API tools faq
paste
Guest User

Untitled

a guest
Aug 6th, 2020
223
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 112.52 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 02 minutes and 14 seconds
  5.  
  6. ================================ SYSTEM ================================
  7. MANUFACTURER: Gigabyte Technology Co., Ltd.
  8. PRODUCT_NAME: H110-D3A
  9.  
  10. ================================= BIOS =================================
  11. VENDOR: American Megatrends Inc.
  12. VERSION: F25
  13. DATE: 04/11/2018
  14.  
  15. ============================= MOTHERBOARD ==============================
  16. MANUFACTURER: Gigabyte Technology Co., Ltd.
  17. PRODUCT: H110-D3A-CF
  18. VERSION: x.x
  19.  
  20. ================================= RAM ==================================
  21. Size Speed Manufacturer Part No.
  22. -------------- -------------- ------------------- ----------------------
  23. 8192MB 2133MHz 029E CMK16GX4M2Z2400C16
  24. 0MHz
  25. 8192MB 2133MHz 029E CMK16GX4M2Z2400C16
  26. 0MHz
  27.  
  28. ================================= CPU ==================================
  29. Processor Version: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
  30. COUNT: 8
  31. MHZ: 3408
  32. VENDOR: GenuineIntel
  33. FAMILY: 6
  34. MODEL: 5e
  35. STEPPING: 3
  36. MICROCODE: 0,0,0,0 (F,M,S,R) SIG: CC'00000000 (cache) 0'00000000 (init)
  37.  
  38. ================================== OS ==================================
  39. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  40. Built by: 19041.1.amd64fre.vb_release.191206-1406
  41. BUILD_VERSION: 19041.1.amd64fre.vb_release.191206-1406
  42. BUILD: 19041
  43. SERVICEPACK: 0
  44. PLATFORM_TYPE: x64
  45. NAME: Windows 10
  46. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  47. BUILD_TIMESTAMP: 1983-01-21 04:09:18
  48. BUILDDATESTAMP: 191206-1406
  49. BUILDLAB: vb_release
  50. BUILDOSVER: 10.0.19041.1.amd64fre.vb_release.191206-1406
  51.  
  52. =============================== DEBUGGER ===============================
  53. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  54. Copyright (c) Microsoft Corporation. All rights reserved.
  55.  
  56. =============================== COMMENTS ===============================
  57. * Information gathered from different dump files may be different. If
  58. Windows updates between two dump files, two or more OS versions may
  59. be shown above.
  60. * If the user updates the BIOS between dump files, two or more versions
  61. and dates may be shown above.
  62. * More RAM information can be found below in a full BIOS section.
  63.  
  64. ========================================================================
  65. ======================= Dump #1: ANALYZE VERBOSE =======================
  66. ====================== File: 080520-11500-01.dmp =======================
  67. ========================================================================
  68.  
  69. Mini Kernel Dump File: Only registers and stack trace are available
  70. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  71. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  72. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  73. Windows 10 Kernel Version 19041 MP (8 procs) Free x64
  74. Kernel base = 0xfffff803`0e000000 PsLoadedModuleList = 0xfffff803`0ec2a330
  75. Debug session time: Wed Aug 5 15:39:14.054 2020 (UTC - 4:00)
  76. System Uptime: 0 days 3:53:35.623
  77. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  78. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  79. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  80. ************* Symbol Loading Error Summary **************
  81. Module name Error
  82. ntoskrnl The system cannot find the file specified
  83. You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
  84. You should also verify that your symbol search path (.sympath) is correct.
  85.  
  86. BugCheck 1A, {6001, ffffffffc000000e, 243b1ddc000, ffffa987c420ba10}
  87. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  88. *************************************************************************
  89. *** Either you specified an unqualified symbol, or your debugger ***
  90. Cut by GM.
  91. *************************************************************************
  92. Probably caused by : ntoskrnl.exe ( nt+3ddf40 )
  93. Followup: MachineOwner
  94.  
  95. MEMORY_MANAGEMENT (1a)
  96. # Any other values for parameter 1 must be individually examined.
  97.  
  98. Arguments:
  99. Arg1: 0000000000006001, The subtype of the bugcheck.
  100. Arg2: ffffffffc000000e
  101. Arg3: 00000243b1ddc000
  102. Arg4: ffffa987c420ba10
  103.  
  104. Debugging Details:
  105. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  106. *************************************************************************
  107. *** Either you specified an unqualified symbol, or your debugger ***
  108. Cut by GM
  109. *************************************************************************
  110. DUMP_CLASS: 1
  111. DUMP_QUALIFIER: 400
  112. ADDITIONAL_DEBUG_TEXT:
  113. You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
  114. WRONG_SYMBOLS_TIMESTAMP: 188e70be
  115. WRONG_SYMBOLS_SIZE: 1046000
  116. MODULE_NAME: nt
  117. FAULTING_MODULE: fffff8030e000000 nt
  118. DEBUG_FLR_IMAGE_TIMESTAMP: 188e70be
  119. DUMP_TYPE: 2
  120. BUGCHECK_STR: 0x1a_6001
  121. CUSTOMER_CRASH_COUNT: 1
  122. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  123. CURRENT_IRQL: 0
  124. LAST_CONTROL_TRANSFER: from fffff8030e471568 to fffff8030e3ddf40
  125. STACK_TEXT:
  126. ffffba08`65dff8d8 fffff803`0e471568 : 00000000`0000001a 00000000`00006001 ffffffff`c000000e 00000243`b1ddc000 : nt+0x3ddf40
  127. ffffba08`65dff8e0 00000000`0000001a : 00000000`00006001 ffffffff`c000000e 00000243`b1ddc000 ffffa987`c420ba10 : nt+0x471568
  128. ffffba08`65dff8e8 00000000`00006001 : ffffffff`c000000e 00000243`b1ddc000 ffffa987`c420ba10 00000000`00000000 : 0x1a
  129. ffffba08`65dff8f0 ffffffff`c000000e : 00000243`b1ddc000 ffffa987`c420ba10 00000000`00000000 00000000`00000000 : 0x6001
  130. ffffba08`65dff8f8 00000243`b1ddc000 : ffffa987`c420ba10 00000000`00000000 00000000`00000000 00000000`00000000 : 0xffffffff`c000000e
  131. ffffba08`65dff900 ffffa987`c420ba10 : 00000000`00000000 00000000`00000000 00000000`00000000 00000243`b1ddc000 : 0x00000243`b1ddc000
  132. ffffba08`65dff908 00000000`00000000 : 00000000`00000000 00000000`00000000 00000243`b1ddc000 00000243`b1df0000 : 0xffffa987`c420ba10
  133. STACK_COMMAND: kb
  134. THREAD_SHA1_HASH_MOD_FUNC: 6997106dce080e0f247cffc7d244723501c73d61
  135. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2d8a271f870bcb4f672325b569874a97520580a7
  136. THREAD_SHA1_HASH_MOD: 6997106dce080e0f247cffc7d244723501c73d61
  137. FOLLOWUP_IP:
  138. nt+3ddf40
  139. fffff803`0e3ddf40 48894c2408 mov qword ptr [rsp+8],rcx
  140. FAULT_INSTR_CODE: 244c8948
  141. SYMBOL_STACK_INDEX: 0
  142. SYMBOL_NAME: nt+3ddf40
  143. FOLLOWUP_NAME: MachineOwner
  144.  
  145. IMAGE_NAME: ntoskrnl.exe
  146.  
  147. BUCKET_ID_FUNC_OFFSET: 3ddf40
  148. FAILURE_BUCKET_ID: OLD_IMAGE_ntoskrnl.exe
  149. BUCKET_ID: OLD_IMAGE_ntoskrnl.exe
  150. PRIMARY_PROBLEM_CLASS: OLD_IMAGE_ntoskrnl.exe
  151. TARGET_TIME: 2020-08-05T19:39:14.000Z
  152. SUITE_MASK: 784
  153. PRODUCT_TYPE: 1
  154. USER_LCID: 0
  155. FAILURE_ID_HASH_STRING: km:old_image_ntoskrnl.exe
  156. FAILURE_ID_HASH: {d0373e20-93e3-bbe4-5df9-08ec43a17ae8}
  157. Followup: MachineOwner
  158.  
  159. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  160.  
  161. May 01 2013 - WinRing0x64.sys - Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  162. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  163. May 31 2018 - tapnordvpn.sys - Nord VPN TAP driver https://nordvpn.com
  164. Oct 08 2018 - SYMEVENT64x86.SYS - Symantec Event Library https://www.symantec.com/
  165. Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  166. Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
  167. Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
  168. Jan 12 2019 - vbaudio_vmvaio64_win10.sys - VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  169. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  170. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  171. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  172. Jun 28 2019 - Ironx64.SYS - Symantec Iron driver http://www.symantec.com/
  173. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  174. Jul 10 2019 - IDSvia64.sys - Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  175. Sep 26 2019 - BHDrvx64.sys - Norton Security BASH driver http://www.symantec.com/
  176. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  177. Dec 30 2019 - SRTSPX64.SYS - Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  178. Dec 31 2019 - SymEvnt.sys - Symantec Event Library driver
  179. Jan 09 2020 - ccSetx64.sys - Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  180. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  181. Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
  182. Feb 08 2020 - symnets.sys - Network Security WFP driver https://www.symantec.com/
  183. Feb 11 2020 - SYMEFASI64.SYS - Symantec Extended File Attributes (SI) https://www.symantec.com/
  184. Mar 24 2020 - wpCtrlDrv.sys - (Symantec Corporation)
  185. Apr 02 2020 - nlwt.sys - VPN driver (WireGuard LLC)
  186. Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
  187. Apr 21 2020 - SRTSP64.SYS - Symantec Real Time Storage Protection http://www.symantec.com/
  188. May 28 2020 - oculusvad.sys - Oculus VAD driver
  189. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  190. Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  191. Jul 08 2020 - nordlwf.sys - NordVPN LightWeight Firewall driver (NordVPN)
  192. Jul 09 2020 - eeCtrl64.sys - Symantec Eraser Control driver http://www.symantec.com/
  193. Jul 09 2020 - EraserUtilRebootDrv.sys - Symantec Eraser Utility Reboot driver http://www.symantec.com/
  194.  
  195. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  196.  
  197. Image path: \??\C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys
  198. Image name: WinRing0x64.sys
  199. Search : https://www.google.com/search?q=WinRing0x64.sys
  200. ADA Info : Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  201. Timestamp : Wed May 1 2013
  202.  
  203. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  204. Image name: Oculus_ViGEmBus.sys
  205. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  206. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  207. Timestamp : Wed Aug 2 2017
  208.  
  209. Image path: \SystemRoot\System32\drivers\tapnordvpn.sys
  210. Image name: tapnordvpn.sys
  211. Search : https://www.google.com/search?q=tapnordvpn.sys
  212. ADA Info : Nord VPN TAP driver https://nordvpn.com
  213. Timestamp : Thu May 31 2018
  214.  
  215. Image path: \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
  216. Image name: SYMEVENT64x86.SYS
  217. Search : https://www.google.com/search?q=SYMEVENT64x86.SYS
  218. ADA Info : Symantec Event Library https://www.symantec.com/
  219. Timestamp : Mon Oct 8 2018
  220.  
  221. Image path: \??\C:\ProgramData\LGHUB\depots\61557\driver_cpu_temperature\logi_core_temp.sys
  222. Image name: logi_core_temp.sys
  223. Search : https://www.google.com/search?q=logi_core_temp.sys
  224. ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  225. Timestamp : Fri Nov 16 2018
  226.  
  227. Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
  228. Image name: logi_joy_bus_enum.sys
  229. Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
  230. ADA Info : Logitech Joystick driver
  231. Timestamp : Tue Nov 20 2018
  232.  
  233. Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
  234. Image name: logi_joy_xlcore.sys
  235. Search : https://www.google.com/search?q=logi_joy_xlcore.sys
  236. ADA Info : Logitech Joystick driver
  237. Timestamp : Tue Nov 20 2018
  238.  
  239. Image path: \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys
  240. Image name: vbaudio_vmvaio64_win10.sys
  241. Search : https://www.google.com/search?q=vbaudio_vmvaio64_win10.sys
  242. ADA Info : VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  243. Timestamp : Sat Jan 12 2019
  244.  
  245. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  246. Image name: nvvad64v.sys
  247. Search : https://www.google.com/search?q=nvvad64v.sys
  248. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  249. Timestamp : Thu Mar 14 2019
  250.  
  251. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
  252. Image name: TeeDriverW8x64.sys
  253. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  254. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  255. Timestamp : Thu Apr 4 2019
  256.  
  257. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  258. Image name: RTKVHD64.sys
  259. Search : https://www.google.com/search?q=RTKVHD64.sys
  260. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  261. Timestamp : Tue May 14 2019
  262.  
  263. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\Ironx64.SYS
  264. Image name: Ironx64.SYS
  265. Search : https://www.google.com/search?q=Ironx64.SYS
  266. ADA Info : Symantec Iron driver http://www.symantec.com/
  267. Timestamp : Fri Jun 28 2019
  268.  
  269. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  270. Image name: rt640x64.sys
  271. Search : https://www.google.com/search?q=rt640x64.sys
  272. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  273. Timestamp : Mon Jul 1 2019
  274.  
  275. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\IPSDefs\20200805.061\IDSvia64.sys
  276. Image name: IDSvia64.sys
  277. Search : https://www.google.com/search?q=IDSvia64.sys
  278. ADA Info : Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  279. Timestamp : Wed Jul 10 2019
  280.  
  281. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\BASHDefs\20200728.001\BHDrvx64.sys
  282. Image name: BHDrvx64.sys
  283. Search : https://www.google.com/search?q=BHDrvx64.sys
  284. ADA Info : Norton Security BASH driver http://www.symantec.com/
  285. Timestamp : Thu Sep 26 2019
  286.  
  287. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  288. Image name: NvModuleTracker.sys
  289. Search : https://www.google.com/search?q=NvModuleTracker.sys
  290. ADA Info : NVIDIA Module Tracker driver
  291. Timestamp : Fri Nov 29 2019
  292.  
  293. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSPX64.SYS
  294. Image name: SRTSPX64.SYS
  295. Search : https://www.google.com/search?q=SRTSPX64.SYS
  296. ADA Info : Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  297. Timestamp : Mon Dec 30 2019
  298.  
  299. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\SymPlatform\SymEvnt.sys
  300. Image name: SymEvnt.sys
  301. Search : https://www.google.com/search?q=SymEvnt.sys
  302. ADA Info : Symantec Event Library driver
  303. Timestamp : Tue Dec 31 2019
  304.  
  305. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\ccSetx64.sys
  306. Image name: ccSetx64.sys
  307. Search : https://www.google.com/search?q=ccSetx64.sys
  308. ADA Info : Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  309. Timestamp : Thu Jan 9 2020
  310.  
  311. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  312. Image name: nvvhci.sys
  313. Search : https://www.google.com/search?q=nvvhci.sys
  314. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  315. Timestamp : Fri Jan 10 2020
  316.  
  317. Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
  318. Image name: UcmCxUcsiNvppc.sys
  319. Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
  320. ADA Info : NVIDIA USB Type-C Port Policy Controller driver
  321. Timestamp : Sun Jan 26 2020
  322.  
  323. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\symnets.sys
  324. Image name: symnets.sys
  325. Search : https://www.google.com/search?q=symnets.sys
  326. ADA Info : Network Security WFP driver https://www.symantec.com/
  327. Timestamp : Sat Feb 8 2020
  328.  
  329. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SYMEFASI64.SYS
  330. Image name: SYMEFASI64.SYS
  331. Search : https://www.google.com/search?q=SYMEFASI64.SYS
  332. ADA Info : Symantec Extended File Attributes (SI) https://www.symantec.com/
  333. Timestamp : Tue Feb 11 2020
  334.  
  335. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\wpCtrlDrv.sys
  336. Image name: wpCtrlDrv.sys
  337. Search : https://www.google.com/search?q=wpCtrlDrv.sys
  338. ADA Info : (Symantec Corporation)
  339. Timestamp : Tue Mar 24 2020
  340.  
  341. Image path: \SystemRoot\System32\drivers\nlwt.sys
  342. Image name: nlwt.sys
  343. Search : https://www.google.com/search?q=nlwt.sys
  344. ADA Info : VPN driver (WireGuard LLC)
  345. Timestamp : Thu Apr 2 2020
  346.  
  347. Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
  348. Image name: logi_joy_vir_hid.sys
  349. Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
  350. ADA Info : Logitech Joystick driver
  351. Timestamp : Mon Apr 20 2020
  352.  
  353. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSP64.SYS
  354. Image name: SRTSP64.SYS
  355. Search : https://www.google.com/search?q=SRTSP64.SYS
  356. ADA Info : Symantec Real Time Storage Protection http://www.symantec.com/
  357. Timestamp : Tue Apr 21 2020
  358.  
  359. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  360. Image name: oculusvad.sys
  361. Search : https://www.google.com/search?q=oculusvad.sys
  362. ADA Info : Oculus VAD driver
  363. Timestamp : Thu May 28 2020
  364.  
  365. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  366. Image name: nvhda64v.sys
  367. Search : https://www.google.com/search?q=nvhda64v.sys
  368. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  369. Timestamp : Tue Jun 9 2020
  370.  
  371. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
  372. Image name: nvlddmkm.sys
  373. Search : https://www.google.com/search?q=nvlddmkm.sys
  374. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  375. Timestamp : Sun Jul 5 2020
  376.  
  377. Image path: \SystemRoot\system32\DRIVERS\nordlwf.sys
  378. Image name: nordlwf.sys
  379. Search : https://www.google.com/search?q=nordlwf.sys
  380. ADA Info : NordVPN LightWeight Firewall driver (NordVPN)
  381. Timestamp : Wed Jul 8 2020
  382.  
  383. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
  384. Image name: eeCtrl64.sys
  385. Search : https://www.google.com/search?q=eeCtrl64.sys
  386. ADA Info : Symantec Eraser Control driver http://www.symantec.com/
  387. Timestamp : Thu Jul 9 2020
  388.  
  389. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
  390. Image name: EraserUtilRebootDrv.sys
  391. Search : https://www.google.com/search?q=EraserUtilRebootDrv.sys
  392. ADA Info : Symantec Eraser Utility Reboot driver http://www.symantec.com/
  393. Timestamp : Thu Jul 9 2020
  394.  
  395. ====================== Dump #1: MICROSOFT DRIVERS ======================
  396.  
  397. ACPI.sys ACPI Driver for NT (Microsoft)
  398. acpiex.sys ACPIEx Driver (Microsoft)
  399. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  400. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  401. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  402. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  403. ahcache.sys Application Compatibility Cache (Microsoft)
  404. bam.sys BAM Kernal driver (Microsoft)
  405. BasicDisplay.sys Basic Display driver (Microsoft)
  406. BasicRender.sys Basic Render driver (Microsoft)
  407. Beep.SYS BEEP driver (Microsoft)
  408. bindflt.sys Windows Bind Filter driver (Microsoft)
  409. BOOTVID.dll VGA Boot Driver (Microsoft)
  410. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  411. cdd.dll Canonical Display Driver (Microsoft)
  412. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  413. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  414. CI.dll Code Integrity Module (Microsoft)
  415. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  416. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  417. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  418. CLFS.SYS Common Log File System Driver (Microsoft)
  419. clipsp.sys CLIP Service (Microsoft)
  420. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  421. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  422. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  423. condrv.sys Console Driver (Microsoft)
  424. crashdmp.sys Crash Dump driver (Microsoft)
  425. dfsc.sys DFS Namespace Client Driver (Microsoft)
  426. disk.sys PnP Disk Driver (Microsoft)
  427. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  428. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  429. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  430. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  431. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  432. dxgmms2.sys DirectX Graphics MMS
  433. fastfat.SYS Fast FAT File System Driver (Microsoft)
  434. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  435. fileinfo.sys FileInfo Filter Driver (Microsoft)
  436. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  437. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  438. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  439. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  440. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  441. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  442. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  443. HIDCLASS.SYS Hid Class Library (Microsoft)
  444. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  445. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  446. HTTP.sys HTTP Protocol Stack (Microsoft)
  447. intelpep.sys Intel Power Engine Plugin (Microsoft)
  448. intelppm.sys Processor Device Driver (Microsoft)
  449. IntelTA.sys Intel Telemetry Driver
  450. iorate.sys I/O rate control Filter (Microsoft)
  451. kbdclass.sys Keyboard Class Driver (Microsoft)
  452. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  453. kd.dll Local Kernal Debugger (Microsoft)
  454. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  455. ks.sys Kernal CSA Library (Microsoft)
  456. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  457. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  458. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  459. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  460. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  461. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  462. mmcss.sys MMCSS Driver (Microsoft)
  463. monitor.sys Monitor Driver (Microsoft)
  464. mouclass.sys Mouse Class Driver (Microsoft)
  465. mouhid.sys HID Mouse Filter Driver (Microsoft)
  466. mountmgr.sys Mount Point Manager (Microsoft)
  467. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  468. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  469. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  470. Msfs.SYS Mailslot driver (Microsoft)
  471. msisadrv.sys ISA Driver (Microsoft)
  472. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  473. msquic.sys Windows QUIC Driver
  474. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  475. mssmbios.sys System Management BIOS driver (Microsoft)
  476. mup.sys Multiple UNC Provider driver (Microsoft)
  477. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  478. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  479. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  480. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  481. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  482. NDProxy.sys NDIS Proxy driver (Microsoft)
  483. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  484. netbios.sys NetBIOS Interface driver (Microsoft)
  485. netbt.sys MBT Transport driver (Microsoft)
  486. NETIO.SYS Network I/O Subsystem (Microsoft)
  487. Npfs.SYS NPFS driver (Microsoft)
  488. npsvctrig.sys Named pipe service triggers (Microsoft)
  489. nsiproxy.sys NSI Proxy driver (Microsoft)
  490. Ntfs.sys NT File System Driver (Microsoft)
  491. ntosext.sys NTOS Extension Host driver (Microsoft)
  492. ntoskrnl.exe NT Operating System Kernal (Microsoft)
  493. Null.SYS NULL Driver (Microsoft)
  494. pacer.sys QoS Packet Scheduler (Microsoft)
  495. parport.sys Parallel Port Driver (Microsoft)
  496. partmgr.sys Partition driver (Microsoft)
  497. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  498. pcw.sys Performance Counter Driver (Microsoft)
  499. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  500. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  501. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  502. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  503. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  504. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  505. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  506. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  507. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  508. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  509. rdyboost.sys ReadyBoost Driver (Microsoft)
  510. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  511. serenum.sys Serial Port Enumerator (Microsoft)
  512. serial.sys Serial Device Driver
  513. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  514. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  515. spaceport.sys Storage Spaces driver (Microsoft)
  516. srv2.sys Smb 2.0 Server driver (Microsoft)
  517. srvnet.sys Server Network driver (Microsoft)
  518. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  519. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  520. storqosflt.sys Storage QoS Filter driver (Microsoft)
  521. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  522. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  523. tcpip.sys TCP/IP Protocol driver (Microsoft)
  524. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  525. TDI.SYS TDI Wrapper driver (Microsoft)
  526. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  527. tm.sys Kernel Transaction Manager driver (Microsoft)
  528. UcmCx.sys USB Connector Manager KMDF Class Extension
  529. ucx01000.sys USB Controller Extension (Microsoft)
  530. UEFI.sys UEFI NT driver (Microsoft)
  531. umbus.sys User-Mode Bus Enumerator (Microsoft)
  532. usbaudio.sys USB Audio Class Driver (Microsoft)
  533. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  534. USBD.SYS Universal Serial Bus Driver (Microsoft)
  535. UsbHub3.sys USB3 HUB driver (Microsoft)
  536. USBXHCI.SYS USB XHCI driver (Microsoft)
  537. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  538. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  539. volmgr.sys Volume Manager Driver (Microsoft)
  540. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  541. volsnap.sys Volume Shadow Copy driver (Microsoft)
  542. volume.sys Volume driver (Microsoft)
  543. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  544. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  545. watchdog.sys Watchdog driver (Microsoft)
  546. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  547. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  548. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  549. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  550. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  551. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  552. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  553. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  554. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  555. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  556. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  557. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  558. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  559. Wof.sys Windows Overlay Filter (Microsoft)
  560. WppRecorder.sys WPP Trace Recorder (Microsoft)
  561. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  562.  
  563. ====================== Dump #1: UNLOADED MODULES =======================
  564.  
  565. fffff803`1cf80000 fffff803`1cf8f000 WpdUpFltr.sy
  566. fffff803`1c850000 fffff803`1c876000 USBSTOR.SYS
  567. fffff803`1baa0000 fffff803`1bc06000 IDSvia64.sys
  568. fffff803`093a0000 fffff803`093ae000 WSDScan.sys
  569. fffff803`09390000 fffff803`0939e000 WSDPrint.sys
  570. fffff803`093b0000 fffff803`093bb000 nlwt.sys
  571. fffff803`1cec0000 fffff803`1cecb000 nlwt.sys
  572. fffff803`1b8c0000 fffff803`1b8cf000 dump_storpor
  573. fffff803`1b910000 fffff803`1b943000 dump_storahc
  574. fffff803`1b970000 fffff803`1b98e000 dump_dumpfve
  575. fffff803`0fe80000 fffff803`0fe9d000 EhStorClass.
  576. fffff803`1bd00000 fffff803`1bd1c000 dam.sys
  577. fffff803`0fa00000 fffff803`0fa0a000 SymELAM.sys
  578. fffff803`10bf0000 fffff803`10c01000 hwpolicy.sys
  579.  
  580. ====================== Dump #1: BIOS INFORMATION =======================
  581.  
  582. [SMBIOS Data Tables v3.0]
  583. [DMI Version - 0]
  584. [2.0 Calling Convention - No]
  585. [Table Size - 4239 bytes]
  586. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  587. Vendor American Megatrends Inc.
  588. BIOS Version F25
  589. BIOS Starting Address Segment f000
  590. BIOS Release Date 04/11/2018
  591. BIOS ROM Size 800000
  592. BIOS Characteristics
  593. 07: - PCI Supported
  594. 11: - Upgradeable FLASH BIOS
  595. 12: - BIOS Shadowing Supported
  596. 15: - CD-Boot Supported
  597. 16: - Selectable Boot Supported
  598. 17: - BIOS ROM Socketed
  599. 19: - EDD Supported
  600. 23: - 1.2MB Floppy Supported
  601. 24: - 720KB Floppy Supported
  602. 25: - 2.88MB Floppy Supported
  603. 26: - Print Screen Device Supported
  604. 28: - Serial Services Supported
  605. 29: - Printer Services Supported
  606. 32: - BIOS Vendor Reserved
  607. BIOS Characteristic Extensions
  608. 00: - ACPI Supported
  609. 01: - USB Legacy Supported
  610. 08: - BIOS Boot Specification Supported
  611. 10: - Specification Reserved
  612. 11: - Specification Reserved
  613. BIOS Major Revision 5
  614. BIOS Minor Revision 12
  615. EC Firmware Major Revision 255
  616. EC Firmware Minor Revision 255
  617. [System Information (Type 1) - Length 27 - Handle 0001h]
  618. Manufacturer Gigabyte Technology Co., Ltd.
  619. Product Name H110-D3A
  620. Version Default string
  621. UUID 00000000-0000-0000-0000-000000000000
  622. Wakeup Type Power Switch
  623. SKUNumber Default string
  624. Family Default string
  625. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  626. Manufacturer Gigabyte Technology Co., Ltd.
  627. Product H110-D3A-CF
  628. Version x.x
  629. Feature Flags 09h
  630. -1580943648: - -1580943600: - «ûÚú
  631. Location Default string
  632. Chassis Handle 0003h
  633. Board Type 0ah - Processor/Memory Module
  634. Number of Child Handles 0
  635. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  636. Manufacturer Default string
  637. Chassis Type Desktop
  638. Version Default string
  639. Bootup State Safe
  640. Power Supply State Safe
  641. Thermal State Safe
  642. Security Status None
  643. OEM Defined 0
  644. Height 0U
  645. Number of Power Cords 1
  646. Number of Contained Elements 0
  647. Contained Element Size 3
  648. [Onboard Devices Information (Type 10) - Length 6 - Handle 0021h]
  649. Number of Devices 1
  650. 01: Type Video [enabled]
  651. [OEM Strings (Type 11) - Length 5 - Handle 0022h]
  652. Number of Strings 1
  653. 1 Default string
  654. [System Configuration Options (Type 12) - Length 5 - Handle 0023h]
  655. [Physical Memory Array (Type 16) - Length 23 - Handle 003dh]
  656. Location 03h - SystemBoard/Motherboard
  657. Use 03h - System Memory
  658. Memory Error Correction 03h - None
  659. Maximum Capacity 67108864KB
  660. Number of Memory Devices 4
  661. [Memory Device (Type 17) - Length 40 - Handle 003eh]
  662. Physical Memory Array Handle 003dh
  663. Total Width 64 bits
  664. Data Width 64 bits
  665. Size 8192MB
  666. Form Factor 09h - DIMM
  667. Device Locator ChannelA-DIMM0
  668. Bank Locator BANK 0
  669. Memory Type 1ah - Specification Reserved
  670. Type Detail 0080h - Synchronous
  671. Speed 2133MHz
  672. Manufacturer 029E
  673. Part Number CMK16GX4M2Z2400C16
  674. [Memory Device (Type 17) - Length 40 - Handle 003fh]
  675. Physical Memory Array Handle 003dh
  676. Total Width 0 bits
  677. Data Width 0 bits
  678. Form Factor 02h - Unknown
  679. Device Locator ChannelA-DIMM1
  680. Bank Locator BANK 1
  681. Memory Type 02h - Unknown
  682. Type Detail 0000h -
  683. Speed 0MHz
  684. [Memory Device (Type 17) - Length 40 - Handle 0040h]
  685. Physical Memory Array Handle 003dh
  686. Total Width 64 bits
  687. Data Width 64 bits
  688. Size 8192MB
  689. Form Factor 09h - DIMM
  690. Device Locator ChannelB-DIMM0
  691. Bank Locator BANK 2
  692. Memory Type 1ah - Specification Reserved
  693. Type Detail 0080h - Synchronous
  694. Speed 2133MHz
  695. Manufacturer 029E
  696. Part Number CMK16GX4M2Z2400C16
  697. [Memory Device (Type 17) - Length 40 - Handle 0041h]
  698. Physical Memory Array Handle 003dh
  699. Total Width 0 bits
  700. Data Width 0 bits
  701. Form Factor 02h - Unknown
  702. Device Locator ChannelB-DIMM1
  703. Bank Locator BANK 3
  704. Memory Type 02h - Unknown
  705. Type Detail 0000h -
  706. Speed 0MHz
  707. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0042h]
  708. Starting Address 00000000h
  709. Ending Address 00ffffffh
  710. Memory Array Handle 003dh
  711. Partition Width 02
  712. [Cache Information (Type 7) - Length 19 - Handle 0043h]
  713. Socket Designation L1 Cache
  714. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  715. Maximum Cache Size 0100h - 256K
  716. Installed Size 0100h - 256K
  717. Supported SRAM Type 0020h - Synchronous
  718. Current SRAM Type 0020h - Synchronous
  719. Cache Speed 0ns
  720. Error Correction Type ParitySingle-Bit ECC
  721. System Cache Type Unified
  722. Associativity 8-way Set-Associative
  723. [Cache Information (Type 7) - Length 19 - Handle 0044h]
  724. Socket Designation L2 Cache
  725. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  726. Maximum Cache Size 0400h - 1024K
  727. Installed Size 0400h - 1024K
  728. Supported SRAM Type 0020h - Synchronous
  729. Current SRAM Type 0020h - Synchronous
  730. Cache Speed 0ns
  731. Error Correction Type Multi-Bit ECC
  732. System Cache Type Unified
  733. Associativity 4-way Set-Associative
  734. [Cache Information (Type 7) - Length 19 - Handle 0045h]
  735. Socket Designation L3 Cache
  736. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  737. Maximum Cache Size 2000h - 8192K
  738. Installed Size 2000h - 8192K
  739. Supported SRAM Type 0020h - Synchronous
  740. Current SRAM Type 0020h - Synchronous
  741. Cache Speed 0ns
  742. Error Correction Type Specification Reserved
  743. System Cache Type Unified
  744. Associativity 16-way Set-Associative
  745. [Processor Information (Type 4) - Length 48 - Handle 0046h]
  746. Socket Designation U3E1
  747. Processor Type Central Processor
  748. Processor Family c6h - Specification Reserved
  749. Processor Manufacturer Intel(R) Corporation
  750. Processor ID e3060500fffbebbf
  751. Processor Version Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
  752. Processor Voltage 8bh - 1.1V
  753. External Clock 100MHz
  754. Max Speed 8300MHz
  755. Current Speed 3700MHz
  756. Status Enabled Populated
  757. Processor Upgrade Other
  758. L1 Cache Handle 0043h
  759. L2 Cache Handle 0044h
  760. L3 Cache Handle 0045h
  761. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0047h]
  762. Starting Address 00000000h
  763. Ending Address 007fffffh
  764. Memory Device Handle 003eh
  765. Mem Array Mapped Adr Handle 0042h
  766. Interleave Position 01
  767. Interleave Data Depth 02
  768. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0048h]
  769. Starting Address 00800000h
  770. Ending Address 00ffffffh
  771. Memory Device Handle 0040h
  772. Mem Array Mapped Adr Handle 0042h
  773. Interleave Position 02
  774. Interleave Data Depth 02
  775.  
  776. ========================== Dump #1: Extra #1 ===========================
  777.  
  778. 1: kd> !verifier
  779. 00000000: Unable to get verifier list.
  780.  
  781. ========================== Dump #1: Extra #2 ===========================
  782.  
  783. 1: kd> !thread
  784. GetPointerFromAddress: unable to read from fffff8030e021468
  785. ffffa987b9bdf080: Unable to get thread contents
  786.  
  787.  
  788. ========================================================================
  789. ======================= Dump #2: ANALYZE VERBOSE =======================
  790. ====================== File: 080520-11281-01.dmp =======================
  791. ========================================================================
  792.  
  793. Mini Kernel Dump File: Only registers and stack trace are available
  794. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  795. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  796. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  797. Windows 10 Kernel Version 19041 MP (8 procs) Free x64
  798. Kernel base = 0xfffff805`7d400000 PsLoadedModuleList = 0xfffff805`7e02a330
  799. Debug session time: Wed Aug 5 21:25:35.804 2020 (UTC - 4:00)
  800. System Uptime: 0 days 5:45:44.442
  801. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  802. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  803. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  804. ************* Symbol Loading Error Summary **************
  805. Module name Error
  806. ntoskrnl The system cannot find the file specified
  807. You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
  808. You should also verify that your symbol search path (.sympath) is correct.
  809.  
  810. BugCheck EF, {ffffd2084bebb140, 0, 0, 0}
  811. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  812. errfg" bg="errbg"><Unable to get nt!KiCurrentEtwBufferOffset>errfg" bg="errbg"><Unable to get nt!KiCurrentEtwBufferBase
  813. Probably caused by : memory_corruption
  814. Followup: memory_corruption
  815.  
  816. CRITICAL_PROCESS_DIED (ef)
  817. A critical system process died
  818.  
  819. Arguments:
  820. Arg1: ffffd2084bebb140, Process object or thread object
  821. Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
  822. Arg3: 0000000000000000
  823. Arg4: 0000000000000000
  824.  
  825. Debugging Details:
  826. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  827. <Unable to get nt!KiCurrentEtwBufferOffset><Unable to get nt!KiCurrentEtwBufferBase>
  828. DUMP_CLASS: 1
  829. DUMP_QUALIFIER: 400
  830. ADDITIONAL_DEBUG_TEXT:
  831. You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
  832. WRONG_SYMBOLS_TIMESTAMP: 188e70be
  833. WRONG_SYMBOLS_SIZE: 1046000
  834. FAULTING_MODULE: fffff8057d400000 nt
  835. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  836. DUMP_TYPE: 2
  837. CUSTOMER_CRASH_COUNT: 1
  838. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  839. BUGCHECK_STR: 0xEF
  840. CURRENT_IRQL: 0
  841. LAST_CONTROL_TRANSFER: from fffff8057dd173c2 to fffff8057d7ddf40
  842. STACK_TEXT:
  843. ffff868a`9ff36c08 fffff805`7dd173c2 : 00000000`000000ef ffffd208`4bebb140 00000000`00000000 00000000`00000000 : nt+0x3ddf40
  844. ffff868a`9ff36c10 00000000`000000ef : ffffd208`4bebb140 00000000`00000000 00000000`00000000 00000000`00000000 : nt+0x9173c2
  845. ffff868a`9ff36c18 ffffd208`4bebb140 : 00000000`00000000 00000000`00000000 00000000`00000000 00000078`caf81500 : 0xef
  846. ffff868a`9ff36c20 00000000`00000000 : 00000000`00000000 00000000`00000000 00000078`caf81500 00000000`00501902 : 0xffffd208`4bebb140
  847. STACK_COMMAND: kb
  848. CHKIMG_EXTENSION: !chkimg -lo 50 -d !volmgr
  849. fffff80582be10fd-fffff80582be10fe 2 bytes - volmgr!VmReadWrite+ed
  850. [ 48 ff:4c 8b ]
  851. fffff80582be1104-fffff80582be1108 5 bytes - volmgr!VmReadWrite+f4 (+0x07)
  852. [ 0f 1f 44 00 00:e8 e7 5b a6 fa ]
  853. fffff80582be128a-fffff80582be128b 2 bytes - volmgr!VmFlushBuffers+3a (+0x186)
  854. [ 48 ff:4c 8b ]
  855. fffff80582be1291-fffff80582be1295 5 bytes - volmgr!VmFlushBuffers+41 (+0x07)
  856. [ 0f 1f 44 00 00:e8 5a 60 af fa ]
  857. fffff80582be12f1-fffff80582be12f2 2 bytes - volmgr!VmFlushBuffers+a1 (+0x60)
  858. [ 48 ff:4c 8b ]
  859. fffff80582be12f8-fffff80582be12fc 5 bytes - volmgr!VmFlushBuffers+a8 (+0x07)
  860. [ 0f 1f 44 00 00:e8 73 ce b2 fa ]
  861. fffff80582be13b5-fffff80582be13b6 2 bytes - volmgr!VmCreate+15 (+0xbd)
  862. [ 48 ff:4c 8b ]
  863. fffff80582be13bc-fffff80582be13c0 5 bytes - volmgr!VmCreate+1c (+0x07)
  864. [ 0f 1f 44 00 00:e8 df b2 a5 fa ]
  865. fffff80582be140f-fffff80582be1410 2 bytes - volmgr!VmWmi+3f (+0x53)
  866. [ 48 ff:4c 8b ]
  867. fffff80582be1416-fffff80582be141a 5 bytes - volmgr!VmWmi+46 (+0x07)
  868. [ 0f 1f 44 00 00:e8 f5 4b e1 ff ]
  869. fffff80582be143d-fffff80582be143e 2 bytes - volmgr!VmWmi+6d (+0x27)
  870. [ 48 ff:4c 8b ]
  871. fffff80582be1444-fffff80582be1448 5 bytes - volmgr!VmWmi+74 (+0x07)
  872. [ 0f 1f 44 00 00:e8 57 b2 a5 fa ]
  873. fffff80582be15c8-fffff80582be15c9 2 bytes - volmgr!VmDeviceControl+58 (+0x184)
  874. [ 48 ff:4c 8b ]
  875. fffff80582be15cf-fffff80582be15d3 5 bytes - volmgr!VmDeviceControl+5f (+0x07)
  876. [ 0f 1f 44 00 00:e8 1c 5d af fa ]
  877. fffff80582be1627-fffff80582be1628 2 bytes - volmgr!VmDeviceControl+b7 (+0x58)
  878. [ 48 ff:4c 8b ]
  879. fffff80582be162e-fffff80582be1632 5 bytes - volmgr!VmDeviceControl+be (+0x07)
  880. [ 0f 1f 44 00 00:e8 3d cb b2 fa ]
  881. fffff80582be166b-fffff80582be166c 2 bytes - volmgr!VmDeviceControl+fb (+0x3d)
  882. [ 48 ff:4c 8b ]
  883. fffff80582be2169-fffff80582be216a 2 bytes - volmgr!VmInternalDeviceControl+99 (+0xafe)
  884. [ 48 ff:4c 8b ]
  885. fffff80582be2170-fffff80582be2174 5 bytes - volmgr!VmInternalDeviceControl+a0 (+0x07)
  886. [ 0f 1f 44 00 00:e8 2b a5 a5 fa ]
  887. fffff80582be4bfe-fffff80582be4bff 2 bytes - volmgr!VmShutdown+7e (+0x2a8e)
  888. [ 48 ff:4c 8b ]
  889. fffff80582be4c05-fffff80582be4c09 5 bytes - volmgr!VmShutdown+85 (+0x07)
  890. [ 0f 1f 44 00 00:e8 26 c4 1d fb ]
  891. fffff80582bf49af-fffff80582bf49b0 2 bytes - volmgr!VmUnload+1f
  892. [ 48 ff:4c 8b ]
  893. fffff80582bf49b6-fffff80582bf49ba 5 bytes - volmgr!VmUnload+26 (+0x07)
  894. [ 0f 1f 44 00 00:e8 d5 b1 f5 fa ]
  895. fffff80582bf49fb-fffff80582bf49fc 2 bytes - volmgr!VmpProcessDiskNotificationsWorkRoutine+2b (+0x45)
  896. [ 48 ff:4c 8b ]
  897. fffff80582bf4a02-fffff80582bf4a06 5 bytes - volmgr!VmpProcessDiskNotificationsWorkRoutine+32 (+0x07)
  898. [ 0f 1f 44 00 00:e8 39 a1 b4 fa ]
  899. 86 errors : !volmgr (fffff80582be10fd-fffff80582bf4a06)
  900. MODULE_NAME: memory_corruption
  901.  
  902. IMAGE_NAME: memory_corruption
  903.  
  904. FOLLOWUP_NAME: memory_corruption
  905. MEMORY_CORRUPTOR: LARGE
  906. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  907. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  908. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  909. TARGET_TIME: 2020-08-06T01:25:35.000Z
  910. SUITE_MASK: 784
  911. PRODUCT_TYPE: 1
  912. USER_LCID: 0
  913. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  914. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  915. Followup: memory_corruption
  916.  
  917. ====================== Dump #2: 3RD PARTY DRIVERS ======================
  918.  
  919. May 01 2013 - WinRing0x64.sys - Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  920. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  921. May 31 2018 - tapnordvpn.sys - Nord VPN TAP driver https://nordvpn.com
  922. Oct 08 2018 - SYMEVENT64x86.SYS - Symantec Event Library https://www.symantec.com/
  923. Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  924. Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
  925. Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
  926. Jan 12 2019 - vbaudio_vmvaio64_win10.sys - VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  927. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  928. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  929. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  930. Jun 28 2019 - Ironx64.SYS - Symantec Iron driver http://www.symantec.com/
  931. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  932. Jul 10 2019 - IDSvia64.sys - Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  933. Sep 26 2019 - BHDrvx64.sys - Norton Security BASH driver http://www.symantec.com/
  934. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  935. Dec 30 2019 - SRTSPX64.SYS - Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  936. Dec 31 2019 - SymEvnt.sys - Symantec Event Library driver
  937. Jan 09 2020 - ccSetx64.sys - Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  938. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  939. Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
  940. Feb 08 2020 - symnets.sys - Network Security WFP driver https://www.symantec.com/
  941. Feb 11 2020 - SYMEFASI64.SYS - Symantec Extended File Attributes (SI) https://www.symantec.com/
  942. Mar 24 2020 - wpCtrlDrv.sys - (Symantec Corporation)
  943. Apr 02 2020 - nlwt.sys - VPN driver (WireGuard LLC)
  944. Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
  945. Apr 21 2020 - SRTSP64.SYS - Symantec Real Time Storage Protection http://www.symantec.com/
  946. May 28 2020 - oculusvad.sys - Oculus VAD driver
  947. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  948. Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  949. Jul 08 2020 - nordlwf.sys - NordVPN LightWeight Firewall driver (NordVPN)
  950. Jul 09 2020 - eeCtrl64.sys - Symantec Eraser Control driver http://www.symantec.com/
  951. Jul 09 2020 - EraserUtilRebootDrv.sys - Symantec Eraser Utility Reboot driver http://www.symantec.com/
  952.  
  953. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
  954.  
  955. Image path: \??\C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys
  956. Image name: WinRing0x64.sys
  957. Search : https://www.google.com/search?q=WinRing0x64.sys
  958. ADA Info : Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  959. Timestamp : Wed May 1 2013
  960.  
  961. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  962. Image name: Oculus_ViGEmBus.sys
  963. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  964. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  965. Timestamp : Wed Aug 2 2017
  966.  
  967. Image path: \SystemRoot\System32\drivers\tapnordvpn.sys
  968. Image name: tapnordvpn.sys
  969. Search : https://www.google.com/search?q=tapnordvpn.sys
  970. ADA Info : Nord VPN TAP driver https://nordvpn.com
  971. Timestamp : Thu May 31 2018
  972.  
  973. Image path: \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
  974. Image name: SYMEVENT64x86.SYS
  975. Search : https://www.google.com/search?q=SYMEVENT64x86.SYS
  976. ADA Info : Symantec Event Library https://www.symantec.com/
  977. Timestamp : Mon Oct 8 2018
  978.  
  979. Image path: \??\C:\ProgramData\LGHUB\depots\61557\driver_cpu_temperature\logi_core_temp.sys
  980. Image name: logi_core_temp.sys
  981. Search : https://www.google.com/search?q=logi_core_temp.sys
  982. ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  983. Timestamp : Fri Nov 16 2018
  984.  
  985. Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
  986. Image name: logi_joy_bus_enum.sys
  987. Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
  988. ADA Info : Logitech Joystick driver
  989. Timestamp : Tue Nov 20 2018
  990.  
  991. Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
  992. Image name: logi_joy_xlcore.sys
  993. Search : https://www.google.com/search?q=logi_joy_xlcore.sys
  994. ADA Info : Logitech Joystick driver
  995. Timestamp : Tue Nov 20 2018
  996.  
  997. Image path: \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys
  998. Image name: vbaudio_vmvaio64_win10.sys
  999. Search : https://www.google.com/search?q=vbaudio_vmvaio64_win10.sys
  1000. ADA Info : VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  1001. Timestamp : Sat Jan 12 2019
  1002.  
  1003. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  1004. Image name: nvvad64v.sys
  1005. Search : https://www.google.com/search?q=nvvad64v.sys
  1006. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  1007. Timestamp : Thu Mar 14 2019
  1008.  
  1009. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
  1010. Image name: TeeDriverW8x64.sys
  1011. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  1012. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  1013. Timestamp : Thu Apr 4 2019
  1014.  
  1015. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  1016. Image name: RTKVHD64.sys
  1017. Search : https://www.google.com/search?q=RTKVHD64.sys
  1018. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  1019. Timestamp : Tue May 14 2019
  1020.  
  1021. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\Ironx64.SYS
  1022. Image name: Ironx64.SYS
  1023. Search : https://www.google.com/search?q=Ironx64.SYS
  1024. ADA Info : Symantec Iron driver http://www.symantec.com/
  1025. Timestamp : Fri Jun 28 2019
  1026.  
  1027. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  1028. Image name: rt640x64.sys
  1029. Search : https://www.google.com/search?q=rt640x64.sys
  1030. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  1031. Timestamp : Mon Jul 1 2019
  1032.  
  1033. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\IPSDefs\20200805.061\IDSvia64.sys
  1034. Image name: IDSvia64.sys
  1035. Search : https://www.google.com/search?q=IDSvia64.sys
  1036. ADA Info : Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  1037. Timestamp : Wed Jul 10 2019
  1038.  
  1039. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\BASHDefs\20200728.001\BHDrvx64.sys
  1040. Image name: BHDrvx64.sys
  1041. Search : https://www.google.com/search?q=BHDrvx64.sys
  1042. ADA Info : Norton Security BASH driver http://www.symantec.com/
  1043. Timestamp : Thu Sep 26 2019
  1044.  
  1045. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  1046. Image name: NvModuleTracker.sys
  1047. Search : https://www.google.com/search?q=NvModuleTracker.sys
  1048. ADA Info : NVIDIA Module Tracker driver
  1049. Timestamp : Fri Nov 29 2019
  1050.  
  1051. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSPX64.SYS
  1052. Image name: SRTSPX64.SYS
  1053. Search : https://www.google.com/search?q=SRTSPX64.SYS
  1054. ADA Info : Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  1055. Timestamp : Mon Dec 30 2019
  1056.  
  1057. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\SymPlatform\SymEvnt.sys
  1058. Image name: SymEvnt.sys
  1059. Search : https://www.google.com/search?q=SymEvnt.sys
  1060. ADA Info : Symantec Event Library driver
  1061. Timestamp : Tue Dec 31 2019
  1062.  
  1063. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\ccSetx64.sys
  1064. Image name: ccSetx64.sys
  1065. Search : https://www.google.com/search?q=ccSetx64.sys
  1066. ADA Info : Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  1067. Timestamp : Thu Jan 9 2020
  1068.  
  1069. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  1070. Image name: nvvhci.sys
  1071. Search : https://www.google.com/search?q=nvvhci.sys
  1072. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1073. Timestamp : Fri Jan 10 2020
  1074.  
  1075. Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
  1076. Image name: UcmCxUcsiNvppc.sys
  1077. Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
  1078. ADA Info : NVIDIA USB Type-C Port Policy Controller driver
  1079. Timestamp : Sun Jan 26 2020
  1080.  
  1081. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\symnets.sys
  1082. Image name: symnets.sys
  1083. Search : https://www.google.com/search?q=symnets.sys
  1084. ADA Info : Network Security WFP driver https://www.symantec.com/
  1085. Timestamp : Sat Feb 8 2020
  1086.  
  1087. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SYMEFASI64.SYS
  1088. Image name: SYMEFASI64.SYS
  1089. Search : https://www.google.com/search?q=SYMEFASI64.SYS
  1090. ADA Info : Symantec Extended File Attributes (SI) https://www.symantec.com/
  1091. Timestamp : Tue Feb 11 2020
  1092.  
  1093. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\wpCtrlDrv.sys
  1094. Image name: wpCtrlDrv.sys
  1095. Search : https://www.google.com/search?q=wpCtrlDrv.sys
  1096. ADA Info : (Symantec Corporation)
  1097. Timestamp : Tue Mar 24 2020
  1098.  
  1099. Image path: \SystemRoot\System32\drivers\nlwt.sys
  1100. Image name: nlwt.sys
  1101. Search : https://www.google.com/search?q=nlwt.sys
  1102. ADA Info : VPN driver (WireGuard LLC)
  1103. Timestamp : Thu Apr 2 2020
  1104.  
  1105. Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
  1106. Image name: logi_joy_vir_hid.sys
  1107. Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
  1108. ADA Info : Logitech Joystick driver
  1109. Timestamp : Mon Apr 20 2020
  1110.  
  1111. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSP64.SYS
  1112. Image name: SRTSP64.SYS
  1113. Search : https://www.google.com/search?q=SRTSP64.SYS
  1114. ADA Info : Symantec Real Time Storage Protection http://www.symantec.com/
  1115. Timestamp : Tue Apr 21 2020
  1116.  
  1117. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  1118. Image name: oculusvad.sys
  1119. Search : https://www.google.com/search?q=oculusvad.sys
  1120. ADA Info : Oculus VAD driver
  1121. Timestamp : Thu May 28 2020
  1122.  
  1123. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  1124. Image name: nvhda64v.sys
  1125. Search : https://www.google.com/search?q=nvhda64v.sys
  1126. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  1127. Timestamp : Tue Jun 9 2020
  1128.  
  1129. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
  1130. Image name: nvlddmkm.sys
  1131. Search : https://www.google.com/search?q=nvlddmkm.sys
  1132. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  1133. Timestamp : Sun Jul 5 2020
  1134.  
  1135. Image path: \SystemRoot\system32\DRIVERS\nordlwf.sys
  1136. Image name: nordlwf.sys
  1137. Search : https://www.google.com/search?q=nordlwf.sys
  1138. ADA Info : NordVPN LightWeight Firewall driver (NordVPN)
  1139. Timestamp : Wed Jul 8 2020
  1140.  
  1141. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
  1142. Image name: eeCtrl64.sys
  1143. Search : https://www.google.com/search?q=eeCtrl64.sys
  1144. ADA Info : Symantec Eraser Control driver http://www.symantec.com/
  1145. Timestamp : Thu Jul 9 2020
  1146.  
  1147. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
  1148. Image name: EraserUtilRebootDrv.sys
  1149. Search : https://www.google.com/search?q=EraserUtilRebootDrv.sys
  1150. ADA Info : Symantec Eraser Utility Reboot driver http://www.symantec.com/
  1151. Timestamp : Thu Jul 9 2020
  1152.  
  1153. ====================== Dump #2: MICROSOFT DRIVERS ======================
  1154.  
  1155. ACPI.sys ACPI Driver for NT (Microsoft)
  1156. acpiex.sys ACPIEx Driver (Microsoft)
  1157. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  1158. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  1159. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  1160. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  1161. ahcache.sys Application Compatibility Cache (Microsoft)
  1162. bam.sys BAM Kernal driver (Microsoft)
  1163. BasicDisplay.sys Basic Display driver (Microsoft)
  1164. BasicRender.sys Basic Render driver (Microsoft)
  1165. Beep.SYS BEEP driver (Microsoft)
  1166. bindflt.sys Windows Bind Filter driver (Microsoft)
  1167. BOOTVID.dll VGA Boot Driver (Microsoft)
  1168. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  1169. cdd.dll Canonical Display Driver (Microsoft)
  1170. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  1171. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1172. CI.dll Code Integrity Module (Microsoft)
  1173. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  1174. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1175. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  1176. CLFS.SYS Common Log File System Driver (Microsoft)
  1177. clipsp.sys CLIP Service (Microsoft)
  1178. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1179. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1180. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  1181. condrv.sys Console Driver (Microsoft)
  1182. crashdmp.sys Crash Dump driver (Microsoft)
  1183. dfsc.sys DFS Namespace Client Driver (Microsoft)
  1184. disk.sys PnP Disk Driver (Microsoft)
  1185. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  1186. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1187. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1188. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1189. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  1190. dxgmms2.sys DirectX Graphics MMS
  1191. exfat.SYS Extended FAT File System driver (Microsoft)
  1192. fastfat.SYS Fast FAT File System Driver (Microsoft)
  1193. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  1194. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1195. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1196. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1197. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1198. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1199. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  1200. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1201. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  1202. HIDCLASS.SYS Hid Class Library (Microsoft)
  1203. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  1204. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  1205. HTTP.sys HTTP Protocol Stack (Microsoft)
  1206. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1207. intelppm.sys Processor Device Driver (Microsoft)
  1208. IntelTA.sys Intel Telemetry Driver
  1209. iorate.sys I/O rate control Filter (Microsoft)
  1210. kbdclass.sys Keyboard Class Driver (Microsoft)
  1211. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  1212. kd.dll Local Kernal Debugger (Microsoft)
  1213. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  1214. ks.sys Kernal CSA Library (Microsoft)
  1215. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1216. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1217. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  1218. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  1219. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  1220. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  1221. mmcss.sys MMCSS Driver (Microsoft)
  1222. monitor.sys Monitor Driver (Microsoft)
  1223. mouclass.sys Mouse Class Driver (Microsoft)
  1224. mouhid.sys HID Mouse Filter Driver (Microsoft)
  1225. mountmgr.sys Mount Point Manager (Microsoft)
  1226. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  1227. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  1228. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  1229. Msfs.SYS Mailslot driver (Microsoft)
  1230. msisadrv.sys ISA Driver (Microsoft)
  1231. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  1232. msquic.sys Windows QUIC Driver
  1233. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1234. mssmbios.sys System Management BIOS driver (Microsoft)
  1235. mup.sys Multiple UNC Provider driver (Microsoft)
  1236. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1237. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  1238. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  1239. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  1240. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  1241. NDProxy.sys NDIS Proxy driver (Microsoft)
  1242. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  1243. netbios.sys NetBIOS Interface driver (Microsoft)
  1244. netbt.sys MBT Transport driver (Microsoft)
  1245. NETIO.SYS Network I/O Subsystem (Microsoft)
  1246. Npfs.SYS NPFS driver (Microsoft)
  1247. npsvctrig.sys Named pipe service triggers (Microsoft)
  1248. nsiproxy.sys NSI Proxy driver (Microsoft)
  1249. Ntfs.sys NT File System Driver (Microsoft)
  1250. ntosext.sys NTOS Extension Host driver (Microsoft)
  1251. ntoskrnl.exe NT Operating System Kernal (Microsoft)
  1252. Null.SYS NULL Driver (Microsoft)
  1253. pacer.sys QoS Packet Scheduler (Microsoft)
  1254. parport.sys Parallel Port Driver (Microsoft)
  1255. partmgr.sys Partition driver (Microsoft)
  1256. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1257. pcw.sys Performance Counter Driver (Microsoft)
  1258. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1259. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  1260. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  1261. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1262. qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
  1263. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  1264. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  1265. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  1266. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  1267. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  1268. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  1269. rdyboost.sys ReadyBoost Driver (Microsoft)
  1270. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  1271. serenum.sys Serial Port Enumerator (Microsoft)
  1272. serial.sys Serial Device Driver
  1273. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1274. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1275. spaceport.sys Storage Spaces driver (Microsoft)
  1276. srv2.sys Smb 2.0 Server driver (Microsoft)
  1277. srvnet.sys Server Network driver (Microsoft)
  1278. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  1279. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  1280. storqosflt.sys Storage QoS Filter driver (Microsoft)
  1281. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  1282. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  1283. tcpip.sys TCP/IP Protocol driver (Microsoft)
  1284. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  1285. TDI.SYS TDI Wrapper driver (Microsoft)
  1286. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  1287. tm.sys Kernel Transaction Manager driver (Microsoft)
  1288. UcmCx.sys USB Connector Manager KMDF Class Extension
  1289. ucx01000.sys USB Controller Extension (Microsoft)
  1290. UEFI.sys UEFI NT driver (Microsoft)
  1291. umbus.sys User-Mode Bus Enumerator (Microsoft)
  1292. usbaudio.sys USB Audio Class Driver (Microsoft)
  1293. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  1294. USBD.SYS Universal Serial Bus Driver (Microsoft)
  1295. UsbHub3.sys USB3 HUB driver (Microsoft)
  1296. USBXHCI.SYS USB XHCI driver (Microsoft)
  1297. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  1298. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  1299. volmgr.sys Volume Manager Driver (Microsoft)
  1300. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  1301. volsnap.sys Volume Shadow Copy driver (Microsoft)
  1302. volume.sys Volume driver (Microsoft)
  1303. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  1304. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  1305. watchdog.sys Watchdog driver (Microsoft)
  1306. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  1307. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  1308. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  1309. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  1310. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  1311. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  1312. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  1313. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  1314. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  1315. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  1316. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  1317. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  1318. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  1319. Wof.sys Windows Overlay Filter (Microsoft)
  1320. WppRecorder.sys WPP Trace Recorder (Microsoft)
  1321. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  1322.  
  1323. ====================== Dump #2: UNLOADED MODULES =======================
  1324.  
  1325. fffff805`937d0000 fffff805`937de000 WSDScan.sys
  1326. fffff805`937c0000 fffff805`937ce000 WSDPrint.sys
  1327. fffff805`92c50000 fffff805`92c5f000 WpdUpFltr.sy
  1328. fffff805`912c0000 fffff805`912e6000 USBSTOR.SYS
  1329. fffff805`82e80000 fffff805`82e9d000 EhStorClass.
  1330. fffff805`937d0000 fffff805`937de000 WSDScan.sys
  1331. fffff805`937c0000 fffff805`937ce000 WSDPrint.sys
  1332. fffff805`92c00000 fffff805`92c0b000 nlwt.sys
  1333. fffff805`8ec30000 fffff805`8ec3b000 nlwt.sys
  1334. fffff805`84230000 fffff805`8423f000 dump_storpor
  1335. fffff805`84280000 fffff805`842b3000 dump_storahc
  1336. fffff805`842e0000 fffff805`842fe000 dump_dumpfve
  1337. fffff805`92c00000 fffff805`92c55000 WUDFRd.sys
  1338. fffff805`8e940000 fffff805`8e95c000 dam.sys
  1339. fffff805`82a00000 fffff805`82a0a000 SymELAM.sys
  1340. fffff805`83bf0000 fffff805`83c01000 hwpolicy.sys
  1341.  
  1342. ====================== Dump #2: BIOS INFORMATION =======================
  1343.  
  1344. [SMBIOS Data Tables v3.0]
  1345. [DMI Version - 0]
  1346. [2.0 Calling Convention - No]
  1347. [Table Size - 4239 bytes]
  1348. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  1349. Vendor American Megatrends Inc.
  1350. BIOS Version F25
  1351. BIOS Starting Address Segment f000
  1352. BIOS Release Date 04/11/2018
  1353. BIOS ROM Size 800000
  1354. BIOS Characteristics
  1355. 07: - PCI Supported
  1356. 11: - Upgradeable FLASH BIOS
  1357. 12: - BIOS Shadowing Supported
  1358. 15: - CD-Boot Supported
  1359. 16: - Selectable Boot Supported
  1360. 17: - BIOS ROM Socketed
  1361. 19: - EDD Supported
  1362. 23: - 1.2MB Floppy Supported
  1363. 24: - 720KB Floppy Supported
  1364. 25: - 2.88MB Floppy Supported
  1365. 26: - Print Screen Device Supported
  1366. 28: - Serial Services Supported
  1367. 29: - Printer Services Supported
  1368. 32: - BIOS Vendor Reserved
  1369. BIOS Characteristic Extensions
  1370. 00: - ACPI Supported
  1371. 01: - USB Legacy Supported
  1372. 08: - BIOS Boot Specification Supported
  1373. 10: - Specification Reserved
  1374. 11: - Specification Reserved
  1375. BIOS Major Revision 5
  1376. BIOS Minor Revision 12
  1377. EC Firmware Major Revision 255
  1378. EC Firmware Minor Revision 255
  1379. [System Information (Type 1) - Length 27 - Handle 0001h]
  1380. Manufacturer Gigabyte Technology Co., Ltd.
  1381. Product Name H110-D3A
  1382. Version Default string
  1383. UUID 00000000-0000-0000-0000-000000000000
  1384. Wakeup Type Power Switch
  1385. SKUNumber Default string
  1386. Family Default string
  1387. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  1388. Manufacturer Gigabyte Technology Co., Ltd.
  1389. Product H110-D3A-CF
  1390. Version x.x
  1391. Feature Flags 09h
  1392. -1579239712: - -1579239664: - «ûÚú
  1393. Location Default string
  1394. Chassis Handle 0003h
  1395. Board Type 0ah - Processor/Memory Module
  1396. Number of Child Handles 0
  1397. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  1398. Manufacturer Default string
  1399. Chassis Type Desktop
  1400. Version Default string
  1401. Bootup State Safe
  1402. Power Supply State Safe
  1403. Thermal State Safe
  1404. Security Status None
  1405. OEM Defined 0
  1406. Height 0U
  1407. Number of Power Cords 1
  1408. Number of Contained Elements 0
  1409. Contained Element Size 3
  1410. [Onboard Devices Information (Type 10) - Length 6 - Handle 0021h]
  1411. Number of Devices 1
  1412. 01: Type Video [enabled]
  1413. [OEM Strings (Type 11) - Length 5 - Handle 0022h]
  1414. Number of Strings 1
  1415. 1 Default string
  1416. [System Configuration Options (Type 12) - Length 5 - Handle 0023h]
  1417. [Physical Memory Array (Type 16) - Length 23 - Handle 003dh]
  1418. Location 03h - SystemBoard/Motherboard
  1419. Use 03h - System Memory
  1420. Memory Error Correction 03h - None
  1421. Maximum Capacity 67108864KB
  1422. Number of Memory Devices 4
  1423. [Memory Device (Type 17) - Length 40 - Handle 003eh]
  1424. Physical Memory Array Handle 003dh
  1425. Total Width 64 bits
  1426. Data Width 64 bits
  1427. Size 8192MB
  1428. Form Factor 09h - DIMM
  1429. Device Locator ChannelA-DIMM0
  1430. Bank Locator BANK 0
  1431. Memory Type 1ah - Specification Reserved
  1432. Type Detail 0080h - Synchronous
  1433. Speed 2133MHz
  1434. Manufacturer 029E
  1435. Part Number CMK16GX4M2Z2400C16
  1436. [Memory Device (Type 17) - Length 40 - Handle 003fh]
  1437. Physical Memory Array Handle 003dh
  1438. Total Width 0 bits
  1439. Data Width 0 bits
  1440. Form Factor 02h - Unknown
  1441. Device Locator ChannelA-DIMM1
  1442. Bank Locator BANK 1
  1443. Memory Type 02h - Unknown
  1444. Type Detail 0000h -
  1445. Speed 0MHz
  1446. [Memory Device (Type 17) - Length 40 - Handle 0040h]
  1447. Physical Memory Array Handle 003dh
  1448. Total Width 64 bits
  1449. Data Width 64 bits
  1450. Size 8192MB
  1451. Form Factor 09h - DIMM
  1452. Device Locator ChannelB-DIMM0
  1453. Bank Locator BANK 2
  1454. Memory Type 1ah - Specification Reserved
  1455. Type Detail 0080h - Synchronous
  1456. Speed 2133MHz
  1457. Manufacturer 029E
  1458. Part Number CMK16GX4M2Z2400C16
  1459. [Memory Device (Type 17) - Length 40 - Handle 0041h]
  1460. Physical Memory Array Handle 003dh
  1461. Total Width 0 bits
  1462. Data Width 0 bits
  1463. Form Factor 02h - Unknown
  1464. Device Locator ChannelB-DIMM1
  1465. Bank Locator BANK 3
  1466. Memory Type 02h - Unknown
  1467. Type Detail 0000h -
  1468. Speed 0MHz
  1469. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0042h]
  1470. Starting Address 00000000h
  1471. Ending Address 00ffffffh
  1472. Memory Array Handle 003dh
  1473. Partition Width 02
  1474. [Cache Information (Type 7) - Length 19 - Handle 0043h]
  1475. Socket Designation L1 Cache
  1476. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  1477. Maximum Cache Size 0100h - 256K
  1478. Installed Size 0100h - 256K
  1479. Supported SRAM Type 0020h - Synchronous
  1480. Current SRAM Type 0020h - Synchronous
  1481. Cache Speed 0ns
  1482. Error Correction Type ParitySingle-Bit ECC
  1483. System Cache Type Unified
  1484. Associativity 8-way Set-Associative
  1485. [Cache Information (Type 7) - Length 19 - Handle 0044h]
  1486. Socket Designation L2 Cache
  1487. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  1488. Maximum Cache Size 0400h - 1024K
  1489. Installed Size 0400h - 1024K
  1490. Supported SRAM Type 0020h - Synchronous
  1491. Current SRAM Type 0020h - Synchronous
  1492. Cache Speed 0ns
  1493. Error Correction Type Multi-Bit ECC
  1494. System Cache Type Unified
  1495. Associativity 4-way Set-Associative
  1496. [Cache Information (Type 7) - Length 19 - Handle 0045h]
  1497. Socket Designation L3 Cache
  1498. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  1499. Maximum Cache Size 2000h - 8192K
  1500. Installed Size 2000h - 8192K
  1501. Supported SRAM Type 0020h - Synchronous
  1502. Current SRAM Type 0020h - Synchronous
  1503. Cache Speed 0ns
  1504. Error Correction Type Specification Reserved
  1505. System Cache Type Unified
  1506. Associativity 16-way Set-Associative
  1507. [Processor Information (Type 4) - Length 48 - Handle 0046h]
  1508. Socket Designation U3E1
  1509. Processor Type Central Processor
  1510. Processor Family c6h - Specification Reserved
  1511. Processor Manufacturer Intel(R) Corporation
  1512. Processor ID e3060500fffbebbf
  1513. Processor Version Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
  1514. Processor Voltage 8bh - 1.1V
  1515. External Clock 100MHz
  1516. Max Speed 8300MHz
  1517. Current Speed 3700MHz
  1518. Status Enabled Populated
  1519. Processor Upgrade Other
  1520. L1 Cache Handle 0043h
  1521. L2 Cache Handle 0044h
  1522. L3 Cache Handle 0045h
  1523. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0047h]
  1524. Starting Address 00000000h
  1525. Ending Address 007fffffh
  1526. Memory Device Handle 003eh
  1527. Mem Array Mapped Adr Handle 0042h
  1528. Interleave Position 01
  1529. Interleave Data Depth 02
  1530. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0048h]
  1531. Starting Address 00800000h
  1532. Ending Address 00ffffffh
  1533. Memory Device Handle 0040h
  1534. Mem Array Mapped Adr Handle 0042h
  1535. Interleave Position 02
  1536. Interleave Data Depth 02
  1537.  
  1538. ========================== Dump #2: Extra #1 ===========================
  1539.  
  1540. 0: kd> !verifier
  1541. 00000000: Unable to get verifier list.
  1542.  
  1543. ========================== Dump #2: Extra #2 ===========================
  1544.  
  1545. 0: kd> !thread
  1546. GetPointerFromAddress: unable to read from fffff8057d421468
  1547. ffffd208501ed080: Unable to get thread contents
  1548.  
  1549.  
  1550. ========================================================================
  1551. ======================= Dump #3: ANALYZE VERBOSE =======================
  1552. ====================== File: 080220-10078-01.dmp =======================
  1553. ========================================================================
  1554.  
  1555. Mini Kernel Dump File: Only registers and stack trace are available
  1556. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  1557. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  1558. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  1559. Windows 10 Kernel Version 19041 MP (8 procs) Free x64
  1560. Kernel base = 0xfffff807`53200000 PsLoadedModuleList = 0xfffff807`53e2a330
  1561. Debug session time: Sun Aug 2 13:58:08.599 2020 (UTC - 4:00)
  1562. System Uptime: 0 days 0:55:43.236
  1563. Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
  1564. *** WARNING: Unable to verify timestamp for ntoskrnl.exe
  1565. *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
  1566. ************* Symbol Loading Error Summary **************
  1567. Module name Error
  1568. ntoskrnl The system cannot find the file specified
  1569. You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
  1570. You should also verify that your symbol search path (.sympath) is correct.
  1571.  
  1572. BugCheck EF, {ffffcd8fe84ef140, 0, 0, 0}
  1573. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  1574. errfg" bg="errbg"><Unable to get nt!KiCurrentEtwBufferOffset>errfg" bg="errbg"><Unable to get nt!KiCurrentEtwBufferBase>
  1575. Probably caused by : memory_corruption
  1576. Followup: memory_corruption
  1577.  
  1578. CRITICAL_PROCESS_DIED (ef)
  1579. A critical system process died
  1580.  
  1581. Arguments:
  1582. Arg1: ffffcd8fe84ef140, Process object or thread object
  1583. Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
  1584. Arg3: 0000000000000000
  1585. Arg4: 0000000000000000
  1586.  
  1587. Debugging Details:
  1588. ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
  1589. <Unable to get nt!KiCurrentEtwBufferOffset><Unable to get nt!KiCurrentEtwBufferBase>
  1590. DUMP_CLASS: 1
  1591. DUMP_QUALIFIER: 400
  1592. ADDITIONAL_DEBUG_TEXT:
  1593. You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
  1594. WRONG_SYMBOLS_TIMESTAMP: 188e70be
  1595. WRONG_SYMBOLS_SIZE: 1046000
  1596. FAULTING_MODULE: fffff80753200000 nt
  1597. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1598. DUMP_TYPE: 2
  1599. CUSTOMER_CRASH_COUNT: 1
  1600. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1601. BUGCHECK_STR: 0xEF
  1602. CURRENT_IRQL: 0
  1603. LAST_CONTROL_TRANSFER: from fffff80753b173c2 to fffff807535ddf40
  1604. STACK_TEXT:
  1605. ffffab00`5d9a6c08 fffff807`53b173c2 : 00000000`000000ef ffffcd8f`e84ef140 00000000`00000000 00000000`00000000 : nt+0x3ddf40
  1606. ffffab00`5d9a6c10 00000000`000000ef : ffffcd8f`e84ef140 00000000`00000000 00000000`00000000 00000000`00000000 : nt+0x9173c2
  1607. ffffab00`5d9a6c18 ffffcd8f`e84ef140 : 00000000`00000000 00000000`00000000 00000000`00000000 000000d6`2d541700 : 0xef
  1608. ffffab00`5d9a6c20 00000000`00000000 : 00000000`00000000 00000000`00000000 000000d6`2d541700 00000000`00501902 : 0xffffcd8f`e84ef140
  1609. STACK_COMMAND: kb
  1610. CHKIMG_EXTENSION: !chkimg -lo 50 -d !Wof
  1611. fffff80758ae3224-fffff80758ae3225 2 bytes - Wof!WofPostReadCallback+64
  1612. [ 48 ff:4c 8b ]
  1613. fffff80758ae322b-fffff80758ae322f 5 bytes - Wof!WofPostReadCallback+6b (+0x07)
  1614. [ 0f 1f 44 00 00:e8 c0 43 a3 fa ]
  1615. fffff80758ae3244-fffff80758ae3245 2 bytes - Wof!WofPostReadCallback+84 (+0x19)
  1616. [ 48 ff:4c 8b ]
  1617. fffff80758ae324b-fffff80758ae324f 5 bytes - Wof!WofPostReadCallback+8b (+0x07)
  1618. [ 0f 1f 44 00 00:e8 40 c3 93 fa ]
  1619. fffff80758ae325d-fffff80758ae325e 2 bytes - Wof!WofPostReadCallback+9d (+0x12)
  1620. [ 48 ff:4c 8b ]
  1621. fffff80758ae3264-fffff80758ae3268 5 bytes - Wof!WofPostReadCallback+a4 (+0x07)
  1622. [ 0f 1f 44 00 00:e8 b7 09 07 fa ]
  1623. 21 errors : !Wof (fffff80758ae3224-fffff80758ae3268)
  1624. MODULE_NAME: memory_corruption
  1625.  
  1626. IMAGE_NAME: memory_corruption
  1627.  
  1628. FOLLOWUP_NAME: memory_corruption
  1629. MEMORY_CORRUPTOR: LARGE
  1630. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1631. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1632. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1633. TARGET_TIME: 2020-08-02T17:58:08.000Z
  1634. SUITE_MASK: 784
  1635. PRODUCT_TYPE: 1
  1636. USER_LCID: 0
  1637. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1638. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1639. Followup: memory_corruption
  1640.  
  1641. ====================== Dump #3: 3RD PARTY DRIVERS ======================
  1642.  
  1643. May 01 2013 - WinRing0x64.sys - Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  1644. Aug 02 2017 - Oculus_ViGEmBus.sys - Oculus Virtual Gamepad Emulation Bus driver
  1645. May 31 2018 - tapnordvpn.sys - Nord VPN TAP driver https://nordvpn.com
  1646. Oct 08 2018 - SYMEVENT64x86.SYS - Symantec Event Library https://www.symantec.com/
  1647. Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  1648. Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
  1649. Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
  1650. Jan 12 2019 - vbaudio_vmvaio64_win10.sys - VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  1651. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  1652. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  1653. May 14 2019 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  1654. Jun 28 2019 - Ironx64.SYS - Symantec Iron driver http://www.symantec.com/
  1655. Jul 01 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  1656. Jul 10 2019 - IDSvia64.sys - Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  1657. Sep 26 2019 - BHDrvx64.sys - Norton Security BASH driver http://www.symantec.com/
  1658. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  1659. Dec 30 2019 - SRTSPX64.SYS - Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  1660. Dec 31 2019 - SymEvnt.sys - Symantec Event Library driver
  1661. Jan 09 2020 - ccSetx64.sys - Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  1662. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1663. Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
  1664. Feb 08 2020 - symnets.sys - Network Security WFP driver https://www.symantec.com/
  1665. Feb 11 2020 - SYMEFASI64.SYS - Symantec Extended File Attributes (SI) https://www.symantec.com/
  1666. Mar 24 2020 - wpCtrlDrv.sys - (Symantec Corporation)
  1667. Apr 02 2020 - nlwt.sys - VPN driver (WireGuard LLC)
  1668. Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
  1669. Apr 21 2020 - SRTSP64.SYS - Symantec Real Time Storage Protection http://www.symantec.com/
  1670. May 28 2020 - oculusvad.sys - Oculus VAD driver
  1671. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  1672. Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  1673. Jul 08 2020 - nordlwf.sys - NordVPN LightWeight Firewall driver (NordVPN)
  1674. Jul 09 2020 - eeCtrl64.sys - Symantec Eraser Control driver http://www.symantec.com/
  1675. Jul 09 2020 - EraserUtilRebootDrv.sys - Symantec Eraser Utility Reboot driver http://www.symantec.com/
  1676.  
  1677. ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
  1678.  
  1679. Image path: \??\C:\Program Files (x86)\EVGA\WinRing0\WinRing0x64.sys
  1680. Image name: WinRing0x64.sys
  1681. Search : https://www.google.com/search?q=WinRing0x64.sys
  1682. ADA Info : Intel Processor Diagnostic Tool or BatteryCare by OpenLibSys.org or Throttlestop (Properties say: OpenLibSys.org) or EVGA Precision X https://www.evga.com/
  1683. Timestamp : Wed May 1 2013
  1684.  
  1685. Image path: \SystemRoot\System32\drivers\Oculus_ViGEmBus.sys
  1686. Image name: Oculus_ViGEmBus.sys
  1687. Search : https://www.google.com/search?q=Oculus_ViGEmBus.sys
  1688. ADA Info : Oculus Virtual Gamepad Emulation Bus driver
  1689. Timestamp : Wed Aug 2 2017
  1690.  
  1691. Image path: \SystemRoot\System32\drivers\tapnordvpn.sys
  1692. Image name: tapnordvpn.sys
  1693. Search : https://www.google.com/search?q=tapnordvpn.sys
  1694. ADA Info : Nord VPN TAP driver https://nordvpn.com
  1695. Timestamp : Thu May 31 2018
  1696.  
  1697. Image path: \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
  1698. Image name: SYMEVENT64x86.SYS
  1699. Search : https://www.google.com/search?q=SYMEVENT64x86.SYS
  1700. ADA Info : Symantec Event Library https://www.symantec.com/
  1701. Timestamp : Mon Oct 8 2018
  1702.  
  1703. Image path: \??\C:\ProgramData\LGHUB\depots\61557\driver_cpu_temperature\logi_core_temp.sys
  1704. Image name: logi_core_temp.sys
  1705. Search : https://www.google.com/search?q=logi_core_temp.sys
  1706. ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
  1707. Timestamp : Fri Nov 16 2018
  1708.  
  1709. Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
  1710. Image name: logi_joy_bus_enum.sys
  1711. Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
  1712. ADA Info : Logitech Joystick driver
  1713. Timestamp : Tue Nov 20 2018
  1714.  
  1715. Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
  1716. Image name: logi_joy_xlcore.sys
  1717. Search : https://www.google.com/search?q=logi_joy_xlcore.sys
  1718. ADA Info : Logitech Joystick driver
  1719. Timestamp : Tue Nov 20 2018
  1720.  
  1721. Image path: \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys
  1722. Image name: vbaudio_vmvaio64_win10.sys
  1723. Search : https://www.google.com/search?q=vbaudio_vmvaio64_win10.sys
  1724. ADA Info : VoiceMeeter Input (VB-Audio VoiceMeeter VAIO) driver
  1725. Timestamp : Sat Jan 12 2019
  1726.  
  1727. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  1728. Image name: nvvad64v.sys
  1729. Search : https://www.google.com/search?q=nvvad64v.sys
  1730. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  1731. Timestamp : Thu Mar 14 2019
  1732.  
  1733. Image path: \SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
  1734. Image name: TeeDriverW8x64.sys
  1735. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  1736. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  1737. Timestamp : Thu Apr 4 2019
  1738.  
  1739. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  1740. Image name: RTKVHD64.sys
  1741. Search : https://www.google.com/search?q=RTKVHD64.sys
  1742. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  1743. Timestamp : Tue May 14 2019
  1744.  
  1745. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\Ironx64.SYS
  1746. Image name: Ironx64.SYS
  1747. Search : https://www.google.com/search?q=Ironx64.SYS
  1748. ADA Info : Symantec Iron driver http://www.symantec.com/
  1749. Timestamp : Fri Jun 28 2019
  1750.  
  1751. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  1752. Image name: rt640x64.sys
  1753. Search : https://www.google.com/search?q=rt640x64.sys
  1754. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  1755. Timestamp : Mon Jul 1 2019
  1756.  
  1757. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\IPSDefs\20200731.061\IDSvia64.sys
  1758. Image name: IDSvia64.sys
  1759. Search : https://www.google.com/search?q=IDSvia64.sys
  1760. ADA Info : Symantec Intrusion Detection IDS Core driver http://www.symantec.com/
  1761. Timestamp : Wed Jul 10 2019
  1762.  
  1763. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\BASHDefs\20200728.001\BHDrvx64.sys
  1764. Image name: BHDrvx64.sys
  1765. Search : https://www.google.com/search?q=BHDrvx64.sys
  1766. ADA Info : Norton Security BASH driver http://www.symantec.com/
  1767. Timestamp : Thu Sep 26 2019
  1768.  
  1769. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  1770. Image name: NvModuleTracker.sys
  1771. Search : https://www.google.com/search?q=NvModuleTracker.sys
  1772. ADA Info : NVIDIA Module Tracker driver
  1773. Timestamp : Fri Nov 29 2019
  1774.  
  1775. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSPX64.SYS
  1776. Image name: SRTSPX64.SYS
  1777. Search : https://www.google.com/search?q=SRTSPX64.SYS
  1778. ADA Info : Symantec Real Time Storage Protection (PEL) http://www.symantec.com/
  1779. Timestamp : Mon Dec 30 2019
  1780.  
  1781. Image path: \??\C:\Program Files\Norton Security\NortonData\22.19.9.63\SymPlatform\SymEvnt.sys
  1782. Image name: SymEvnt.sys
  1783. Search : https://www.google.com/search?q=SymEvnt.sys
  1784. ADA Info : Symantec Event Library driver
  1785. Timestamp : Tue Dec 31 2019
  1786.  
  1787. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\ccSetx64.sys
  1788. Image name: ccSetx64.sys
  1789. Search : https://www.google.com/search?q=ccSetx64.sys
  1790. ADA Info : Common Client Settings driver (Symantec Security Technoligies) http://www.symantec.com/
  1791. Timestamp : Thu Jan 9 2020
  1792.  
  1793. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  1794. Image name: nvvhci.sys
  1795. Search : https://www.google.com/search?q=nvvhci.sys
  1796. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1797. Timestamp : Fri Jan 10 2020
  1798.  
  1799. Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
  1800. Image name: UcmCxUcsiNvppc.sys
  1801. Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
  1802. ADA Info : NVIDIA USB Type-C Port Policy Controller driver
  1803. Timestamp : Sun Jan 26 2020
  1804.  
  1805. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\symnets.sys
  1806. Image name: symnets.sys
  1807. Search : https://www.google.com/search?q=symnets.sys
  1808. ADA Info : Network Security WFP driver https://www.symantec.com/
  1809. Timestamp : Sat Feb 8 2020
  1810.  
  1811. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SYMEFASI64.SYS
  1812. Image name: SYMEFASI64.SYS
  1813. Search : https://www.google.com/search?q=SYMEFASI64.SYS
  1814. ADA Info : Symantec Extended File Attributes (SI) https://www.symantec.com/
  1815. Timestamp : Tue Feb 11 2020
  1816.  
  1817. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\wpCtrlDrv.sys
  1818. Image name: wpCtrlDrv.sys
  1819. Search : https://www.google.com/search?q=wpCtrlDrv.sys
  1820. ADA Info : (Symantec Corporation)
  1821. Timestamp : Tue Mar 24 2020
  1822.  
  1823. Image path: \SystemRoot\System32\drivers\nlwt.sys
  1824. Image name: nlwt.sys
  1825. Search : https://www.google.com/search?q=nlwt.sys
  1826. ADA Info : VPN driver (WireGuard LLC)
  1827. Timestamp : Thu Apr 2 2020
  1828.  
  1829. Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
  1830. Image name: logi_joy_vir_hid.sys
  1831. Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
  1832. ADA Info : Logitech Joystick driver
  1833. Timestamp : Mon Apr 20 2020
  1834.  
  1835. Image path: \SystemRoot\System32\drivers\NGCx64\1614040.039\SRTSP64.SYS
  1836. Image name: SRTSP64.SYS
  1837. Search : https://www.google.com/search?q=SRTSP64.SYS
  1838. ADA Info : Symantec Real Time Storage Protection http://www.symantec.com/
  1839. Timestamp : Tue Apr 21 2020
  1840.  
  1841. Image path: \SystemRoot\System32\drivers\oculusvad.sys
  1842. Image name: oculusvad.sys
  1843. Search : https://www.google.com/search?q=oculusvad.sys
  1844. ADA Info : Oculus VAD driver
  1845. Timestamp : Thu May 28 2020
  1846.  
  1847. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  1848. Image name: nvhda64v.sys
  1849. Search : https://www.google.com/search?q=nvhda64v.sys
  1850. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  1851. Timestamp : Tue Jun 9 2020
  1852.  
  1853. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
  1854. Image name: nvlddmkm.sys
  1855. Search : https://www.google.com/search?q=nvlddmkm.sys
  1856. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  1857. Timestamp : Sun Jul 5 2020
  1858.  
  1859. Image path: \SystemRoot\system32\DRIVERS\nordlwf.sys
  1860. Image name: nordlwf.sys
  1861. Search : https://www.google.com/search?q=nordlwf.sys
  1862. ADA Info : NordVPN LightWeight Firewall driver (NordVPN)
  1863. Timestamp : Wed Jul 8 2020
  1864.  
  1865. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
  1866. Image name: eeCtrl64.sys
  1867. Search : https://www.google.com/search?q=eeCtrl64.sys
  1868. ADA Info : Symantec Eraser Control driver http://www.symantec.com/
  1869. Timestamp : Thu Jul 9 2020
  1870.  
  1871. Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
  1872. Image name: EraserUtilRebootDrv.sys
  1873. Search : https://www.google.com/search?q=EraserUtilRebootDrv.sys
  1874. ADA Info : Symantec Eraser Utility Reboot driver http://www.symantec.com/
  1875. Timestamp : Thu Jul 9 2020
  1876.  
  1877. ====================== Dump #3: MICROSOFT DRIVERS ======================
  1878.  
  1879. ACPI.sys ACPI Driver for NT (Microsoft)
  1880. acpiex.sys ACPIEx Driver (Microsoft)
  1881. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  1882. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  1883. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  1884. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  1885. ahcache.sys Application Compatibility Cache (Microsoft)
  1886. bam.sys BAM Kernal driver (Microsoft)
  1887. BasicDisplay.sys Basic Display driver (Microsoft)
  1888. BasicRender.sys Basic Render driver (Microsoft)
  1889. Beep.SYS BEEP driver (Microsoft)
  1890. bindflt.sys Windows Bind Filter driver (Microsoft)
  1891. BOOTVID.dll VGA Boot Driver (Microsoft)
  1892. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  1893. cdd.dll Canonical Display Driver (Microsoft)
  1894. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  1895. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1896. CI.dll Code Integrity Module (Microsoft)
  1897. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  1898. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1899. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  1900. CLFS.SYS Common Log File System Driver (Microsoft)
  1901. clipsp.sys CLIP Service (Microsoft)
  1902. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1903. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1904. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  1905. condrv.sys Console Driver (Microsoft)
  1906. crashdmp.sys Crash Dump driver (Microsoft)
  1907. dfsc.sys DFS Namespace Client Driver (Microsoft)
  1908. disk.sys PnP Disk Driver (Microsoft)
  1909. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  1910. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1911. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1912. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1913. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  1914. dxgmms2.sys DirectX Graphics MMS
  1915. fastfat.SYS Fast FAT File System Driver (Microsoft)
  1916. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  1917. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1918. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1919. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1920. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1921. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1922. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  1923. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1924. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  1925. HIDCLASS.SYS Hid Class Library (Microsoft)
  1926. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  1927. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  1928. HTTP.sys HTTP Protocol Stack (Microsoft)
  1929. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1930. intelppm.sys Processor Device Driver (Microsoft)
  1931. IntelTA.sys Intel Telemetry Driver
  1932. iorate.sys I/O rate control Filter (Microsoft)
  1933. kbdclass.sys Keyboard Class Driver (Microsoft)
  1934. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  1935. kd.dll Local Kernal Debugger (Microsoft)
  1936. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  1937. ks.sys Kernal CSA Library (Microsoft)
  1938. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1939. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1940. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  1941. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  1942. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  1943. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  1944. mmcss.sys MMCSS Driver (Microsoft)
  1945. monitor.sys Monitor Driver (Microsoft)
  1946. mouclass.sys Mouse Class Driver (Microsoft)
  1947. mouhid.sys HID Mouse Filter Driver (Microsoft)
  1948. mountmgr.sys Mount Point Manager (Microsoft)
  1949. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  1950. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  1951. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  1952. Msfs.SYS Mailslot driver (Microsoft)
  1953. msisadrv.sys ISA Driver (Microsoft)
  1954. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  1955. msquic.sys Windows QUIC Driver
  1956. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1957. mssmbios.sys System Management BIOS driver (Microsoft)
  1958. mup.sys Multiple UNC Provider driver (Microsoft)
  1959. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1960. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  1961. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  1962. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  1963. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  1964. NDProxy.sys NDIS Proxy driver (Microsoft)
  1965. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  1966. netbios.sys NetBIOS Interface driver (Microsoft)
  1967. netbt.sys MBT Transport driver (Microsoft)
  1968. NETIO.SYS Network I/O Subsystem (Microsoft)
  1969. Npfs.SYS NPFS driver (Microsoft)
  1970. npsvctrig.sys Named pipe service triggers (Microsoft)
  1971. nsiproxy.sys NSI Proxy driver (Microsoft)
  1972. Ntfs.sys NT File System Driver (Microsoft)
  1973. ntosext.sys NTOS Extension Host driver (Microsoft)
  1974. ntoskrnl.exe NT Operating System Kernal (Microsoft)
  1975. Null.SYS NULL Driver (Microsoft)
  1976. pacer.sys QoS Packet Scheduler (Microsoft)
  1977. parport.sys Parallel Port Driver (Microsoft)
  1978. partmgr.sys Partition driver (Microsoft)
  1979. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1980. pcw.sys Performance Counter Driver (Microsoft)
  1981. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1982. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  1983. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  1984. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1985. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  1986. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  1987. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  1988. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  1989. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  1990. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  1991. rdyboost.sys ReadyBoost Driver (Microsoft)
  1992. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  1993. serenum.sys Serial Port Enumerator (Microsoft)
  1994. serial.sys Serial Device Driver
  1995. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1996. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1997. spaceport.sys Storage Spaces driver (Microsoft)
  1998. srv2.sys Smb 2.0 Server driver (Microsoft)
  1999. srvnet.sys Server Network driver (Microsoft)
  2000. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  2001. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  2002. storqosflt.sys Storage QoS Filter driver (Microsoft)
  2003. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  2004. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  2005. tcpip.sys TCP/IP Protocol driver (Microsoft)
  2006. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  2007. TDI.SYS TDI Wrapper driver (Microsoft)
  2008. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  2009. tm.sys Kernel Transaction Manager driver (Microsoft)
  2010. UcmCx.sys USB Connector Manager KMDF Class Extension
  2011. ucx01000.sys USB Controller Extension (Microsoft)
  2012. UEFI.sys UEFI NT driver (Microsoft)
  2013. umbus.sys User-Mode Bus Enumerator (Microsoft)
  2014. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  2015. USBD.SYS Universal Serial Bus Driver (Microsoft)
  2016. UsbHub3.sys USB3 HUB driver (Microsoft)
  2017. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  2018. USBXHCI.SYS USB XHCI driver (Microsoft)
  2019. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  2020. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  2021. volmgr.sys Volume Manager Driver (Microsoft)
  2022. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  2023. volsnap.sys Volume Shadow Copy driver (Microsoft)
  2024. volume.sys Volume driver (Microsoft)
  2025. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  2026. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  2027. watchdog.sys Watchdog driver (Microsoft)
  2028. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  2029. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  2030. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  2031. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  2032. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  2033. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  2034. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  2035. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  2036. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  2037. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  2038. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  2039. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  2040. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  2041. Wof.sys Windows Overlay Filter (Microsoft)
  2042. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  2043. WppRecorder.sys WPP Trace Recorder (Microsoft)
  2044. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  2045.  
  2046. ====================== Dump #3: UNLOADED MODULES =======================
  2047.  
  2048. fffff807`a4490000 fffff807`a44ed000 WdFilter.sys
  2049. fffff807`a44f0000 fffff807`a4503000 WdNisDrv.sys
  2050. fffff807`a4030000 fffff807`a403e000 WSDScan.sys
  2051. fffff807`a4020000 fffff807`a402e000 WSDPrint.sys
  2052. fffff807`a4040000 fffff807`a404b000 nlwt.sys
  2053. fffff807`656f0000 fffff807`656fb000 nlwt.sys
  2054. fffff807`64510000 fffff807`6451f000 dump_storpor
  2055. fffff807`64560000 fffff807`64593000 dump_storahc
  2056. fffff807`645c0000 fffff807`645de000 dump_dumpfve
  2057. fffff807`58aa0000 fffff807`58abd000 EhStorClass.
  2058. fffff807`59f10000 fffff807`59f2c000 dam.sys
  2059. fffff807`58610000 fffff807`58621000 WdBoot.sys
  2060. fffff807`58600000 fffff807`5860a000 SymELAM.sys
  2061. fffff807`59810000 fffff807`59821000 hwpolicy.sys
  2062.  
  2063. ====================== Dump #3: BIOS INFORMATION =======================
  2064.  
  2065. [SMBIOS Data Tables v3.0]
  2066. [DMI Version - 0]
  2067. [2.0 Calling Convention - No]
  2068. [Table Size - 4239 bytes]
  2069. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  2070. Vendor American Megatrends Inc.
  2071. BIOS Version F25
  2072. BIOS Starting Address Segment f000
  2073. BIOS Release Date 04/11/2018
  2074. BIOS ROM Size 800000
  2075. BIOS Characteristics
  2076. 07: - PCI Supported
  2077. 11: - Upgradeable FLASH BIOS
  2078. 12: - BIOS Shadowing Supported
  2079. 15: - CD-Boot Supported
  2080. 16: - Selectable Boot Supported
  2081. 17: - BIOS ROM Socketed
  2082. 19: - EDD Supported
  2083. 23: - 1.2MB Floppy Supported
  2084. 24: - 720KB Floppy Supported
  2085. 25: - 2.88MB Floppy Supported
  2086. 26: - Print Screen Device Supported
  2087. 28: - Serial Services Supported
  2088. 29: - Printer Services Supported
  2089. 32: - BIOS Vendor Reserved
  2090. BIOS Characteristic Extensions
  2091. 00: - ACPI Supported
  2092. 01: - USB Legacy Supported
  2093. 08: - BIOS Boot Specification Supported
  2094. 10: - Specification Reserved
  2095. 11: - Specification Reserved
  2096. BIOS Major Revision 5
  2097. BIOS Minor Revision 12
  2098. EC Firmware Major Revision 255
  2099. EC Firmware Minor Revision 255
  2100. [System Information (Type 1) - Length 27 - Handle 0001h]
  2101. Manufacturer Gigabyte Technology Co., Ltd.
  2102. Product Name H110-D3A
  2103. Version Default string
  2104. UUID 00000000-0000-0000-0000-000000000000
  2105. Wakeup Type Power Switch
  2106. SKUNumber Default string
  2107. Family Default string
  2108. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  2109. Manufacturer Gigabyte Technology Co., Ltd.
  2110. Product H110-D3A-CF
  2111. Version x.x
  2112. Feature Flags 09h
  2113. -1575110944: - -1575110896: - «ûÚú
  2114. Location Default string
  2115. Chassis Handle 0003h
  2116. Board Type 0ah - Processor/Memory Module
  2117. Number of Child Handles 0
  2118. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  2119. Manufacturer Default string
  2120. Chassis Type Desktop
  2121. Version Default string
  2122. Bootup State Safe
  2123. Power Supply State Safe
  2124. Thermal State Safe
  2125. Security Status None
  2126. OEM Defined 0
  2127. Height 0U
  2128. Number of Power Cords 1
  2129. Number of Contained Elements 0
  2130. Contained Element Size 3
  2131. [Onboard Devices Information (Type 10) - Length 6 - Handle 0021h]
  2132. Number of Devices 1
  2133. 01: Type Video [enabled]
  2134. [OEM Strings (Type 11) - Length 5 - Handle 0022h]
  2135. Number of Strings 1
  2136. 1 Default string
  2137. [System Configuration Options (Type 12) - Length 5 - Handle 0023h]
  2138. [Physical Memory Array (Type 16) - Length 23 - Handle 003dh]
  2139. Location 03h - SystemBoard/Motherboard
  2140. Use 03h - System Memory
  2141. Memory Error Correction 03h - None
  2142. Maximum Capacity 67108864KB
  2143. Number of Memory Devices 4
  2144. [Memory Device (Type 17) - Length 40 - Handle 003eh]
  2145. Physical Memory Array Handle 003dh
  2146. Total Width 64 bits
  2147. Data Width 64 bits
  2148. Size 8192MB
  2149. Form Factor 09h - DIMM
  2150. Device Locator ChannelA-DIMM0
  2151. Bank Locator BANK 0
  2152. Memory Type 1ah - Specification Reserved
  2153. Type Detail 0080h - Synchronous
  2154. Speed 2133MHz
  2155. Manufacturer 029E
  2156. Part Number CMK16GX4M2Z2400C16
  2157. [Memory Device (Type 17) - Length 40 - Handle 003fh]
  2158. Physical Memory Array Handle 003dh
  2159. Total Width 0 bits
  2160. Data Width 0 bits
  2161. Form Factor 02h - Unknown
  2162. Device Locator ChannelA-DIMM1
  2163. Bank Locator BANK 1
  2164. Memory Type 02h - Unknown
  2165. Type Detail 0000h -
  2166. Speed 0MHz
  2167. [Memory Device (Type 17) - Length 40 - Handle 0040h]
  2168. Physical Memory Array Handle 003dh
  2169. Total Width 64 bits
  2170. Data Width 64 bits
  2171. Size 8192MB
  2172. Form Factor 09h - DIMM
  2173. Device Locator ChannelB-DIMM0
  2174. Bank Locator BANK 2
  2175. Memory Type 1ah - Specification Reserved
  2176. Type Detail 0080h - Synchronous
  2177. Speed 2133MHz
  2178. Manufacturer 029E
  2179. Part Number CMK16GX4M2Z2400C16
  2180. [Memory Device (Type 17) - Length 40 - Handle 0041h]
  2181. Physical Memory Array Handle 003dh
  2182. Total Width 0 bits
  2183. Data Width 0 bits
  2184. Form Factor 02h - Unknown
  2185. Device Locator ChannelB-DIMM1
  2186. Bank Locator BANK 3
  2187. Memory Type 02h - Unknown
  2188. Type Detail 0000h -
  2189. Speed 0MHz
  2190. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0042h]
  2191. Starting Address 00000000h
  2192. Ending Address 00ffffffh
  2193. Memory Array Handle 003dh
  2194. Partition Width 02
  2195. [Cache Information (Type 7) - Length 19 - Handle 0043h]
  2196. Socket Designation L1 Cache
  2197. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  2198. Maximum Cache Size 0100h - 256K
  2199. Installed Size 0100h - 256K
  2200. Supported SRAM Type 0020h - Synchronous
  2201. Current SRAM Type 0020h - Synchronous
  2202. Cache Speed 0ns
  2203. Error Correction Type ParitySingle-Bit ECC
  2204. System Cache Type Unified
  2205. Associativity 8-way Set-Associative
  2206. [Cache Information (Type 7) - Length 19 - Handle 0044h]
  2207. Socket Designation L2 Cache
  2208. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  2209. Maximum Cache Size 0400h - 1024K
  2210. Installed Size 0400h - 1024K
  2211. Supported SRAM Type 0020h - Synchronous
  2212. Current SRAM Type 0020h - Synchronous
  2213. Cache Speed 0ns
  2214. Error Correction Type Multi-Bit ECC
  2215. System Cache Type Unified
  2216. Associativity 4-way Set-Associative
  2217. [Cache Information (Type 7) - Length 19 - Handle 0045h]
  2218. Socket Designation L3 Cache
  2219. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  2220. Maximum Cache Size 2000h - 8192K
  2221. Installed Size 2000h - 8192K
  2222. Supported SRAM Type 0020h - Synchronous
  2223. Current SRAM Type 0020h - Synchronous
  2224. Cache Speed 0ns
  2225. Error Correction Type Specification Reserved
  2226. System Cache Type Unified
  2227. Associativity 16-way Set-Associative
  2228. [Processor Information (Type 4) - Length 48 - Handle 0046h]
  2229. Socket Designation U3E1
  2230. Processor Type Central Processor
  2231. Processor Family c6h - Specification Reserved
  2232. Processor Manufacturer Intel(R) Corporation
  2233. Processor ID e3060500fffbebbf
  2234. Processor Version Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
  2235. Processor Voltage 8bh - 1.1V
  2236. External Clock 100MHz
  2237. Max Speed 8300MHz
  2238. Current Speed 3700MHz
  2239. Status Enabled Populated
  2240. Processor Upgrade Other
  2241. L1 Cache Handle 0043h
  2242. L2 Cache Handle 0044h
  2243. L3 Cache Handle 0045h
  2244. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0047h]
  2245. Starting Address 00000000h
  2246. Ending Address 007fffffh
  2247. Memory Device Handle 003eh
  2248. Mem Array Mapped Adr Handle 0042h
  2249. Interleave Position 01
  2250. Interleave Data Depth 02
  2251. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0048h]
  2252. Starting Address 00800000h
  2253. Ending Address 00ffffffh
  2254. Memory Device Handle 0040h
  2255. Mem Array Mapped Adr Handle 0042h
  2256. Interleave Position 02
  2257. Interleave Data Depth 02
  2258.  
  2259. ========================== Dump #3: Extra #1 ===========================
  2260.  
  2261. 1: kd> !verifier
  2262. Error
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!