API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 19th, 2017
670
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 66.46 KB | None | 0 0
raw download clone embed print report
  1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 X86
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3.  
  4. Auto Dump Analyzer by gardenman
  5. Time to debug file(s): 00 hours and 15 minutes and 23 seconds
  6.  
  7. ============================= SYSTEM INFO ==============================
  8. VERSION: 1.0
  9. PRODUCT_NAME: MS-7A11
  10. MANUFACTURER: MSI
  11.  
  12. =========================== BRIEF BIOS INFO ============================
  13. DATE: 07/24/2016
  14. VERSION: 2.50
  15. VENDOR: American Megatrends Inc.
  16.  
  17. =========================== MOTHERBOARD INFO ===========================
  18. VERSION: 1.0
  19. PRODUCT: Z170A KRAIT GAMING 3X (MS-7A11)
  20. MANUFACTURER: MSI
  21.  
  22. =============================== CPU INFO ===============================
  23. Processor Version: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
  24. MICROCODE: 6,5e,3,0 (F,M,S,R) SIG: 9E'00000000 (cache) 9E'00000000 (init)
  25. STEPPING: 3
  26. MODEL: 5e
  27. FAMILY: 6
  28. VENDOR: GenuineIntel
  29. MHZ: 4008
  30. COUNT: 8
  31.  
  32. =============================== OS INFO ================================
  33. BUILDOSVER: 10.0.15063.483
  34. BUILDLAB: WinBuild
  35. BUILDDATESTAMP: 160101.0800
  36. BUILD_TIMESTAMP: 2017-07-07 02:06:35
  37. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  38. NAME: Windows 10
  39. PLATFORM_TYPE: x64
  40. SERVICEPACK: 483
  41. BUILD: 15063
  42. BUILD_VERSION: 10.0.15063.483 (WinBuild.160101.0800)
  43. Built by: 15063.0.amd64fre.rs2_release.170317-1834
  44. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  45.  
  46. If you see multiple OS versions listed above it's likely because the
  47. dump files were created at different times and Windows has updated to
  48. a new version. This is normal. The same goes for BIOS Versions/Dates.
  49.  
  50. ========================================================================
  51. ==================== Dump File: 081317-33734-01.dmp ====================
  52. ========================================================================
  53. Mini Kernel Dump File: Only registers and stack trace are available
  54. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  55. Kernel base = 0xfffff800`05684000 PsLoadedModuleList = 0xfffff800`059d05e0
  56. Debug session time: Sun Aug 13 16:56:36.008 2017 (UTC - 4:00)
  57. System Uptime: 2 days 14:38:59.318
  58.  
  59. BugCheck 50, {ffff80897c4fca4c, 0, fffff80005b54170, 2}
  60. Could not read faulting driver name
  61. Probably caused by : memory_corruption
  62. Followup: memory_corruption
  63.  
  64. PAGE_FAULT_IN_NONPAGED_AREA (50)
  65. Invalid system memory was referenced. This cannot be protected by try-except.
  66. Typically the address is just plain bad or it is pointing at freed memory.
  67.  
  68. Arguments:
  69. Arg1: ffff80897c4fca4c, memory referenced.
  70. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
  71. Arg3: fffff80005b54170, If non-zero, the instruction address which referenced the bad memory
  72. address.
  73. Arg4: 0000000000000002, (reserved)
  74.  
  75. Debugging Details:
  76. Could not read faulting driver name
  77. DUMP_CLASS: 1
  78. DUMP_QUALIFIER: 400
  79. DUMP_TYPE: 2
  80. READ_ADDRESS: fffff80005a65358: Unable to get MiVisibleState
  81. ffff80897c4fca4c
  82. FAULTING_IP:
  83. nt!PsQueryStatisticsProcess+c0
  84. fffff800`05b54170 4403b6ecfbffff add r14d,dword ptr [rsi-414h]
  85. MM_INTERNAL_CODE: 2
  86. CUSTOMER_CRASH_COUNT: 1
  87. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  88. BUGCHECK_STR: AV
  89.  
  90. PROCESS_NAME: Rainmeter.exe
  91.  
  92. CURRENT_IRQL: 0
  93. TRAP_FRAME: ffffc50063c8f9a0 -- (.trap 0xffffc50063c8f9a0)
  94. NOTE: The trap frame does not contain all registers.
  95. Some register values may be zeroed or incorrect.
  96. rax=0000000000000000 rbx=0000000000000000 rcx=0000000040000000
  97. rdx=fffff80005a67080 rsi=0000000000000000 rdi=0000000000000000
  98. rip=fffff80005b54170 rsp=ffffc50063c8fb30 rbp=0000000000000001
  99. r8=ffffc50063c8fb38 r9=00000000000000d6 r10=ffffd80f48eada40
  100. r11=ffffc50063c8fbb4 r12=0000000000000000 r13=0000000000000000
  101. r14=0000000000000000 r15=0000000000000000
  102. iopl=0 nv up ei pl nz ac pe nc
  103. nt!PsQueryStatisticsProcess+0xc0:
  104. fffff800`05b54170 4403b6ecfbffff add r14d,dword ptr [rsi-414h] ds:ffffffff`fffffbec=????????
  105. Resetting default scope
  106. LAST_CONTROL_TRANSFER: from fffff80005825fb4 to fffff800057f04c0
  107. STACK_TEXT:
  108. ffffc500`63c8f708 fffff800`05825fb4 : 00000000`00000050 ffff8089`7c4fca4c 00000000`00000000 ffffc500`63c8f9a0 : nt!KeBugCheckEx
  109. ffffc500`63c8f710 fffff800`057112d6 : 00000000`00000000 ffff8089`7c4fca4c ffffc500`63c8f9a0 ffff8089`563660c0 : nt!MiSystemFault+0x116e84
  110. ffffc500`63c8f7b0 fffff800`057f9d72 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0xae6
  111. ffffc500`63c8f9a0 fffff800`05b54170 : ffffc500`00000000 fffff800`00000000 00000239`00000000 00000000`00000000 : nt!KiPageFault+0x132
  112. ffffc500`63c8fb30 fffff800`05b53fc0 : 080a0d05`00a9ae09 ffff8089`5982b7c0 ffffd80f`48ead800 ffff8089`55b17ff0 : nt!PsQueryStatisticsProcess+0xc0
  113. ffffc500`63c8fb90 fffff800`05b24609 : 00000000`00026868 00000000`00000000 00000000`00000000 fffff800`059ca040 : nt!ExpCopyProcessInfo+0x270
  114. ffffc500`63c8fc30 fffff800`05b2ffae : 00000000`00000409 fffff800`00080cf0 00000000`00000001 00000000`00000000 : nt!ExpGetProcessInformation+0x229
  115. ffffc500`63c90200 fffff800`05b2f7fb : 00000000`00000000 00000102`4d87e170 00000000`00000003 00000239`93fe99a0 : nt!ExpQuerySystemInformation+0x68e
  116. ffffc500`63c90a40 fffff800`057fb413 : ffff8089`5982b7c0 000000af`4b0f4000 00000000`00000000 ffff8089`50ab4100 : nt!NtQuerySystemInformation+0x2b
  117. ffffc500`63c90a80 00007fff`72095a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  118. 00000102`4d87e068 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`72095a64
  119. STACK_COMMAND: kb
  120. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  121. fffff8000570c0ef - nt!MiGetNextPageTable+19f
  122. [ f6:e9 ]
  123. fffff8000570c122 - nt!MiGetNextPageTable+1d2 (+0x33)
  124. [ f6:e9 ]
  125. fffff800057113b0 - nt!MmAccessFault+bc0 (+0x528e)
  126. [ f6:e9 ]
  127. fffff8000571507b - nt!MiResolvePrivateZeroFault+27b (+0x3ccb)
  128. [ f6:e9 ]
  129. fffff800057150b0-fffff800057150b2 3 bytes - nt!MiResolvePrivateZeroFault+2b0 (+0x35)
  130. [ 40 fb f6:c0 f4 e9 ]
  131. fffff800057150d9 - nt!MiResolvePrivateZeroFault+2d9 (+0x29)
  132. [ fa:91 ]
  133. fffff80005715b54 - nt!MiGetPage+a4 (+0xa7b)
  134. [ fa:91 ]
  135. fffff80005715cc3 - nt!MiGetFreeOrZeroPage+73 (+0x16f)
  136. [ fa:91 ]
  137. fffff80005716558 - nt!MiCompletePrivateZeroFault+518 (+0x895)
  138. [ f6:e9 ]
  139. fffff80005716568 - nt!MiCompletePrivateZeroFault+528 (+0x10)
  140. [ fa:91 ]
  141. fffff80005825fd9 - nt!MiValidFault+1160f9 (+0x10fa71)
  142. [ f6:e9 ]
  143. fffff80005b54366 - nt!MiAllocateDriverPage+9a
  144. [ fa:91 ]
  145. fffff80005b54515 - nt!MmCreateProcessAddressSpace+17d (+0x1af)
  146. [ fa:91 ]
  147. fffff80005b5456b-fffff80005b5456f 5 bytes - nt!MmCreateProcessAddressSpace+1d3 (+0x56)
  148. [ d0 be 7d fb f6:30 7d fa f4 e9 ]
  149. fffff80005b545b4 - nt!MmCreateProcessAddressSpace+21c (+0x49)
  150. [ f6:e9 ]
  151. 21 errors : !nt (fffff8000570c0ef-fffff80005b545b4)
  152. MODULE_NAME: memory_corruption
  153.  
  154. IMAGE_NAME: memory_corruption
  155.  
  156. FOLLOWUP_NAME: memory_corruption
  157. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  158. MEMORY_CORRUPTOR: LARGE
  159. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  160. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  161. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  162. TARGET_TIME: 2017-08-13T20:56:36.000Z
  163. SUITE_MASK: 784
  164. PRODUCT_TYPE: 1
  165. USER_LCID: 0
  166. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  167. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  168. Followup: memory_corruption
  169.  
  170. ========================================================================
  171. ========================== 3RD PARTY DRIVERS ===========================
  172. ========================================================================
  173. Image path: \SystemRoot\System32\Drivers\inpoutx64.sys
  174. Image name: inpoutx64.sys
  175. Info Link : http://www.carrona.org/drivers/driver.php?id=inpoutx64.sys
  176. Timestamp : Fri Oct 17 2008
  177.  
  178. Image path: \SystemRoot\system32\drivers\npf.sys
  179. Image name: npf.sys
  180. Info Link : http://www.carrona.org/drivers/driver.php?id=npf.sys
  181. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  182. Timestamp : Thu Feb 28 2013
  183.  
  184. Image path: \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win7.sys
  185. Image name: vbaudio_vmvaio64_win7.sys
  186. Info Link : http://www.carrona.org/drivers/driver.php?id=vbaudio_vmvaio64_win7.sys
  187. Timestamp : Mon Apr 21 2014
  188.  
  189. Image path: \SystemRoot\system32\DRIVERS\VMNET.SYS
  190. Image name: VMNET.SYS
  191. Info Link : http://www.carrona.org/drivers/driver.php?id=VMNET.SYS
  192. ADA Info : VMware Network driver https://www.vmware.com/
  193. Timestamp : Sun Jul 27 2014
  194.  
  195. Image path: \SystemRoot\system32\DRIVERS\vmnetadapter.sys
  196. Image name: vmnetadapter.sys
  197. Info Link : http://www.carrona.org/drivers/driver.php?id=vmnetadapter.sys
  198. ADA Info : VMware Virtual Network Adapter driver https://www.vmware.com/
  199. Timestamp : Sun Jul 27 2014
  200.  
  201. Image path: \SystemRoot\system32\DRIVERS\vmnetbridge.sys
  202. Image name: vmnetbridge.sys
  203. Info Link : http://www.carrona.org/drivers/driver.php?id=vmnetbridge.sys
  204. ADA Info : VMware Bridge driver https://www.vmware.com/
  205. Timestamp : Sun Jul 27 2014
  206.  
  207. Image path: \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys
  208. Image name: vbaudio_cable64_win7.sys
  209. Info Link : http://www.carrona.org/drivers/driver.php?id=vbaudio_cable64_win7.sys
  210. Timestamp : Thu Aug 14 2014
  211.  
  212. Image path: \SystemRoot\System32\drivers\vmci.sys
  213. Image name: vmci.sys
  214. Info Link : http://www.carrona.org/drivers/driver.php?id=vmci.sys
  215. ADA Info : VMware PCI VMCI Bus Device https://www.vmware.com/
  216. Timestamp : Thu Sep 4 2014
  217.  
  218. Image path: \SystemRoot\system32\drivers\vsock.sys
  219. Image name: vsock.sys
  220. Info Link : http://www.carrona.org/drivers/driver.php?id=vsock.sys
  221. ADA Info : VMware vSockets Service https://www.vmware.com/
  222. Timestamp : Thu Sep 4 2014
  223.  
  224. Image path: \SystemRoot\System32\Drivers\dump_iaStorAV.sys
  225. Image name: dump_iaStorAV.sys
  226. Info Link : http://www.carrona.org/drivers/driver.php?id=dump_iaStorAV.sys
  227. Timestamp : Thu Feb 19 2015
  228.  
  229. Image path: \SystemRoot\System32\drivers\iaStorAV.sys
  230. Image name: iaStorAV.sys
  231. Info Link : http://www.carrona.org/drivers/driver.php?id=iaStorAV.sys
  232. Timestamp : Thu Feb 19 2015
  233.  
  234. Image path: \SystemRoot\System32\drivers\Hamdrv.sys
  235. Image name: Hamdrv.sys
  236. Info Link : http://www.carrona.org/drivers/driver.php?id=Hamdrv.sys
  237. ADA Info : LogMeIn Hamachi Virtual Miniport driver http://www.logmein.com/
  238. Timestamp : Mon Mar 30 2015
  239.  
  240. Image path: \??\C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
  241. Image name: HWiNFO64A.SYS
  242. Info Link : http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
  243. ADA Info : HWiNFO AMD64 Kernel Driver https://www.hwinfo.com/
  244. Timestamp : Tue Mar 31 2015
  245.  
  246. Image path: \SystemRoot\System32\drivers\netr28ux.sys
  247. Image name: netr28ux.sys
  248. Info Link : http://www.carrona.org/drivers/driver.php?id=netr28ux.sys
  249. ADA Info : Ralink Wireless Adapter Driver https://www.mediatek.com/
  250. Timestamp : Thu May 28 2015
  251.  
  252. Image path: \SystemRoot\System32\drivers\tapse01.sys
  253. Image name: tapse01.sys
  254. Info Link : http://www.carrona.org/drivers/driver.php?id=tapse01.sys
  255. Timestamp : Thu Jun 11 2015
  256.  
  257. Image path: \SystemRoot\SysWOW64\drivers\vstor2-mntapi20-shared.sys
  258. Image name: vstor2-mntapi20-shared.sys
  259. Info Link : http://www.carrona.org/drivers/driver.php?id=vstor2-mntapi20-shared.sys
  260. ADA Info : VMware vCenter Converter Standalone https://www.vmware.com/
  261. Timestamp : Thu Jul 9 2015
  262.  
  263. Image path: \SystemRoot\System32\drivers\rzendpt.sys
  264. Image name: rzendpt.sys
  265. Info Link : http://www.carrona.org/drivers/driver.php?id=rzendpt.sys
  266. ADA Info : Razer RzEndPt driver https://www.razerzone.com/
  267. Timestamp : Tue Aug 11 2015
  268.  
  269. Image path: \SystemRoot\System32\drivers\rzudd.sys
  270. Image name: rzudd.sys
  271. Info Link : http://www.carrona.org/drivers/driver.php?id=rzudd.sys
  272. ADA Info : Razer Rzudd Engine Driver https://www.razerzone.com/
  273. Timestamp : Tue Aug 11 2015
  274.  
  275. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  276. Image name: TeeDriverW8x64.sys
  277. Info Link : http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
  278. ADA Info : Intel® Management Engine Interface
  279. Timestamp : Mon Aug 31 2015
  280.  
  281. Image path: \??\C:\WINDOWS\system32\drivers\rzpnk.sys
  282. Image name: rzpnk.sys
  283. Info Link : http://www.carrona.org/drivers/driver.php?id=rzpnk.sys
  284. ADA Info : Razer Overlay Support https://www.razerzone.com/
  285. Timestamp : Wed Sep 16 2015
  286.  
  287. Image path: \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys
  288. Image name: rzpmgrk.sys
  289. Info Link : http://www.carrona.org/drivers/driver.php?id=rzpmgrk.sys
  290. ADA Info : Razer Overlay Support https://www.razerzone.com/
  291. Timestamp : Thu Sep 17 2015
  292.  
  293. Image path: \SystemRoot\System32\drivers\iwdbus.sys
  294. Image name: iwdbus.sys
  295. Info Link : http://www.carrona.org/drivers/driver.php?id=iwdbus.sys
  296. ADA Info : Intel® WiDi Solution driver http://www.intel.com/
  297. Timestamp : Thu Nov 5 2015
  298.  
  299. Image path: \SystemRoot\System32\drivers\iaLPSS2_UART2.sys
  300. Image name: iaLPSS2_UART2.sys
  301. Info Link : http://www.carrona.org/drivers/driver.php?id=iaLPSS2_UART2.sys
  302. Timestamp : Thu Jan 14 2016
  303.  
  304. Image path: \SystemRoot\system32\DRIVERS\CorsairGamingAudioamd64.sys
  305. Image name: CorsairGamingAudioamd64.sys
  306. Info Link : http://www.carrona.org/drivers/driver.php?id=CorsairGamingAudioamd64.sys
  307. Timestamp : Mon Feb 29 2016
  308.  
  309. Image path: \SystemRoot\System32\drivers\e1i63x64.sys
  310. Image name: e1i63x64.sys
  311. Info Link : http://www.carrona.org/drivers/driver.php?id=e1i63x64.sys
  312. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  313. Timestamp : Fri Mar 4 2016
  314.  
  315. Image path: \??\C:\WINDOWS\system32\drivers\hcmon.sys
  316. Image name: hcmon.sys
  317. Info Link : http://www.carrona.org/drivers/driver.php?id=hcmon.sys
  318. ADA Info : VMware USB monitor https://www.vmware.com/
  319. Timestamp : Thu Mar 10 2016
  320.  
  321. Image path: \SystemRoot\system32\drivers\kinonivad.sys
  322. Image name: kinonivad.sys
  323. Info Link : http://www.carrona.org/drivers/driver.php?id=kinonivad.sys
  324. Timestamp : Thu Mar 10 2016
  325.  
  326. Image path: \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys
  327. Image name: vmnetuserif.sys
  328. Info Link : http://www.carrona.org/drivers/driver.php?id=vmnetuserif.sys
  329. ADA Info : VMware Network Application Interface driver https://www.vmware.com/
  330. Timestamp : Thu Apr 14 2016
  331.  
  332. Image path: \??\C:\WINDOWS\system32\drivers\vmx86.sys
  333. Image name: vmx86.sys
  334. Info Link : http://www.carrona.org/drivers/driver.php?id=vmx86.sys
  335. ADA Info : VMware kernel driver https://www.vmware.com/
  336. Timestamp : Thu Apr 14 2016
  337.  
  338. Image path: \SystemRoot\system32\DRIVERS\VBoxDrv.sys
  339. Image name: VBoxDrv.sys
  340. Info Link : http://www.carrona.org/drivers/driver.php?id=VBoxDrv.sys
  341. ADA Info : VirtualBox Support Driver https://www.virtualbox.org/
  342. Timestamp : Mon Apr 18 2016
  343.  
  344. Image path: \SystemRoot\system32\DRIVERS\VBoxNetAdp6.sys
  345. Image name: VBoxNetAdp6.sys
  346. Info Link : http://www.carrona.org/drivers/driver.php?id=VBoxNetAdp6.sys
  347. ADA Info : VirtualBox NDIS 6.0 Host-Only Network Adapter Driver https://www.virtualbox.org/
  348. Timestamp : Mon Apr 18 2016
  349.  
  350. Image path: \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys
  351. Image name: VBoxNetLwf.sys
  352. Info Link : http://www.carrona.org/drivers/driver.php?id=VBoxNetLwf.sys
  353. ADA Info : VirtualBox NDIS 6.0 Lightweight Filter Driver https://www.virtualbox.org/
  354. Timestamp : Mon Apr 18 2016
  355.  
  356. Image path: \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
  357. Image name: VBoxUSBMon.sys
  358. Info Link : http://www.carrona.org/drivers/driver.php?id=VBoxUSBMon.sys
  359. ADA Info : VirtualBox USB Monitor Driver https://www.virtualbox.org/
  360. Timestamp : Mon Apr 18 2016
  361.  
  362. Image path: \SystemRoot\System32\drivers\tap0901.sys
  363. Image name: tap0901.sys
  364. Info Link : http://www.carrona.org/drivers/driver.php?id=tap0901.sys
  365. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  366. Timestamp : Thu Apr 21 2016
  367.  
  368. Image path: \SystemRoot\System32\drivers\tap0901t.sys
  369. Image name: tap0901t.sys
  370. Info Link : http://www.carrona.org/drivers/driver.php?id=tap0901t.sys
  371. Timestamp : Tue Apr 26 2016
  372.  
  373. Image path: \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys
  374. Image name: iaLPSS2i_GPIO2.sys
  375. Info Link : http://www.carrona.org/drivers/driver.php?id=iaLPSS2i_GPIO2.sys
  376. Timestamp : Mon Aug 8 2016
  377.  
  378. Image path: \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys
  379. Image name: iaLPSS2i_I2C.sys
  380. Info Link : http://www.carrona.org/drivers/driver.php?id=iaLPSS2i_I2C.sys
  381. Timestamp : Mon Aug 8 2016
  382.  
  383. Image path: \SystemRoot\System32\drivers\CorsairVBusDriver.sys
  384. Image name: CorsairVBusDriver.sys
  385. Info Link : http://www.carrona.org/drivers/driver.php?id=CorsairVBusDriver.sys
  386. Timestamp : Thu Sep 8 2016
  387.  
  388. Image path: \SystemRoot\System32\drivers\CorsairVHidDriver.sys
  389. Image name: CorsairVHidDriver.sys
  390. Info Link : http://www.carrona.org/drivers/driver.php?id=CorsairVHidDriver.sys
  391. Timestamp : Thu Sep 8 2016
  392.  
  393. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  394. Image name: nvvad64v.sys
  395. Info Link : http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
  396. ADA Info : Nvidia Virtual Audio Driver http://www.nvidia.com/
  397. Timestamp : Mon Dec 19 2016
  398.  
  399. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  400. Image name: nvvhci.sys
  401. Info Link : http://www.carrona.org/drivers/driver.php?id=nvvhci.sys
  402. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  403. Timestamp : Tue Dec 27 2016
  404.  
  405. Image path: \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
  406. Image name: MBAMSwissArmy.sys
  407. Info Link : http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
  408. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  409. Timestamp : Wed Mar 15 2017
  410.  
  411. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  412. Image name: nvhda64v.sys
  413. Info Link : http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
  414. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  415. Timestamp : Wed Mar 15 2017
  416.  
  417. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  418. Image name: tapwindscribe0901.sys
  419. Info Link : http://www.carrona.org/drivers/driver.php?id=tapwindscribe0901.sys
  420. Timestamp : Thu Mar 16 2017
  421.  
  422. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
  423. Image name: nvlddmkm.sys
  424. Info Link : http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
  425. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  426. Timestamp : Mon May 1 2017
  427.  
  428. Image path: \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys
  429. Image name: cpuz143_x64.sys
  430. Info Link : http://www.carrona.org/drivers/driver.php?id=cpuz143_x64.sys
  431. ADA Info : CPUID driver
  432. Timestamp : Mon May 22 2017
  433.  
  434. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  435. Image name: aswKbd.sys
  436. Info Link : http://www.carrona.org/drivers/driver.php?id=aswKbd.sys
  437. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  438. Timestamp : Mon Jun 19 2017
  439.  
  440. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  441. Image name: aswRdr2.sys
  442. Info Link : http://www.carrona.org/drivers/driver.php?id=aswRdr2.sys
  443. ADA Info : Avast Antivirus http://www.avast.com/
  444. Timestamp : Mon Jun 19 2017
  445.  
  446. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  447. Image name: aswRvrt.sys
  448. Info Link : http://www.carrona.org/drivers/driver.php?id=aswRvrt.sys
  449. ADA Info : Avast Antivirus http://www.avast.com/
  450. Timestamp : Mon Jun 19 2017
  451.  
  452. Image path: \SystemRoot\system32\drivers\aswStm.sys
  453. Image name: aswStm.sys
  454. Info Link : http://www.carrona.org/drivers/driver.php?id=aswStm.sys
  455. ADA Info : Avast Antivirus http://www.avast.com/
  456. Timestamp : Mon Jun 19 2017
  457.  
  458. Image path: \SystemRoot\system32\drivers\aswSP.sys
  459. Image name: aswSP.sys
  460. Info Link : http://www.carrona.org/drivers/driver.php?id=aswSP.sys
  461. ADA Info : Avast Antivirus http://www.avast.com/
  462. Timestamp : Thu Jun 22 2017
  463.  
  464. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  465. Image name: aswVmm.sys
  466. Info Link : http://www.carrona.org/drivers/driver.php?id=aswVmm.sys
  467. ADA Info : Avast Antivirus http://www.avast.com/
  468. Timestamp : Thu Jun 29 2017
  469.  
  470. Image path: \SystemRoot\system32\drivers\aswbidsdrivera.sys
  471. Image name: aswbidsdrivera.sys
  472. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbidsdrivera.sys
  473. ADA Info : Avast IDS Application Activity Monitor Driver http://www.avast.com/
  474. Timestamp : Tue Jul 11 2017
  475.  
  476. Image path: \SystemRoot\system32\drivers\aswbidsha.sys
  477. Image name: aswbidsha.sys
  478. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbidsha.sys
  479. ADA Info : Avast Antivirus http://www.avast.com/
  480. Timestamp : Tue Jul 11 2017
  481.  
  482. Image path: \SystemRoot\system32\drivers\aswbloga.sys
  483. Image name: aswbloga.sys
  484. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbloga.sys
  485. ADA Info : Avast Antivirus http://www.avast.com/
  486. Timestamp : Tue Jul 11 2017
  487.  
  488. Image path: \SystemRoot\system32\drivers\aswbuniva.sys
  489. Image name: aswbuniva.sys
  490. Info Link : http://www.carrona.org/drivers/driver.php?id=aswbuniva.sys
  491. ADA Info : Avast Antivirus http://www.avast.com/
  492. Timestamp : Tue Jul 11 2017
  493.  
  494. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  495. Image name: aswMonFlt.sys
  496. Info Link : http://www.carrona.org/drivers/driver.php?id=aswMonFlt.sys
  497. ADA Info : Avast Antivirus http://www.avast.com/
  498. Timestamp : Thu Aug 3 2017
  499.  
  500. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  501. Image name: aswSnx.sys
  502. Info Link : http://www.carrona.org/drivers/driver.php?id=aswSnx.sys
  503. ADA Info : Avast Antivirus http://www.avast.com/
  504. Timestamp : Thu Aug 3 2017
  505.  
  506. Image path: \??\C:\WINDOWS\system32\drivers\EasyAntiCheat.sys
  507. Image name: EasyAntiCheat.sys
  508. Info Link : http://www.carrona.org/drivers/driver.php?id=EasyAntiCheat.sys
  509. Timestamp : Sun Aug 13 2017
  510.  
  511. If any of the above drivers are from Microsoft then please let me know.
  512. I will have them moved to the Microsoft list on the next update.
  513.  
  514. ========================================================================
  515. ========================== MICROSOFT DRIVERS ===========================
  516. ========================================================================
  517. ACPI.sys ACPI Driver for NT (Microsoft)
  518. acpiex.sys ACPIEx Driver (Microsoft)
  519. acpipagr.sys ACPI Processor Aggregator Device Driver
  520. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  521. AgileVpn.sys RAS Agile Vpn Miniport Call Manager
  522. ahcache.sys Application Compatibility Cache (Microsoft)
  523. BasicDisplay.sys Basic Display driver (Microsoft)
  524. BasicRender.sys Basic Render driver (Microsoft)
  525. Beep.SYS BEEP driver (Microsoft)
  526. BOOTVID.dll VGA Boot Driver (Microsoft)
  527. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  528. cdd.dll Canonical Display Driver (Microsoft)
  529. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  530. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  531. CI.dll Code Integrity Module (Microsoft)
  532. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  533. CLFS.SYS Common Log File System Driver (Microsoft)
  534. clipsp.sys CLIP Service (Microsoft)
  535. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  536. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  537. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  538. condrv.sys Console Driver (Microsoft)
  539. crashdmp.sys Crash Dump Driver
  540. dfsc.sys DFS Namespace Client Driver (Microsoft)
  541. disk.sys PnP Disk Driver (Microsoft)
  542. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  543. dump_diskdump.sys Crash Dump Disk Driver
  544. dump_dumpfve.sys Bitlocker Drive Encryption Crashdump Filter
  545. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  546. dxgmms2.sys DirectX Graphics MMS
  547. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  548. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  549. fileinfo.sys FileInfo Filter Driver (Microsoft)
  550. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  551. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  552. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  553. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  554. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  555. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  556. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  557. HdAudio.sys High Definition Audio Function Driver
  558. HIDCLASS.SYS Hid Class Library
  559. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  560. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  561. HTTP.sys HTTP Protocol Stack (Microsoft)
  562. intelpep.sys Intel Power Engine Plugin (Microsoft)
  563. intelppm.sys Processor Device Driver (Microsoft)
  564. iorate.sys I/O rate control Filter (Microsoft)
  565. kbdclass.sys Keyboard Class Driver (Microsoft)
  566. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  567. kd.dll Local Kernal Debugger (Microsoft)
  568. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  569. ks.sys Kernal CSA Library (Microsoft)
  570. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  571. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  572. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  573. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  574. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  575. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  576. mmcss.sys MMCSS Driver (Microsoft)
  577. monitor.sys Monitor Driver (Microsoft)
  578. mouclass.sys Mouse Class Driver (Microsoft)
  579. mouhid.sys HID Mouse Filter Driver (Microsoft)
  580. mountmgr.sys Mount Point Manager (Microsoft)
  581. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  582. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  583. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  584. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  585. Msfs.SYS Mailslot driver (Microsoft)
  586. msgpioclx.sys GPIO Class Extension Driver
  587. msisadrv.sys ISA Driver (Microsoft)
  588. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  589. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  590. mssmbios.sys System Management BIOS driver (Microsoft)
  591. mup.sys Multiple UNC Provider driver (Microsoft)
  592. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  593. ndistapi.sys NDIS 3.0 connection wrapper driver
  594. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  595. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  596. ndiswan.sys MS PPP Framing Driver (Strong Encryption)
  597. NDProxy.sys NDIS Proxy
  598. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  599. netbios.sys NetBIOS Interface driver (Microsoft)
  600. netbt.sys MBT Transport driver (Microsoft)
  601. NETIO.SYS Network I/O Subsystem (Microsoft)
  602. Npfs.SYS NPFS driver (Microsoft)
  603. npsvctrig.sys Named pipe service triggers (Microsoft)
  604. nsiproxy.sys NSI Proxy driver (Microsoft)
  605. NTFS.sys NT File System Driver (Microsoft)
  606. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  607. ntosext.sys NTOS Extension Host driver (Microsoft)
  608. Null.SYS NULL Driver (Microsoft)
  609. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  610. pacer.sys QoS Packet Scheduler (Microsoft)
  611. partmgr.sys Partition driver (Microsoft)
  612. pci.sys NT Plug and Play PCI Enumerator
  613. pcw.sys Performance Counter Driver (Microsoft)
  614. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  615. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  616. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  617. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  618. qwavedrv.sys Microsoft Quality Windows Audio Video Experience (qWave) Support Driver
  619. rasl2tp.sys RAS L2TP mini-port/call-manager driver
  620. raspppoe.sys RAS PPPoE mini-port/call-manager driver
  621. raspptp.sys Peer-to-Peer Tunneling Protocol
  622. rassstp.sys RAS SSTP Miniport Call Manager
  623. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  624. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  625. rdpvideominiport.sys Microsoft RDP Video Miniport driver
  626. rdyboost.sys ReadyBoost Driver (Microsoft)
  627. registry.sys Registry Container driver (Microsoft)
  628. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  629. SerCx2.sys Serial Class Extension V2
  630. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  631. spaceport.sys Storage Spaces driver (Microsoft)
  632. SpbCx.sys SPB Class Extension
  633. srv.sys Server driver (Microsoft)
  634. srv2.sys Smb 2.0 Server driver (Microsoft)
  635. srvnet.sys Server Network driver (Microsoft)
  636. storport.sys A storage port driver that is especially suitable for use with high-performance buses, such as fibre channel buses, and RAID adapters. (Microsoft)
  637. storqosflt.sys Storage QoS Filter driver (Microsoft)
  638. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  639. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  640. tcpip.sys TCP/IP Protocol driver (Microsoft)
  641. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  642. TDI.SYS TDI Wrapper driver (Microsoft)
  643. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  644. tm.sys Kernel Transaction Manager driver (Microsoft)
  645. TSDDD.dll Framebuffer Display Driver (Microsoft)
  646. ucx01000.sys USB Controller Extension
  647. umbus.sys User-Mode Bus Enumerator (Microsoft)
  648. usbaudio.sys USB Audio Class Driver (Microsoft)
  649. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  650. USBD.SYS Universal Serial Bus Driver (Microsoft)
  651. UsbHub3.sys USB3 HUB Driver
  652. USBXHCI.SYS USB XHCI Driver
  653. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  654. vmbkmclr.sys Hyper-V VMBus Root KMCL (Microsoft)
  655. volmgr.sys Volume Manager Driver (Microsoft)
  656. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  657. volsnap.sys Volume Shadow Copy driver (Microsoft)
  658. volume.sys Volume driver (Microsoft)
  659. vwifibus.sys Virtual Wireless Bus driver (Microsoft)
  660. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  661. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  662. watchdog.sys Watchdog driver (Microsoft)
  663. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  664. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  665. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  666. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  667. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  668. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  669. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  670. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  671. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  672. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  673. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  674. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  675. Wof.sys Windows Overlay Filter (Microsoft)
  676. WppRecorder.sys WPP Trace Recorder (Microsoft)
  677. WSDPrint.sys Web Services Print Device driver (Microsoft)
  678. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  679. WudfPf.sys Windows Driver Foundation - User-mode Driver Framework Platform driver (Microsoft)
  680.  
  681. Unloaded modules:
  682. fffff800`08360000 fffff800`0836d000 WSDScan.sys
  683. fffff800`08350000 fffff800`0835d000 WSDPrint.sys
  684. fffff800`08340000 fffff800`0834d000 WSDScan.sys
  685. fffff800`08330000 fffff800`0833d000 WSDPrint.sys
  686. fffff800`08320000 fffff800`0832d000 WSDScan.sys
  687. fffff800`08310000 fffff800`0831d000 WSDPrint.sys
  688. fffff800`08300000 fffff800`0830d000 WSDScan.sys
  689. fffff800`082e0000 fffff800`082ed000 WSDPrint.sys
  690. fffff800`082d0000 fffff800`082dd000 WSDScan.sys
  691. fffff800`082c0000 fffff800`082cd000 WSDPrint.sys
  692. fffff800`082b0000 fffff800`082bd000 WSDScan.sys
  693. fffff800`082a0000 fffff800`082ad000 WSDPrint.sys
  694. fffff800`08290000 fffff800`0829d000 WSDScan.sys
  695. fffff800`08280000 fffff800`0828d000 WSDPrint.sys
  696. fffff800`08270000 fffff800`0827d000 WSDScan.sys
  697. fffff800`08260000 fffff800`0826d000 WSDPrint.sys
  698. fffff800`08250000 fffff800`0825d000 WSDScan.sys
  699. fffff800`08240000 fffff800`0824d000 WSDPrint.sys
  700. fffff800`08230000 fffff800`0823d000 WSDScan.sys
  701. fffff800`08220000 fffff800`0822d000 WSDPrint.sys
  702. fffff800`08210000 fffff800`0821d000 WSDScan.sys
  703. fffff800`08200000 fffff800`0820d000 WSDPrint.sys
  704. fffff800`081f0000 fffff800`081fd000 WSDScan.sys
  705. fffff800`081e0000 fffff800`081ed000 WSDPrint.sys
  706. fffff800`081d0000 fffff800`081dd000 WSDScan.sys
  707. fffff800`081c0000 fffff800`081cd000 WSDPrint.sys
  708. fffff800`081b0000 fffff800`081bd000 WSDScan.sys
  709. fffff800`081a0000 fffff800`081ad000 WSDPrint.sys
  710. fffff800`08190000 fffff800`0819d000 WSDScan.sys
  711. fffff800`08180000 fffff800`0818d000 WSDPrint.sys
  712. fffff800`08170000 fffff800`0817d000 WSDScan.sys
  713. fffff800`08160000 fffff800`0816d000 WSDPrint.sys
  714. fffff800`08150000 fffff800`0815d000 WSDScan.sys
  715. fffff800`08140000 fffff800`0814d000 WSDPrint.sys
  716. fffff800`08130000 fffff800`0813d000 WSDScan.sys
  717. fffff800`08120000 fffff800`0812d000 WSDPrint.sys
  718. fffff800`08110000 fffff800`0811d000 WSDScan.sys
  719. fffff800`080e0000 fffff800`080ed000 WSDPrint.sys
  720. fffff800`07f20000 fffff800`07f2d000 WSDScan.sys
  721. fffff800`07f10000 fffff800`07f1d000 WSDPrint.sys
  722. fffff800`087f0000 fffff800`087fd000 WSDScan.sys
  723. fffff800`08620000 fffff800`0862d000 WSDPrint.sys
  724. fffff800`08610000 fffff800`0861d000 WSDScan.sys
  725. fffff800`08600000 fffff800`0860d000 WSDPrint.sys
  726. fffff800`085f0000 fffff800`085fd000 WSDScan.sys
  727. fffff800`085e0000 fffff800`085ed000 WSDPrint.sys
  728. fffff800`084b0000 fffff800`084bd000 WSDScan.sys
  729. fffff800`084a0000 fffff800`084ad000 WSDPrint.sys
  730. fffff800`08490000 fffff800`0849d000 WSDScan.sys
  731. fffff800`08480000 fffff800`0848d000 WSDPrint.sys
  732.  
  733. ========================================================================
  734. ============================== BIOS INFO ===============================
  735. ========================================================================
  736. [SMBIOS Data Tables v3.0]
  737. [DMI Version - 0]
  738. [2.0 Calling Convention - No]
  739. [Table Size - 4260 bytes]
  740. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  741. Vendor American Megatrends Inc.
  742. BIOS Version 2.50
  743. BIOS Starting Address Segment f000
  744. BIOS Release Date 07/24/2016
  745. BIOS ROM Size 1000000
  746. BIOS Characteristics
  747. 07: - PCI Supported
  748. 11: - Upgradeable FLASH BIOS
  749. 12: - BIOS Shadowing Supported
  750. 15: - CD-Boot Supported
  751. 16: - Selectable Boot Supported
  752. 17: - BIOS ROM Socketed
  753. 19: - EDD Supported
  754. 23: - 1.2MB Floppy Supported
  755. 24: - 720KB Floppy Supported
  756. 25: - 2.88MB Floppy Supported
  757. 26: - Print Screen Device Supported
  758. 27: - Keyboard Services Supported
  759. 28: - Serial Services Supported
  760. 29: - Printer Services Supported
  761. 32: - BIOS Vendor Reserved
  762. BIOS Characteristic Extensions
  763. 00: - ACPI Supported
  764. 01: - USB Legacy Supported
  765. 08: - BIOS Boot Specification Supported
  766. 10: - Specification Reserved
  767. 11: - Specification Reserved
  768. BIOS Major Revision 5
  769. BIOS Minor Revision 11
  770. EC Firmware Major Revision 255
  771. EC Firmware Minor Revision 255
  772. [System Information (Type 1) - Length 27 - Handle 0001h]
  773. Manufacturer MSI
  774. Product Name MS-7A11
  775. Version 1.0
  776. UUID 00000000-0000-0000-0000-000000000000
  777. Wakeup Type Power Switch
  778. SKUNumber Default string
  779. Family Default string
  780. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  781. Manufacturer MSI
  782. Product Z170A KRAIT GAMING 3X (MS-7A11)
  783. Version 1.0
  784. Feature Flags 09h
  785. Location Default string
  786. Chassis Handle 0003h
  787. Board Type 0ah - Processor/Memory Module
  788. Number of Child Handles 0
  789. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
  790. Manufacturer MSI
  791. Chassis Type Desktop
  792. Version 1.0
  793. Bootup State Safe
  794. Power Supply State Safe
  795. Thermal State Safe
  796. Security Status None
  797. OEM Defined 0
  798. Height 0U
  799. Number of Power Cords 1
  800. Number of Contained Elements 0
  801. Contained Element Size 3
  802. [OEM Strings (Type 11) - Length 5 - Handle 0021h]
  803. Number of Strings 1
  804. 1 Default string
  805. [System Configuration Options (Type 12) - Length 5 - Handle 0022h]
  806. [Cache Information (Type 7) - Length 19 - Handle 003ch]
  807. Socket Designation L1 Cache
  808. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  809. Maximum Cache Size 0080h - 128K
  810. Installed Size 0080h - 128K
  811. Supported SRAM Type 0020h - Synchronous
  812. Current SRAM Type 0020h - Synchronous
  813. Cache Speed 0ns
  814. Error Correction Type ParitySingle-Bit ECC
  815. System Cache Type Data
  816. Associativity 8-way Set-Associative
  817. [Cache Information (Type 7) - Length 19 - Handle 003dh]
  818. Socket Designation L1 Cache
  819. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  820. Maximum Cache Size 0080h - 128K
  821. Installed Size 0080h - 128K
  822. Supported SRAM Type 0020h - Synchronous
  823. Current SRAM Type 0020h - Synchronous
  824. Cache Speed 0ns
  825. Error Correction Type ParitySingle-Bit ECC
  826. System Cache Type Instruction
  827. Associativity 8-way Set-Associative
  828. [Cache Information (Type 7) - Length 19 - Handle 003eh]
  829. Socket Designation L2 Cache
  830. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  831. Maximum Cache Size 0400h - 1024K
  832. Installed Size 0400h - 1024K
  833. Supported SRAM Type 0020h - Synchronous
  834. Current SRAM Type 0020h - Synchronous
  835. Cache Speed 0ns
  836. Error Correction Type Multi-Bit ECC
  837. System Cache Type Unified
  838. Associativity 4-way Set-Associative
  839. [Cache Information (Type 7) - Length 19 - Handle 003fh]
  840. Socket Designation L3 Cache
  841. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  842. Maximum Cache Size 2000h - 8192K
  843. Installed Size 2000h - 8192K
  844. Supported SRAM Type 0020h - Synchronous
  845. Current SRAM Type 0020h - Synchronous
  846. Cache Speed 0ns
  847. Error Correction Type Specification Reserved
  848. System Cache Type Unified
  849. Associativity 16-way Set-Associative
  850. [Processor Information (Type 4) - Length 48 - Handle 0040h]
  851. Socket Designation U3E1
  852. Processor Type Central Processor
  853. Processor Family c6h - Specification Reserved
  854. Processor Manufacturer Intel(R) Corporation
  855. Processor ID e3060500fffbebbf
  856. Processor Version Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
  857. Processor Voltage 8bh - 1.1V
  858. External Clock 100MHz
  859. Max Speed 8300MHz
  860. Current Speed 4000MHz
  861. Status Enabled Populated
  862. Processor Upgrade Other
  863. L1 Cache Handle 003dh
  864. L2 Cache Handle 003eh
  865. L3 Cache Handle 003fh
  866. [Physical Memory Array (Type 16) - Length 23 - Handle 0041h]
  867. Location 03h - SystemBoard/Motherboard
  868. Use 03h - System Memory
  869. Memory Error Correction 03h - None
  870. Maximum Capacity 67108864KB
  871. Number of Memory Devices 4
  872. [Memory Device (Type 17) - Length 40 - Handle 0042h]
  873. Physical Memory Array Handle 0041h
  874. Total Width 64 bits
  875. Data Width 64 bits
  876. Size 8192MB
  877. Form Factor 09h - DIMM
  878. Device Locator ChannelA-DIMM0
  879. Bank Locator BANK 0
  880. Memory Type 1ah - Specification Reserved
  881. Type Detail 0080h - Synchronous
  882. Speed 2400MHz
  883. Manufacturer 8502
  884. Part Number PSD48G24002
  885. [Memory Device (Type 17) - Length 40 - Handle 0043h]
  886. Physical Memory Array Handle 0041h
  887. Total Width 64 bits
  888. Data Width 64 bits
  889. Size 8192MB
  890. Form Factor 09h - DIMM
  891. Device Locator ChannelA-DIMM1
  892. Bank Locator BANK 1
  893. Memory Type 1ah - Specification Reserved
  894. Type Detail 0080h - Synchronous
  895. Speed 2400MHz
  896. Manufacturer 8502
  897. Part Number PSD48G24002
  898. [Memory Device (Type 17) - Length 40 - Handle 0044h]
  899. Physical Memory Array Handle 0041h
  900. Total Width 64 bits
  901. Data Width 64 bits
  902. Size 8192MB
  903. Form Factor 09h - DIMM
  904. Device Locator ChannelB-DIMM0
  905. Bank Locator BANK 2
  906. Memory Type 1ah - Specification Reserved
  907. Type Detail 0080h - Synchronous
  908. Speed 2400MHz
  909. Manufacturer 8502
  910. Part Number PSD48G24002
  911. [Memory Device (Type 17) - Length 40 - Handle 0045h]
  912. Physical Memory Array Handle 0041h
  913. Total Width 64 bits
  914. Data Width 64 bits
  915. Size 8192MB
  916. Form Factor 09h - DIMM
  917. Device Locator ChannelB-DIMM1
  918. Bank Locator BANK 3
  919. Memory Type 1ah - Specification Reserved
  920. Type Detail 0080h - Synchronous
  921. Speed 2400MHz
  922. Manufacturer 8502
  923. Part Number PSD48G24002
  924. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0046h]
  925. Starting Address 00000000h
  926. Ending Address 01ffffffh
  927. Memory Array Handle 0041h
  928. Partition Width 04
  929. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0047h]
  930. Starting Address 00000000h
  931. Ending Address 007fffffh
  932. Memory Device Handle 0042h
  933. Mem Array Mapped Adr Handle 0046h
  934. Interleave Position 01
  935. Interleave Data Depth 02
  936. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0048h]
  937. Starting Address 01000000h
  938. Ending Address 017fffffh
  939. Memory Device Handle 0043h
  940. Mem Array Mapped Adr Handle 0046h
  941. Interleave Position 01
  942. Interleave Data Depth 02
  943. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0049h]
  944. Starting Address 00800000h
  945. Ending Address 00ffffffh
  946. Memory Device Handle 0044h
  947. Mem Array Mapped Adr Handle 0046h
  948. Interleave Position 02
  949. Interleave Data Depth 02
  950. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ah]
  951. Starting Address 01800000h
  952. Ending Address 01ffffffh
  953. Memory Device Handle 0045h
  954. Mem Array Mapped Adr Handle 0046h
  955. Interleave Position 02
  956. Interleave Data Depth 02
  957.  
  958. ========================================================================
  959. ==================== Dump File: 072817-23343-01.dmp ====================
  960. ========================================================================
  961. Mini Kernel Dump File: Only registers and stack trace are available
  962. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  963. Kernel base = 0xfffff803`aec8e000 PsLoadedModuleList = 0xfffff803`aefda5e0
  964. Debug session time: Fri Jul 28 21:26:32.653 2017 (UTC - 4:00)
  965. System Uptime: 1 days 3:17:03.390
  966.  
  967. BugCheck 1, {7ff8661a5a64, 0, ffff, ffffa980a7d87b00}
  968. Probably caused by : ntkrnlmp.exe ( nt!KiSystemServiceExitPico+194 )
  969. Followup: MachineOwner
  970.  
  971. APC_INDEX_MISMATCH (1)
  972. This is a kernel internal error. The most common reason to see this
  973. bugcheck is when a filesystem or a driver has a mismatched number of
  974. calls to disable and re-enable APCs. The key data item is the
  975. Thread->CombinedApcDisable field. This consists of two separate 16-bit
  976. fields, the SpecialApcDisable and the KernelApcDisable. A negative value
  977. of either indicates that a driver has disabled special or normal APCs
  978. (respectively) without re-enabling them; a positive value indicates that
  979. a driver has enabled special or normal APCs (respectively) too many times.
  980.  
  981. Arguments:
  982. Arg1: 00007ff8661a5a64, Address of system call function or worker routine
  983. Arg2: 0000000000000000, Thread->ApcStateIndex
  984. Arg3: 000000000000ffff, (Thread->SpecialApcDisable << 16) | Thread->KernelApcDisable
  985. Arg4: ffffa980a7d87b00, Call type (0 - system call, 1 - worker routine)
  986.  
  987. Debugging Details:
  988. DUMP_CLASS: 1
  989. DUMP_QUALIFIER: 400
  990. DUMP_TYPE: 2
  991. FAULTING_IP:
  992. +0
  993. 00007ff8`661a5a64 ?? ???
  994. CUSTOMER_CRASH_COUNT: 1
  995. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  996. BUGCHECK_STR: 0x1
  997.  
  998. PROCESS_NAME: WmiPrvSE.exe
  999.  
  1000. CURRENT_IRQL: 0
  1001. LAST_CONTROL_TRANSFER: from fffff803aee058a9 to fffff803aedfa4c0
  1002. STACK_TEXT:
  1003. ffffa980`a7d87938 fffff803`aee058a9 : 00000000`00000001 00007ff8`661a5a64 00000000`00000000 00000000`0000ffff : nt!KeBugCheckEx
  1004. ffffa980`a7d87940 fffff803`aee057ab : 00000000`00004000 000000e0`c66fcda0 000000e0`c66fcda8 ffffffff`ffffffff : nt!KiBugCheckDispatch+0x69
  1005. ffffa980`a7d87a80 00007ff8`661a5a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x194
  1006. 000000e0`c66fd258 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`661a5a64
  1007. STACK_COMMAND: kb
  1008. THREAD_SHA1_HASH_MOD_FUNC: 1b1fd012b2a510c586295e696f84a9476c8f91e5
  1009. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2f23c0fd5d286fdc1748b3b41b103ae80a3b4264
  1010. THREAD_SHA1_HASH_MOD: 2a7ca9d3ab5386d53fea7498e1d81b9c4a4c036b
  1011. FOLLOWUP_IP:
  1012. nt!KiSystemServiceExitPico+194
  1013. fffff803`aee057ab 4883ec50 sub rsp,50h
  1014. FAULT_INSTR_CODE: 50ec8348
  1015. SYMBOL_STACK_INDEX: 2
  1016. SYMBOL_NAME: nt!KiSystemServiceExitPico+194
  1017. FOLLOWUP_NAME: MachineOwner
  1018. MODULE_NAME: nt
  1019.  
  1020. IMAGE_NAME: ntkrnlmp.exe
  1021.  
  1022. DEBUG_FLR_IMAGE_TIMESTAMP: 595f24eb
  1023. IMAGE_VERSION: 10.0.15063.483
  1024. BUCKET_ID_FUNC_OFFSET: 194
  1025. FAILURE_BUCKET_ID: 0x1_SysCallNum_36_nt!KiSystemServiceExitPico
  1026. BUCKET_ID: 0x1_SysCallNum_36_nt!KiSystemServiceExitPico
  1027. PRIMARY_PROBLEM_CLASS: 0x1_SysCallNum_36_nt!KiSystemServiceExitPico
  1028. TARGET_TIME: 2017-07-29T01:26:32.000Z
  1029. SUITE_MASK: 784
  1030. PRODUCT_TYPE: 1
  1031. USER_LCID: 0
  1032. FAILURE_ID_HASH_STRING: km:0x1_syscallnum_36_nt!kisystemserviceexitpico
  1033. FAILURE_ID_HASH: {90837ed7-51d1-84e3-21f5-1a89def7df0c}
  1034. Followup: MachineOwner
  1035.  
  1036. ========================================================================
  1037. ==================== Dump File: 073017-19421-01.dmp ====================
  1038. ========================================================================
  1039. Mini Kernel Dump File: Only registers and stack trace are available
  1040. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  1041. Kernel base = 0xfffff800`a1c80000 PsLoadedModuleList = 0xfffff800`a1fcc5e0
  1042. Debug session time: Sun Jul 30 23:45:32.967 2017 (UTC - 4:00)
  1043. System Uptime: 1 days 1:42:01.704
  1044.  
  1045. BugCheck 50, {ffffac04de821a4c, 0, fffff800a2150170, 2}
  1046. Could not read faulting driver name
  1047. Probably caused by : memory_corruption
  1048. Followup: memory_corruption
  1049.  
  1050. PAGE_FAULT_IN_NONPAGED_AREA (50)
  1051. Invalid system memory was referenced. This cannot be protected by try-except.
  1052. Typically the address is just plain bad or it is pointing at freed memory.
  1053.  
  1054. Arguments:
  1055. Arg1: ffffac04de821a4c, memory referenced.
  1056. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
  1057. Arg3: fffff800a2150170, If non-zero, the instruction address which referenced the bad memory
  1058. address.
  1059. Arg4: 0000000000000002, (reserved)
  1060.  
  1061. Debugging Details:
  1062. Could not read faulting driver name
  1063. DUMP_CLASS: 1
  1064. DUMP_QUALIFIER: 400
  1065. DUMP_TYPE: 2
  1066. READ_ADDRESS: fffff800a2061358: Unable to get MiVisibleState
  1067. ffffac04de821a4c
  1068. FAULTING_IP:
  1069. nt!PsQueryStatisticsProcess+c0
  1070. fffff800`a2150170 4403b6ecfbffff add r14d,dword ptr [rsi-414h]
  1071. MM_INTERNAL_CODE: 2
  1072. CUSTOMER_CRASH_COUNT: 1
  1073. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1074. BUGCHECK_STR: AV
  1075.  
  1076. PROCESS_NAME: ENBInjector.exe
  1077.  
  1078. CURRENT_IRQL: 0
  1079. TRAP_FRAME: ffff8500116b39a0 -- (.trap 0xffff8500116b39a0)
  1080. NOTE: The trap frame does not contain all registers.
  1081. Some register values may be zeroed or incorrect.
  1082. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
  1083. rdx=fffff800a2063080 rsi=0000000000000000 rdi=0000000000000000
  1084. rip=fffff800a2150170 rsp=ffff8500116b3b30 rbp=0000000000000bb7
  1085. r8=ffff8500116b3b38 r9=00000000000002fd r10=ffffc084c8506d80
  1086. r11=ffff8500116b3bb4 r12=0000000000000000 r13=0000000000000000
  1087. r14=0000000000000000 r15=0000000000000000
  1088. iopl=0 nv up ei pl nz ac po nc
  1089. nt!PsQueryStatisticsProcess+0xc0:
  1090. fffff800`a2150170 4403b6ecfbffff add r14d,dword ptr [rsi-414h] ds:ffffffff`fffffbec=????????
  1091. Resetting default scope
  1092. LAST_CONTROL_TRANSFER: from fffff800a1e21fb4 to fffff800a1dec4c0
  1093. STACK_TEXT:
  1094. ffff8500`116b3708 fffff800`a1e21fb4 : 00000000`00000050 ffffac04`de821a4c 00000000`00000000 ffff8500`116b39a0 : nt!KeBugCheckEx
  1095. ffff8500`116b3710 fffff800`a1d0d2d6 : 00000000`00000000 ffffac04`de821a4c ffff8500`116b39a0 ffffac04`3c80a300 : nt!MiSystemFault+0x116e84
  1096. ffff8500`116b37b0 fffff800`a1df5d72 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0xae6
  1097. ffff8500`116b39a0 fffff800`a2150170 : ffff8500`00000000 fffff800`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x132
  1098. ffff8500`116b3b30 fffff800`a214ffc0 : 08080605`0031fdbd ffffac04`353777c0 ffffc084`c8506b40 ffffac04`42e14f60 : nt!PsQueryStatisticsProcess+0xc0
  1099. ffff8500`116b3b90 fffff800`a2120609 : 00000000`000514d0 00000000`00000000 00000000`00000001 fffff800`a1fc6040 : nt!ExpCopyProcessInfo+0x270
  1100. ffff8500`116b3c30 fffff800`a212bfae : 00000000`00000000 ffffe880`0007c400 ffff0001`00000000 00000000`00000000 : nt!ExpGetProcessInformation+0x229
  1101. ffff8500`116b4200 fffff800`a212b7fb : 00000000`0207fd34 00000000`0207fddc 00000000`00010000 00000000`00008000 : nt!ExpQuerySystemInformation+0x68e
  1102. ffff8500`116b4a40 fffff800`a1df7413 : 00000000`00008000 00000000`004bea30 00000000`004bea40 ffffffff`ffffffff : nt!NtQuerySystemInformation+0x2b
  1103. ffff8500`116b4a80 00007ffb`db865a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  1104. 00000000`004be638 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`db865a64
  1105. STACK_COMMAND: kb
  1106. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1107. fffff800a1d080ef - nt!MiGetNextPageTable+19f
  1108. [ f6:e8 ]
  1109. fffff800a1d08122 - nt!MiGetNextPageTable+1d2 (+0x33)
  1110. [ f6:e8 ]
  1111. fffff800a1d0d3b0 - nt!MmAccessFault+bc0 (+0x528e)
  1112. [ f6:e8 ]
  1113. fffff800a1d15a80-fffff800a1d15a81 2 bytes - nt!MiInsertPageInFreeOrZeroedList+20 (+0x86d0)
  1114. [ 80 fa:00 ef ]
  1115. fffff800a1e21fd9 - nt!MiValidFault+1160f9 (+0x10c559)
  1116. [ f6:e8 ]
  1117. fffff800a2150365-fffff800a2150366 2 bytes - nt!MiAllocateDriverPage+99
  1118. [ 80 fa:00 ef ]
  1119. fffff800a2150514-fffff800a2150515 2 bytes - nt!MmCreateProcessAddressSpace+17c (+0x1af)
  1120. [ 80 fa:00 ef ]
  1121. fffff800a215056b-fffff800a215056f 5 bytes - nt!MmCreateProcessAddressSpace+1d3 (+0x57)
  1122. [ d0 be 7d fb f6:10 3d 7a f4 e8 ]
  1123. fffff800a21505b4 - nt!MmCreateProcessAddressSpace+21c (+0x49)
  1124. [ f6:e8 ]
  1125. 16 errors : !nt (fffff800a1d080ef-fffff800a21505b4)
  1126. MODULE_NAME: memory_corruption
  1127.  
  1128. IMAGE_NAME: memory_corruption
  1129.  
  1130. FOLLOWUP_NAME: memory_corruption
  1131. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1132. MEMORY_CORRUPTOR: LARGE
  1133. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1134. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1135. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1136. TARGET_TIME: 2017-07-31T03:45:32.000Z
  1137. SUITE_MASK: 784
  1138. PRODUCT_TYPE: 1
  1139. USER_LCID: 0
  1140. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1141. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1142. Followup: memory_corruption
  1143.  
  1144. ========================================================================
  1145. ==================== Dump File: 080117-24359-01.dmp ====================
  1146. ========================================================================
  1147. Mini Kernel Dump File: Only registers and stack trace are available
  1148. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  1149. Kernel base = 0xfffff802`12c8b000 PsLoadedModuleList = 0xfffff802`12fd75e0
  1150. Debug session time: Tue Aug 1 19:58:00.906 2017 (UTC - 4:00)
  1151. System Uptime: 1 days 20:11:08.959
  1152.  
  1153. BugCheck 50, {ffffaa012486268c, 0, fffff8021315b170, 2}
  1154. Could not read faulting driver name
  1155. Probably caused by : memory_corruption
  1156. Followup: memory_corruption
  1157.  
  1158. PAGE_FAULT_IN_NONPAGED_AREA (50)
  1159. Invalid system memory was referenced. This cannot be protected by try-except.
  1160. Typically the address is just plain bad or it is pointing at freed memory.
  1161.  
  1162. Arguments:
  1163. Arg1: ffffaa012486268c, memory referenced.
  1164. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
  1165. Arg3: fffff8021315b170, If non-zero, the instruction address which referenced the bad memory
  1166. address.
  1167. Arg4: 0000000000000002, (reserved)
  1168.  
  1169. Debugging Details:
  1170. Could not read faulting driver name
  1171. DUMP_CLASS: 1
  1172. DUMP_QUALIFIER: 400
  1173. DUMP_TYPE: 2
  1174. READ_ADDRESS: fffff8021306c358: Unable to get MiVisibleState
  1175. ffffaa012486268c
  1176. FAULTING_IP:
  1177. nt!PsQueryStatisticsProcess+c0
  1178. fffff802`1315b170 4403b6ecfbffff add r14d,dword ptr [rsi-414h]
  1179. MM_INTERNAL_CODE: 2
  1180. CUSTOMER_CRASH_COUNT: 1
  1181. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1182. BUGCHECK_STR: AV
  1183.  
  1184. PROCESS_NAME: Rainmeter.exe
  1185.  
  1186. CURRENT_IRQL: 0
  1187. TRAP_FRAME: ffff98009c1509a0 -- (.trap 0xffff98009c1509a0)
  1188. NOTE: The trap frame does not contain all registers.
  1189. Some register values may be zeroed or incorrect.
  1190. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
  1191. rdx=fffff8021306e080 rsi=0000000000000000 rdi=0000000000000000
  1192. rip=fffff8021315b170 rsp=ffff98009c150b30 rbp=0000000000000646
  1193. r8=ffff98009c150b38 r9=00000000000002fd r10=ffffc182e253b980
  1194. r11=ffff98009c150bb4 r12=0000000000000000 r13=0000000000000000
  1195. r14=0000000000000000 r15=0000000000000000
  1196. iopl=0 nv up ei ng nz ac pe cy
  1197. nt!PsQueryStatisticsProcess+0xc0:
  1198. fffff802`1315b170 4403b6ecfbffff add r14d,dword ptr [rsi-414h] ds:ffffffff`fffffbec=????????
  1199. Resetting default scope
  1200. LAST_CONTROL_TRANSFER: from fffff80212e2cfb4 to fffff80212df74c0
  1201. STACK_TEXT:
  1202. ffff9800`9c150708 fffff802`12e2cfb4 : 00000000`00000050 ffffaa01`2486268c 00000000`00000000 ffff9800`9c1509a0 : nt!KeBugCheckEx
  1203. ffff9800`9c150710 fffff802`12d182d6 : 00000000`00000000 ffffaa01`2486268c ffff9800`9c1509a0 ffffaa01`ed1321c0 : nt!MiSystemFault+0x116e84
  1204. ffff9800`9c1507b0 fffff802`12e00d72 : 00000000`00020000 00000121`b47ff500 ffff9800`00020000 00000000`00000000 : nt!MmAccessFault+0xae6
  1205. ffff9800`9c1509a0 fffff802`1315b170 : ffff9800`00000000 fffff802`00000000 000001f3`00000000 00000000`00000000 : nt!KiPageFault+0x132
  1206. ffff9800`9c150b30 fffff802`1315afc0 : 08080605`00000da1 ffffaa01`df6c2080 ffffc182`e253b740 ffffaa01`e63d9970 : nt!PsQueryStatisticsProcess+0xc0
  1207. ffff9800`9c150b90 fffff802`1312b609 : 00000000`00013e80 00000000`00000000 00000000`00000000 fffff802`12fd1040 : nt!ExpCopyProcessInfo+0x270
  1208. ffff9800`9c150c30 fffff802`13136fae : 00000000`00000486 fffff802`0008cfe8 00000000`00000001 00000000`00000000 : nt!ExpGetProcessInformation+0x229
  1209. ffff9800`9c151200 fffff802`131367fb : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ExpQuerySystemInformation+0x68e
  1210. ffff9800`9c151a40 fffff802`12e02413 : ffffaa01`df6c2080 00000002`8a1fb000 00000000`00000000 ffffaa01`dfeb13e0 : nt!NtQuerySystemInformation+0x2b
  1211. ffff9800`9c151a80 00007fff`78a25a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  1212. 00000121`b47feaa8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`78a25a64
  1213. STACK_COMMAND: kb
  1214. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1215. fffff80212d130ee-fffff80212d130ef 2 bytes - nt!MiGetNextPageTable+19e
  1216. [ 80 f6:00 87 ]
  1217. fffff80212d13121-fffff80212d13122 2 bytes - nt!MiGetNextPageTable+1d1 (+0x33)
  1218. [ 80 f6:00 87 ]
  1219. fffff80212d183af-fffff80212d183b0 2 bytes - nt!MmAccessFault+bbf (+0x528e)
  1220. [ 80 f6:00 87 ]
  1221. fffff80212d1d557-fffff80212d1d558 2 bytes - nt!MiCompletePrivateZeroFault+517 (+0x51a8)
  1222. [ 80 f6:00 87 ]
  1223. fffff80212d1d568 - nt!MiCompletePrivateZeroFault+528 (+0x11)
  1224. [ fa:82 ]
  1225. fffff80212e2cfd8-fffff80212e2cfd9 2 bytes - nt!MiValidFault+1160f8 (+0x10fa70)
  1226. [ ff f6:7f 87 ]
  1227. fffff8021315b366 - nt!MiAllocateDriverPage+9a
  1228. [ fa:82 ]
  1229. fffff8021315b515 - nt!MmCreateProcessAddressSpace+17d (+0x1af)
  1230. [ fa:82 ]
  1231. fffff8021315b56b-fffff8021315b56f 5 bytes - nt!MmCreateProcessAddressSpace+1d3 (+0x56)
  1232. [ d0 be 7d fb f6:e0 d0 a1 43 87 ]
  1233. fffff8021315b5b3-fffff8021315b5b4 2 bytes - nt!MmCreateProcessAddressSpace+21b (+0x48)
  1234. [ 80 f6:00 87 ]
  1235. 20 errors : !nt (fffff80212d130ee-fffff8021315b5b4)
  1236. MODULE_NAME: memory_corruption
  1237.  
  1238. IMAGE_NAME: memory_corruption
  1239.  
  1240. FOLLOWUP_NAME: memory_corruption
  1241. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1242. MEMORY_CORRUPTOR: LARGE
  1243. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1244. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1245. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1246. TARGET_TIME: 2017-08-01T23:58:00.000Z
  1247. SUITE_MASK: 784
  1248. PRODUCT_TYPE: 1
  1249. USER_LCID: 0
  1250. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1251. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1252. Followup: memory_corruption
  1253.  
  1254. ========================================================================
  1255. ==================== Dump File: 080817-36015-01.dmp ====================
  1256. ========================================================================
  1257. Could not open dump file [C:\Users\UserName\Desktop\Minidump\080817-36015-01.dmp], NTSTATUS 0xC000011E
  1258. "An attempt was made to map a file of size zero with the maximum size specified as zero."
  1259. Debuggee initialization failed, NTSTATUS 0xC000011E
  1260. An attempt was made to map a file of size zero with the maximum size specified as zero.
  1261.  
  1262. ========================================================================
  1263. ==================== Dump File: 081017-33859-01.dmp ====================
  1264. ========================================================================
  1265. Mini Kernel Dump File: Only registers and stack trace are available
  1266. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  1267. Kernel base = 0xfffff802`72406000 PsLoadedModuleList = 0xfffff802`727525e0
  1268. Debug session time: Thu Aug 10 03:41:35.406 2017 (UTC - 4:00)
  1269. System Uptime: 0 days 13:46:15.253
  1270.  
  1271. BugCheck 3B, {c0000005, fffff5e9eae44ba0, ffffb7006a4fcd00, 0}
  1272. Probably caused by : memory_corruption
  1273. Followup: memory_corruption
  1274.  
  1275. SYSTEM_SERVICE_EXCEPTION (3b)
  1276. An exception happened while executing a system service routine.
  1277.  
  1278. Arguments:
  1279. Arg1: 00000000c0000005, Exception code that caused the bugcheck
  1280. Arg2: fffff5e9eae44ba0, Address of the instruction which caused the bugcheck
  1281. Arg3: ffffb7006a4fcd00, Address of the context record for the exception that caused the bugcheck
  1282. Arg4: 0000000000000000, zero.
  1283.  
  1284. Debugging Details:
  1285. DUMP_CLASS: 1
  1286. DUMP_QUALIFIER: 400
  1287. DUMP_TYPE: 2
  1288. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  1289. FAULTING_IP:
  1290. win32kfull!xxxWindowEvent+270
  1291. fffff5e9`eae44ba0 8b4b28 mov ecx,dword ptr [rbx+28h]
  1292. CONTEXT: ffffb7006a4fcd00 -- (.cxr 0xffffb7006a4fcd00)
  1293. rax=0000000000003ee8 rbx=0000000000000198 rcx=0000000000000020
  1294. rdx=000000000000000d rsi=000000000000800b rdi=0000000000000198
  1295. rip=fffff5e9eae44ba0 rsp=ffffb7006a4fd6f0 rbp=0000000000000001
  1296. r8=0000000000000000 r9=0000000000000000 r10=fffff5a540887cb0
  1297. r11=ffffb7006a4fd6a0 r12=fffff5a544eb6010 r13=0000000000000000
  1298. r14=fffff5a544eb6010 r15=fffff5a540887cb0
  1299. iopl=0 nv up ei pl nz na pe nc
  1300. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
  1301. win32kfull!xxxWindowEvent+0x270:
  1302. fffff5e9`eae44ba0 8b4b28 mov ecx,dword ptr [rbx+28h] ds:002b:00000000`000001c0=????????
  1303. Resetting default scope
  1304. CUSTOMER_CRASH_COUNT: 1
  1305. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1306. BUGCHECK_STR: 0x3B
  1307.  
  1308. PROCESS_NAME: Rainmeter.exe
  1309.  
  1310. CURRENT_IRQL: 0
  1311. LAST_CONTROL_TRANSFER: from fffff5e9eaedb0dd to fffff5e9eae44ba0
  1312. STACK_TEXT:
  1313. ffffb700`6a4fd6f0 fffff5e9`eaedb0dd : fffff5a5`40887cb0 00000000`00000001 fffff5a5`00000000 00000000`00000000 : win32kfull!xxxWindowEvent+0x270
  1314. ffffb700`6a4fd7d0 fffff5e9`eaedadb0 : fffff5a5`00000000 00000000`00000000 fffff5a5`40800760 ffffb700`6a4fdb00 : win32kfull!zzzUpdateLayeredWindow+0x1dd
  1315. ffffb700`6a4fd890 fffff802`7257d413 : 00000000`00000000 fffff5a5`40179010 00000000`00000000 00000000`0085000f : win32kfull!NtUserUpdateLayeredWindow+0x310
  1316. ffffb700`6a4fda10 00007fff`6d6d9c04 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
  1317. 0000001d`1a5ff338 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`6d6d9c04
  1318. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  1319. fffff80272493d27-fffff80272493d28 2 bytes - nt!MiResolvePageTablePage+3b7
  1320. [ ff f6:7f 80 ]
  1321. fffff80272493d48-fffff80272493d4c 5 bytes - nt!MiResolvePageTablePage+3d8 (+0x21)
  1322. [ df be 7d fb f6:0f 10 20 40 80 ]
  1323. 7 errors : !nt (fffff80272493d27-fffff80272493d4c)
  1324. MODULE_NAME: memory_corruption
  1325.  
  1326. IMAGE_NAME: memory_corruption
  1327.  
  1328. FOLLOWUP_NAME: memory_corruption
  1329. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1330. MEMORY_CORRUPTOR: LARGE
  1331. STACK_COMMAND: .cxr 0xffffb7006a4fcd00 ; kb
  1332. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1333. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1334. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1335. TARGET_TIME: 2017-08-10T07:41:35.000Z
  1336. SUITE_MASK: 784
  1337. PRODUCT_TYPE: 1
  1338. USER_LCID: 0
  1339. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1340. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1341. Followup: memory_corruption
  1342.  
  1343. ========================================================================
  1344. ==================== Dump File: 081117-27484-01.dmp ====================
  1345. ========================================================================
  1346. Mini Kernel Dump File: Only registers and stack trace are available
  1347. Windows 10 Kernel Version 15063 MP (8 procs) Free x64
  1348. Kernel base = 0xfffff800`2dc0b000 PsLoadedModuleList = 0xfffff800`2df575e0
  1349. Debug session time: Fri Aug 11 02:16:08.557 2017 (UTC - 4:00)
  1350. System Uptime: 0 days 8:54:00.295
  1351.  
  1352. BugCheck 1A, {41201, ffffb180e1c4fd40, 81000001fbb38867, ffff8000cbf1cca0}
  1353. *** WARNING: Unable to verify timestamp for aswSnx.sys
  1354. *** ERROR: Module load completed but symbols could not be loaded for aswSnx.sys
  1355. Probably caused by : aswSnx.sys ( aswSnx+2ca7c )
  1356. Followup: MachineOwner
  1357.  
  1358. MEMORY_MANAGEMENT (1a)
  1359. # Any other values for parameter 1 must be individually examined.
  1360.  
  1361. Arguments:
  1362. Arg1: 0000000000041201, The subtype of the bugcheck.
  1363. Arg2: ffffb180e1c4fd40
  1364. Arg3: 81000001fbb38867
  1365. Arg4: ffff8000cbf1cca0
  1366.  
  1367. Debugging Details:
  1368. DUMP_CLASS: 1
  1369. DUMP_QUALIFIER: 400
  1370. DUMP_TYPE: 2
  1371. BUGCHECK_STR: 0x1a_41201
  1372. CUSTOMER_CRASH_COUNT: 1
  1373. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  1374.  
  1375. PROCESS_NAME: dwm.exe
  1376.  
  1377. CURRENT_IRQL: 2
  1378. LAST_CONTROL_TRANSFER: from fffff8002ddab64f to fffff8002dd774c0
  1379. STACK_TEXT:
  1380. ffffa001`88572658 fffff800`2ddab64f : 00000000`0000001a 00000000`00041201 ffffb180`e1c4fd40 81000001`fbb38867 : nt!KeBugCheckEx
  1381. ffffa001`88572660 fffff800`2dc92ae3 : ffffb180`e1c4fd40 00000000`00001000 81000001`fbb38867 00000000`00000000 : nt!MiGetPageProtection+0x1183bf
  1382. ffffa001`885726b0 fffff800`2dc9263e : 000001c3`00000000 ffff8000`cc6c8300 00000000`00000000 ffff8000`c85c2cc0 : nt!MiQueryAddressState+0x2b3
  1383. ffffa001`88572740 fffff800`2e09801f : 00000000`00000004 00000000`00000001 00000000`00000004 000001c3`89fa8000 : nt!MiQueryAddressSpan+0x12e
  1384. ffffa001`885727f0 fffff800`2e0978c1 : ffff8000`c3afe328 fffff802`32c9ae1e 00000000`00000000 ffffa001`88572b00 : nt!MmQueryVirtualMemory+0x74f
  1385. ffffa001`88572950 fffff802`32c8ca7c : ffff8000`c87ce080 ffffa001`88572b00 00000000`00000000 00000000`00000000 : nt!NtQueryVirtualMemory+0x25
  1386. ffffa001`885729a0 ffff8000`c87ce080 : ffffa001`88572b00 00000000`00000000 00000000`00000000 00000000`00000030 : aswSnx+0x2ca7c
  1387. ffffa001`885729a8 ffffa001`88572b00 : 00000000`00000000 00000000`00000000 00000000`00000030 00000000`00000000 : 0xffff8000`c87ce080
  1388. ffffa001`885729b0 00000000`00000000 : 00000000`00000000 00000000`00000030 00000000`00000000 00000000`00000000 : 0xffffa001`88572b00
  1389. STACK_COMMAND: kb
  1390. THREAD_SHA1_HASH_MOD_FUNC: 8b8df3644f2ba866ecd34dd933e861ec071165b8
  1391. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: b40b641fae2e02c51751f917db202ac63bf375bf
  1392. THREAD_SHA1_HASH_MOD: 294208b26ea2bd053b3c7521e0b25fbf7190b739
  1393. FOLLOWUP_IP:
  1394. aswSnx+2ca7c
  1395. fffff802`32c8ca7c 448be0 mov r12d,eax
  1396. FAULT_INSTR_CODE: 48e08b44
  1397. SYMBOL_STACK_INDEX: 6
  1398. SYMBOL_NAME: aswSnx+2ca7c
  1399. FOLLOWUP_NAME: MachineOwner
  1400. MODULE_NAME: aswSnx
  1401.  
  1402. IMAGE_NAME: aswSnx.sys
  1403.  
  1404. DEBUG_FLR_IMAGE_TIMESTAMP: 598357b2
  1405. BUCKET_ID_FUNC_OFFSET: 2ca7c
  1406. FAILURE_BUCKET_ID: 0x1a_41201_aswSnx!unknown_function
  1407. BUCKET_ID: 0x1a_41201_aswSnx!unknown_function
  1408. PRIMARY_PROBLEM_CLASS: 0x1a_41201_aswSnx!unknown_function
  1409. TARGET_TIME: 2017-08-11T06:16:08.000Z
  1410. SUITE_MASK: 784
  1411. PRODUCT_TYPE: 1
  1412. USER_LCID: 0
  1413. FAILURE_ID_HASH_STRING: km:0x1a_41201_aswsnx!unknown_function
  1414. FAILURE_ID_HASH: {97b71e72-b2e8-594a-4626-a4f1ce1dbb06}
  1415. Followup: MachineOwner
  1416.  
  1417. ========================================================================
  1418. ==================== Dump File: 081317-29906-01.dmp ====================
  1419. ========================================================================
  1420. Could not open dump file [C:\Users\UserName\Desktop\Minidump\081317-29906-01.dmp], NTSTATUS 0xC000011E
  1421. "An attempt was made to map a file of size zero with the maximum size specified as zero."
  1422. Debuggee initialization failed, NTSTATUS 0xC000011E
  1423. An attempt was made to map a file of size zero with the maximum size specified as zero.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!