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  2512. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  2513. TARGET_TIME: 2020-07-21T11:13:32.000Z
  2514. SUITE_MASK: 784
  2515. PRODUCT_TYPE: 1
  2516. USER_LCID: 0
  2517. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  2518. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  2519. Followup: memory_corruption
  2520.  
  2521. ====================== Dump #5: 3RD PARTY DRIVERS ======================
  2522.  
  2523. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  2524. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  2525. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  2526. Mar 30 2015 - Hamdrv.sys - LogMeIn Hamachi Virtual Miniport driver http://www.logmein.com/
  2527. Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  2528. Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  2529. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  2530. Feb 12 2018 - msio64.sys - MSI Gaming App driver
  2531. Mar 26 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  2532. Apr 09 2019 - AsIO2.sys - Asus Input Output driver
  2533. Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
  2534. Apr 22 2019 - OCULUSUD.sys - Oculus VR Headset driver
  2535. Jun 06 2019 - IUProcessFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  2536. Sep 05 2019 - e1r65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  2537. Oct 14 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  2538. Nov 06 2019 - IUFileFilter.sys - IObit Uninstaller driver (IObit)
  2539. Nov 06 2019 - IURegistryFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  2540. Nov 15 2019 - AtihdWT6.sys - AMD High Definition Audio Function driver http://support.amd.com/
  2541. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  2542. Nov 27 2019 - teVirtualMIDI64.sys - teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  2543. Dec 05 2019 - cpuz149_x64.sys - CPUID driver
  2544. Jan 14 2020 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  2545. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  2546. Feb 10 2020 - bcmwl63a.sys - Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  2547. Feb 12 2020 - HWiNFO64A_150.SYS - HWiNFO driver https://www.hwinfo.com/
  2548. Feb 14 2020 - CorsairLLAccess64.sys - CORSAIR iCUE Software driver
  2549. Feb 25 2020 - oculusvad.sys - Oculus VAD driver
  2550. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  2551. Mar 26 2020 - amdxe.sys - AMD Link Xinput Emulation driver
  2552. Apr 10 2020 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
  2553. May 07 2020 - CorsairGamingAudio64.sys - Corsair Gaming Audio 64-bit driver
  2554. May 25 2020 - amdkmdag.sys - AMD Graphics driver
  2555. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  2556. Jun 09 2020 - amdlog.sys - AMD LOG driver
  2557. Jun 30 2020 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  2558. Jun 30 2020 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  2559.  
  2560. ================== Dump #5: 3RD PARTY DRIVERS (FULL) ===================
  2561.  
  2562. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  2563. Image name: AsIO.sys
  2564. Search : https://www.google.com/search?q=AsIO.sys
  2565. ADA Info : ASUS Input Output driver http://www.asus.com/
  2566. Timestamp : Wed Aug 22 2012
  2567.  
  2568. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  2569. Image name: amd_sata.sys
  2570. Search : https://www.google.com/search?q=amd_sata.sys
  2571. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  2572. Timestamp : Thu Mar 19 2015
  2573.  
  2574. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  2575. Image name: amd_xata.sys
  2576. Search : https://www.google.com/search?q=amd_xata.sys
  2577. ADA Info : AMD Stor Filter driver http://support.amd.com/
  2578. Timestamp : Thu Mar 19 2015
  2579.  
  2580. Image path: \SystemRoot\system32\DRIVERS\Hamdrv.sys
  2581. Image name: Hamdrv.sys
  2582. Search : https://www.google.com/search?q=Hamdrv.sys
  2583. ADA Info : LogMeIn Hamachi Virtual Miniport driver http://www.logmein.com/
  2584. Timestamp : Mon Mar 30 2015
  2585.  
  2586. Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
  2587. Image name: HWiNFO64A.SYS
  2588. Search : https://www.google.com/search?q=HWiNFO64A.SYS
  2589. ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  2590. Timestamp : Tue Mar 31 2015
  2591.  
  2592. Image path: \SystemRoot\System32\drivers\amdgpio3.sys
  2593. Image name: amdgpio3.sys
  2594. Search : https://www.google.com/search?q=amdgpio3.sys
  2595. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  2596. Timestamp : Mon Mar 14 2016
  2597.  
  2598. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  2599. Image name: Oculus_ViGEmBus.sys
  2600. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  2601. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  2602. Timestamp : Wed Aug 2 2017
  2603.  
  2604. Image path: \??\C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys
  2605. Image name: msio64.sys
  2606. Search : https://www.google.com/search?q=msio64.sys
  2607. ADA Info : MSI Gaming App driver
  2608. Timestamp : Mon Feb 12 2018
  2609.  
  2610. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  2611. Image name: RTKVHD64.sys
  2612. Search : https://www.google.com/search?q=RTKVHD64.sys
  2613. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  2614. Timestamp : Tue Mar 26 2019
  2615.  
  2616. Image path: \??\C:\WINDOWS\system32\drivers\AsIO2.sys
  2617. Image name: AsIO2.sys
  2618. Search : https://www.google.com/search?q=AsIO2.sys
  2619. ADA Info : Asus Input Output driver
  2620. Timestamp : Tue Apr 9 2019
  2621.  
  2622. Image path: \??\C:\WINDOWS\system32\drivers\GLCKIO2.sys
  2623. Image name: GLCKIO2.sys
  2624. Search : https://www.google.com/search?q=GLCKIO2.sys
  2625. ADA Info : ASUS RGB driver
  2626. Timestamp : Mon Apr 22 2019
  2627.  
  2628. Image path: \SystemRoot\System32\drivers\OCULUSUD.sys
  2629. Image name: OCULUSUD.sys
  2630. Search : https://www.google.com/search?q=OCULUSUD.sys
  2631. ADA Info : Oculus VR Headset driver
  2632. Timestamp : Mon Apr 22 2019
  2633.  
  2634. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys
  2635. Image name: IUProcessFilter.sys
  2636. Search : https://www.google.com/search?q=IUProcessFilter.sys
  2637. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  2638. Timestamp : Thu Jun 6 2019
  2639.  
  2640. Image path: \SystemRoot\system32\DRIVERS\e1r65x64.sys
  2641. Image name: e1r65x64.sys
  2642. Search : https://www.google.com/search?q=e1r65x64.sys
  2643. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  2644. Timestamp : Thu Sep 5 2019
  2645.  
  2646. Image path: \??\C:\WINDOWS\system32\drivers\ene.sys
  2647. Image name: ene.sys
  2648. Search : https://www.google.com/search?q=ene.sys
  2649. ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  2650. Timestamp : Mon Oct 14 2019
  2651.  
  2652. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys
  2653. Image name: IUFileFilter.sys
  2654. Search : https://www.google.com/search?q=IUFileFilter.sys
  2655. ADA Info : IObit Uninstaller driver (IObit)
  2656. Timestamp : Wed Nov 6 2019
  2657.  
  2658. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys
  2659. Image name: IURegistryFilter.sys
  2660. Search : https://www.google.com/search?q=IURegistryFilter.sys
  2661. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  2662. Timestamp : Wed Nov 6 2019
  2663.  
  2664. Image path: \SystemRoot\system32\drivers\AtihdWT6.sys
  2665. Image name: AtihdWT6.sys
  2666. Search : https://www.google.com/search?q=AtihdWT6.sys
  2667. ADA Info : AMD High Definition Audio Function driver http://support.amd.com/
  2668. Timestamp : Fri Nov 15 2019
  2669.  
  2670. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  2671. Image name: mbamswissarmy.sys
  2672. Search : https://www.google.com/search?q=mbamswissarmy.sys
  2673. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  2674. Timestamp : Wed Nov 20 2019
  2675.  
  2676. Image path: \SystemRoot\System32\drivers\teVirtualMIDI64.sys
  2677. Image name: teVirtualMIDI64.sys
  2678. Search : https://www.google.com/search?q=teVirtualMIDI64.sys
  2679. ADA Info : teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  2680. Timestamp : Wed Nov 27 2019
  2681.  
  2682. Image path: \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys
  2683. Image name: cpuz149_x64.sys
  2684. Search : https://www.google.com/search?q=cpuz149_x64.sys
  2685. ADA Info : CPUID driver
  2686. Timestamp : Thu Dec 5 2019
  2687.  
  2688. Image path: \SystemRoot\System32\drivers\amdgpio2.sys
  2689. Image name: amdgpio2.sys
  2690. Search : https://www.google.com/search?q=amdgpio2.sys
  2691. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  2692. Timestamp : Tue Jan 14 2020
  2693.  
  2694. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  2695. Image name: amdkmpfd.sys
  2696. Search : https://www.google.com/search?q=amdkmpfd.sys
  2697. ADA Info : AMD Kernel Miniport Filter driver
  2698. Timestamp : Thu Jan 16 2020
  2699.  
  2700. Image path: \SystemRoot\system32\DRIVERS\bcmwl63a.sys
  2701. Image name: bcmwl63a.sys
  2702. Search : https://www.google.com/search?q=bcmwl63a.sys
  2703. ADA Info : Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  2704. Timestamp : Mon Feb 10 2020
  2705.  
  2706. Image path: \??\C:\Users\andre\AppData\Local\Temp\HWiNFO64A_150.SYS
  2707. Image name: HWiNFO64A_150.SYS
  2708. Search : https://www.google.com/search?q=HWiNFO64A_150.SYS
  2709. ADA Info : HWiNFO driver https://www.hwinfo.com/
  2710. Timestamp : Wed Feb 12 2020
  2711.  
  2712. Image path: \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys
  2713. Image name: CorsairLLAccess64.sys
  2714. Search : https://www.google.com/search?q=CorsairLLAccess64.sys
  2715. ADA Info : CORSAIR iCUE Software driver
  2716. Timestamp : Fri Feb 14 2020
  2717.  
  2718. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  2719. Image name: oculusvad.sys
  2720. Search : https://www.google.com/search?q=oculusvad.sys
  2721. ADA Info : Oculus VAD driver
  2722. Timestamp : Tue Feb 25 2020
  2723.  
  2724. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  2725. Image name: amdpsp.sys
  2726. Search : https://www.google.com/search?q=amdpsp.sys
  2727. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  2728. Timestamp : Fri Mar 6 2020
  2729.  
  2730. Image path: \SystemRoot\System32\drivers\amdxe.sys
  2731. Image name: amdxe.sys
  2732. Search : https://www.google.com/search?q=amdxe.sys
  2733. ADA Info : AMD Link Xinput Emulation driver
  2734. Timestamp : Thu Mar 26 2020
  2735.  
  2736. Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
  2737. Image name: AMDPCIDev.sys
  2738. Search : https://www.google.com/search?q=AMDPCIDev.sys
  2739. ADA Info : Advanced Micro Devices PCI Device driver
  2740. Timestamp : Fri Apr 10 2020
  2741.  
  2742. Image path: \SystemRoot\system32\DRIVERS\CorsairGamingAudio64.sys
  2743. Image name: CorsairGamingAudio64.sys
  2744. Search : https://www.google.com/search?q=CorsairGamingAudio64.sys
  2745. ADA Info : Corsair Gaming Audio 64-bit driver
  2746. Timestamp : Thu May 7 2020
  2747.  
  2748. Image path: \SystemRoot\System32\DriverStore\FileRepository\u0356013.inf_amd64_61ba7b1fb4cf4aec\B355483\amdkmdag.sys
  2749. Image name: amdkmdag.sys
  2750. Search : https://www.google.com/search?q=amdkmdag.sys
  2751. ADA Info : AMD Graphics driver
  2752. Timestamp : Mon May 25 2020
  2753.  
  2754. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  2755. Image name: MbamChameleon.sys
  2756. Search : https://www.google.com/search?q=MbamChameleon.sys
  2757. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  2758. Timestamp : Thu Jun 4 2020
  2759.  
  2760. Image path: \SystemRoot\System32\drivers\amdlog.sys
  2761. Image name: amdlog.sys
  2762. Search : https://www.google.com/search?q=amdlog.sys
  2763. ADA Info : AMD LOG driver
  2764. Timestamp : Tue Jun 9 2020
  2765.  
  2766. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  2767. Image name: CorsairVBusDriver.sys
  2768. Search : https://www.google.com/search?q=CorsairVBusDriver.sys
  2769. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  2770. Timestamp : Tue Jun 30 2020
  2771.  
  2772. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  2773. Image name: CorsairVHidDriver.sys
  2774. Search : https://www.google.com/search?q=CorsairVHidDriver.sys
  2775. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  2776. Timestamp : Tue Jun 30 2020
  2777.  
  2778. ====================== Dump #5: MICROSOFT DRIVERS ======================
  2779.  
  2780. ACPI.sys ACPI Driver for NT (Microsoft)
  2781. acpiex.sys ACPIEx Driver (Microsoft)
  2782. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  2783. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  2784. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  2785. ahcache.sys Application Compatibility Cache (Microsoft)
  2786. amdppm.sys Processor Device Driver
  2787. bam.sys BAM Kernal driver (Microsoft)
  2788. BasicDisplay.sys Basic Display driver (Microsoft)
  2789. BasicRender.sys Basic Render driver (Microsoft)
  2790. Beep.SYS BEEP driver (Microsoft)
  2791. bindflt.sys Windows Bind Filter driver (Microsoft)
  2792. BOOTVID.dll VGA Boot Driver (Microsoft)
  2793. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  2794. cdd.dll Canonical Display Driver (Microsoft)
  2795. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  2796. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  2797. CI.dll Code Integrity Module (Microsoft)
  2798. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  2799. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  2800. CLFS.SYS Common Log File System Driver (Microsoft)
  2801. clipsp.sys CLIP Service (Microsoft)
  2802. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  2803. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  2804. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  2805. condrv.sys Console Driver (Microsoft)
  2806. crashdmp.sys Crash Dump driver (Microsoft)
  2807. dfsc.sys DFS Namespace Client Driver (Microsoft)
  2808. disk.sys PnP Disk Driver (Microsoft)
  2809. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  2810. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2811. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2812. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2813. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  2814. dxgmms2.sys DirectX Graphics MMS
  2815. fastfat.SYS Fast FAT File System Driver (Microsoft)
  2816. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  2817. fileinfo.sys FileInfo Filter Driver (Microsoft)
  2818. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  2819. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  2820. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  2821. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  2822. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  2823. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  2824. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  2825. HIDCLASS.SYS Hid Class Library (Microsoft)
  2826. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  2827. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  2828. HTTP.sys HTTP Protocol Stack (Microsoft)
  2829. intelpep.sys Intel Power Engine Plugin (Microsoft)
  2830. iorate.sys I/O rate control Filter (Microsoft)
  2831. kbdclass.sys Keyboard Class Driver (Microsoft)
  2832. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  2833. kd.dll Local Kernal Debugger (Microsoft)
  2834. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  2835. ks.sys Kernal CSA Library (Microsoft)
  2836. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  2837. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  2838. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  2839. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  2840. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  2841. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  2842. mmcss.sys MMCSS Driver (Microsoft)
  2843. monitor.sys Monitor Driver (Microsoft)
  2844. mouclass.sys Mouse Class Driver (Microsoft)
  2845. mouhid.sys HID Mouse Filter Driver (Microsoft)
  2846. mountmgr.sys Mount Point Manager (Microsoft)
  2847. MpKslDrv.sys Microsoft Anti-malware Protection driver
  2848. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  2849. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  2850. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  2851. Msfs.SYS Mailslot driver (Microsoft)
  2852. msgpioclx.sys GPIO Class Extension Driver (Microsoft)
  2853. msisadrv.sys ISA Driver (Microsoft)
  2854. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  2855. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  2856. mssmbios.sys System Management BIOS driver (Microsoft)
  2857. mup.sys Multiple UNC Provider driver (Microsoft)
  2858. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  2859. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  2860. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  2861. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  2862. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  2863. NDProxy.sys NDIS Proxy driver (Microsoft)
  2864. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  2865. netbios.sys NetBIOS Interface driver (Microsoft)
  2866. netbt.sys MBT Transport driver (Microsoft)
  2867. NETIO.SYS Network I/O Subsystem (Microsoft)
  2868. Npfs.SYS NPFS driver (Microsoft)
  2869. npsvctrig.sys Named pipe service triggers (Microsoft)
  2870. nsiproxy.sys NSI Proxy driver (Microsoft)
  2871. Ntfs.sys NT File System Driver (Microsoft)
  2872. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  2873. ntosext.sys NTOS Extension Host driver (Microsoft)
  2874. Null.SYS NULL Driver (Microsoft)
  2875. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  2876. pacer.sys QoS Packet Scheduler (Microsoft)
  2877. partmgr.sys Partition driver (Microsoft)
  2878. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  2879. pcw.sys Performance Counter Driver (Microsoft)
  2880. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  2881. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  2882. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  2883. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  2884. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  2885. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  2886. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  2887. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  2888. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  2889. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  2890. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  2891. rdyboost.sys ReadyBoost Driver (Microsoft)
  2892. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  2893. serenum.sys Serial Port Enumerator (Microsoft)
  2894. serial.sys Serial Device Driver
  2895. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  2896. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  2897. spaceport.sys Storage Spaces driver (Microsoft)
  2898. srv2.sys Smb 2.0 Server driver (Microsoft)
  2899. srvnet.sys Server Network driver (Microsoft)
  2900. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  2901. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  2902. storqosflt.sys Storage QoS Filter driver (Microsoft)
  2903. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  2904. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  2905. tcpip.sys TCP/IP Protocol driver (Microsoft)
  2906. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  2907. TDI.SYS TDI Wrapper driver (Microsoft)
  2908. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  2909. tm.sys Kernel Transaction Manager driver (Microsoft)
  2910. ucx01000.sys USB Controller Extension (Microsoft)
  2911. UEFI.sys UEFI NT driver (Microsoft)
  2912. umbus.sys User-Mode Bus Enumerator (Microsoft)
  2913. usbaudio.sys USB Audio Class Driver (Microsoft)
  2914. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  2915. USBD.SYS Universal Serial Bus Driver (Microsoft)
  2916. UsbHub3.sys USB3 HUB driver (Microsoft)
  2917. usbser.sys USB Serial driver (Microsoft)
  2918. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  2919. usbvideo.sys USB Video Class Driver (Microsoft)
  2920. USBXHCI.SYS USB XHCI driver (Microsoft)
  2921. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  2922. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  2923. volmgr.sys Volume Manager Driver (Microsoft)
  2924. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  2925. volsnap.sys Volume Shadow Copy driver (Microsoft)
  2926. volume.sys Volume driver (Microsoft)
  2927. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  2928. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  2929. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  2930. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  2931. watchdog.sys Watchdog driver (Microsoft)
  2932. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  2933. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  2934. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  2935. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  2936. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  2937. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  2938. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  2939. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  2940. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  2941. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  2942. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  2943. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  2944. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  2945. winquic.sys QUIC Transport Protocol driver (Microsoft)
  2946. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  2947. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  2948. Wof.sys Windows Overlay Filter (Microsoft)
  2949. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  2950. WppRecorder.sys WPP Trace Recorder (Microsoft)
  2951. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  2952.  
  2953. ====================== Dump #5: UNLOADED MODULES =======================
  2954.  
  2955. fffff805`7b310000 fffff805`7b321000 MSKSSRV.sys
  2956. fffff805`31ad0000 fffff805`31b20000 usbvideo.sys
  2957. fffff805`31a60000 fffff805`31a6f000 Hamdrv.sys
  2958. fffff805`7b260000 fffff805`7b26f000 hiber_storpo
  2959. fffff805`7b270000 fffff805`7b28e000 hiber_amd_sa
  2960. fffff805`7b290000 fffff805`7b2ae000 hiber_dumpfv
  2961. fffff805`39740000 fffff805`3975e000 AtihdWT6.sys
  2962. fffff805`7b220000 fffff805`7b231000 MSKSSRV.sys
  2963. fffff805`7b290000 fffff805`7b3fa000 EasyAntiChea
  2964. fffff805`31b20000 fffff805`31b31000 MSKSSRV.sys
  2965. fffff805`31a10000 fffff805`31a1e000 WSDScan.sys
  2966. fffff805`31a00000 fffff805`31a0e000 WSDPrint.sys
  2967. fffff805`39610000 fffff805`3961a000 CorsairVHidD
  2968. fffff805`325c0000 fffff805`325cf000 dump_storpor
  2969. fffff805`31600000 fffff805`3161e000 dump_amd_sat
  2970. fffff805`31640000 fffff805`3165e000 dump_dumpfve
  2971. fffff805`2a2e0000 fffff805`2a2fc000 EhStorClass.
  2972. fffff805`32360000 fffff805`3237e000 dam.sys
  2973. fffff805`31660000 fffff805`31b79000 vgk.sys
  2974. fffff805`29d90000 fffff805`29da1000 WdBoot.sys
  2975. fffff805`29d80000 fffff805`29d89000 MbamElam.sys
  2976. fffff805`2aeb0000 fffff805`2aec1000 hwpolicy.sys
  2977.  
  2978. ====================== Dump #5: BIOS INFORMATION =======================
  2979.  
  2980. [SMBIOS Data Tables v3.1]
  2981. [DMI Version - 0]
  2982. [2.0 Calling Convention - No]
  2983. [Table Size - 2505 bytes]
  2984. [BIOS Information (Type 0) - Length 26 - Handle 0000h]
  2985. Vendor American Megatrends Inc.
  2986. BIOS Version 5406
  2987. BIOS Starting Address Segment f000
  2988. BIOS Release Date 11/13/2019
  2989. BIOS ROM Size 1000000
  2990. BIOS Characteristics
  2991. 07: - PCI Supported
  2992. 10: - APM Supported
  2993. 11: - Upgradeable FLASH BIOS
  2994. 12: - BIOS Shadowing Supported
  2995. 15: - CD-Boot Supported
  2996. 16: - Selectable Boot Supported
  2997. 17: - BIOS ROM Socketed
  2998. 19: - EDD Supported
  2999. 23: - 1.2MB Floppy Supported
  3000. 24: - 720KB Floppy Supported
  3001. 25: - 2.88MB Floppy Supported
  3002. 26: - Print Screen Device Supported
  3003. 27: - Keyboard Services Supported
  3004. 28: - Serial Services Supported
  3005. 29: - Printer Services Supported
  3006. 32: - BIOS Vendor Reserved
  3007. BIOS Characteristic Extensions
  3008. 00: - ACPI Supported
  3009. 01: - USB Legacy Supported
  3010. 08: - BIOS Boot Specification Supported
  3011. 10: - Specification Reserved
  3012. 11: - Specification Reserved
  3013. BIOS Major Revision 5
  3014. BIOS Minor Revision 13
  3015. EC Firmware Major Revision 255
  3016. EC Firmware Minor Revision 255
  3017. [System Information (Type 1) - Length 27 - Handle 0001h]
  3018. Manufacturer System manufacturer
  3019. Product Name System Product Name
  3020. Version System Version
  3021. UUID 00000000-0000-0000-0000-000000000000
  3022. Wakeup Type Power Switch
  3023. SKUNumber SKU
  3024. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  3025. Manufacturer ASUSTeK COMPUTER INC.
  3026. Product ROG STRIX B350-F GAMING
  3027. Version Rev X.0x
  3028. Feature Flags 09h
  3029. -815483168: - -815483120: - «
  3030. ø
  3031. Location Default string
  3032. Chassis Handle 0003h
  3033. Board Type 0ah - Processor/Memory Module
  3034. Number of Child Handles 0
  3035. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  3036. Manufacturer Default string
  3037. Chassis Type Desktop
  3038. Version Default string
  3039. Bootup State Safe
  3040. Power Supply State Safe
  3041. Thermal State Safe
  3042. Security Status None
  3043. OEM Defined 0
  3044. Height 0U
  3045. Number of Power Cords 1
  3046. Number of Contained Elements 0
  3047. Contained Element Size 3
  3048. [Onboard Devices Information (Type 10) - Length 6 - Handle 0020h]
  3049. Number of Devices 1
  3050. 01: Type Video [enabled]
  3051. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  3052. Number of Strings 8
  3053. 1 Default string
  3054. 2 Default string
  3055. 3 CHOPIN
  3056. 4 Default string
  3057. 5 FFFFFFFFFFFFF
  3058. 6 FFFFFFFFFFFFF
  3059. 7 FFFFFFFFFFFFF
  3060. 8 Default string
  3061. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  3062. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0026h]
  3063. [Physical Memory Array (Type 16) - Length 23 - Handle 0027h]
  3064. Location 03h - SystemBoard/Motherboard
  3065. Use 03h - System Memory
  3066. Memory Error Correction 03h - None
  3067. Maximum Capacity 134217728KB
  3068. Memory Error Inf Handle 0026h
  3069. Number of Memory Devices 4
  3070. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0028h]
  3071. Starting Address 00000000h
  3072. Ending Address 0037ffffh
  3073. Memory Array Handle 0027h
  3074. Partition Width 02
  3075. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0029h]
  3076. Starting Address 00400000h
  3077. Ending Address 0107ffffh
  3078. Memory Array Handle 0027h
  3079. Partition Width 02
  3080. [Cache Information (Type 7) - Length 19 - Handle 002ah]
  3081. Socket Designation L1 - Cache
  3082. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  3083. Maximum Cache Size 0180h - 384K
  3084. Installed Size 0180h - 384K
  3085. Supported SRAM Type 0010h - Pipeline-Burst
  3086. Current SRAM Type 0010h - Pipeline-Burst
  3087. Cache Speed 1ns
  3088. Error Correction Type Specification Reserved
  3089. System Cache Type Unified
  3090. Associativity 8-way Set-Associative
  3091. [Cache Information (Type 7) - Length 19 - Handle 002bh]
  3092. Socket Designation L2 - Cache
  3093. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  3094. Maximum Cache Size 0c00h - 3072K
  3095. Installed Size 0c00h - 3072K
  3096. Supported SRAM Type 0010h - Pipeline-Burst
  3097. Current SRAM Type 0010h - Pipeline-Burst
  3098. Cache Speed 1ns
  3099. Error Correction Type Specification Reserved
  3100. System Cache Type Unified
  3101. Associativity 8-way Set-Associative
  3102. [Cache Information (Type 7) - Length 19 - Handle 002ch]
  3103. Socket Designation L3 - Cache
  3104. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  3105. Maximum Cache Size 8200h - 32768K
  3106. Installed Size 8200h - 32768K
  3107. Supported SRAM Type 0010h - Pipeline-Burst
  3108. Current SRAM Type 0010h - Pipeline-Burst
  3109. Cache Speed 1ns
  3110. Error Correction Type Specification Reserved
  3111. System Cache Type Unified
  3112. Associativity 16-way Set-Associative
  3113. [Processor Information (Type 4) - Length 48 - Handle 002dh]
  3114. Socket Designation AM4
  3115. Processor Type Central Processor
  3116. Processor Family 6bh - Specification Reserved
  3117. Processor Manufacturer Advanced Micro Devices, Inc.
  3118. Processor ID 100f8700fffb8b17
  3119. Processor Version AMD Ryzen 5 3600 6-Core Processor
  3120. Processor Voltage 8bh - 1.1V
  3121. External Clock 100MHz
  3122. Max Speed 4200MHz
  3123. Current Speed 3600MHz
  3124. Status Enabled Populated
  3125. Processor Upgrade Specification Reserved
  3126. L1 Cache Handle 002ah
  3127. L2 Cache Handle 002bh
  3128. L3 Cache Handle 002ch
  3129. Part Number Unknown
  3130. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 002eh]
  3131. [Memory Device (Type 17) - Length 40 - Handle 002fh]
  3132. Physical Memory Array Handle 0027h
  3133. Memory Error Info Handle 002eh
  3134. Total Width 64 bits
  3135. Data Width 64 bits
  3136. Size 8192MB
  3137. Form Factor 09h - DIMM
  3138. Device Locator DIMM_A1
  3139. Bank Locator BANK 0
  3140. Memory Type 1ah - Specification Reserved
  3141. Type Detail 4080h - Synchronous
  3142. Speed 3200MHz
  3143. Manufacturer Corsair
  3144. Part Number CMW16GX4M2C3200C16
  3145. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0030h]
  3146. Starting Address 00000000h
  3147. Ending Address 00ffffffh
  3148. Memory Device Handle 002fh
  3149. Mem Array Mapped Adr Handle 0029h
  3150. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0031h]
  3151. [Memory Device (Type 17) - Length 40 - Handle 0032h]
  3152. Physical Memory Array Handle 0027h
  3153. Memory Error Info Handle 0031h
  3154. Form Factor 02h - Unknown
  3155. Device Locator DIMM_A2
  3156. Bank Locator BANK 1
  3157. Memory Type 02h - Unknown
  3158. Type Detail 0004h - Unknown
  3159. Speed 0MHz
  3160. Manufacturer Unknown
  3161. Part Number Unknown
  3162. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0033h]
  3163. [Memory Device (Type 17) - Length 40 - Handle 0034h]
  3164. Physical Memory Array Handle 0027h
  3165. Memory Error Info Handle 0033h
  3166. Total Width 64 bits
  3167. Data Width 64 bits
  3168. Size 8192MB
  3169. Form Factor 09h - DIMM
  3170. Device Locator DIMM_B1
  3171. Bank Locator BANK 2
  3172. Memory Type 1ah - Specification Reserved
  3173. Type Detail 4080h - Synchronous
  3174. Speed 3200MHz
  3175. Manufacturer Corsair
  3176. Part Number CMW16GX4M2C3200C16
  3177. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0035h]
  3178. Starting Address 00000000h
  3179. Ending Address 00ffffffh
  3180. Memory Device Handle 0034h
  3181. Mem Array Mapped Adr Handle 0029h
  3182. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0036h]
  3183. [Memory Device (Type 17) - Length 40 - Handle 0037h]
  3184. Physical Memory Array Handle 0027h
  3185. Memory Error Info Handle 0036h
  3186. Form Factor 02h - Unknown
  3187. Device Locator DIMM_B2
  3188. Bank Locator BANK 3
  3189. Memory Type 02h - Unknown
  3190. Type Detail 0004h - Unknown
  3191. Speed 0MHz
  3192. Manufacturer Unknown
  3193. Part Number Unknown
  3194.  
  3195. ========================== Dump #5: Extra #1 ===========================
  3196.  
  3197. 0: kd> !verifier
  3198. Verify Flags Level 0x00000000
  3199. STANDARD FLAGS:
  3200. [X] (0x00000000) Automatic Checks
  3201. [ ] (0x00000001) Special pool
  3202. [ ] (0x00000002) Force IRQL checking
  3203. [ ] (0x00000008) Pool tracking
  3204. [ ] (0x00000010) I/O verification
  3205. [ ] (0x00000020) Deadlock detection
  3206. [ ] (0x00000080) DMA checking
  3207. [ ] (0x00000100) Security checks
  3208. [ ] (0x00000800) Miscellaneous checks
  3209. [ ] (0x00020000) DDI compliance checking
  3210. ADDITIONAL FLAGS:
  3211. [ ] (0x00000004) Randomized low resources simulation
  3212. [ ] (0x00000200) Force pending I/O requests
  3213. [ ] (0x00000400) IRP logging
  3214. [ ] (0x00002000) Invariant MDL checking for stack
  3215. [ ] (0x00004000) Invariant MDL checking for driver
  3216. [ ] (0x00008000) Power framework delay fuzzing
  3217. [ ] (0x00010000) Port/miniport interface checking
  3218. [ ] (0x00040000) Systematic low resources simulation
  3219. [ ] (0x00080000) DDI compliance checking (additional)
  3220. [ ] (0x00200000) NDIS/WIFI verification
  3221. [ ] (0x00800000) Kernel synchronization delay fuzzing
  3222. [ ] (0x01000000) VM switch verification
  3223. [ ] (0x02000000) Code integrity checks
  3224. [X] Indicates flag is enabled
  3225. Summary of All Verifier Statistics
  3226. RaiseIrqls 0x0
  3227. AcquireSpinLocks 0x0
  3228. Synch Executions 0x0
  3229. Trims 0x0
  3230. Pool Allocations Attempted 0x0
  3231. Pool Allocations Succeeded 0x0
  3232. Pool Allocations Succeeded SpecialPool 0x0
  3233. Pool Allocations With NO TAG 0x0
  3234. Pool Allocations Failed 0x0
  3235. Current paged pool allocations 0x0 for 00000000 bytes
  3236. Peak paged pool allocations 0x0 for 00000000 bytes
  3237. Current nonpaged pool allocations 0x0 for 00000000 bytes
  3238. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  3239.  
  3240. ========================== Dump #5: Extra #2 ===========================
  3241.  
  3242. 0: kd> !thread
  3243. THREAD fffff80526d91400 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
  3244. Not impersonating
  3245. GetUlongFromAddress: unable to read from fffff80526c2ca14
  3246. Owning Process fffff80526d8e9c0 Image: System Process
  3247. Attached Process ffff9b8bb92b0080 Image: System
  3248. fffff78000000000: Unable to get shared data
  3249. Wait Start TickCount 4942651
  3250. Context Switch Count 162822339 IdealProcessor: 0
  3251. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  3252. UserTime 00:00:00.000
  3253. KernelTime 00:00:00.000
  3254. Win32 Start Address nt!KiIdleLoop (0xfffff805269c5e70)
  3255. Stack Init fffff8052b46bc90 Current fffff8052b46bc20
  3256. Base fffff8052b46c000 Limit fffff8052b466000 Call 0000000000000000
  3257. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 5
  3258. Child-SP RetAddr : Args to Child : Call Site
  3259. fffff805`2b46b4c8 fffff805`269d41e9 : 00000000`0000000a ffff9b93`ba88a9d8 00000000`000000ff 00000000`0000006e : nt!KeBugCheckEx
  3260. fffff805`2b46b4d0 fffff805`269d0529 : 00000000`00000002 fffff805`2b46b7f8 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
  3261. fffff805`2b46b610 fffff805`26af064d : 00000000`00000200 fffff805`2675d8f8 fffff805`235f9180 00000000`00000000 : nt!KiPageFault+0x469 (TrapFrame @ fffff805`2b46b610)
  3262. fffff805`2b46b7a0 fffff805`269fc0b8 : 000092fe`cb6a86c6 ffff9b8b`bf139080 00000000`00000000 00000000`00000000 : nt!PpmIdleUpdateConcurrency+0x55
  3263. fffff805`2b46b7e0 fffff805`2684a38e : 00000000`00000003 00000000`00000002 00000000`00000000 01d65f4f`f80d40f2 : nt!PpmIdleExecuteTransition+0x1b1b88
  3264. fffff805`2b46bb00 fffff805`269c5eb4 : 00000000`00000000 fffff805`235f9180 ffff9b8b`ce5860c0 00000000`00000438 : nt!PoIdle+0x36e
  3265. fffff805`2b46bc60 00000000`00000000 : fffff805`2b46c000 fffff805`2b466000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x44
  3266.  
  3267.  
  3268. ========================================================================
  3269. ======================= Dump #6: ANALYZE VERBOSE =======================
  3270. ================ File: The BSOD that just happened.dmp =================
  3271. ========================================================================
  3272.  
  3273. Mini Kernel Dump File: Only registers and stack trace are available
  3274. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  3275. Kernel base = 0xfffff805`77600000 PsLoadedModuleList = 0xfffff805`77a48190
  3276. Debug session time: Sat Jul 25 13:29:08.954 2020 (UTC - 4:00)
  3277. System Uptime: 0 days 20:44:40.613
  3278.  
  3279. BugCheck 3B, {c0000096, fffff805776a4784, ffff9081c96df930, 0}
  3280. Probably caused by : memory_corruption
  3281. Followup: memory_corruption
  3282.  
  3283. SYSTEM_SERVICE_EXCEPTION (3b)
  3284. An exception happened while executing a system service routine.
  3285.  
  3286. Arguments:
  3287. Arg1: 00000000c0000096, Exception code that caused the bugcheck
  3288. Arg2: fffff805776a4784, Address of the instruction which caused the bugcheck
  3289. Arg3: ffff9081c96df930, Address of the context record for the exception that caused the bugcheck
  3290. Arg4: 0000000000000000, zero.
  3291.  
  3292. Debugging Details:
  3293. DUMP_CLASS: 1
  3294. DUMP_QUALIFIER: 400
  3295. DUMP_TYPE: 2
  3296. EXCEPTION_CODE: (NTSTATUS) 0xc0000096 - {EXCEPTION} Privileged instruction.
  3297. FAULTING_IP:
  3298. nt!KiSwapThread+cd4
  3299. fffff805`776a4784 440f22c1 mov cr8,rcx
  3300. CONTEXT: ffff9081c96df930 -- (.cxr 0xffff9081c96df930)
  3301. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000080
  3302. rdx=0000000000000000 rsi=ffffd18e96e17080 rdi=0000000000000000
  3303. rip=fffff805776a4784 rsp=fffff8843c964860 rbp=ffff9081c9721180
  3304. r8=0000000000000fa0 r9=fffff80577600000 r10=ffff9081c9680180
  3305. r11=fffff8843c964858 r12=0000000000000000 r13=ffff9081c9721180
  3306. r14=0000000000000001 r15=ffffd18e96e17180
  3307. iopl=0 nv up ei pl zr na po nc
  3308. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050246
  3309. nt!KiSwapThread+0xcd4:
  3310. fffff805`776a4784 440f22c1 mov cr8,rcx
  3311. Resetting default scope
  3312. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  3313. BUGCHECK_STR: 0x3B
  3314.  
  3315. PROCESS_NAME: MedalEncoder.exe
  3316.  
  3317. CURRENT_IRQL: 2
  3318. BAD_STACK_POINTER: ffff9081c96deff8
  3319. LAST_CONTROL_TRANSFER: from fffff805776a3534 to fffff805776a4784
  3320. STACK_TEXT:
  3321. fffff884`3c964860 fffff805`776a3534 : ffffd18e`96e17080 ffffffff`00000000 bf48d332`00000000 00000000`00000000 : nt!KiSwapThread+0xcd4
  3322. fffff884`3c964900 fffff805`776a2cd5 : 00000000`0000006d 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KiCommitThreadWait+0x144
  3323. fffff884`3c9649a0 fffff805`77c1248b : ffffd18e`9bbcc740 00000000`00000006 00000000`00000001 ffffd18e`9bbcc700 : nt!KeWaitForSingleObject+0x255
  3324. fffff884`3c964a80 fffff805`777d3c18 : ffffd18e`96e17080 000000be`ccb3b6f8 fffff884`3c964b18 ffffffff`ff671b60 : nt!NtWaitForSingleObject+0x10b
  3325. fffff884`3c964b00 00007ffb`5cedc0f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
  3326. 000000be`ccb3b6c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`5cedc0f4
  3327. CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
  3328. ffffa7ed43e97809-ffffa7ed43e9780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
  3329. [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
  3330. ffffa7ed43e97879-ffffa7ed43e9787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
  3331. [ 48 ff:4c 8b ]
  3332. ffffa7ed43e97880-ffffa7ed43e97883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
  3333. [ 0f 1f 44 00:e8 9b eb 20 ]
  3334. ffffa7ed43e98985-ffffa7ed43e98986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
  3335. [ 48 ff:4c 8b ]
  3336. ffffa7ed43e9898c-ffffa7ed43e9898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
  3337. [ 0f 1f 44 00:e8 8f da 20 ]
  3338. ffffa7ed43e98995-ffffa7ed43e98996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
  3339. [ 48 ff:4c 8b ]
  3340. ffffa7ed43e9899c-ffffa7ed43e9899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
  3341. [ 0f 1f 44 00:e8 7f da 20 ]
  3342. 24 errors : !win32kbase (ffffa7ed43e97809-ffffa7ed43e9899f)
  3343. MODULE_NAME: memory_corruption
  3344.  
  3345. IMAGE_NAME: memory_corruption
  3346.  
  3347. FOLLOWUP_NAME: memory_corruption
  3348. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  3349. MEMORY_CORRUPTOR: LARGE
  3350. STACK_COMMAND: .cxr 0xffff9081c96df930 ; kb
  3351. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3352. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3353. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  3354. TARGET_TIME: 2020-07-25T17:29:08.000Z
  3355. SUITE_MASK: 784
  3356. PRODUCT_TYPE: 1
  3357. USER_LCID: 0
  3358. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  3359. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  3360. Followup: memory_corruption
  3361.  
  3362. ====================== Dump #6: 3RD PARTY DRIVERS ======================
  3363.  
  3364. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  3365. Mar 19 2015 - amd_sata.sys - AMD SATA Controller AHCI Device driver http://support.amd.com/
  3366. Mar 19 2015 - amd_xata.sys - AMD Stor Filter driver http://support.amd.com/
  3367. Mar 31 2015 - HWiNFO64A.SYS - HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  3368. Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  3369. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  3370. Feb 12 2018 - msio64.sys - MSI Gaming App driver
  3371. Mar 26 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  3372. Apr 09 2019 - AsIO2.sys - Asus Input Output driver
  3373. Apr 22 2019 - GLCKIO2.sys - ASUS RGB driver
  3374. Apr 22 2019 - OCULUSUD.sys - Oculus VR Headset driver
  3375. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  3376. Jun 06 2019 - IUProcessFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  3377. Sep 05 2019 - e1r65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3378. Oct 14 2019 - ene.sys - (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  3379. Nov 06 2019 - IUFileFilter.sys - IObit Uninstaller driver (IObit)
  3380. Nov 06 2019 - IURegistryFilter.sys - IObit Uninstaller driver (IObit Information Technology)
  3381. Nov 15 2019 - AtihdWT6.sys - AMD High Definition Audio Function driver http://support.amd.com/
  3382. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  3383. Nov 27 2019 - teVirtualMIDI64.sys - teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  3384. Dec 05 2019 - cpuz149_x64.sys - CPUID driver
  3385. Jan 14 2020 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  3386. Jan 16 2020 - amdkmpfd.sys - AMD Kernel Miniport Filter driver
  3387. Feb 10 2020 - bcmwl63a.sys - Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  3388. Feb 12 2020 - HWiNFO64A_150.SYS - HWiNFO driver https://www.hwinfo.com/
  3389. Feb 14 2020 - CorsairLLAccess64.sys - CORSAIR iCUE Software driver
  3390. Mar 06 2020 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  3391. Mar 26 2020 - amdxe.sys - AMD Link Xinput Emulation driver
  3392. Apr 10 2020 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
  3393. May 07 2020 - CorsairGamingAudio64.sys - Corsair Gaming Audio 64-bit driver
  3394. May 28 2020 - oculusvad.sys - Oculus VAD driver
  3395. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  3396. Jun 09 2020 - amdlog.sys - AMD LOG driver
  3397. Jun 10 2020 - amdkmdag.sys - AMD Graphics driver
  3398. Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  3399. Jun 30 2020 - CorsairVBusDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  3400. Jun 30 2020 - CorsairVHidDriver.sys - Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  3401. Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  3402. Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  3403.  
  3404. ================== Dump #6: 3RD PARTY DRIVERS (FULL) ===================
  3405.  
  3406. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  3407. Image name: AsIO.sys
  3408. Search : https://www.google.com/search?q=AsIO.sys
  3409. ADA Info : ASUS Input Output driver http://www.asus.com/
  3410. Timestamp : Wed Aug 22 2012
  3411.  
  3412. Image path: \SystemRoot\System32\drivers\amd_sata.sys
  3413. Image name: amd_sata.sys
  3414. Search : https://www.google.com/search?q=amd_sata.sys
  3415. ADA Info : AMD SATA Controller AHCI Device driver http://support.amd.com/
  3416. Timestamp : Thu Mar 19 2015
  3417.  
  3418. Image path: \SystemRoot\System32\drivers\amd_xata.sys
  3419. Image name: amd_xata.sys
  3420. Search : https://www.google.com/search?q=amd_xata.sys
  3421. ADA Info : AMD Stor Filter driver http://support.amd.com/
  3422. Timestamp : Thu Mar 19 2015
  3423.  
  3424. Image path: \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
  3425. Image name: HWiNFO64A.SYS
  3426. Search : https://www.google.com/search?q=HWiNFO64A.SYS
  3427. ADA Info : HWiNFO AMD64 Kernel driver https://www.hwinfo.com/
  3428. Timestamp : Tue Mar 31 2015
  3429.  
  3430. Image path: \SystemRoot\System32\drivers\amdgpio3.sys
  3431. Image name: amdgpio3.sys
  3432. Search : https://www.google.com/search?q=amdgpio3.sys
  3433. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  3434. Timestamp : Mon Mar 14 2016
  3435.  
  3436. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  3437. Image name: Oculus_ViGEmBus.sys
  3438. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  3439. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  3440. Timestamp : Wed Aug 2 2017
  3441.  
  3442. Image path: \??\C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys
  3443. Image name: msio64.sys
  3444. Search : https://www.google.com/search?q=msio64.sys
  3445. ADA Info : MSI Gaming App driver
  3446. Timestamp : Mon Feb 12 2018
  3447.  
  3448. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  3449. Image name: RTKVHD64.sys
  3450. Search : https://www.google.com/search?q=RTKVHD64.sys
  3451. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  3452. Timestamp : Tue Mar 26 2019
  3453.  
  3454. Image path: \??\C:\WINDOWS\system32\drivers\AsIO2.sys
  3455. Image name: AsIO2.sys
  3456. Search : https://www.google.com/search?q=AsIO2.sys
  3457. ADA Info : Asus Input Output driver
  3458. Timestamp : Tue Apr 9 2019
  3459.  
  3460. Image path: \??\C:\WINDOWS\system32\drivers\GLCKIO2.sys
  3461. Image name: GLCKIO2.sys
  3462. Search : https://www.google.com/search?q=GLCKIO2.sys
  3463. ADA Info : ASUS RGB driver
  3464. Timestamp : Mon Apr 22 2019
  3465.  
  3466. Image path: \SystemRoot\System32\drivers\OCULUSUD.sys
  3467. Image name: OCULUSUD.sys
  3468. Search : https://www.google.com/search?q=OCULUSUD.sys
  3469. ADA Info : Oculus VR Headset driver
  3470. Timestamp : Mon Apr 22 2019
  3471.  
  3472. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  3473. Image name: mbae64.sys
  3474. Search : https://www.google.com/search?q=mbae64.sys
  3475. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  3476. Timestamp : Thu Apr 25 2019
  3477.  
  3478. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys
  3479. Image name: IUProcessFilter.sys
  3480. Search : https://www.google.com/search?q=IUProcessFilter.sys
  3481. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  3482. Timestamp : Thu Jun 6 2019
  3483.  
  3484. Image path: \SystemRoot\system32\DRIVERS\e1r65x64.sys
  3485. Image name: e1r65x64.sys
  3486. Search : https://www.google.com/search?q=e1r65x64.sys
  3487. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3488. Timestamp : Thu Sep 5 2019
  3489.  
  3490. Image path: \??\C:\WINDOWS\system32\drivers\ene.sys
  3491. Image name: ene.sys
  3492. Search : https://www.google.com/search?q=ene.sys
  3493. ADA Info : (Ptolemy Tech Co.) or ASUS RGB driver or Gigabyte RGB driver
  3494. Timestamp : Mon Oct 14 2019
  3495.  
  3496. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys
  3497. Image name: IUFileFilter.sys
  3498. Search : https://www.google.com/search?q=IUFileFilter.sys
  3499. ADA Info : IObit Uninstaller driver (IObit)
  3500. Timestamp : Wed Nov 6 2019
  3501.  
  3502. Image path: \??\D:\Programs I want\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys
  3503. Image name: IURegistryFilter.sys
  3504. Search : https://www.google.com/search?q=IURegistryFilter.sys
  3505. ADA Info : IObit Uninstaller driver (IObit Information Technology)
  3506. Timestamp : Wed Nov 6 2019
  3507.  
  3508. Image path: \SystemRoot\system32\drivers\AtihdWT6.sys
  3509. Image name: AtihdWT6.sys
  3510. Search : https://www.google.com/search?q=AtihdWT6.sys
  3511. ADA Info : AMD High Definition Audio Function driver http://support.amd.com/
  3512. Timestamp : Fri Nov 15 2019
  3513.  
  3514. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  3515. Image name: mbamswissarmy.sys
  3516. Search : https://www.google.com/search?q=mbamswissarmy.sys
  3517. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  3518. Timestamp : Wed Nov 20 2019
  3519.  
  3520. Image path: \SystemRoot\System32\drivers\teVirtualMIDI64.sys
  3521. Image name: teVirtualMIDI64.sys
  3522. Search : https://www.google.com/search?q=teVirtualMIDI64.sys
  3523. ADA Info : teVirtualMIDI - Virtual MIDI driver (Tobias Erichsen)
  3524. Timestamp : Wed Nov 27 2019
  3525.  
  3526. Image path: \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys
  3527. Image name: cpuz149_x64.sys
  3528. Search : https://www.google.com/search?q=cpuz149_x64.sys
  3529. ADA Info : CPUID driver
  3530. Timestamp : Thu Dec 5 2019
  3531.  
  3532. Image path: \SystemRoot\System32\drivers\amdgpio2.sys
  3533. Image name: amdgpio2.sys
  3534. Search : https://www.google.com/search?q=amdgpio2.sys
  3535. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  3536. Timestamp : Tue Jan 14 2020
  3537.  
  3538. Image path: \SystemRoot\System32\drivers\amdkmpfd.sys
  3539. Image name: amdkmpfd.sys
  3540. Search : https://www.google.com/search?q=amdkmpfd.sys
  3541. ADA Info : AMD Kernel Miniport Filter driver
  3542. Timestamp : Thu Jan 16 2020
  3543.  
  3544. Image path: \SystemRoot\system32\DRIVERS\bcmwl63a.sys
  3545. Image name: bcmwl63a.sys
  3546. Search : https://www.google.com/search?q=bcmwl63a.sys
  3547. ADA Info : Broadcom 802 11 Network Adapter Wireless driver http://www.broadcom.com/support/
  3548. Timestamp : Mon Feb 10 2020
  3549.  
  3550. Image path: \??\C:\Users\andre\AppData\Local\Temp\HWiNFO64A_150.SYS
  3551. Image name: HWiNFO64A_150.SYS
  3552. Search : https://www.google.com/search?q=HWiNFO64A_150.SYS
  3553. ADA Info : HWiNFO driver https://www.hwinfo.com/
  3554. Timestamp : Wed Feb 12 2020
  3555.  
  3556. Image path: \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys
  3557. Image name: CorsairLLAccess64.sys
  3558. Search : https://www.google.com/search?q=CorsairLLAccess64.sys
  3559. ADA Info : CORSAIR iCUE Software driver
  3560. Timestamp : Fri Feb 14 2020
  3561.  
  3562. Image path: \SystemRoot\System32\drivers\amdpsp.sys
  3563. Image name: amdpsp.sys
  3564. Search : https://www.google.com/search?q=amdpsp.sys
  3565. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  3566. Timestamp : Fri Mar 6 2020
  3567.  
  3568. Image path: \SystemRoot\System32\drivers\amdxe.sys
  3569. Image name: amdxe.sys
  3570. Search : https://www.google.com/search?q=amdxe.sys
  3571. ADA Info : AMD Link Xinput Emulation driver
  3572. Timestamp : Thu Mar 26 2020
  3573.  
  3574. Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
  3575. Image name: AMDPCIDev.sys
  3576. Search : https://www.google.com/search?q=AMDPCIDev.sys
  3577. ADA Info : Advanced Micro Devices PCI Device driver
  3578. Timestamp : Fri Apr 10 2020
  3579.  
  3580. Image path: \SystemRoot\system32\DRIVERS\CorsairGamingAudio64.sys
  3581. Image name: CorsairGamingAudio64.sys
  3582. Search : https://www.google.com/search?q=CorsairGamingAudio64.sys
  3583. ADA Info : Corsair Gaming Audio 64-bit driver
  3584. Timestamp : Thu May 7 2020
  3585.  
  3586. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  3587. Image name: oculusvad.sys
  3588. Search : https://www.google.com/search?q=oculusvad.sys
  3589. ADA Info : Oculus VAD driver
  3590. Timestamp : Thu May 28 2020
  3591.  
  3592. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  3593. Image name: MbamChameleon.sys
  3594. Search : https://www.google.com/search?q=MbamChameleon.sys
  3595. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  3596. Timestamp : Thu Jun 4 2020
  3597.  
  3598. Image path: \SystemRoot\System32\drivers\amdlog.sys
  3599. Image name: amdlog.sys
  3600. Search : https://www.google.com/search?q=amdlog.sys
  3601. ADA Info : AMD LOG driver
  3602. Timestamp : Tue Jun 9 2020
  3603.  
  3604. Image path: \SystemRoot\System32\DriverStore\FileRepository\c0356490.inf_amd64_d882b4516d9b62a0\B356520\amdkmdag.sys
  3605. Image name: amdkmdag.sys
  3606. Search : https://www.google.com/search?q=amdkmdag.sys
  3607. ADA Info : AMD Graphics driver
  3608. Timestamp : Wed Jun 10 2020
  3609.  
  3610. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  3611. Image name: mwac.sys
  3612. Search : https://www.google.com/search?q=mwac.sys
  3613. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  3614. Timestamp : Mon Jun 22 2020
  3615.  
  3616. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  3617. Image name: CorsairVBusDriver.sys
  3618. Search : https://www.google.com/search?q=CorsairVBusDriver.sys
  3619. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  3620. Timestamp : Tue Jun 30 2020
  3621.  
  3622. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  3623. Image name: CorsairVHidDriver.sys
  3624. Search : https://www.google.com/search?q=CorsairVHidDriver.sys
  3625. ADA Info : Corsair Virtual Device driver (Corsair Utility Engine) http://www.corsair.com/
  3626. Timestamp : Tue Jun 30 2020
  3627.  
  3628. Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
  3629. Image name: mbam.sys
  3630. Search : https://www.google.com/search?q=mbam.sys
  3631. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  3632. Timestamp : Tue Jul 7 2020
  3633.  
  3634. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  3635. Image name: farflt.sys
  3636. Search : https://www.google.com/search?q=farflt.sys
  3637. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  3638. Timestamp : Fri Jul 17 2020
  3639.  
  3640. ====================== Dump #6: MICROSOFT DRIVERS ======================
  3641.  
  3642. ACPI.sys ACPI Driver for NT (Microsoft)
  3643. acpiex.sys ACPIEx Driver (Microsoft)
  3644. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  3645. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  3646. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  3647. ahcache.sys Application Compatibility Cache (Microsoft)
  3648. amdppm.sys Processor Device Driver
  3649. bam.sys BAM Kernal driver (Microsoft)
  3650. BasicDisplay.sys Basic Display driver (Microsoft)
  3651. BasicRender.sys Basic Render driver (Microsoft)
  3652. Beep.SYS BEEP driver (Microsoft)
  3653. bindflt.sys Windows Bind Filter driver (Microsoft)
  3654. BOOTVID.dll VGA Boot Driver (Microsoft)
  3655. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  3656. cdd.dll Canonical Display Driver (Microsoft)
  3657. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  3658. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  3659. CI.dll Code Integrity Module (Microsoft)
  3660. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  3661. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  3662. CLFS.SYS Common Log File System Driver (Microsoft)
  3663. clipsp.sys CLIP Service (Microsoft)
  3664. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  3665. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  3666. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  3667. condrv.sys Console Driver (Microsoft)
  3668. crashdmp.sys Crash Dump driver (Microsoft)
  3669. dfsc.sys DFS Namespace Client Driver (Microsoft)
  3670. disk.sys PnP Disk Driver (Microsoft)
  3671. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  3672. dump_amd_sata.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3673. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3674. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3675. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  3676. dxgmms2.sys DirectX Graphics MMS
  3677. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  3678. fastfat.SYS Fast FAT File System Driver (Microsoft)
  3679. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  3680. fileinfo.sys FileInfo Filter Driver (Microsoft)
  3681. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  3682. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  3683. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  3684. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  3685. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  3686. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  3687. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  3688. HIDCLASS.SYS Hid Class Library (Microsoft)
  3689. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  3690. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  3691. HTTP.sys HTTP Protocol Stack (Microsoft)
  3692. intelpep.sys Intel Power Engine Plugin (Microsoft)
  3693. iorate.sys I/O rate control Filter (Microsoft)
  3694. kbdclass.sys Keyboard Class Driver (Microsoft)
  3695. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  3696. kd.dll Local Kernal Debugger (Microsoft)
  3697. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  3698. ks.sys Kernal CSA Library (Microsoft)
  3699. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  3700. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  3701. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  3702. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  3703. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  3704. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  3705. mmcss.sys MMCSS Driver (Microsoft)
  3706. monitor.sys Monitor Driver (Microsoft)
  3707. mouclass.sys Mouse Class Driver (Microsoft)
  3708. mouhid.sys HID Mouse Filter Driver (Microsoft)
  3709. mountmgr.sys Mount Point Manager (Microsoft)
  3710. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  3711. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  3712. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  3713. Msfs.SYS Mailslot driver (Microsoft)
  3714. msgpioclx.sys GPIO Class Extension Driver (Microsoft)
  3715. msisadrv.sys ISA Driver (Microsoft)
  3716. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  3717. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  3718. mssmbios.sys System Management BIOS driver (Microsoft)
  3719. mup.sys Multiple UNC Provider driver (Microsoft)
  3720. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  3721. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  3722. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  3723. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  3724. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  3725. NDProxy.sys NDIS Proxy driver (Microsoft)
  3726. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  3727. netbios.sys NetBIOS Interface driver (Microsoft)
  3728. netbt.sys MBT Transport driver (Microsoft)
  3729. NETIO.SYS Network I/O Subsystem (Microsoft)
  3730. Npfs.SYS NPFS driver (Microsoft)
  3731. npsvctrig.sys Named pipe service triggers (Microsoft)
  3732. nsiproxy.sys NSI Proxy driver (Microsoft)
  3733. Ntfs.sys NT File System Driver (Microsoft)
  3734. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  3735. ntosext.sys NTOS Extension Host driver (Microsoft)
  3736. Null.SYS NULL Driver (Microsoft)
  3737. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  3738. pacer.sys QoS Packet Scheduler (Microsoft)
  3739. partmgr.sys Partition driver (Microsoft)
  3740. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  3741. pcw.sys Performance Counter Driver (Microsoft)
  3742. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  3743. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  3744. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  3745. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  3746. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  3747. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  3748. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  3749. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  3750. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  3751. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  3752. rdyboost.sys ReadyBoost Driver (Microsoft)
  3753. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  3754. serenum.sys Serial Port Enumerator (Microsoft)
  3755. serial.sys Serial Device Driver
  3756. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  3757. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  3758. spaceport.sys Storage Spaces driver (Microsoft)
  3759. srv2.sys Smb 2.0 Server driver (Microsoft)
  3760. srvnet.sys Server Network driver (Microsoft)
  3761. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  3762. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  3763. storqosflt.sys Storage QoS Filter driver (Microsoft)
  3764. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  3765. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  3766. tcpip.sys TCP/IP Protocol driver (Microsoft)
  3767. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  3768. TDI.SYS TDI Wrapper driver (Microsoft)
  3769. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  3770. tm.sys Kernel Transaction Manager driver (Microsoft)
  3771. ucx01000.sys USB Controller Extension (Microsoft)
  3772. UEFI.sys UEFI NT driver (Microsoft)
  3773. umbus.sys User-Mode Bus Enumerator (Microsoft)
  3774. usbaudio.sys USB Audio Class Driver (Microsoft)
  3775. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  3776. USBD.SYS Universal Serial Bus Driver (Microsoft)
  3777. UsbHub3.sys USB3 HUB driver (Microsoft)
  3778. usbser.sys USB Serial driver (Microsoft)
  3779. usbvideo.sys USB Video Class Driver (Microsoft)
  3780. USBXHCI.SYS USB XHCI driver (Microsoft)
  3781. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  3782. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  3783. volmgr.sys Volume Manager Driver (Microsoft)
  3784. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  3785. volsnap.sys Volume Shadow Copy driver (Microsoft)
  3786. volume.sys Volume driver (Microsoft)
  3787. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  3788. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  3789. vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
  3790. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  3791. watchdog.sys Watchdog driver (Microsoft)
  3792. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  3793. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  3794. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  3795. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  3796. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  3797. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  3798. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  3799. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  3800. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  3801. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  3802. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  3803. winquic.sys QUIC Transport Protocol driver (Microsoft)
  3804. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  3805. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  3806. Wof.sys Windows Overlay Filter (Microsoft)
  3807. WppRecorder.sys WPP Trace Recorder (Microsoft)
  3808. WSDPrint.sys Web Services Print Device driver (Microsoft)
  3809. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  3810.  
  3811. ====================== Dump #6: UNLOADED MODULES =======================
  3812.  
  3813. fffff805`c9d60000 fffff805`c9d71000 MSKSSRV.sys
  3814. fffff805`c9d10000 fffff805`c9d60000 usbvideo.sys
  3815. fffff805`c9e70000 fffff805`c9e7f000 hiber_storpo
  3816. fffff805`c9ea0000 fffff805`c9ebe000 hiber_amd_sa
  3817. fffff805`c9ec0000 fffff805`c9ede000 hiber_dumpfv
  3818. fffff805`8be00000 fffff805`8be1e000 AtihdWT6.sys
  3819. fffff805`c9e30000 fffff805`c9e41000 MSKSSRV.sys
  3820. fffff805`c9e10000 fffff805`c9e21000 MSKSSRV.sys
  3821. fffff805`c9d60000 fffff805`c9d71000 MSKSSRV.sys
  3822. fffff805`85850000 fffff805`85c04000 OCULUSUD.sys
  3823. fffff805`c9ea0000 fffff805`c9ebc000 usbser.sys
  3824. fffff805`c9d10000 fffff805`c9d60000 usbvideo.sys
  3825. fffff805`c9d60000 fffff805`c9d71000 MSKSSRV.sys
  3826. fffff805`c9e70000 fffff805`c9e7c000 cpuz143_x64.
  3827. fffff805`c9e30000 fffff805`c9e49000 monitor.sys
  3828. fffff805`8be90000 fffff805`90296000 amdkmdag.sys
  3829. fffff805`85cf0000 fffff805`85d09000 monitor.sys
  3830. fffff805`85850000 fffff805`85c04000 OCULUSUD.sys
  3831. fffff805`86850000 fffff805`8686c000 usbser.sys
  3832. fffff805`c9d10000 fffff805`c9d60000 usbvideo.sys
  3833. fffff805`c9e10000 fffff805`c9e21000 MSKSSRV.sys
  3834. fffff805`7cf60000 fffff805`7cfc8000 WdFilter.sys
  3835. fffff805`c9dd0000 fffff805`c9de1000 MpKslDrv.sys
  3836. fffff805`c9bb0000 fffff805`c9bc6000 WdNisDrv.sys
  3837. fffff805`c9d60000 fffff805`c9d71000 MSKSSRV.sys
  3838. fffff805`8bd80000 fffff805`8bd8a000 CorsairVHidD
  3839. fffff805`c9b80000 fffff805`c9b8e000 WSDScan.sys
  3840. fffff805`c9b70000 fffff805`c9b7e000 WSDPrint.sys
  3841. fffff805`846f0000 fffff805`846ff000 dump_storpor
  3842. fffff805`84720000 fffff805`8473e000 dump_amd_sat
  3843. fffff805`84760000 fffff805`8477e000 dump_dumpfve
  3844. fffff805`849b0000 fffff805`849ce000 dam.sys
  3845. fffff805`7c990000 fffff805`7c9a1000 WdBoot.sys
  3846. fffff805`7c980000 fffff805`7c989000 MbamElam.sys
  3847. fffff805`7dab0000 fffff805`7dac1000 hwpolicy.sys
  3848.  
  3849. ====================== Dump #6: BIOS INFORMATION =======================
  3850.  
  3851. [SMBIOS Data Tables v3.1]
  3852. [DMI Version - 0]
  3853. [2.0 Calling Convention - No]
  3854. [Table Size - 2505 bytes]
  3855. [BIOS Information (Type 0) - Length 26 - Handle 0000h]
  3856. Vendor American Megatrends Inc.
  3857. BIOS Version 5406
  3858. BIOS Starting Address Segment f000
  3859. BIOS Release Date 11/13/2019
  3860. BIOS ROM Size 1000000
  3861. BIOS Characteristics
  3862. 07: - PCI Supported
  3863. 10: - APM Supported
  3864. 11: - Upgradeable FLASH BIOS
  3865. 12: - BIOS Shadowing Supported
  3866. 15: - CD-Boot Supported
  3867. 16: - Selectable Boot Supported
  3868. 17: - BIOS ROM Socketed
  3869. 19: - EDD Supported
  3870. 23: - 1.2MB Floppy Supported
  3871. 24: - 720KB Floppy Supported
  3872. 25: - 2.88MB Floppy Supported
  3873. 26: - Print Screen Device Supported
  3874. 27: - Keyboard Services Supported
  3875. 28: - Serial Services Supported
  3876. 29: - Printer Services Supported
  3877. 32: - BIOS Vendor Reserved
  3878. BIOS Characteristic Extensions
  3879. 00: - ACPI Supported
  3880. 01: - USB Legacy Supported
  3881. 08: - BIOS Boot Specification Supported
  3882. 10: - Specification Reserved
  3883. 11: - Specification Reserved
  3884. BIOS Major Revision 5
  3885. BIOS Minor Revision 13
  3886. EC Firmware Major Revision 255
  3887. EC Firmware Minor Revision 255
  3888. [System Information (Type 1) - Length 27 - Handle 0001h]
  3889. Manufacturer System manufacturer
  3890. Product Name System Product Name
  3891. Version System Version
  3892. UUID 00000000-0000-0000-0000-000000000000
  3893. Wakeup Type Power Switch
  3894. SKUNumber SKU
  3895. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  3896. Manufacturer ASUSTeK COMPUTER INC.
  3897. Product ROG STRIX B350-F GAMING
  3898. Version Rev X.0x
  3899. Feature Flags 09h
  3900. -814696736: - -814696688: - «
  3901. ø
  3902. Location Default string
  3903. Chassis Handle 0003h
  3904. Board Type 0ah - Processor/Memory Module
  3905. Number of Child Handles 0
  3906. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  3907. Manufacturer Default string
  3908. Chassis Type Desktop
  3909. Version Default string
  3910. Bootup State Safe
  3911. Power Supply State Safe
  3912. Thermal State Safe
  3913. Security Status None
  3914. OEM Defined 0
  3915. Height 0U
  3916. Number of Power Cords 1
  3917. Number of Contained Elements 0
  3918. Contained Element Size 3
  3919. [Onboard Devices Information (Type 10) - Length 6 - Handle 0020h]
  3920. Number of Devices 1
  3921. 01: Type Video [enabled]
  3922. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  3923. Number of Strings 8
  3924. 1 Default string
  3925. 2 Default string
  3926. 3 CHOPIN
  3927. 4 Default string
  3928. 5 FFFFFFFFFFFFF
  3929. 6 FFFFFFFFFFFFF
  3930. 7 FFFFFFFFFFFFF
  3931. 8 Default string
  3932. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  3933. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0026h]
  3934. [Physical Memory Array (Type 16) - Length 23 - Handle 0027h]
  3935. Location 03h - SystemBoard/Motherboard
  3936. Use 03h - System Memory
  3937. Memory Error Correction 03h - None
  3938. Maximum Capacity 134217728KB
  3939. Memory Error Inf Handle 0026h
  3940. Number of Memory Devices 4
  3941. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0028h]
  3942. Starting Address 00000000h
  3943. Ending Address 0037ffffh
  3944. Memory Array Handle 0027h
  3945. Partition Width 02
  3946. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0029h]
  3947. Starting Address 00400000h
  3948. Ending Address 0107ffffh
  3949. Memory Array Handle 0027h
  3950. Partition Width 02
  3951. [Cache Information (Type 7) - Length 19 - Handle 002ah]
  3952. Socket Designation L1 - Cache
  3953. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  3954. Maximum Cache Size 0180h - 384K
  3955. Installed Size 0180h - 384K
  3956. Supported SRAM Type 0010h - Pipeline-Burst
  3957. Current SRAM Type 0010h - Pipeline-Burst
  3958. Cache Speed 1ns
  3959. Error Correction Type Specification Reserved
  3960. System Cache Type Unified
  3961. Associativity 8-way Set-Associative
  3962. [Cache Information (Type 7) - Length 19 - Handle 002bh]
  3963. Socket Designation L2 - Cache
  3964. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  3965. Maximum Cache Size 0c00h - 3072K
  3966. Installed Size 0c00h - 3072K
  3967. Supported SRAM Type 0010h - Pipeline-Burst
  3968. Current SRAM Type 0010h - Pipeline-Burst
  3969. Cache Speed 1ns
  3970. Error Correction Type Specification Reserved
  3971. System Cache Type Unified
  3972. Associativity 8-way Set-Associative
  3973. [Cache Information (Type 7) - Length 19 - Handle 002ch]
  3974. Socket Designation L3 - Cache
  3975. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  3976. Maximum Cache Size 8200h - 32768K
  3977. Installed Size 8200h - 32768K
  3978. Supported SRAM Type 0010h - Pipeline-Burst
  3979. Current SRAM Type 0010h - Pipeline-Burst
  3980. Cache Speed 1ns
  3981. Error Correction Type Specification Reserved
  3982. System Cache Type Unified
  3983. Associativity 16-way Set-Associative
  3984. [Processor Information (Type 4) - Length 48 - Handle 002dh]
  3985. Socket Designation AM4
  3986. Processor Type Central Processor
  3987. Processor Family 6bh - Specification Reserved
  3988. Processor Manufacturer Advanced Micro Devices, Inc.
  3989. Processor ID 100f8700fffb8b17
  3990. Processor Version AMD Ryzen 5 3600 6-Core Processor
  3991. Processor Voltage 8bh - 1.1V
  3992. External Clock 100MHz
  3993. Max Speed 4200MHz
  3994. Current Speed 3600MHz
  3995. Status Enabled Populated
  3996. Processor Upgrade Specification Reserved
  3997. L1 Cache Handle 002ah
  3998. L2 Cache Handle 002bh
  3999. L3 Cache Handle 002ch
  4000. Part Number Unknown
  4001. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 002eh]
  4002. [Memory Device (Type 17) - Length 40 - Handle 002fh]
  4003. Physical Memory Array Handle 0027h
  4004. Memory Error Info Handle 002eh
  4005. Total Width 64 bits
  4006. Data Width 64 bits
  4007. Size 8192MB
  4008. Form Factor 09h - DIMM
  4009. Device Locator DIMM_A1
  4010. Bank Locator BANK 0
  4011. Memory Type 1ah - Specification Reserved
  4012. Type Detail 4080h - Synchronous
  4013. Speed 3200MHz
  4014. Manufacturer Corsair
  4015. Part Number CMW16GX4M2C3200C16
  4016. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0030h]
  4017. Starting Address 00000000h
  4018. Ending Address 00ffffffh
  4019. Memory Device Handle 002fh
  4020. Mem Array Mapped Adr Handle 0029h
  4021. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0031h]
  4022. [Memory Device (Type 17) - Length 40 - Handle 0032h]
  4023. Physical Memory Array Handle 0027h
  4024. Memory Error Info Handle 0031h
  4025. Form Factor 02h - Unknown
  4026. Device Locator DIMM_A2
  4027. Bank Locator BANK 1
  4028. Memory Type 02h - Unknown
  4029. Type Detail 0004h - Unknown
  4030. Speed 0MHz
  4031. Manufacturer Unknown
  4032. Part Number Unknown
  4033. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0033h]
  4034. [Memory Device (Type 17) - Length 40 - Handle 0034h]
  4035. Physical Memory Array Handle 0027h
  4036. Memory Error Info Handle 0033h
  4037. Total Width 64 bits
  4038. Data Width 64 bits
  4039. Size 8192MB
  4040. Form Factor 09h - DIMM
  4041. Device Locator DIMM_B1
  4042. Bank Locator BANK 2
  4043. Memory Type 1ah - Specification Reserved
  4044. Type Detail 4080h - Synchronous
  4045. Speed 3200MHz
  4046. Manufacturer Corsair
  4047. Part Number CMW16GX4M2C3200C16
  4048. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0035h]
  4049. Starting Address 00000000h
  4050. Ending Address 00ffffffh
  4051. Memory Device Handle 0034h
  4052. Mem Array Mapped Adr Handle 0029h
  4053. [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0036h]
  4054. [Memory Device (Type 17) - Length 40 - Handle 0037h]
  4055. Physical Memory Array Handle 0027h
  4056. Memory Error Info Handle 0036h
  4057. Form Factor 02h - Unknown
  4058. Device Locator DIMM_B2
  4059. Bank Locator BANK 3
  4060. Memory Type 02h - Unknown
  4061. Type Detail 0004h - Unknown
  4062. Speed 0MHz
  4063. Manufacturer Unknown
  4064. Part Number Unknown
  4065.  
  4066. ========================== Dump #6: Extra #1 ===========================
  4067.  
  4068. 9: kd> !verifier
  4069. Verify Flags Level 0x00000000
  4070. STANDARD FLAGS:
  4071. [X] (0x00000000) Automatic Checks
  4072. [ ] (0x00000001) Special pool
  4073. [ ] (0x00000002) Force IRQL checking
  4074. [ ] (0x00000008) Pool tracking
  4075. [ ] (0x00000010) I/O verification
  4076. [ ] (0x00000020) Deadlock detection
  4077. [ ] (0x00000080) DMA checking
  4078. [ ] (0x00000100) Security checks
  4079. [ ] (0x00000800) Miscellaneous checks
  4080. [ ] (0x00020000) DDI compliance checking
  4081. ADDITIONAL FLAGS:
  4082. [ ] (0x00000004) Randomized low resources simulation
  4083. [ ] (0x00000200) Force pending I/O requests
  4084. [ ] (0x00000400) IRP logging
  4085. [ ] (0x00002000) Invariant MDL checking for stack
  4086. [ ] (0x00004000) Invariant MDL checking for driver
  4087. [ ] (0x00008000) Power framework delay fuzzing
  4088. [ ] (0x00010000) Port/miniport interface checking
  4089. [ ] (0x00040000) Systematic low resources simulation
  4090. [ ] (0x00080000) DDI compliance checking (additional)
  4091. [ ] (0x00200000) NDIS/WIFI verification
  4092. [ ] (0x00800000) Kernel synchronization delay fuzzing
  4093. [ ] (0x01000000) VM switch verification
  4094. [ ] (0x02000000) Code integrity checks
  4095. [X] Indicates flag is enabled
  4096. Summary of All Verifier Statistics
  4097. RaiseIrqls 0x0
  4098. AcquireSpinLocks 0x0
  4099. Synch Executions 0x0
  4100. Trims 0x0
  4101. Pool Allocations Attempted 0x0
  4102. Pool Allocations Succeeded 0x0
  4103. Pool Allocations Succeeded SpecialPool 0x0
  4104. Pool Allocations With NO TAG 0x0
  4105. Pool Allocations Failed 0x0
  4106. Current paged pool allocations 0x0 for 00000000 bytes
  4107. Peak paged pool allocations 0x0 for 00000000 bytes
  4108. Current nonpaged pool allocations 0x0 for 00000000 bytes
  4109. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  4110.  
  4111. ========================== Dump #6: Extra #2 ===========================
  4112.  
  4113. 9: kd> !thread
  4114. THREAD ffffd18e96e17080 Cid 4758.4634 Teb: 000000bec9933000 Win32Thread: ffffd18ea04dd140 RUNNING on processor 9
  4115. Not impersonating
  4116. GetUlongFromAddress: unable to read from fffff80577a2ca14
  4117. Owning Process ffffd18e9e4e9080 Image: MedalEncoder.exe
  4118. Attached Process N/A Image: N/A
  4119. fffff78000000000: Unable to get shared data
  4120. Wait Start TickCount 4779559
  4121. Context Switch Count 785504 IdealProcessor: 0
  4122. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  4123. UserTime 00:00:00.000
  4124. KernelTime 00:00:00.000
  4125. Win32 Start Address 0x00007ffaf3d96a88
  4126. Stack Init fffff8843c964c90 Current fffff8843c9646e0
  4127. Base fffff8843c965000 Limit fffff8843c95f000 Call 0000000000000000
  4128. Priority 15 BasePriority 15 PriorityDecrement 0 IoPriority 2 PagePriority 5
  4129. Child-SP RetAddr : Args to Child : Call Site
  4130. ffff9081`c96deff8 fffff805`777d41e9 : 00000000`0000003b 00000000`c0000096 fffff805`776a4784 ffff9081`c96df930 : nt!KeBugCheckEx
  4131. ffff9081`c96df000 fffff805`777d363c : fffff884`3c964628 ffff9081`c96df930 fffff805`77b414ec fffff884`3c964a00 : nt!KiBugCheckDispatch+0x69
  4132. ffff9081`c96df140 fffff805`777cb1b2 : fffff805`77b11000 fffff805`77600000 0005e320`00ab7000 00000000`0010001f : nt!KiSystemServiceHandler+0x7c
  4133. ffff9081`c96df180 fffff805`77689875 : 00000000`00000000 00000000`00000000 ffff9081`c96df6f0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0x12
  4134. ffff9081`c96df1b0 fffff805`7768de0e : fffff884`3c964628 ffff9081`c96dfe30 fffff884`3c964628 00000000`00000000 : nt!RtlDispatchException+0x4a5
  4135. ffff9081`c96df900 fffff805`777c3232 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x16e
  4136. ffff9081`c96dffb0 fffff805`777c3200 : fffff805`777d4316 00000000`00000006 00000008`00000001 00000000`00000000 : nt!KxExceptionDispatchOnExceptionStack+0x12 (TrapFrame @ ffff9081`c96dfe70)
  4137. fffff884`3c9644e8 fffff805`777d4316 : 00000000`00000006 00000008`00000001 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatchOnExceptionStackContinue
  4138. fffff884`3c9644f0 fffff805`777d00a0 : ffff9081`c9680180 fffff805`777c958f 00000067`b4bbbdff 00000000`00000001 : nt!KiExceptionDispatch+0x116
  4139. fffff884`3c9646d0 fffff805`776a4784 : ffff9081`00000000 00000000`00000000 00000000`00000000 ffffd18e`96e17180 : nt!KiGeneralProtectionFault+0x320 (TrapFrame @ fffff884`3c9646d0)
  4140. fffff884`3c964860 fffff805`776a3534 : ffffd18e`96e17080 ffffffff`00000000 bf48d332`00000000 00000000`00000000 : nt!KiSwapThread+0xcd4
  4141. fffff884`3c964900 fffff805`776a2cd5 : 00000000`0000006d 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KiCommitThreadWait+0x144
  4142. fffff884`3c9649a0 fffff805`77c1248b : ffffd18e`9bbcc740 00000000`00000006 00000000`00000001 ffffd18e`9bbcc700 : nt!KeWaitForSingleObject+0x255
  4143. fffff884`3c964a80 fffff805`777d3c18 : ffffd18e`96e17080 000000be`ccb3b6f8 fffff884`3c964b18 ffffffff`ff671b60 : nt!NtWaitForSingleObject+0x10b
  4144. fffff884`3c964b00 00007ffb`5cedc0f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28 (TrapFrame @ fffff884`3c964b00)
  4145. 000000be`ccb3b6c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`5cedc0f4
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!