API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 3rd, 2020
45
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.56 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 03 minutes and 28 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: c
  8. MHZ: 3400
  9. VENDOR: AuthenticAMD
  10. FAMILY: 17
  11. MODEL: 8
  12. STEPPING: 2
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS
  16. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  17. BUILD_VERSION: 10.0.18362.592 (WinBuild.160101.0800)
  18. BUILD: 18362
  19. SERVICEPACK: 592
  20. PLATFORM_TYPE: x64
  21. NAME: Windows 10
  22. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  23. BUILD_TIMESTAMP: 1972-08-21 20:24:00
  24. BUILDDATESTAMP: 160101.0800
  25. BUILDLAB: WinBuild
  26. BUILDOSVER: 10.0.18362.592
  27.  
  28. =============================== DEBUGGER ===============================
  29. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  30. Copyright (c) Microsoft Corporation. All rights reserved.
  31.  
  32. =============================== COMMENTS ===============================
  33. * Information gathered from different dump files may be different. If
  34. Windows updates between two dump files, two or more OS versions may
  35. be shown above.
  36. * Additional BIOS information was not included in the dump file(s). This
  37. can be caused by an outdated BIOS.
  38.  
  39. ========================================================================
  40. ======================= Dump #1: ANALYZE VERBOSE =======================
  41. ====================== File: 070320-19578-01.dmp =======================
  42. ========================================================================
  43.  
  44. Mini Kernel Dump File: Only registers and stack trace are available
  45. Windows 10 Kernel Version 18362 MP (12 procs) Free x64
  46. Kernel base = 0xfffff806`02a00000 PsLoadedModuleList = 0xfffff806`02e48150
  47. Debug session time: Fri Jul 3 07:35:42.731 2020 (UTC - 4:00)
  48. System Uptime: 0 days 0:12:58.394
  49.  
  50. BugCheck A, {ffff8584902a3c50, ff, 0, fffff80602bc4795}
  51. *** WARNING: Unable to verify timestamp for win32k.sys
  52. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  53. Probably caused by : memory_corruption
  54. Followup: memory_corruption
  55.  
  56. IRQL_NOT_LESS_OR_EQUAL (a)
  57. An attempt was made to access a pageable (or completely invalid) address at an
  58. interrupt request level (IRQL) that is too high. This is usually
  59. caused by drivers using improper addresses.
  60. If a kernel debugger is available get the stack backtrace.
  61.  
  62. Arguments:
  63. Arg1: ffff8584902a3c50, memory referenced
  64. Arg2: 00000000000000ff, IRQL
  65. Arg3: 0000000000000000, bitfield :
  66. bit 0 : value 0 = read operation, 1 = write operation
  67. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
  68. Arg4: fffff80602bc4795, address which referenced memory
  69.  
  70. Debugging Details:
  71. DUMP_CLASS: 1
  72. DUMP_QUALIFIER: 400
  73. DUMP_TYPE: 2
  74. READ_ADDRESS: fffff80602f733b8: Unable to get MiVisibleState
  75. ffff8584902a3c50
  76. CURRENT_IRQL: 0
  77. FAULTING_IP:
  78. nt!KiIsrLinkage+2f4
  79. fffff806`02bc4795 488b4650 mov rax,qword ptr [rsi+50h]
  80. CUSTOMER_CRASH_COUNT: 1
  81. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  82. BUGCHECK_STR: AV
  83.  
  84. PROCESS_NAME: System
  85.  
  86. TRAP_FRAME: fffff3818ce6f940 -- (.trap 0xfffff3818ce6f940)
  87. NOTE: The trap frame does not contain all registers.
  88. Some register values may be zeroed or incorrect.
  89. rax=00000000000000d1 rbx=0000000000000000 rcx=0000000000000002
  90. rdx=ffff84849634f100 rsi=0000000000000000 rdi=0000000000000000
  91. rip=fffff80602bc4795 rsp=fffff3818ce6fad0 rbp=fffff3818ce6fb50
  92. r8=0000000000000008 r9=0000000000000000 r10=0000fffff80608f5
  93. r11=ffffbcfe2b800000 r12=0000000000000000 r13=0000000000000000
  94. r14=0000000000000000 r15=0000000000000000
  95. iopl=0 nv up di ng nz na po nc
  96. nt!KiIsrLinkage+0x2f4:
  97. fffff806`02bc4795 488b4650 mov rax,qword ptr [rsi+50h] ds:00000000`00000050=????????????????
  98. Resetting default scope
  99. LAST_CONTROL_TRANSFER: from fffff80602bd32e9 to fffff80602bc14e0
  100. STACK_TEXT:
  101. fffff381`8ce6f7f8 fffff806`02bd32e9 : 00000000`0000000a ffff8584`902a3c50 00000000`000000ff 00000000`00000000 : nt!KeBugCheckEx
  102. fffff381`8ce6f800 fffff806`02bcf62b : 00000000`031ca100 00000001`cff595ad 00000001`00000002 ffff8484`9634f010 : nt!KiBugCheckDispatch+0x69
  103. fffff381`8ce6f940 fffff806`02bc4795 : 00000000`00000001 ffffcd01`031ca180 fffff381`8ce6fc00 00000000`00000001 : nt!KiPageFault+0x46b
  104. fffff381`8ce6fad0 fffff806`02bc4fee : ffffffff`00000000 ffffcd01`031ca180 ffff8484`9793c080 00000000`00001298 : nt!KiIsrLinkage+0x2f4
  105. fffff381`8ce6fc60 00000000`00000000 : fffff381`8ce70000 fffff381`8ce6a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x4e
  106. STACK_COMMAND: kb
  107. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  108. fffff80602bc48de-fffff80602bc48df 2 bytes - nt!KiIsrLinkage+43d
  109. [ 48 ff:4c 8b ]
  110. fffff80602bc48e5-fffff80602bc48e9 5 bytes - nt!KiIsrLinkage+444 (+0x07)
  111. [ 0f 1f 44 00 00:e8 86 b7 d9 ff ]
  112. fffff80602bc4ce0-fffff80602bc4ce4 5 bytes - nt!KiCallUserMode+220 (+0x3fb)
  113. [ ff e1 cc cc cc:e8 db f3 18 00 ]
  114. 12 errors : !nt (fffff80602bc48de-fffff80602bc4ce4)
  115. MODULE_NAME: memory_corruption
  116.  
  117. IMAGE_NAME: memory_corruption
  118.  
  119. FOLLOWUP_NAME: memory_corruption
  120. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  121. MEMORY_CORRUPTOR: LARGE
  122. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  123. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  124. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  125. TARGET_TIME: 2020-07-03T11:35:42.000Z
  126. SUITE_MASK: 272
  127. PRODUCT_TYPE: 1
  128. USER_LCID: 0
  129. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  130. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  131. Followup: memory_corruption
  132.  
  133. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  134.  
  135. Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  136. Jun 05 2017 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
  137. Apr 12 2018 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
  138. Oct 22 2018 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  139. Feb 07 2019 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  140. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  141. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  142. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  143. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  144.  
  145. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  146.  
  147. Image path: \SystemRoot\System32\drivers\amdgpio3.sys
  148. Image name: amdgpio3.sys
  149. Search : https://www.google.com/search?q=amdgpio3.sys
  150. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  151. Timestamp : Mon Mar 14 2016
  152.  
  153. Image path: \SystemRoot\system32\DRIVERS\amdpsp.sys
  154. Image name: amdpsp.sys
  155. Search : https://www.google.com/search?q=amdpsp.sys
  156. ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
  157. Timestamp : Mon Jun 5 2017
  158.  
  159. Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
  160. Image name: AMDPCIDev.sys
  161. Search : https://www.google.com/search?q=AMDPCIDev.sys
  162. ADA Info : Advanced Micro Devices PCI Device driver
  163. Timestamp : Thu Apr 12 2018
  164.  
  165. Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5BCDE005a6000\rt640x64.sys
  166. Image path: \SystemRoot\System32\drivers\rt640x64.sys
  167. Image name: rt640x64.sys
  168. Search : https://www.google.com/search?q=rt640x64.sys
  169. ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
  170. Timestamp : Mon Oct 22 2018
  171. File version: 9.1.409.2015
  172. Product version: 9.1.409.2015
  173. File flags: 8 (Mask 3F) Private
  174. File OS: 40004 NT Win32
  175. File type: 3.6 Driver
  176. File date: 00000000.00000000
  177. CompanyName: Realtek
  178. ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
  179. InternalName: rt640x64.sys
  180. OriginalFilename: rt640x64.sys
  181. ProductVersion: 9.001.0409.2015
  182. FileVersion: 9.001.0409.2015
  183. FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
  184. LegalCopyright: Copyright (C) 2018 Realtek Semiconductor Corporation. All Right Reserved.
  185.  
  186. Mapped memory image file: C:\ProgramData\dbg\sym\amdgpio2.sys\5C5BFB24c000\amdgpio2.sys
  187. Image path: \SystemRoot\System32\drivers\amdgpio2.sys
  188. Image name: amdgpio2.sys
  189. Search : https://www.google.com/search?q=amdgpio2.sys
  190. ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
  191. Timestamp : Thu Feb 7 2019
  192. File version: 2.2.0.71
  193. Product version: 2.2.0.71
  194. File flags: 8 (Mask 3F) Private
  195. File OS: 40004 NT Win32
  196. File type: 3.7 Driver
  197. File date: 00000000.00000000
  198. CompanyName: Advanced Micro Devices, Inc
  199. ProductName: AMD GPIO Controller Driver
  200. InternalName: amdgpio2.sys
  201. OriginalFilename: amdgpio2.sys
  202. ProductVersion: 2.2.0.71
  203. FileVersion: 2.2.0.71
  204. FileDescription: AMD GPIO Controller Driver
  205. LegalCopyright: Copyright © 2012-2019 Advanced Micro Devices, Inc
  206.  
  207. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  208. Image name: nvvad64v.sys
  209. Search : https://www.google.com/search?q=nvvad64v.sys
  210. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  211. Timestamp : Thu Mar 14 2019
  212.  
  213. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  214. Image name: nvhda64v.sys
  215. Search : https://www.google.com/search?q=nvhda64v.sys
  216. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  217. Timestamp : Tue Mar 19 2019
  218.  
  219. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  220. Image name: nvlddmkm.sys
  221. Search : https://www.google.com/search?q=nvlddmkm.sys
  222. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  223. Timestamp : Wed Oct 2 2019
  224.  
  225. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  226. Image name: nvvhci.sys
  227. Search : https://www.google.com/search?q=nvvhci.sys
  228. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  229. Timestamp : Fri Jan 10 2020
  230.  
  231. ====================== Dump #1: MICROSOFT DRIVERS ======================
  232.  
  233. ACPI.sys ACPI Driver for NT (Microsoft)
  234. acpiex.sys ACPIEx Driver (Microsoft)
  235. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  236. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  237. ahcache.sys Application Compatibility Cache (Microsoft)
  238. amdppm.sys Processor Device Driver
  239. bam.sys BAM Kernal driver (Microsoft)
  240. BasicDisplay.sys Basic Display driver (Microsoft)
  241. BasicRender.sys Basic Render driver (Microsoft)
  242. Beep.SYS BEEP driver (Microsoft)
  243. bindflt.sys Windows Bind Filter driver (Microsoft)
  244. BOOTVID.dll VGA Boot Driver (Microsoft)
  245. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  246. cdd.dll Canonical Display Driver (Microsoft)
  247. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  248. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  249. CI.dll Code Integrity Module (Microsoft)
  250. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  251. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  252. CLFS.SYS Common Log File System Driver (Microsoft)
  253. clipsp.sys CLIP Service (Microsoft)
  254. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  255. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  256. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  257. condrv.sys Console Driver (Microsoft)
  258. crashdmp.sys Crash Dump driver (Microsoft)
  259. csc.sys Windows Client Side Caching driver (Microsoft)
  260. dfsc.sys DFS Namespace Client Driver (Microsoft)
  261. disk.sys PnP Disk Driver (Microsoft)
  262. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  263. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  264. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  265. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  266. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  267. dxgmms2.sys DirectX Graphics MMS
  268. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  269. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  270. fileinfo.sys FileInfo Filter Driver (Microsoft)
  271. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  272. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  273. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  274. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  275. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  276. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  277. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  278. HdAudio.sys High Definition Audio Function driver (Microsoft)
  279. HIDCLASS.SYS Hid Class Library (Microsoft)
  280. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  281. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  282. HTTP.sys HTTP Protocol Stack (Microsoft)
  283. intelpep.sys Intel Power Engine Plugin (Microsoft)
  284. iorate.sys I/O rate control Filter (Microsoft)
  285. kbdclass.sys Keyboard Class Driver (Microsoft)
  286. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  287. kd.dll Local Kernal Debugger (Microsoft)
  288. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  289. ks.sys Kernal CSA Library (Microsoft)
  290. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  291. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  292. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  293. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  294. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  295. mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
  296. mmcss.sys MMCSS Driver (Microsoft)
  297. monitor.sys Monitor Driver (Microsoft)
  298. mouclass.sys Mouse Class Driver (Microsoft)
  299. mouhid.sys HID Mouse Filter Driver (Microsoft)
  300. mountmgr.sys Mount Point Manager (Microsoft)
  301. MpKsl59f3df89.sys Microsoft Anti-malware Protection driver
  302. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  303. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  304. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  305. Msfs.SYS Mailslot driver (Microsoft)
  306. msgpioclx.sys GPIO Class Extension Driver (Microsoft)
  307. msisadrv.sys ISA Driver (Microsoft)
  308. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  309. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  310. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  311. mssmbios.sys System Management BIOS driver (Microsoft)
  312. mup.sys Multiple UNC Provider driver (Microsoft)
  313. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  314. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  315. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  316. netbios.sys NetBIOS Interface driver (Microsoft)
  317. netbt.sys MBT Transport driver (Microsoft)
  318. NETIO.SYS Network I/O Subsystem (Microsoft)
  319. Npfs.SYS NPFS driver (Microsoft)
  320. npsvctrig.sys Named pipe service triggers (Microsoft)
  321. nsiproxy.sys NSI Proxy driver (Microsoft)
  322. Ntfs.sys NT File System Driver (Microsoft)
  323. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  324. ntosext.sys NTOS Extension Host driver (Microsoft)
  325. Null.SYS NULL Driver (Microsoft)
  326. pacer.sys QoS Packet Scheduler (Microsoft)
  327. partmgr.sys Partition driver (Microsoft)
  328. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  329. pcw.sys Performance Counter Driver (Microsoft)
  330. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  331. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  332. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  333. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  334. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  335. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  336. rdyboost.sys ReadyBoost Driver (Microsoft)
  337. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  338. serenum.sys Serial Port Enumerator (Microsoft)
  339. serial.sys Serial Device Driver
  340. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  341. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  342. spaceport.sys Storage Spaces driver (Microsoft)
  343. srv2.sys Smb 2.0 Server driver (Microsoft)
  344. srvnet.sys Server Network driver (Microsoft)
  345. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  346. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  347. storqosflt.sys Storage QoS Filter driver (Microsoft)
  348. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  349. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  350. tcpip.sys TCP/IP Protocol driver (Microsoft)
  351. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  352. TDI.SYS TDI Wrapper driver (Microsoft)
  353. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  354. tm.sys Kernel Transaction Manager driver (Microsoft)
  355. ucx01000.sys USB Controller Extension (Microsoft)
  356. umbus.sys User-Mode Bus Enumerator (Microsoft)
  357. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  358. USBD.SYS Universal Serial Bus Driver (Microsoft)
  359. UsbHub3.sys USB3 HUB driver (Microsoft)
  360. USBXHCI.SYS USB XHCI driver (Microsoft)
  361. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  362. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  363. volmgr.sys Volume Manager Driver (Microsoft)
  364. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  365. volsnap.sys Volume Shadow Copy driver (Microsoft)
  366. volume.sys Volume driver (Microsoft)
  367. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  368. watchdog.sys Watchdog driver (Microsoft)
  369. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  370. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  371. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  372. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  373. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  374. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  375. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  376. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  377. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  378. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  379. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  380. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  381. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  382. winquic.sys QUIC Transport Protocol driver (Microsoft)
  383. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  384. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  385. Wof.sys Windows Overlay Filter (Microsoft)
  386. WppRecorder.sys WPP Trace Recorder (Microsoft)
  387.  
  388. ====================== Dump #1: UNLOADED MODULES =======================
  389.  
  390. fffff806`062f0000 fffff806`06309000 monitor.sys
  391. fffff806`04d50000 fffff806`062c6000 nvlddmkm.sys
  392. fffff806`062d0000 fffff806`062e9000 monitor.sys
  393. fffff806`04d30000 fffff806`04d49000 monitor.sys
  394. fffff806`04e80000 fffff806`063f6000 nvlddmkm.sys
  395. fffff806`04c00000 fffff806`04c19000 monitor.sys
  396. fffff806`00d10000 fffff806`00d29000 monitor.sys
  397. fffff806`095a0000 fffff806`095b9000 monitor.sys
  398. fffff806`08da0000 fffff806`08daf000 dump_storpor
  399. fffff806`08200000 fffff806`0822f000 dump_storahc
  400. fffff806`08250000 fffff806`0826e000 dump_dumpfve
  401. fffff806`08ac0000 fffff806`08ade000 dam.sys
  402. fffff806`06bd0000 fffff806`06be1000 WdBoot.sys
  403. fffff806`07bb0000 fffff806`07bc0000 hwpolicy.sys
  404.  
  405. ====================== Dump #1: BIOS INFORMATION =======================
  406.  
  407. sysinfo: could not find necessary interfaces.
  408. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  409.  
  410. ========================== Dump #1: Extra #1 ===========================
  411.  
  412. 6: kd> !verifier
  413. Verify Flags Level 0x00000000
  414. STANDARD FLAGS:
  415. [X] (0x00000000) Automatic Checks
  416. [ ] (0x00000001) Special pool
  417. [ ] (0x00000002) Force IRQL checking
  418. [ ] (0x00000008) Pool tracking
  419. [ ] (0x00000010) I/O verification
  420. [ ] (0x00000020) Deadlock detection
  421. [ ] (0x00000080) DMA checking
  422. [ ] (0x00000100) Security checks
  423. [ ] (0x00000800) Miscellaneous checks
  424. [ ] (0x00020000) DDI compliance checking
  425. ADDITIONAL FLAGS:
  426. [ ] (0x00000004) Randomized low resources simulation
  427. [ ] (0x00000200) Force pending I/O requests
  428. [ ] (0x00000400) IRP logging
  429. [ ] (0x00002000) Invariant MDL checking for stack
  430. [ ] (0x00004000) Invariant MDL checking for driver
  431. [ ] (0x00008000) Power framework delay fuzzing
  432. [ ] (0x00010000) Port/miniport interface checking
  433. [ ] (0x00040000) Systematic low resources simulation
  434. [ ] (0x00080000) DDI compliance checking (additional)
  435. [ ] (0x00200000) NDIS/WIFI verification
  436. [ ] (0x00800000) Kernel synchronization delay fuzzing
  437. [ ] (0x01000000) VM switch verification
  438. [ ] (0x02000000) Code integrity checks
  439. [X] Indicates flag is enabled
  440. Summary of All Verifier Statistics
  441. RaiseIrqls 0x0
  442. AcquireSpinLocks 0x0
  443. Synch Executions 0x0
  444. Trims 0x0
  445. Pool Allocations Attempted 0x0
  446. Pool Allocations Succeeded 0x0
  447. Pool Allocations Succeeded SpecialPool 0x0
  448. Pool Allocations With NO TAG 0x0
  449. Pool Allocations Failed 0x0
  450. Current paged pool allocations 0x0 for 00000000 bytes
  451. Peak paged pool allocations 0x0 for 00000000 bytes
  452. Current nonpaged pool allocations 0x0 for 00000000 bytes
  453. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  454.  
  455. ========================== Dump #1: Extra #2 ===========================
  456.  
  457. 6: kd> !thread
  458. THREAD ffffcd01031db340 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 6
  459. Not impersonating
  460. GetUlongFromAddress: unable to read from fffff80602e2ca14
  461. Owning Process fffff80602f8e9c0 Image: System Process
  462. Attached Process ffff848490262080 Image: System
  463. fffff78000000000: Unable to get shared data
  464. Wait Start TickCount 49816
  465. Context Switch Count 825879 IdealProcessor: 6
  466. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  467. UserTime 00:00:00.000
  468. KernelTime 00:00:00.000
  469. Win32 Start Address nt!KiIdleLoop (0xfffff80602bc4fa0)
  470. Stack Init fffff3818ce6fc90 Current fffff3818ce6fc20
  471. Base fffff3818ce70000 Limit fffff3818ce6a000 Call 0000000000000000
  472. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
  473. Child-SP RetAddr : Args to Child : Call Site
  474. fffff381`8ce6f7f8 fffff806`02bd32e9 : 00000000`0000000a ffff8584`902a3c50 00000000`000000ff 00000000`00000000 : nt!KeBugCheckEx
  475. fffff381`8ce6f800 fffff806`02bcf62b : 00000000`031ca100 00000001`cff595ad 00000001`00000002 ffff8484`9634f010 : nt!KiBugCheckDispatch+0x69
  476. fffff381`8ce6f940 fffff806`02bc4795 : 00000000`00000001 ffffcd01`031ca180 fffff381`8ce6fc00 00000000`00000001 : nt!KiPageFault+0x46b (TrapFrame @ fffff381`8ce6f940)
  477. fffff381`8ce6fad0 fffff806`02bc4fee : ffffffff`00000000 ffffcd01`031ca180 ffff8484`9793c080 00000000`00001298 : nt!KiIsrLinkage+0x2f4 (TrapFrame @ fffff381`8ce6fad0)
  478. fffff381`8ce6fc60 00000000`00000000 : fffff381`8ce70000 fffff381`8ce6a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x4e
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!