API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 24th, 2020
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.12 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 00 minutes and 53 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: 4
  8. MHZ: 3912
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 9e
  12. STEPPING: 9
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.418 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 418
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  23. BUILD_TIMESTAMP: unknown_date
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.418
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information was not included in the dump file(s). This
  37. can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ======================= Dump #1: ANALYZE VERBOSE =======================
  41. ====================== File: 072420-74171-01.dmp =======================
  42. ========================================================================
  43.  
  44. Mini Kernel Dump File: Only registers and stack trace are available
  45. Windows 10 Kernel Version 18362 MP (4 procs) Free x64
  46. Kernel base = 0xfffff803`20e00000 PsLoadedModuleList = 0xfffff803`21248210
  47. Debug session time: Fri Jul 24 00:56:12.252 2020 (UTC - 4:00)
  48. System Uptime: 0 days 1:01:18.925
  49.  
  50. BugCheck 1A, {3f, 67cf, 67cf, bc9aadd3}
  51. *** WARNING: Unable to verify timestamp for win32k.sys
  52. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  53. Probably caused by : memory_corruption
  54. Followup: memory_corruption
  55. *** Memory manager detected 1 instance(s) of corrupted pagefilepage(s) while performing in-page operations.
  56.  
  57. MEMORY_MANAGEMENT (1a)
  58. # Any other values for parameter 1 must be individually examined.
  59.  
  60. Arguments:
  61. Arg1: 000000000000003f, The subtype of the bugcheck.
  62. Arg2: 00000000000067cf
  63. Arg3: 00000000000067cf
  64. Arg4: 00000000bc9aadd3
  65.  
  66. Debugging Details:
  67. DUMP_CLASS: 1
  68. DUMP_QUALIFIER: 400
  69. DUMP_TYPE: 2
  70. ADDITIONAL_DEBUG_TEXT: Memory Manager detected corruption of a pagefile page while performing an in-page operation.
  71. The data read from storage does not match the original data written.
  72. This indicates the data was corrupted by the storage stack, or device hardware.
  73. BUGCHECK_STR: 0x1a_3f
  74. CUSTOMER_CRASH_COUNT: 1
  75. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  76.  
  77. PROCESS_NAME: MemCompression
  78.  
  79. CURRENT_IRQL: 2
  80. PAGE_HASH_ERRORS_DETECTED: 1
  81. TRAP_FRAME: fffff38ab83fef50 -- (.trap 0xfffff38ab83fef50)
  82. NOTE: The trap frame does not contain all registers.
  83. Some register values may be zeroed or incorrect.
  84. rax=fffff80320f5e100 rbx=0000000000000000 rcx=ffffa181dcf42000
  85. rdx=ffffa181dcf42000 rsi=0000000000000000 rdi=0000000000000000
  86. rip=fffff80320f5e150 rsp=fffff38ab83ff0e8 rbp=ffffa181dcf42000
  87. r8=000002cf36934830 r9=0000000000000255 r10=ffffa181dcf42ea0
  88. r11=000002cf36934a85 r12=0000000000000000 r13=0000000000000000
  89. r14=0000000000000000 r15=0000000000000000
  90. iopl=0 nv up ei pl zr na po nc
  91. nt!RtlDecompressBufferXpressLz+0x50:
  92. fffff803`20f5e150 418b08 mov ecx,dword ptr [r8] ds:000002cf`36934830=????????
  93. Resetting default scope
  94. LAST_CONTROL_TRANSFER: from fffff80321063d96 to fffff80320fc1220
  95. STACK_TEXT:
  96. fffff38a`b83feab8 fffff803`21063d96 : 00000000`0000001a 00000000`0000003f 00000000`000067cf 00000000`000067cf : nt!KeBugCheckEx
  97. fffff38a`b83feac0 fffff803`20e8df32 : ffffda8d`9b00c200 ffffffff`ffffffff 00000000`00000000 ffffda8d`9b00c2f0 : nt!MiValidatePagefilePageHash+0x10176a
  98. fffff38a`b83feba0 fffff803`20e8d47d : 00000000`00000002 fffff38a`00000000 fffff38a`b83fed58 fffff803`00000000 : nt!MiWaitForInPageComplete+0x472
  99. fffff38a`b83fecb0 fffff803`20e72f9b : 00000000`c0033333 00000000`00000000 000002cf`36934830 fffff38a`b83ff1a0 : nt!MiIssueHardFault+0x1ad
  100. fffff38a`b83fedb0 fffff803`20fcf320 : 00000000`00000000 00000000`00000000 fffff38a`b83ff378 00000000`00000000 : nt!MmAccessFault+0x40b
  101. fffff38a`b83fef50 fffff803`20f5e150 : ffffa181`dcf42000 ffffda8d`9975d050 fffff803`20e5cfc0 ffffa181`dcf42000 : nt!KiPageFault+0x360
  102. fffff38a`b83ff0e8 fffff803`20e5cfc0 : ffffa181`dcf42000 ffffa181`dcf42000 00000000`00000002 000002cf`36934830 : nt!RtlDecompressBufferXpressLz+0x50
  103. fffff38a`b83ff100 fffff803`20f5fed9 : 00000000`00000000 fffff803`00000001 00000000`00000000 ffffda8d`9975e788 : nt!RtlDecompressBufferEx+0x60
  104. fffff38a`b83ff150 fffff803`20f5fd64 : 00000000`00000004 fffff38a`b83ff360 00000000`00000000 00000000`0000006c : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
  105. fffff38a`b83ff230 fffff803`20f5fbe2 : 00000000`00000001 00000000`00004830 ffffda8d`00004830 ffffda8d`00002000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
  106. fffff38a`b83ff280 fffff803`20f5fa0b : 00000000`ffffffff ffffda8d`9ce98000 fffff38a`b83ff360 ffffda8d`9e098690 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
  107. fffff38a`b83ff320 fffff803`20f5f851 : ffffda8d`9ce98000 00000000`00000000 00000000`00000001 ffffda8d`9975e788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
  108. fffff38a`b83ff3d0 fffff803`20f5f761 : ffffda8d`9975d000 ffffda8d`9e098690 ffffda8d`9ce98000 ffffda8d`9975e9b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
  109. fffff38a`b83ff450 fffff803`20e69e18 : ffffda8d`927ad080 ffffda8d`9975d000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
  110. fffff38a`b83ff480 fffff803`20f62cc1 : fffff803`20f5f740 fffff38a`b83ff530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  111. fffff38a`b83ff4f0 fffff803`20f4b941 : fffff38a`b83ff5f0 fffff803`2138db78 ffffda8d`9975d000 fffff38a`b83ff740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
  112. fffff38a`b83ff5c0 fffff803`20f4b527 : 00000000`0000000c ffffda8d`9975d000 fffff38a`b83ff670 ffffda8d`9e098690 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
  113. fffff38a`b83ff610 fffff803`20f61fd3 : 00000000`0000000c ffffda8d`9e098690 00000000`00000002 00000000`00000002 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
  114. fffff38a`b83ff6a0 fffff803`20f636af : ffffda8d`00000002 ffffda8d`9d16e380 00000000`00000000 ffffda8d`9975d000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
  115. fffff38a`b83ff710 fffff803`20e8e05b : ffffda8d`99ada580 00000000`00000001 ffffda8d`99ada640 fffff803`20e74ee6 : nt!SmPageRead+0x33
  116. fffff38a`b83ff760 fffff803`20e8d759 : 00000000`00000002 fffff38a`b83ff7f0 fffff38a`b83ff958 ffffb259`00000178 : nt!MiIssueHardFaultIo+0x117
  117. fffff38a`b83ff7b0 fffff803`20e72f9b : 00000000`c0033333 00000000`00000001 00000000`05f75ee7 ffffda8d`9920bb80 : nt!MiIssueHardFault+0x489
  118. fffff38a`b83ff860 fffff803`20fcf320 : ffffda8d`927ad080 00007ff9`9cb74901 00000000`00d75000 ffffda8d`99ada080 : nt!MmAccessFault+0x40b
  119. fffff38a`b83ffa00 00000000`7730b0c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360
  120. 00000000`1a04d954 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7730b0c8
  121. STACK_COMMAND: kb
  122. CHKIMG_EXTENSION: !chkimg -lo 50 -d !Ndu
  123. fffff8031e45373f-fffff8031e453740 2 bytes - Ndu!NduNblNotifyCallback+8f
  124. [ 48 ff:4c 8b ]
  125. fffff8031e453746-fffff8031e45374a 5 bytes - Ndu!NduNblNotifyCallback+96 (+0x07)
  126. [ 0f 1f 44 00 00:e8 65 e1 cb 05 ]
  127. 7 errors : !Ndu (fffff8031e45373f-fffff8031e45374a)
  128. MODULE_NAME: memory_corruption
  129.  
  130. IMAGE_NAME: memory_corruption
  131.  
  132. FOLLOWUP_NAME: memory_corruption
  133. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  134. MEMORY_CORRUPTOR: LARGE
  135. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  136. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  137. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  138. TARGET_TIME: 2020-07-24T04:56:12.000Z
  139. SUITE_MASK: 272
  140. PRODUCT_TYPE: 1
  141. USER_LCID: 0
  142. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  143. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  144. Followup: memory_corruption
  145. *** Memory manager detected 1 instance(s) of corrupted pagefilepage(s) while performing in-page operations.
  146.  
  147. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  148.  
  149. Sep 12 1975 - klmouflt.sys - Kaspersky Mouse Device Filter https://www.kaspersky.com/
  150. May 05 2007 - klwtp.sys - Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  151. Apr 13 2008 - klbackupdisk.sys - Kaspersky Backup Disk Filter https://www.kaspersky.com/
  152. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  153. May 05 2013 - ScpVBus.sys - Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  154. Jan 07 2015 - klim6.sys - Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  155. Jun 06 2017 - SCDEmu.SYS - PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
  156. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  157. Nov 19 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  158. Mar 16 2018 - kltap.sys - TAP - Windows Virtual Network driver - The OpenVPN Project
  159. Nov 13 2018 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  160. Jan 22 2019 - klupd_klif_kimul.sys - Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  161. Feb 15 2019 - cm_km.sys - Kaspersky Cryptographic Module Driver
  162. Feb 26 2019 - klwfp.sys - Kaspersky Network filtering component https://www.kaspersky.com/
  163. Jul 03 2019 - womic.sys - Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
  164. Feb 12 2020 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  165. Feb 25 2020 - IntcDAud.sys - Intel Display Audio Driver http://www.intel.com/
  166. Mar 13 2020 - klif.sys - Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  167. Mar 20 2020 - klupd_klif_klark.sys - Kaspersky https://www.kaspersky.com/
  168. Mar 20 2020 - klupd_klif_mark.sys - Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  169. Mar 22 2020 - klupd_klif_arkmon.sys - Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
  170. Apr 02 2020 - tapprotonvpn.sys - Proton TAP VPN driver http://www.protonvpn.com/
  171. Apr 28 2020 - klgse.sys - Kaspersky Security Extender driver
  172. Apr 28 2020 - klhk.sys - Kaspersky Lab service driver https://www.kaspersky.com/
  173. May 19 2020 - igdkmd64.sys - Intel HD graphics driver
  174. Jun 11 2020 - klids.sys - Kaspersky Lab IDS Engine https://www.kaspersky.com/
  175. Jun 13 2020 - vgk.sys - Vanguard Anti-Cheat driver
  176. Jun 17 2020 - klupd_klif_klbg.sys - Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
  177. Nov 16 2021 - klkbdflt.sys - Kaspersky Keyboard Device Filter https://www.kaspersky.com/
  178. Mar 13 2029 - klpd.sys - Kaspersky Format Recognizer https://www.kaspersky.com/
  179. Aug 13 2029 - klflt.sys - Kaspersky Filter Core https://www.kaspersky.com/
  180. ***** Invalid (946E4501) - klbackupflt.sys - Kaspersky Backup File Filter https://www.kaspersky.com/
  181. ***** Invalid (B1F414C8) - kldisk.sys - Kaspersky Virtual Disk driver https://www.kaspersky.com/
  182. ***** Invalid (E34C73F4) - kneps.sys - Kaspersky KNEPS Power https://www.kaspersky.com/
  183.  
  184. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  185.  
  186. Image path: \SystemRoot\system32\DRIVERS\klmouflt.sys
  187. Image name: klmouflt.sys
  188. Search : https://www.google.com/search?q=klmouflt.sys
  189. ADA Info : Kaspersky Mouse Device Filter https://www.kaspersky.com/
  190. Timestamp : Fri Sep 12 1975
  191.  
  192. Image path: \SystemRoot\system32\DRIVERS\klwtp.sys
  193. Image name: klwtp.sys
  194. Search : https://www.google.com/search?q=klwtp.sys
  195. ADA Info : Kaspersky WFP Network Connection Filter Driver https://www.kaspersky.com/
  196. Timestamp : Sat May 5 2007
  197.  
  198. Image path: \SystemRoot\system32\DRIVERS\klbackupdisk.sys
  199. Image name: klbackupdisk.sys
  200. Search : https://www.google.com/search?q=klbackupdisk.sys
  201. ADA Info : Kaspersky Backup Disk Filter https://www.kaspersky.com/
  202. Timestamp : Sun Apr 13 2008
  203.  
  204. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  205. Image name: AsUpIO.sys
  206. Search : https://www.google.com/search?q=AsUpIO.sys
  207. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  208. Timestamp : Mon Aug 2 2010
  209.  
  210. Image path: \SystemRoot\System32\drivers\ScpVBus.sys
  211. Image name: ScpVBus.sys
  212. Search : https://www.google.com/search?q=ScpVBus.sys
  213. ADA Info : Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus driver http://forums.pcsx2.net/
  214. Timestamp : Sun May 5 2013
  215.  
  216. Image path: \SystemRoot\system32\DRIVERS\klim6.sys
  217. Image name: klim6.sys
  218. Search : https://www.google.com/search?q=klim6.sys
  219. ADA Info : Kaspersky Lab Intermediate Network Driver https://www.kaspersky.com/
  220. Timestamp : Wed Jan 7 2015
  221.  
  222. Image path: \SystemRoot\System32\Drivers\SCDEmu.SYS
  223. Image name: SCDEmu.SYS
  224. Search : https://www.google.com/search?q=SCDEmu.SYS
  225. ADA Info : PowerISO Virtual driver (PowerISO Computing) https://www.poweriso.com/
  226. Timestamp : Tue Jun 6 2017
  227.  
  228. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  229. Image name: YSDrv.sys
  230. Search : https://www.google.com/search?q=YSDrv.sys
  231. ADA Info : VirtualBox Support driver
  232. Timestamp : Wed Oct 11 2017
  233.  
  234. Mapped memory image file: C:\ProgramData\dbg\sym\TeeDriverW8x64.sys\5A116D8F34000\TeeDriverW8x64.sys
  235. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
  236. Image name: TeeDriverW8x64.sys
  237. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  238. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  239. Timestamp : Sun Nov 19 2017
  240. File version: 11.7.0.1057
  241. Product version: 11.7.0.1057
  242. File flags: 8 (Mask 3F) Private
  243. File OS: 40004 NT Win32
  244. File type: 3.7 Driver
  245. File date: 00000000.00000000
  246. CompanyName: Intel Corporation
  247. ProductName: Intel(R) Management Engine Interface
  248. InternalName: TeeDriverx64.sys
  249. OriginalFilename: TeeDriverx64.sys
  250. ProductVersion: 11.7.0.1057
  251. FileVersion: 11.7.0.1057
  252. FileDescription: Intel(R) Management Engine Interface
  253. LegalCopyright: Copyright © 2006-2015, Intel Corporation. All rights reserved.
  254.  
  255. Image path: \SystemRoot\System32\drivers\kltap.sys
  256. Image name: kltap.sys
  257. Search : https://www.google.com/search?q=kltap.sys
  258. ADA Info : TAP - Windows Virtual Network driver - The OpenVPN Project
  259. Timestamp : Fri Mar 16 2018
  260.  
  261. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  262. Image name: RTKVHD64.sys
  263. Search : https://www.google.com/search?q=RTKVHD64.sys
  264. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  265. Timestamp : Tue Nov 13 2018
  266.  
  267. Image path: \SystemRoot\System32\Drivers\klupd_klif_kimul.sys
  268. Image name: klupd_klif_kimul.sys
  269. Search : https://www.google.com/search?q=klupd_klif_kimul.sys
  270. ADA Info : Kaspersky Kernel Heuristics Engine https://www.kaspersky.com/
  271. Timestamp : Tue Jan 22 2019
  272.  
  273. Image path: \SystemRoot\system32\DRIVERS\cm_km.sys
  274. Image name: cm_km.sys
  275. Search : https://www.google.com/search?q=cm_km.sys
  276. ADA Info : Kaspersky Cryptographic Module Driver
  277. Timestamp : Fri Feb 15 2019
  278.  
  279. Image path: \SystemRoot\system32\DRIVERS\klwfp.sys
  280. Image name: klwfp.sys
  281. Search : https://www.google.com/search?q=klwfp.sys
  282. ADA Info : Kaspersky Network filtering component https://www.kaspersky.com/
  283. Timestamp : Tue Feb 26 2019
  284.  
  285. Image path: \SystemRoot\system32\drivers\womic.sys
  286. Image name: womic.sys
  287. Search : https://www.google.com/search?q=womic.sys
  288. ADA Info : Wireless Orange Mic driver http://www.wirelessorange.com/womic/ or wolicheng.com
  289. Timestamp : Wed Jul 3 2019
  290.  
  291. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  292. Image name: rt640x64.sys
  293. Search : https://www.google.com/search?q=rt640x64.sys
  294. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  295. Timestamp : Wed Feb 12 2020
  296.  
  297. Image path: \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys
  298. Image name: IntcDAud.sys
  299. Search : https://www.google.com/search?q=IntcDAud.sys
  300. ADA Info : Intel Display Audio Driver http://www.intel.com/
  301. Timestamp : Tue Feb 25 2020
  302.  
  303. Image path: \SystemRoot\system32\DRIVERS\klif.sys
  304. Image name: klif.sys
  305. Search : https://www.google.com/search?q=klif.sys
  306. ADA Info : Kaspersky Lab Intruder Filter driver https://www.kaspersky.com/
  307. Timestamp : Fri Mar 13 2020
  308.  
  309. Image path: \SystemRoot\System32\Drivers\klupd_klif_klark.sys
  310. Image name: klupd_klif_klark.sys
  311. Search : https://www.google.com/search?q=klupd_klif_klark.sys
  312. ADA Info : Kaspersky https://www.kaspersky.com/
  313. Timestamp : Fri Mar 20 2020
  314.  
  315. Image path: \SystemRoot\System32\Drivers\klupd_klif_mark.sys
  316. Image name: klupd_klif_mark.sys
  317. Search : https://www.google.com/search?q=klupd_klif_mark.sys
  318. ADA Info : Kaspersky Lab Anti-Rootkit Engine https://www.kaspersky.com
  319. Timestamp : Fri Mar 20 2020
  320.  
  321. Image path: \SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
  322. Image name: klupd_klif_arkmon.sys
  323. Search : https://www.google.com/search?q=klupd_klif_arkmon.sys
  324. ADA Info : Kaspersky Anti-Virus Anti-Rootkit Monitor https://www.kaspersky.com/
  325. Timestamp : Sun Mar 22 2020
  326.  
  327. Image path: \SystemRoot\System32\drivers\tapprotonvpn.sys
  328. Image name: tapprotonvpn.sys
  329. Search : https://www.google.com/search?q=tapprotonvpn.sys
  330. ADA Info : Proton TAP VPN driver http://www.protonvpn.com/
  331. Timestamp : Thu Apr 2 2020
  332.  
  333. Image path: \SystemRoot\system32\DRIVERS\klgse.sys
  334. Image name: klgse.sys
  335. Search : https://www.google.com/search?q=klgse.sys
  336. ADA Info : Kaspersky Security Extender driver
  337. Timestamp : Tue Apr 28 2020
  338.  
  339. Image path: \SystemRoot\system32\DRIVERS\klhk.sys
  340. Image name: klhk.sys
  341. Search : https://www.google.com/search?q=klhk.sys
  342. ADA Info : Kaspersky Lab service driver https://www.kaspersky.com/
  343. Timestamp : Tue Apr 28 2020
  344.  
  345. Image path: \SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_29d4e3e2513aa913\igdkmd64.sys
  346. Image name: igdkmd64.sys
  347. Search : https://www.google.com/search?q=igdkmd64.sys
  348. ADA Info : Intel HD graphics driver
  349. Timestamp : Tue May 19 2020
  350.  
  351. Image path: \??\C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys
  352. Image name: klids.sys
  353. Search : https://www.google.com/search?q=klids.sys
  354. ADA Info : Kaspersky Lab IDS Engine https://www.kaspersky.com/
  355. Timestamp : Thu Jun 11 2020
  356.  
  357. Image path: \??\C:\Program Files\Riot Vanguard\vgk.sys
  358. Image name: vgk.sys
  359. Search : https://www.google.com/search?q=vgk.sys
  360. ADA Info : Vanguard Anti-Cheat driver
  361. Timestamp : Sat Jun 13 2020
  362.  
  363. Image path: \SystemRoot\System32\Drivers\klupd_klif_klbg.sys
  364. Image name: klupd_klif_klbg.sys
  365. Search : https://www.google.com/search?q=klupd_klif_klbg.sys
  366. ADA Info : Kaspersky Anti-Virus Lab Boot Guard Driver https://www.kaspersky.com/
  367. Timestamp : Wed Jun 17 2020
  368.  
  369. Image path: \SystemRoot\system32\DRIVERS\klkbdflt.sys
  370. Image name: klkbdflt.sys
  371. Search : https://www.google.com/search?q=klkbdflt.sys
  372. ADA Info : Kaspersky Keyboard Device Filter https://www.kaspersky.com/
  373. Timestamp : Tue Nov 16 2021
  374.  
  375. Image path: \SystemRoot\system32\DRIVERS\klpd.sys
  376. Image name: klpd.sys
  377. Search : https://www.google.com/search?q=klpd.sys
  378. ADA Info : Kaspersky Format Recognizer https://www.kaspersky.com/
  379. Timestamp : Tue Mar 13 2029
  380.  
  381. Image path: \SystemRoot\system32\DRIVERS\klflt.sys
  382. Image name: klflt.sys
  383. Search : https://www.google.com/search?q=klflt.sys
  384. ADA Info : Kaspersky Filter Core https://www.kaspersky.com/
  385. Timestamp : Mon Aug 13 2029
  386.  
  387. Image path: \SystemRoot\system32\DRIVERS\klbackupflt.sys
  388. Image name: klbackupflt.sys
  389. Search : https://www.google.com/search?q=klbackupflt.sys
  390. ADA Info : Kaspersky Backup File Filter https://www.kaspersky.com/
  391. Timestamp : ***** Invalid (946E4501)
  392.  
  393. Image path: \SystemRoot\system32\DRIVERS\kldisk.sys
  394. Image name: kldisk.sys
  395. Search : https://www.google.com/search?q=kldisk.sys
  396. ADA Info : Kaspersky Virtual Disk driver https://www.kaspersky.com/
  397. Timestamp : ***** Invalid (B1F414C8)
  398.  
  399. Image path: \SystemRoot\system32\DRIVERS\kneps.sys
  400. Image name: kneps.sys
  401. Search : https://www.google.com/search?q=kneps.sys
  402. ADA Info : Kaspersky KNEPS Power https://www.kaspersky.com/
  403. Timestamp : ***** Invalid (E34C73F4)
  404.  
  405. ====================== Dump #1: MICROSOFT DRIVERS ======================
  406.  
  407. ACPI.sys ACPI Driver for NT (Microsoft)
  408. acpiex.sys ACPIEx Driver (Microsoft)
  409. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  410. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  411. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  412. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  413. ahcache.sys Application Compatibility Cache (Microsoft)
  414. bam.sys BAM Kernal driver (Microsoft)
  415. BasicDisplay.sys Basic Display driver (Microsoft)
  416. BasicRender.sys Basic Render driver (Microsoft)
  417. Beep.SYS BEEP driver (Microsoft)
  418. BOOTVID.dll VGA Boot Driver (Microsoft)
  419. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  420. cdd.dll Canonical Display Driver (Microsoft)
  421. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  422. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  423. CI.dll Code Integrity Module (Microsoft)
  424. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  425. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  426. CLFS.SYS Common Log File System Driver (Microsoft)
  427. clipsp.sys CLIP Service (Microsoft)
  428. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  429. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  430. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  431. condrv.sys Console Driver (Microsoft)
  432. crashdmp.sys Crash Dump driver (Microsoft)
  433. csc.sys Windows Client Side Caching driver (Microsoft)
  434. dfsc.sys DFS Namespace Client Driver (Microsoft)
  435. disk.sys PnP Disk Driver (Microsoft)
  436. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  437. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  438. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  439. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  440. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  441. dxgmms2.sys DirectX Graphics MMS
  442. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  443. fastfat.SYS Fast FAT File System Driver (Microsoft)
  444. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  445. fileinfo.sys FileInfo Filter Driver (Microsoft)
  446. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  447. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  448. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  449. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  450. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  451. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  452. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  453. HIDCLASS.SYS Hid Class Library (Microsoft)
  454. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  455. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  456. HTTP.sys HTTP Protocol Stack (Microsoft)
  457. intelpep.sys Intel Power Engine Plugin (Microsoft)
  458. intelppm.sys Processor Device Driver (Microsoft)
  459. iorate.sys I/O rate control Filter (Microsoft)
  460. kbdclass.sys Keyboard Class Driver (Microsoft)
  461. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  462. kd.dll Local Kernal Debugger (Microsoft)
  463. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  464. ks.sys Kernal CSA Library (Microsoft)
  465. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  466. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  467. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  468. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  469. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  470. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  471. mmcss.sys MMCSS Driver (Microsoft)
  472. monitor.sys Monitor Driver (Microsoft)
  473. mouclass.sys Mouse Class Driver (Microsoft)
  474. mouhid.sys HID Mouse Filter Driver (Microsoft)
  475. mountmgr.sys Mount Point Manager (Microsoft)
  476. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  477. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  478. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  479. Msfs.SYS Mailslot driver (Microsoft)
  480. msisadrv.sys ISA Driver (Microsoft)
  481. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  482. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  483. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  484. mssmbios.sys System Management BIOS driver (Microsoft)
  485. mup.sys Multiple UNC Provider driver (Microsoft)
  486. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  487. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  488. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  489. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  490. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  491. NDProxy.sys NDIS Proxy driver (Microsoft)
  492. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  493. netbios.sys NetBIOS Interface driver (Microsoft)
  494. netbt.sys MBT Transport driver (Microsoft)
  495. NETIO.SYS Network I/O Subsystem (Microsoft)
  496. Npfs.SYS NPFS driver (Microsoft)
  497. npsvctrig.sys Named pipe service triggers (Microsoft)
  498. nsiproxy.sys NSI Proxy driver (Microsoft)
  499. Ntfs.sys NT File System Driver (Microsoft)
  500. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  501. ntosext.sys NTOS Extension Host driver (Microsoft)
  502. Null.SYS NULL Driver (Microsoft)
  503. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  504. pacer.sys QoS Packet Scheduler (Microsoft)
  505. parport.sys Parallel Port Driver (Microsoft)
  506. partmgr.sys Partition driver (Microsoft)
  507. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  508. pcw.sys Performance Counter Driver (Microsoft)
  509. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  510. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  511. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  512. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  513. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  514. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  515. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  516. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  517. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  518. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  519. rdyboost.sys ReadyBoost Driver (Microsoft)
  520. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  521. serenum.sys Serial Port Enumerator (Microsoft)
  522. serial.sys Serial Device Driver
  523. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  524. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  525. spaceport.sys Storage Spaces driver (Microsoft)
  526. srv2.sys Smb 2.0 Server driver (Microsoft)
  527. srvnet.sys Server Network driver (Microsoft)
  528. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  529. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  530. storqosflt.sys Storage QoS Filter driver (Microsoft)
  531. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  532. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  533. tcpip.sys TCP/IP Protocol driver (Microsoft)
  534. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  535. TDI.SYS TDI Wrapper driver (Microsoft)
  536. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  537. tm.sys Kernel Transaction Manager driver (Microsoft)
  538. ucx01000.sys USB Controller Extension (Microsoft)
  539. UEFI.sys UEFI NT driver (Microsoft)
  540. umbus.sys User-Mode Bus Enumerator (Microsoft)
  541. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  542. USBD.SYS Universal Serial Bus Driver (Microsoft)
  543. UsbHub3.sys USB3 HUB driver (Microsoft)
  544. USBXHCI.SYS USB XHCI driver (Microsoft)
  545. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  546. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  547. volmgr.sys Volume Manager Driver (Microsoft)
  548. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  549. volsnap.sys Volume Shadow Copy driver (Microsoft)
  550. volume.sys Volume driver (Microsoft)
  551. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  552. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  553. watchdog.sys Watchdog driver (Microsoft)
  554. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  555. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  556. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  557. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  558. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  559. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  560. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  561. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  562. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  563. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  564. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  565. winquic.sys QUIC Transport Protocol driver (Microsoft)
  566. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  567. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  568. Wof.sys Windows Overlay Filter (Microsoft)
  569. WppRecorder.sys WPP Trace Recorder (Microsoft)
  570.  
  571. ====================== Dump #1: UNLOADED MODULES =======================
  572.  
  573. fffff803`2b7b0000 fffff803`2b7e9000 klids.sys
  574. fffff803`2a0b0000 fffff803`2a0bf000 dump_storpor
  575. fffff803`2a0f0000 fffff803`2a11f000 dump_storahc
  576. fffff803`2a140000 fffff803`2a15e000 dump_dumpfve
  577. fffff803`1f8b0000 fffff803`1f8bb000 klpnpflt.sys
  578. fffff803`1f840000 fffff803`1f84b000 klpnpflt.sys
  579. fffff803`2bc10000 fffff803`2bc1b000 klpnpflt.sys
  580. fffff803`2b850000 fffff803`2b86e000 dam.sys
  581. fffff803`233b0000 fffff803`233be000 klelam.sys
  582. fffff803`243e0000 fffff803`243f0000 hwpolicy.sys
  583.  
  584. ====================== Dump #1: BIOS INFORMATION =======================
  585.  
  586. sysinfo: could not find necessary interfaces.
  587. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  588.  
  589. ========================== Dump #1: Extra #1 ===========================
  590.  
  591. 0: kd> !verifier
  592. Verify Flags Level 0x00000000
  593. STANDARD FLAGS:
  594. [X] (0x00000000) Automatic Checks
  595. [ ] (0x00000001) Special pool
  596. [ ] (0x00000002) Force IRQL checking
  597. [ ] (0x00000008) Pool tracking
  598. [ ] (0x00000010) I/O verification
  599. [ ] (0x00000020) Deadlock detection
  600. [ ] (0x00000080) DMA checking
  601. [ ] (0x00000100) Security checks
  602. [ ] (0x00000800) Miscellaneous checks
  603. [ ] (0x00020000) DDI compliance checking
  604. ADDITIONAL FLAGS:
  605. [ ] (0x00000004) Randomized low resources simulation
  606. [ ] (0x00000200) Force pending I/O requests
  607. [ ] (0x00000400) IRP logging
  608. [ ] (0x00002000) Invariant MDL checking for stack
  609. [ ] (0x00004000) Invariant MDL checking for driver
  610. [ ] (0x00008000) Power framework delay fuzzing
  611. [ ] (0x00010000) Port/miniport interface checking
  612. [ ] (0x00040000) Systematic low resources simulation
  613. [ ] (0x00080000) DDI compliance checking (additional)
  614. [ ] (0x00200000) NDIS/WIFI verification
  615. [ ] (0x00800000) Kernel synchronization delay fuzzing
  616. [ ] (0x01000000) VM switch verification
  617. [ ] (0x02000000) Code integrity checks
  618. [X] Indicates flag is enabled
  619. Summary of All Verifier Statistics
  620. RaiseIrqls 0x0
  621. AcquireSpinLocks 0x0
  622. Synch Executions 0x0
  623. Trims 0x0
  624. Pool Allocations Attempted 0x0
  625. Pool Allocations Succeeded 0x0
  626. Pool Allocations Succeeded SpecialPool 0x0
  627. Pool Allocations With NO TAG 0x0
  628. Pool Allocations Failed 0x0
  629. Current paged pool allocations 0x0 for 00000000 bytes
  630. Peak paged pool allocations 0x0 for 00000000 bytes
  631. Current nonpaged pool allocations 0x0 for 00000000 bytes
  632. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  633.  
  634. ========================== Dump #1: Extra #2 ===========================
  635.  
  636. 0: kd> !thread
  637. THREAD ffffda8d927ad080 Cid 0ee8.2554 Teb: 0000000000d75000 Win32Thread: ffffda8d969e5480 RUNNING on processor 0
  638. Impersonation token: ffffb282bbd240a0 (Level Impersonation)
  639. GetUlongFromAddress: unable to read from fffff8032122ca14
  640. Owning Process ffffda8d99ada080 Image: System Process
  641. Attached Process ffffda8d90b82040 Image: MemCompression
  642. fffff78000000000: Unable to get shared data
  643. Wait Start TickCount 235451
  644. Context Switch Count 293980 IdealProcessor: 0
  645. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  646. UserTime 00:00:00.000
  647. KernelTime 00:00:00.000
  648. Win32 Start Address 0x0000000074c42450
  649. Stack Init fffff38ab83ffb90 Current fffff38ab83fe800
  650. Base fffff38ab8400000 Limit fffff38ab83f9000 Call 0000000000000000
  651. Priority 5 BasePriority 4 PriorityDecrement 0 IoPriority 0 PagePriority 1
  652. Child-SP RetAddr : Args to Child : Call Site
  653. fffff38a`b83feab8 fffff803`21063d96 : 00000000`0000001a 00000000`0000003f 00000000`000067cf 00000000`000067cf : nt!KeBugCheckEx
  654. fffff38a`b83feac0 fffff803`20e8df32 : ffffda8d`9b00c200 ffffffff`ffffffff 00000000`00000000 ffffda8d`9b00c2f0 : nt!MiValidatePagefilePageHash+0x10176a
  655. fffff38a`b83feba0 fffff803`20e8d47d : 00000000`00000002 fffff38a`00000000 fffff38a`b83fed58 fffff803`00000000 : nt!MiWaitForInPageComplete+0x472
  656. fffff38a`b83fecb0 fffff803`20e72f9b : 00000000`c0033333 00000000`00000000 000002cf`36934830 fffff38a`b83ff1a0 : nt!MiIssueHardFault+0x1ad
  657. fffff38a`b83fedb0 fffff803`20fcf320 : 00000000`00000000 00000000`00000000 fffff38a`b83ff378 00000000`00000000 : nt!MmAccessFault+0x40b
  658. fffff38a`b83fef50 fffff803`20f5e150 : ffffa181`dcf42000 ffffda8d`9975d050 fffff803`20e5cfc0 ffffa181`dcf42000 : nt!KiPageFault+0x360 (TrapFrame @ fffff38a`b83fef50)
  659. fffff38a`b83ff0e8 fffff803`20e5cfc0 : ffffa181`dcf42000 ffffa181`dcf42000 00000000`00000002 000002cf`36934830 : nt!RtlDecompressBufferXpressLz+0x50
  660. fffff38a`b83ff100 fffff803`20f5fed9 : 00000000`00000000 fffff803`00000001 00000000`00000000 ffffda8d`9975e788 : nt!RtlDecompressBufferEx+0x60
  661. fffff38a`b83ff150 fffff803`20f5fd64 : 00000000`00000004 fffff38a`b83ff360 00000000`00000000 00000000`0000006c : nt!ST_STORE<SM_TRAITS>::StDmSinglePageCopy+0x155
  662. fffff38a`b83ff230 fffff803`20f5fbe2 : 00000000`00000001 00000000`00004830 ffffda8d`00004830 ffffda8d`00002000 : nt!ST_STORE<SM_TRAITS>::StDmSinglePageTransfer+0xa0
  663. fffff38a`b83ff280 fffff803`20f5fa0b : 00000000`ffffffff ffffda8d`9ce98000 fffff38a`b83ff360 ffffda8d`9e098690 : nt!ST_STORE<SM_TRAITS>::StDmpSinglePageRetrieve+0x186
  664. fffff38a`b83ff320 fffff803`20f5f851 : ffffda8d`9ce98000 00000000`00000000 00000000`00000001 ffffda8d`9975e788 : nt!ST_STORE<SM_TRAITS>::StDmPageRetrieve+0xcb
  665. fffff38a`b83ff3d0 fffff803`20f5f761 : ffffda8d`9975d000 ffffda8d`9e098690 ffffda8d`9ce98000 ffffda8d`9975e9b0 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadIssue+0x85
  666. fffff38a`b83ff450 fffff803`20e69e18 : ffffda8d`927ad080 ffffda8d`9975d000 00000000`00000000 00000000`00000000 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectReadCallout+0x21
  667. fffff38a`b83ff480 fffff803`20f62cc1 : fffff803`20f5f740 fffff38a`b83ff530 00000000`00000003 00000000`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  668. fffff38a`b83ff4f0 fffff803`20f4b941 : fffff38a`b83ff5f0 fffff803`2138db78 ffffda8d`9975d000 fffff38a`b83ff740 : nt!SMKM_STORE<SM_TRAITS>::SmStDirectRead+0xcd
  669. fffff38a`b83ff5c0 fffff803`20f4b527 : 00000000`0000000c ffffda8d`9975d000 fffff38a`b83ff670 ffffda8d`9e098690 : nt!SMKM_STORE<SM_TRAITS>::SmStWorkItemQueue+0x1a5
  670. fffff38a`b83ff610 fffff803`20f61fd3 : 00000000`0000000c ffffda8d`9e098690 00000000`00000002 00000000`00000002 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmIoCtxQueueWork+0xbf
  671. fffff38a`b83ff6a0 fffff803`20f636af : ffffda8d`00000002 ffffda8d`9d16e380 00000000`00000000 ffffda8d`9975d000 : nt!SMKM_STORE_MGR<SM_TRAITS>::SmPageRead+0x167
  672. fffff38a`b83ff710 fffff803`20e8e05b : ffffda8d`99ada580 00000000`00000001 ffffda8d`99ada640 fffff803`20e74ee6 : nt!SmPageRead+0x33
  673. fffff38a`b83ff760 fffff803`20e8d759 : 00000000`00000002 fffff38a`b83ff7f0 fffff38a`b83ff958 ffffb259`00000178 : nt!MiIssueHardFaultIo+0x117
  674. fffff38a`b83ff7b0 fffff803`20e72f9b : 00000000`c0033333 00000000`00000001 00000000`05f75ee7 ffffda8d`9920bb80 : nt!MiIssueHardFault+0x489
  675. fffff38a`b83ff860 fffff803`20fcf320 : ffffda8d`927ad080 00007ff9`9cb74901 00000000`00d75000 ffffda8d`99ada080 : nt!MmAccessFault+0x40b
  676. fffff38a`b83ffa00 00000000`7730b0c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x360 (TrapFrame @ fffff38a`b83ffa00)
  677. 00000000`1a04d954 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7730b0c8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!