Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.91
- Time to analyze file(s): 00 hours and 03 minutes and 24 seconds
- ================================= BIOS =================================
- VENDOR: American Megatrends Inc.
- VERSION: P3.50
- DATE: 07/18/2019
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: ASRock
- PRODUCT: B450M Pro4
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 0MHz Unknown Unknown
- 8192MB 2133MHz Unknown F4-3000C16-8GVRB
- 0MHz Unknown Unknown
- 8192MB 2133MHz Unknown F4-3000C16-8GVRB
- ================================= CPU ==================================
- Processor Version: AMD Ryzen 5 2600 Six-Core Processor
- COUNT: c
- MHZ: 3394
- VENDOR: AuthenticAMD
- FAMILY: 17
- MODEL: 8
- STEPPING: 2
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 19041.1.amd64fre.vb_release.191206-1406
- BUILD_VERSION: 10.0.19041.388 (WinBuild.160101.0800)
- BUILD: 19041
- SERVICEPACK: 388
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS
- BUILD_TIMESTAMP: unknown_date
- BUILDDATESTAMP: 160101.0800
- BUILDLAB: WinBuild
- BUILDOSVER: 10.0.19041.388
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in a full BIOS section.
- ========================================================================
- ======================= Dump #1: ANALYZE VERBOSE =======================
- ======================= File: 072720-7531-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 19041 MP (12 procs) Free x64
- Kernel base = 0xfffff801`0b800000 PsLoadedModuleList = 0xfffff801`0c42a310
- Debug session time: Mon Jul 27 14:53:13.755 2020 (UTC - 4:00)
- System Uptime: 0 days 0:34:45.390
- BugCheck 1A, {61941, 1ee1ec33898, d, fffffc8a7d27db00}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- MEMORY_MANAGEMENT (1a)
- # Any other values for parameter 1 must be individually examined.
- Arguments:
- Arg1: 0000000000061941, The subtype of the bugcheck.
- Arg2: 000001ee1ec33898
- Arg3: 000000000000000d
- Arg4: fffffc8a7d27db00
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: 0x1a_61941
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: firefox.exe
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff8010bc020a6 to fffff8010bbddb60
- STACK_TEXT:
- fffffc8a`7d27d958 fffff801`0bc020a6 : 00000000`0000001a 00000000`00061941 000001ee`1ec33898 00000000`0000000d : nt!KeBugCheckEx
- fffffc8a`7d27d960 fffff801`0bbebc1e : 000001ee`13e27001 ffff890f`e81e0080 00000000`00000000 ffff890f`e80ba080 : nt!MmAccessFault+0x1ef7a6
- fffffc8a`7d27db00 00007ff9`12d07e93 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x35e
- 00000093`865f60e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`12d07e93
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
- fffff39d2b02b164-fffff39d2b02b165 2 bytes - win32kbase!UserSessionSwitchLeaveCrit+94
- [ 48 ff:4c 8b ]
- fffff39d2b02b16b-fffff39d2b02b16e 4 bytes - win32kbase!UserSessionSwitchLeaveCrit+9b (+0x07)
- [ 0f 1f 44 00:e8 b0 a2 2b ]
- 6 errors : !win32kbase (fffff39d2b02b164-fffff39d2b02b16e)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-27T18:53:13.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #1: 3RD PARTY DRIVERS ======================
- Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Jun 05 2017 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
- Apr 12 2018 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
- Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
- Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
- Mar 08 2019 - dokan1.sys - Dokan Project driver (ISLOG)
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- May 24 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Sep 29 2019 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
- Jan 30 2020 - tapmullvad0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project)
- Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
- Image name: lvrs64.sys
- Search : https://www.google.com/search?q=lvrs64.sys
- ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
- Image name: lvuvc64.sys
- Search : https://www.google.com/search?q=lvuvc64.sys
- ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\System32\drivers\amdgpio3.sys
- Image name: amdgpio3.sys
- Search : https://www.google.com/search?q=amdgpio3.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Mon Mar 14 2016
- Image path: \SystemRoot\system32\DRIVERS\amdpsp.sys
- Image name: amdpsp.sys
- Search : https://www.google.com/search?q=amdpsp.sys
- ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
- Timestamp : Mon Jun 5 2017
- Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
- Image name: AMDPCIDev.sys
- Search : https://www.google.com/search?q=AMDPCIDev.sys
- ADA Info : Advanced Micro Devices PCI Device driver
- Timestamp : Thu Apr 12 2018
- Image path: \??\C:\ProgramData\LGHUB\depots\57944\driver_cpu_temperature\logi_core_temp.sys
- Image name: logi_core_temp.sys
- Search : https://www.google.com/search?q=logi_core_temp.sys
- ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Timestamp : Fri Nov 16 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
- Image name: logi_joy_bus_enum.sys
- Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
- Image name: logi_joy_xlcore.sys
- Search : https://www.google.com/search?q=logi_joy_xlcore.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\DRIVERS\dokan1.sys
- Image name: dokan1.sys
- Search : https://www.google.com/search?q=dokan1.sys
- ADA Info : Dokan Project driver (ISLOG)
- Timestamp : Fri Mar 8 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5CE7AF86ad000\rt640x64.sys
- Image path: \SystemRoot\System32\drivers\rt640x64.sys
- Image name: rt640x64.sys
- Search : https://www.google.com/search?q=rt640x64.sys
- ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Timestamp : Fri May 24 2019
- File version: 9.1.410.2015
- Product version: 9.1.410.2015
- File flags: 8 (Mask 3F) Private
- File OS: 40004 NT Win32
- File type: 3.6 Driver
- File date: 00000000.00000000
- CompanyName: Realtek
- ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
- InternalName: rt640x64.sys
- OriginalFilename: rt640x64.sys
- ProductVersion: 9.001.0410.2015
- FileVersion: 9.001.0410.2015
- FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
- LegalCopyright: Copyright (C) 2019 Realtek Semiconductor Corporation. All Right Reserved.
- Image path: \SystemRoot\System32\drivers\amdgpio2.sys
- Image name: amdgpio2.sys
- Search : https://www.google.com/search?q=amdgpio2.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Sun Sep 29 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
- Image name: UcmCxUcsiNvppc.sys
- Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
- ADA Info : NVIDIA USB Type-C Port Policy Controller driver
- Timestamp : Sun Jan 26 2020
- Image path: \SystemRoot\System32\drivers\tapmullvad0901.sys
- Image name: tapmullvad0901.sys
- Search : https://www.google.com/search?q=tapmullvad0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project)
- Timestamp : Thu Jan 30 2020
- Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
- Image name: logi_joy_vir_hid.sys
- Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Mon Apr 20 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- ====================== Dump #1: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- amdppm.sys Processor Device Driver
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dc1-controller.sys KMDF driver for DC1 Controller
- DevAuthE.sys Xbox Device Authentication Driver
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gameflt.sys Gaming Install Filter driver (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- i8042prt.sys i8042 Keyboard / PS/2 Mouse driver (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- IntelTA.sys Intel Telemetry Driver
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msgpioclx.sys GPIO Class Extension Driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msquic.sys Windows QUIC Driver
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- UcmCx.sys USB Connector Manager KMDF Class Extension
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbaudio.sys USB Audio Class Driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- xboxgip.sys Game Input Protocol Driver
- xinputhid.sys XINPUT filter driver for HID
- xvdd.sys XVD Disk driver (Microsoft)
- ====================== Dump #1: UNLOADED MODULES =======================
- fffff801`12270000 fffff801`12281000 MSKSSRV.sys
- fffff801`11770000 fffff801`1177f000 dump_storpor
- fffff801`117c0000 fffff801`117f3000 dump_storahc
- fffff801`10a20000 fffff801`10a3e000 dump_dumpfve
- fffff801`11440000 fffff801`1145c000 dam.sys
- fffff801`0f400000 fffff801`0f411000 WdBoot.sys
- fffff801`0f3f0000 fffff801`0f3f9000 MbamElam.sys
- fffff801`10480000 fffff801`10490000 hwpolicy.sys
- ====================== Dump #1: BIOS INFORMATION =======================
- [SMBIOS Data Tables v3.2]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 1763 bytes]
- [BIOS Information (Type 0) - Length 26 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version P3.50
- BIOS Starting Address Segment f000
- BIOS Release Date 07/18/2019
- BIOS ROM Size 1000000
- BIOS Characteristics
- 07: - PCI Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 5
- BIOS Minor Revision 14
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASRock
- Product B450M Pro4
- Version
- Feature Flags 09h
- 810202848: - 810202896: - «?uþ
- Location
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 3
- [OEM Strings (Type 11) - Length 5 - Handle 0008h]
- Number of Strings 1
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 000bh]
- [Physical Memory Array (Type 16) - Length 23 - Handle 000ch]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 134217728KB
- Memory Error Inf Handle 000bh
- Number of Memory Devices 4
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 000dh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 000ch
- Partition Width 02
- [Cache Information (Type 7) - Length 27 - Handle 000eh]
- Socket Designation L1 - Cache
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0240h - 576K
- Installed Size 0240h - 576K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 000fh]
- Socket Designation L2 - Cache
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0c00h - 3072K
- Installed Size 0c00h - 3072K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 0010h]
- Socket Designation L3 - Cache
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 4000h - 16384K
- Installed Size 4000h - 16384K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- [Processor Information (Type 4) - Length 48 - Handle 0011h]
- Socket Designation AM4
- Processor Type Central Processor
- Processor Family 6bh - Specification Reserved
- Processor Manufacturer Advanced Micro Devices, Inc.
- Processor ID 820f8000fffb8b17
- Processor Version AMD Ryzen 5 2600 Six-Core Processor
- Processor Voltage 8bh - 1.1V
- External Clock 100MHz
- Max Speed 3900MHz
- Current Speed 3400MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 000eh
- L2 Cache Handle 000fh
- L3 Cache Handle 0010h
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0012h]
- [Memory Device (Type 17) - Length 84 - Handle 0013h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0012h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL A
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0014h]
- [Memory Device (Type 17) - Length 84 - Handle 0015h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0014h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL A
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0016h]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 0015h
- Mem Array Mapped Adr Handle 000dh
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0017h]
- [Memory Device (Type 17) - Length 84 - Handle 0018h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0017h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL B
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0019h]
- [Memory Device (Type 17) - Length 84 - Handle 001ah]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0019h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL B
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 001ah
- Mem Array Mapped Adr Handle 000dh
- ========================== Dump #1: Extra #1 ===========================
- 4: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #1: Extra #2 ===========================
- 4: kd> !thread
- THREAD ffff890fe80ba080 Cid 1804.2638 Teb: 0000009385c14000 Win32Thread: ffff890fe8e5d5e0 RUNNING on processor 4
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8010c41143c
- Owning Process ffff890fe6d1d080 Image: firefox.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 133464
- Context Switch Count 960331 IdealProcessor: 2
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ff7e7888ea0
- Stack Init fffffc8a7d27dc90 Current fffffc8a7d27d310
- Base fffffc8a7d27e000 Limit fffffc8a7d278000 Call 0000000000000000
- Priority 12 BasePriority 8 PriorityDecrement 2 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- fffffc8a`7d27d958 fffff801`0bc020a6 : 00000000`0000001a 00000000`00061941 000001ee`1ec33898 00000000`0000000d : nt!KeBugCheckEx
- fffffc8a`7d27d960 fffff801`0bbebc1e : 000001ee`13e27001 ffff890f`e81e0080 00000000`00000000 ffff890f`e80ba080 : nt!MmAccessFault+0x1ef7a6
- fffffc8a`7d27db00 00007ff9`12d07e93 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x35e (TrapFrame @ fffffc8a`7d27db00)
- 00000093`865f60e0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`12d07e93
- ========================================================================
- ======================= Dump #2: ANALYZE VERBOSE =======================
- ======================= File: 072720-7265-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 19041 MP (12 procs) Free x64
- Kernel base = 0xfffff802`3b800000 PsLoadedModuleList = 0xfffff802`3c42a310
- Debug session time: Mon Jul 27 14:58:46.541 2020 (UTC - 4:00)
- System Uptime: 0 days 0:05:02.175
- BugCheck 50, {ffffb43fcd347d58, 0, fffff8023c0e926e, 2}
- Could not read faulting driver name
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- PAGE_FAULT_IN_NONPAGED_AREA (50)
- Invalid system memory was referenced. This cannot be protected by try-except.
- Typically the address is just plain bad or it is pointing at freed memory.
- Arguments:
- Arg1: ffffb43fcd347d58, memory referenced.
- Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
- Arg3: fffff8023c0e926e, If non-zero, the instruction address which referenced the bad memory
- address.
- Arg4: 0000000000000002, (reserved)
- Debugging Details:
- Could not read faulting driver name
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff8023c4fa388: Unable to get MiVisibleState
- ffffb43fcd347d58
- FAULTING_IP:
- nt!ObpCaptureHandleInformation+8e
- fffff802`3c0e926e 410fb64118 movzx eax,byte ptr [r9+18h]
- MM_INTERNAL_CODE: 2
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: AV
- PROCESS_NAME: steam.exe
- CURRENT_IRQL: 0
- TRAP_FRAME: ffffc80063595150 -- (.trap 0xffffc80063595150)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=00ffffb43fcd347d rbx=0000000000000000 rcx=000000000000007d
- rdx=ffffb43fcd347d70 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8023c0e926e rsp=ffffc800635952e8 rbp=ffff9e82d5547b40
- r8=0000000000000000 r9=ffffb43fcd347d40 r10=00000000000ed020
- r11=ffffc80063595330 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl nz ac po nc
- nt!ObpCaptureHandleInformation+0x8e:
- fffff802`3c0e926e 410fb64118 movzx eax,byte ptr [r9+18h] ds:ffffb43f`cd347d58=??
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff8023bc35d15 to fffff8023bbddb60
- STACK_TEXT:
- ffffc800`63594ea8 fffff802`3bc35d15 : 00000000`00000050 ffffb43f`cd347d58 00000000`00000000 ffffc800`63595150 : nt!KeBugCheckEx
- ffffc800`63594eb0 fffff802`3ba12d00 : 00000000`00000000 00000000`00000000 ffffc800`635951d0 00000000`00000000 : nt!MiSystemFault+0x1ad5c5
- ffffc800`63594fb0 fffff802`3bbebc1e : ffff9e82`d4fff6d0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0x400
- ffffc800`63595150 fffff802`3c0e926e : fffff802`3c159011 00000000`00000780 00000000`00000000 ffffb48f`00000000 : nt!KiPageFault+0x35e
- ffffc800`635952e8 fffff802`3c159011 : 00000000`00000780 00000000`00000000 ffffb48f`00000000 fffff802`3baca812 : nt!ObpCaptureHandleInformation+0x8e
- ffffc800`635952f0 fffff802`3c0e9165 : fffff802`3c0e91e0 ffff9e82`d5547b58 00000000`0017fffc ffffc800`63595434 : nt!ExpSnapShotHandleTables+0x131
- ffffc800`63595380 fffff802`3c1567a1 : ffffc800`63595434 00000000`000ed020 00000000`0017fffc 00000000`00000000 : nt!ObGetHandleInformation+0x39
- ffffc800`635953c0 fffff802`3bfe32aa : 00000000`010fd050 00000000`00020000 ffffde80`ba200050 ffffb48f`cd55e010 : nt!ExpGetHandleInformation+0x5d
- ffffc800`63595400 fffff802`3bdfb6a7 : 00000000`00000002 00000000`00018002 00000000`00000001 00000000`00180010 : nt!ExpQuerySystemInformation+0x1e7aba
- ffffc800`63595ac0 fffff802`3bbef478 : ffffb48f`cdae0000 00000000`00000000 ffffc800`63595b80 ffffffff`ff676980 : nt!NtQuerySystemInformation+0x37
- ffffc800`63595b00 00007ff9`abceb454 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
- 00000000`0af4e5f8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`abceb454
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff8023ba13655-fffff8023ba1365a 6 bytes - nt!MiUserFault+675
- [ 68 df be 7d fb f6:10 2f 5e bc 78 f1 ]
- fffff8023ba13679-fffff8023ba1367d 5 bytes - nt!MiUserFault+699 (+0x24)
- [ d0 be 7d fb f6:20 5e bc 78 f1 ]
- fffff8023ba13694-fffff8023ba13698 5 bytes - nt!MiUserFault+6b4 (+0x1b)
- [ d7 be 7d fb f6:27 5e bc 78 f1 ]
- fffff8023ba156f9-fffff8023ba156fd 5 bytes - nt!MiResolvePrivateZeroFault+1f9 (+0x2065)
- [ d0 be 7d fb f6:20 5e bc 78 f1 ]
- fffff8023ba15771-fffff8023ba15775 5 bytes - nt!MiResolvePrivateZeroFault+271 (+0x78)
- [ d7 be 7d fb f6:27 5e bc 78 f1 ]
- fffff8023babbbad-fffff8023babbbae 2 bytes - nt!MiFlushTbAsNeeded+16d (+0xa643c)
- [ 80 f6:00 f1 ]
- fffff8023babbbfc-fffff8023babbbfd 2 bytes - nt!MiFlushTbAsNeeded+1bc (+0x4f)
- [ 80 f6:00 f1 ]
- fffff8023bb84f3e-fffff8023bb84f41 4 bytes - nt!MiFreeUltraMapping+32 (+0xc9342)
- [ a0 7d fb f6:40 bc 78 f1 ]
- fffff8023bbdf6d8-fffff8023bbdf6d9 2 bytes - nt!KiInterruptDispatch+b8 (+0x5a79a)
- [ 48 ff:4c 8b ]
- fffff8023bbdf6df-fffff8023bbdf6e2 4 bytes - nt!KiInterruptDispatch+bf (+0x07)
- [ 0f 1f 44 00:e8 3c 5d 64 ]
- fffff8023bc35dc9-fffff8023bc35dca 2 bytes - nt!MiSystemFault+1ad679 (+0x566ea)
- [ 80 f6:00 f1 ]
- fffff8023bc35ddf-fffff8023bc35de0 2 bytes - nt!MiSystemFault+1ad68f (+0x16)
- [ ff f6:7f f1 ]
- fffff8023bdfb6d5-fffff8023bdfb6d9 5 bytes - nt!NtQuerySystemInformation+65
- [ ff e2 cc cc cc:e8 06 9a 42 00 ]
- 49 errors : !nt (fffff8023ba13655-fffff8023bdfb6d9)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-27T18:58:46.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #2: 3RD PARTY DRIVERS ======================
- Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Jun 05 2017 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
- Apr 12 2018 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
- Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
- Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
- Mar 08 2019 - dokan1.sys - Dokan Project driver (ISLOG)
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- May 24 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Sep 29 2019 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
- Jan 30 2020 - tapmullvad0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project)
- Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
- Image name: lvrs64.sys
- Search : https://www.google.com/search?q=lvrs64.sys
- ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
- Image name: lvuvc64.sys
- Search : https://www.google.com/search?q=lvuvc64.sys
- ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\System32\drivers\amdgpio3.sys
- Image name: amdgpio3.sys
- Search : https://www.google.com/search?q=amdgpio3.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Mon Mar 14 2016
- Image path: \SystemRoot\system32\DRIVERS\amdpsp.sys
- Image name: amdpsp.sys
- Search : https://www.google.com/search?q=amdpsp.sys
- ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
- Timestamp : Mon Jun 5 2017
- Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
- Image name: AMDPCIDev.sys
- Search : https://www.google.com/search?q=AMDPCIDev.sys
- ADA Info : Advanced Micro Devices PCI Device driver
- Timestamp : Thu Apr 12 2018
- Image path: \??\C:\ProgramData\LGHUB\depots\57944\driver_cpu_temperature\logi_core_temp.sys
- Image name: logi_core_temp.sys
- Search : https://www.google.com/search?q=logi_core_temp.sys
- ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Timestamp : Fri Nov 16 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
- Image name: logi_joy_bus_enum.sys
- Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
- Image name: logi_joy_xlcore.sys
- Search : https://www.google.com/search?q=logi_joy_xlcore.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\DRIVERS\dokan1.sys
- Image name: dokan1.sys
- Search : https://www.google.com/search?q=dokan1.sys
- ADA Info : Dokan Project driver (ISLOG)
- Timestamp : Fri Mar 8 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5CE7AF86ad000\rt640x64.sys
- Image path: \SystemRoot\System32\drivers\rt640x64.sys
- Image name: rt640x64.sys
- Search : https://www.google.com/search?q=rt640x64.sys
- ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Timestamp : Fri May 24 2019
- File version: 9.1.410.2015
- Product version: 9.1.410.2015
- File flags: 8 (Mask 3F) Private
- File OS: 40004 NT Win32
- File type: 3.6 Driver
- File date: 00000000.00000000
- CompanyName: Realtek
- ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
- InternalName: rt640x64.sys
- OriginalFilename: rt640x64.sys
- ProductVersion: 9.001.0410.2015
- FileVersion: 9.001.0410.2015
- FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
- LegalCopyright: Copyright (C) 2019 Realtek Semiconductor Corporation. All Right Reserved.
- Image path: \SystemRoot\System32\drivers\amdgpio2.sys
- Image name: amdgpio2.sys
- Search : https://www.google.com/search?q=amdgpio2.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Sun Sep 29 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
- Image name: UcmCxUcsiNvppc.sys
- Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
- ADA Info : NVIDIA USB Type-C Port Policy Controller driver
- Timestamp : Sun Jan 26 2020
- Image path: \SystemRoot\System32\drivers\tapmullvad0901.sys
- Image name: tapmullvad0901.sys
- Search : https://www.google.com/search?q=tapmullvad0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project)
- Timestamp : Thu Jan 30 2020
- Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
- Image name: logi_joy_vir_hid.sys
- Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Mon Apr 20 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- ====================== Dump #2: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- amdppm.sys Processor Device Driver
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dc1-controller.sys KMDF driver for DC1 Controller
- DevAuthE.sys Xbox Device Authentication Driver
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gameflt.sys Gaming Install Filter driver (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- i8042prt.sys i8042 Keyboard / PS/2 Mouse driver (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- IntelTA.sys Intel Telemetry Driver
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msgpioclx.sys GPIO Class Extension Driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msquic.sys Windows QUIC Driver
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- UcmCx.sys USB Connector Manager KMDF Class Extension
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbaudio.sys USB Audio Class Driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- xboxgip.sys Game Input Protocol Driver
- xinputhid.sys XINPUT filter driver for HID
- xvdd.sys XVD Disk driver (Microsoft)
- ====================== Dump #2: UNLOADED MODULES =======================
- fffff802`83980000 fffff802`83991000 MSKSSRV.sys
- fffff802`3ea00000 fffff802`3ea0f000 dump_storpor
- fffff802`3ea50000 fffff802`3ea83000 dump_storahc
- fffff802`3eab0000 fffff802`3eace000 dump_dumpfve
- fffff802`3f4d0000 fffff802`3f4ec000 dam.sys
- fffff802`3d400000 fffff802`3d411000 WdBoot.sys
- fffff802`3d3f0000 fffff802`3d3f9000 MbamElam.sys
- fffff802`3e480000 fffff802`3e490000 hwpolicy.sys
- ====================== Dump #2: BIOS INFORMATION =======================
- [SMBIOS Data Tables v3.2]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 1763 bytes]
- [BIOS Information (Type 0) - Length 26 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version P3.50
- BIOS Starting Address Segment f000
- BIOS Release Date 07/18/2019
- BIOS ROM Size 1000000
- BIOS Characteristics
- 07: - PCI Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 5
- BIOS Minor Revision 14
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASRock
- Product B450M Pro4
- Version
- Feature Flags 09h
- 855422688: - 855422736: - «?uþ
- Location
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 3
- [OEM Strings (Type 11) - Length 5 - Handle 0008h]
- Number of Strings 1
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 000bh]
- [Physical Memory Array (Type 16) - Length 23 - Handle 000ch]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 134217728KB
- Memory Error Inf Handle 000bh
- Number of Memory Devices 4
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 000dh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 000ch
- Partition Width 02
- [Cache Information (Type 7) - Length 27 - Handle 000eh]
- Socket Designation L1 - Cache
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0240h - 576K
- Installed Size 0240h - 576K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 000fh]
- Socket Designation L2 - Cache
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0c00h - 3072K
- Installed Size 0c00h - 3072K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 0010h]
- Socket Designation L3 - Cache
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 4000h - 16384K
- Installed Size 4000h - 16384K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- [Processor Information (Type 4) - Length 48 - Handle 0011h]
- Socket Designation AM4
- Processor Type Central Processor
- Processor Family 6bh - Specification Reserved
- Processor Manufacturer Advanced Micro Devices, Inc.
- Processor ID 820f8000fffb8b17
- Processor Version AMD Ryzen 5 2600 Six-Core Processor
- Processor Voltage 8bh - 1.1V
- External Clock 100MHz
- Max Speed 3900MHz
- Current Speed 3400MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 000eh
- L2 Cache Handle 000fh
- L3 Cache Handle 0010h
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0012h]
- [Memory Device (Type 17) - Length 84 - Handle 0013h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0012h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL A
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0014h]
- [Memory Device (Type 17) - Length 84 - Handle 0015h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0014h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL A
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0016h]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 0015h
- Mem Array Mapped Adr Handle 000dh
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0017h]
- [Memory Device (Type 17) - Length 84 - Handle 0018h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0017h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL B
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0019h]
- [Memory Device (Type 17) - Length 84 - Handle 001ah]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0019h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL B
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 001ah
- Mem Array Mapped Adr Handle 000dh
- ========================== Dump #2: Extra #1 ===========================
- 3: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #2: Extra #2 ===========================
- 3: kd> !thread
- THREAD ffffb48fcdaec080 Cid 2638.37ac Teb: 0000000000bc7000 Win32Thread: ffffb48fcdabf7b0 RUNNING on processor 3
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8023c41143c
- Owning Process ffffb48fcb4de2c0 Image: steam.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 19274
- Context Switch Count 340 IdealProcessor: 3
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x000000006c01e5e0
- Stack Init ffffc80063595c90 Current ffffc800635956a0
- Base ffffc80063596000 Limit ffffc80063590000 Call 0000000000000000
- Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffc800`63594ea8 fffff802`3bc35d15 : 00000000`00000050 ffffb43f`cd347d58 00000000`00000000 ffffc800`63595150 : nt!KeBugCheckEx
- ffffc800`63594eb0 fffff802`3ba12d00 : 00000000`00000000 00000000`00000000 ffffc800`635951d0 00000000`00000000 : nt!MiSystemFault+0x1ad5c5
- ffffc800`63594fb0 fffff802`3bbebc1e : ffff9e82`d4fff6d0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmAccessFault+0x400
- ffffc800`63595150 fffff802`3c0e926e : fffff802`3c159011 00000000`00000780 00000000`00000000 ffffb48f`00000000 : nt!KiPageFault+0x35e (TrapFrame @ ffffc800`63595150)
- ffffc800`635952e8 fffff802`3c159011 : 00000000`00000780 00000000`00000000 ffffb48f`00000000 fffff802`3baca812 : nt!ObpCaptureHandleInformation+0x8e
- ffffc800`635952f0 fffff802`3c0e9165 : fffff802`3c0e91e0 ffff9e82`d5547b58 00000000`0017fffc ffffc800`63595434 : nt!ExpSnapShotHandleTables+0x131
- ffffc800`63595380 fffff802`3c1567a1 : ffffc800`63595434 00000000`000ed020 00000000`0017fffc 00000000`00000000 : nt!ObGetHandleInformation+0x39
- ffffc800`635953c0 fffff802`3bfe32aa : 00000000`010fd050 00000000`00020000 ffffde80`ba200050 ffffb48f`cd55e010 : nt!ExpGetHandleInformation+0x5d
- ffffc800`63595400 fffff802`3bdfb6a7 : 00000000`00000002 00000000`00018002 00000000`00000001 00000000`00180010 : nt!ExpQuerySystemInformation+0x1e7aba
- ffffc800`63595ac0 fffff802`3bbef478 : ffffb48f`cdae0000 00000000`00000000 ffffc800`63595b80 ffffffff`ff676980 : nt!NtQuerySystemInformation+0x37
- ffffc800`63595b00 00007ff9`abceb454 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28 (TrapFrame @ ffffc800`63595b00)
- 00000000`0af4e5f8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`abceb454
- ========================================================================
- ======================= Dump #3: ANALYZE VERBOSE =======================
- ======================= File: 072720-6890-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 19041 MP (12 procs) Free x64
- Kernel base = 0xfffff803`1bc00000 PsLoadedModuleList = 0xfffff803`1c82a310
- Debug session time: Mon Jul 27 14:17:54.047 2020 (UTC - 4:00)
- System Uptime: 2 days 2:07:55.754
- BugCheck 3B, {c0000005, fffff8031bfef5d7, ffffc48050ca8920, 0}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff8031bfef5d7, Address of the instruction which caused the bugcheck
- Arg3: ffffc48050ca8920, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- nt!KiSystemServiceExit+157
- fffff803`1bfef5d7 0fae55ac ldmxcsr dword ptr [rbp-54h]
- CONTEXT: ffffc48050ca8920 -- (.cxr 0xffffc48050ca8920)
- rax=0000000000000101 rbx=0000000000000000 rcx=ffffdb05521a3080
- rdx=0000000000000000 rsi=0000000000000000 rdi=000001e876a20f28
- rip=fffff8031bfef5d7 rsp=ffffc301897c4b00 rbp=ffffc301897c4b80
- r8=0000000000000001 r9=00000000000000eb r10=0000000000000000
- r11=ffffdb05521a3080 r12=0000004dedb0f1f0 r13=0000000000000000
- r14=0000004dedb0f178 r15=000001e876a20f60
- iopl=0 nv up di pl zr na po nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050046
- nt!KiSystemServiceExit+0x157:
- fffff803`1bfef5d7 0fae55ac ldmxcsr dword ptr [rbp-54h] ss:0018:ffffc301`897c4b2c=00001fa0
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: firefox.exe
- CURRENT_IRQL: 0
- BAD_STACK_POINTER: ffffc48050ca8018
- LAST_CONTROL_TRANSFER: from 00007ff87b26e784 to fffff8031bfef5d7
- STACK_TEXT:
- ffffc301`897c4b00 00007ff8`7b26e784 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x157
- 0000004d`edb0f148 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`7b26e784
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff8031bf84f3e-fffff8031bf84f41 4 bytes - nt!MiFreeUltraMapping+32
- [ a0 7d fb f6:80 2f 5f be ]
- fffff8031bfeef61-fffff8031bfeef65 5 bytes - nt!KiServiceInternal+61 (+0x6a023)
- [ 41 ff e3 cc cc:e8 9a 62 63 00 ]
- fffff8031bfef3da-fffff8031bfef3de 5 bytes - nt!KiSystemServiceGdiTebAccess+93 (+0x479)
- [ 41 ff e3 cc cc:e8 21 5e 63 00 ]
- fffff8031bfef473-fffff8031bfef476 4 bytes - nt!KiSystemServiceCopyEnd+23 (+0x99)
- [ ff d0 0f 1f:e8 68 5e 63 ]
- fffff8031bfef951-fffff8031bfef954 4 bytes - nt!KiSystemServiceExitPico+25c (+0x4de)
- [ ff d0 0f 1f:e8 8a 59 63 ]
- fffff8031bfef9ac-fffff8031bfef9af 4 bytes - nt!KiSystemServiceExitPico+2b7 (+0x5b)
- [ ff d0 0f 1f:e8 2f 59 63 ]
- 26 errors : !nt (fffff8031bf84f3e-fffff8031bfef9af)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- STACK_COMMAND: .cxr 0xffffc48050ca8920 ; kb
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-27T18:17:54.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #3: 3RD PARTY DRIVERS ======================
- Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Jun 05 2017 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
- Apr 12 2018 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
- Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
- Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
- Mar 08 2019 - dokan1.sys - Dokan Project driver (ISLOG)
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- May 24 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Sep 29 2019 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
- Jan 30 2020 - tapmullvad0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project)
- Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
- Image name: lvrs64.sys
- Search : https://www.google.com/search?q=lvrs64.sys
- ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
- Image name: lvuvc64.sys
- Search : https://www.google.com/search?q=lvuvc64.sys
- ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\System32\drivers\amdgpio3.sys
- Image name: amdgpio3.sys
- Search : https://www.google.com/search?q=amdgpio3.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Mon Mar 14 2016
- Image path: \SystemRoot\system32\DRIVERS\amdpsp.sys
- Image name: amdpsp.sys
- Search : https://www.google.com/search?q=amdpsp.sys
- ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
- Timestamp : Mon Jun 5 2017
- Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
- Image name: AMDPCIDev.sys
- Search : https://www.google.com/search?q=AMDPCIDev.sys
- ADA Info : Advanced Micro Devices PCI Device driver
- Timestamp : Thu Apr 12 2018
- Image path: \??\C:\ProgramData\LGHUB\depots\57944\driver_cpu_temperature\logi_core_temp.sys
- Image name: logi_core_temp.sys
- Search : https://www.google.com/search?q=logi_core_temp.sys
- ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Timestamp : Fri Nov 16 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
- Image name: logi_joy_bus_enum.sys
- Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
- Image name: logi_joy_xlcore.sys
- Search : https://www.google.com/search?q=logi_joy_xlcore.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\DRIVERS\dokan1.sys
- Image name: dokan1.sys
- Search : https://www.google.com/search?q=dokan1.sys
- ADA Info : Dokan Project driver (ISLOG)
- Timestamp : Fri Mar 8 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5CE7AF86ad000\rt640x64.sys
- Image path: \SystemRoot\System32\drivers\rt640x64.sys
- Image name: rt640x64.sys
- Search : https://www.google.com/search?q=rt640x64.sys
- ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Timestamp : Fri May 24 2019
- File version: 9.1.410.2015
- Product version: 9.1.410.2015
- File flags: 8 (Mask 3F) Private
- File OS: 40004 NT Win32
- File type: 3.6 Driver
- File date: 00000000.00000000
- CompanyName: Realtek
- ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
- InternalName: rt640x64.sys
- OriginalFilename: rt640x64.sys
- ProductVersion: 9.001.0410.2015
- FileVersion: 9.001.0410.2015
- FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
- LegalCopyright: Copyright (C) 2019 Realtek Semiconductor Corporation. All Right Reserved.
- Image path: \SystemRoot\System32\drivers\amdgpio2.sys
- Image name: amdgpio2.sys
- Search : https://www.google.com/search?q=amdgpio2.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Sun Sep 29 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
- Image name: UcmCxUcsiNvppc.sys
- Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
- ADA Info : NVIDIA USB Type-C Port Policy Controller driver
- Timestamp : Sun Jan 26 2020
- Image path: \SystemRoot\System32\drivers\tapmullvad0901.sys
- Image name: tapmullvad0901.sys
- Search : https://www.google.com/search?q=tapmullvad0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project)
- Timestamp : Thu Jan 30 2020
- Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
- Image name: logi_joy_vir_hid.sys
- Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Mon Apr 20 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- ====================== Dump #3: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- amdppm.sys Processor Device Driver
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dc1-controller.sys KMDF driver for DC1 Controller
- DevAuthE.sys Xbox Device Authentication Driver
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- fastfat.SYS Fast FAT File System Driver (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gameflt.sys Gaming Install Filter driver (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- i8042prt.sys i8042 Keyboard / PS/2 Mouse driver (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- IntelTA.sys Intel Telemetry Driver
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msgpioclx.sys GPIO Class Extension Driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msquic.sys Windows QUIC Driver
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- qwavedrv.sys Quality Windows Audio Video Experience (qWave) Support driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- UcmCx.sys USB Connector Manager KMDF Class Extension
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbaudio.sys USB Audio Class Driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- xboxgip.sys Game Input Protocol Driver
- xinputhid.sys XINPUT filter driver for HID
- xvdd.sys XVD Disk driver (Microsoft)
- ====================== Dump #3: UNLOADED MODULES =======================
- fffff803`67860000 fffff803`67871000 MSKSSRV.sys
- fffff803`678e0000 fffff803`678f1000 MpKslDrv.sys
- fffff803`67840000 fffff803`67851000 MSKSSRV.sys
- fffff803`19d30000 fffff803`19d44000 xinputhid.sy
- fffff803`677b0000 fffff803`677bf000 hiber_storpo
- fffff803`677c0000 fffff803`677f3000 hiber_storah
- fffff803`67800000 fffff803`6781e000 hiber_dumpfv
- fffff803`67600000 fffff803`677a3000 EasyAntiChea
- fffff803`67600000 fffff803`677a3000 EasyAntiChea
- fffff803`67730000 fffff803`678d3000 EasyAntiChea
- fffff803`19cf0000 fffff803`19d01000 MpKslDrv.sys
- fffff803`19b80000 fffff803`19b91000 MSKSSRV.sys
- fffff803`19f70000 fffff803`19f81000 MSKSSRV.sys
- fffff803`19d30000 fffff803`19d44000 xinputhid.sy
- fffff803`19f70000 fffff803`19f7f000 hiber_storpo
- fffff803`19c80000 fffff803`19cb3000 hiber_storah
- fffff803`19cc0000 fffff803`19cde000 hiber_dumpfv
- fffff803`1b590000 fffff803`1b733000 EasyAntiChea
- fffff803`19f60000 fffff803`19f86000 USBSTOR.SYS
- fffff803`19ce0000 fffff803`19cef000 WpdUpFltr.sy
- fffff803`19c80000 fffff803`19cd5000 WUDFRd.sys
- fffff803`207d0000 fffff803`207ed000 EhStorClass.
- fffff803`19cf0000 fffff803`19d07000 dc1-controll
- fffff803`19d10000 fffff803`19d24000 xinputhid.sy
- fffff803`23550000 fffff803`23567000 dc1-controll
- fffff803`19c80000 fffff803`19c8f000 hiber_storpo
- fffff803`19c90000 fffff803`19cc3000 hiber_storah
- fffff803`19cd0000 fffff803`19cee000 hiber_dumpfv
- fffff803`238b0000 fffff803`238c4000 xinputhid.sy
- fffff803`1f770000 fffff803`1f781000 MpKsl83e05df
- fffff803`1f5c0000 fffff803`1f763000 EasyAntiChea
- fffff803`19bc0000 fffff803`19bd1000 MSKSSRV.sys
- fffff803`22770000 fffff803`22781000 MpKslDrv.sys
- fffff803`23400000 fffff803`23455000 lvrs64.sys
- fffff803`23dc0000 fffff803`23df8000 usbaudio.sys
- fffff803`23930000 fffff803`23db9000 lvuvc64.sys
- fffff803`19b80000 fffff803`19b91000 MSKSSRV.sys
- fffff803`23890000 fffff803`238a1000 MSKSSRV.sys
- fffff803`21b90000 fffff803`21b9f000 dump_storpor
- fffff803`21a00000 fffff803`21a33000 dump_storahc
- fffff803`21a60000 fffff803`21a7e000 dump_dumpfve
- fffff803`227d0000 fffff803`227ec000 dam.sys
- fffff803`20400000 fffff803`20411000 WdBoot.sys
- fffff803`203f0000 fffff803`203f9000 MbamElam.sys
- fffff803`21480000 fffff803`21490000 hwpolicy.sys
- ====================== Dump #3: BIOS INFORMATION =======================
- [SMBIOS Data Tables v3.2]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 1763 bytes]
- [BIOS Information (Type 0) - Length 26 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version P3.50
- BIOS Starting Address Segment f000
- BIOS Release Date 07/18/2019
- BIOS ROM Size 1000000
- BIOS Characteristics
- 07: - PCI Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 5
- BIOS Minor Revision 14
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASRock
- Product B450M Pro4
- Version
- Feature Flags 09h
- 855422688: - 855422736: - «?uþ
- Location
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 3
- [OEM Strings (Type 11) - Length 5 - Handle 0008h]
- Number of Strings 1
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 000bh]
- [Physical Memory Array (Type 16) - Length 23 - Handle 000ch]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 134217728KB
- Memory Error Inf Handle 000bh
- Number of Memory Devices 4
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 000dh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 000ch
- Partition Width 02
- [Cache Information (Type 7) - Length 27 - Handle 000eh]
- Socket Designation L1 - Cache
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0240h - 576K
- Installed Size 0240h - 576K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 000fh]
- Socket Designation L2 - Cache
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0c00h - 3072K
- Installed Size 0c00h - 3072K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 0010h]
- Socket Designation L3 - Cache
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 4000h - 16384K
- Installed Size 4000h - 16384K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- [Processor Information (Type 4) - Length 48 - Handle 0011h]
- Socket Designation AM4
- Processor Type Central Processor
- Processor Family 6bh - Specification Reserved
- Processor Manufacturer Advanced Micro Devices, Inc.
- Processor ID 820f8000fffb8b17
- Processor Version AMD Ryzen 5 2600 Six-Core Processor
- Processor Voltage 8bh - 1.1V
- External Clock 100MHz
- Max Speed 3900MHz
- Current Speed 3400MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 000eh
- L2 Cache Handle 000fh
- L3 Cache Handle 0010h
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0012h]
- [Memory Device (Type 17) - Length 84 - Handle 0013h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0012h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL A
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0014h]
- [Memory Device (Type 17) - Length 84 - Handle 0015h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0014h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL A
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0016h]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 0015h
- Mem Array Mapped Adr Handle 000dh
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0017h]
- [Memory Device (Type 17) - Length 84 - Handle 0018h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0017h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL B
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0019h]
- [Memory Device (Type 17) - Length 84 - Handle 001ah]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0019h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL B
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 001ah
- Mem Array Mapped Adr Handle 000dh
- ========================== Dump #3: Extra #1 ===========================
- 7: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #3: Extra #2 ===========================
- 7: kd> !thread
- THREAD ffffdb05521a3080 Cid 1fe0.09b8 Teb: 0000004de86e4000 Win32Thread: 0000000000000000 RUNNING on processor 7
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8031c81143c
- Owning Process ffffdb05560a9080 Image: firefox.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 11550447
- Context Switch Count 174722 IdealProcessor: 7
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ff879011500
- Stack Init ffffc301897c4c90 Current ffffc301897c47a0
- Base ffffc301897c5000 Limit ffffc301897bf000 Call 0000000000000000
- Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffc480`50ca8018 fffff803`1bfefa29 : 00000000`0000003b 00000000`c0000005 fffff803`1bfef5d7 ffffc480`50ca8920 : nt!KeBugCheckEx
- ffffc480`50ca8020 fffff803`1bfeee7c : ffffc301`8aea0618 fffff803`1bce6904 ffffc480`50ca8210 00000000`00000000 : nt!KiBugCheckDispatch+0x69
- ffffc480`50ca8160 fffff803`1bfe6a22 : fffff803`1bfeee00 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceHandler+0x7c
- ffffc480`50ca81a0 fffff803`1be32fd7 : ffffc480`50ca8710 00000000`00000000 ffffc480`50ca8920 fffff803`1bfef5d7 : nt!RtlpExecuteHandlerForException+0x12
- ffffc480`50ca81d0 fffff803`1be7b246 : ffffc301`897c48c8 ffffc480`50ca8e20 ffffc301`897c48c8 000001e8`76a20f28 : nt!RtlDispatchException+0x297
- ffffc480`50ca88f0 fffff803`1bfde9f2 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x186
- ffffc480`50ca8fb0 fffff803`1bfde9c0 : fffff803`1bfefb65 ffffc480`50c88180 fffff803`1bfe4d72 000f8067`bcbbbdff : nt!KxExceptionDispatchOnExceptionStack+0x12 (TrapFrame @ ffffc480`50ca8e70)
- ffffc301`897c4788 fffff803`1bfefb65 : ffffc480`50c88180 fffff803`1bfe4d72 000f8067`bcbbbdff fffff803`00000001 : nt!KiExceptionDispatchOnExceptionStackContinue
- ffffc301`897c4790 fffff803`1bfeb8a0 : 00000000`00000000 fffff803`199bba20 fffff803`199b7ac0 00000000`00000000 : nt!KiExceptionDispatch+0x125
- ffffc301`897c4970 fffff803`1bfef5d7 : ffffdb05`521a3080 ffffc301`897c4b10 ffffffff`dc3cba00 00000000`00000000 : nt!KiGeneralProtectionFault+0x320 (TrapFrame @ ffffc301`897c4970)
- ffffc301`897c4b00 00007ff8`7b26e784 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x157 (TrapFrame @ ffffc301`897c4b00)
- 0000004d`edb0f148 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`7b26e784
- ========================================================================
- ======================= Dump #4: ANALYZE VERBOSE =======================
- ======================= File: 072420-7640-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 19041 MP (12 procs) Free x64
- Kernel base = 0xfffff802`17600000 PsLoadedModuleList = 0xfffff802`1822a310
- Debug session time: Fri Jul 24 12:41:09.396 2020 (UTC - 4:00)
- System Uptime: 0 days 0:27:56.030
- BugCheck D1, {0, e, 0, fffff8021e240104}
- *** WARNING: Unable to verify timestamp for nvlddmkm.sys
- *** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
- An attempt was made to access a pageable (or completely invalid) address at an
- interrupt request level (IRQL) that is too high. This is usually
- caused by drivers using improper addresses.
- If kernel debugger is available get stack backtrace.
- Arguments:
- Arg1: 0000000000000000, memory referenced
- Arg2: 000000000000000e, IRQL
- Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
- Arg4: fffff8021e240104, address which referenced memory
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- READ_ADDRESS: fffff802182fa388: Unable to get MiVisibleState
- 0000000000000000
- CURRENT_IRQL: e
- FAULTING_IP:
- nvlddmkm+20104
- fffff802`1e240104 482b11 sub rdx,qword ptr [rcx]
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: AV
- PROCESS_NAME: System
- TRAP_FRAME: fffff8021ac79400 -- (.trap 0xfffff8021ac79400)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=fffff8021ea701c8 rbx=0000000000000000 rcx=0000000000000000
- rdx=fffff8021ac79710 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff8021e240104 rsp=fffff8021ac79590 rbp=fffff8021ac79710
- r8=0000000000000001 r9=ffffd68ddd0eb000 r10=0000000000000001
- r11=ffff707fbc000000 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei ng nz ac po cy
- nvlddmkm+0x20104:
- fffff802`1e240104 482b11 sub rdx,qword ptr [rcx] ds:00000000`00000000=????????????????
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff802179efa29 to fffff802179ddb60
- STACK_TEXT:
- fffff802`1ac792b8 fffff802`179efa29 : 00000000`0000000a 00000000`00000000 00000000`0000000e 00000000`00000000 : nt!KeBugCheckEx
- fffff802`1ac792c0 fffff802`179ebd29 : fffff802`1ac79800 ffffd68d`dd122000 fffff802`1ea1fa64 ffffd68d`dd122000 : nt!KiBugCheckDispatch+0x69
- fffff802`1ac79400 fffff802`1e240104 : fffff802`1e239e9f fffff802`1e23278b fffff802`1ac795d0 fffff802`1783aad9 : nt!KiPageFault+0x469
- fffff802`1ac79590 fffff802`1e239e9f : fffff802`1e23278b fffff802`1ac795d0 fffff802`1783aad9 00000000`00000000 : nvlddmkm+0x20104
- fffff802`1ac79598 fffff802`1e23278b : fffff802`1ac795d0 fffff802`1783aad9 00000000`00000000 00000000`00000000 : nvlddmkm+0x19e9f
- fffff802`1ac795a0 fffff802`1ac795d0 : fffff802`1783aad9 00000000`00000000 00000000`00000000 ffffd68d`df2c4000 : nvlddmkm+0x1278b
- fffff802`1ac795a8 fffff802`1783aad9 : 00000000`00000000 00000000`00000000 ffffd68d`df2c4000 fffff802`1e231798 : 0xfffff802`1ac795d0
- fffff802`1ac795b0 00000000`00000000 : 00000000`00000000 fffff802`1e9f827d ffffd68d`dd0eb000 fffff802`1ac79770 : nt!EtwpLogKernelEvent+0x249
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !FLTMGR
- fffff80213e0cd05-fffff80213e0cd06 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+35
- [ 48 ff:4c 8b ]
- fffff80213e0cd0c - FLTMGR!DeleteStreamListCtrlCallback+3c (+0x07)
- [ 0f:e8 ]
- fffff80213e0cd0e-fffff80213e0cd10 3 bytes - FLTMGR!DeleteStreamListCtrlCallback+3e (+0x02)
- [ 44 00 00:5b b0 03 ]
- fffff80213e0cd1a-fffff80213e0cd1b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+4a (+0x0c)
- [ 48 ff:4c 8b ]
- fffff80213e0cd21-fffff80213e0cd25 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+51 (+0x07)
- [ 0f 1f 44 00 00:e8 fa 63 a1 03 ]
- fffff80213e0cd6a-fffff80213e0cd6b 2 bytes - FLTMGR!DeleteStreamListCtrlCallback+9a (+0x49)
- [ 48 ff:4c 8b ]
- fffff80213e0cd71-fffff80213e0cd77 7 bytes - FLTMGR!DeleteStreamListCtrlCallback+a1 (+0x07)
- [ 0f 1f 44 00 00 48 ff:e8 fa 5b a1 03 4c 8b ]
- fffff80213e0cd7d-fffff80213e0cd81 5 bytes - FLTMGR!DeleteStreamListCtrlCallback+ad (+0x0c)
- [ 0f 1f 44 00 00:e8 5e eb ae 03 ]
- 27 errors : !FLTMGR (fffff80213e0cd05-fffff80213e0cd81)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-24T16:41:09.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #4: 3RD PARTY DRIVERS ======================
- Oct 22 2012 - lvrs64.sys - Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Oct 22 2012 - lvuvc64.sys - Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Mar 14 2016 - amdgpio3.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Jun 05 2017 - amdpsp.sys - Advanced Micro Devices, Inc http://support.amd.com/
- Apr 12 2018 - AMDPCIDev.sys - Advanced Micro Devices PCI Device driver
- Nov 16 2018 - logi_core_temp.sys - Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Nov 20 2018 - logi_joy_bus_enum.sys - Logitech Joystick driver
- Nov 20 2018 - logi_joy_xlcore.sys - Logitech Joystick driver
- Mar 08 2019 - dokan1.sys - Dokan Project driver (ISLOG)
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- May 24 2019 - rt640x64.sys - Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Sep 29 2019 - amdgpio2.sys - AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jan 26 2020 - UcmCxUcsiNvppc.sys - NVIDIA USB Type-C Port Policy Controller driver
- Jan 30 2020 - tapmullvad0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project)
- Apr 20 2020 - logi_joy_vir_hid.sys - Logitech Joystick driver
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #4: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\DRIVERS\lvrs64.sys
- Image name: lvrs64.sys
- Search : https://www.google.com/search?q=lvrs64.sys
- ADA Info : Logitech Kernel Audio Improvement Filter Driver http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\system32\DRIVERS\lvuvc64.sys
- Image name: lvuvc64.sys
- Search : https://www.google.com/search?q=lvuvc64.sys
- ADA Info : Logitech USB Video Class Driver (WebCam) http://support.logitech.com/
- Timestamp : Mon Oct 22 2012
- Image path: \SystemRoot\System32\drivers\amdgpio3.sys
- Image name: amdgpio3.sys
- Search : https://www.google.com/search?q=amdgpio3.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Mon Mar 14 2016
- Image path: \SystemRoot\system32\DRIVERS\amdpsp.sys
- Image name: amdpsp.sys
- Search : https://www.google.com/search?q=amdpsp.sys
- ADA Info : Advanced Micro Devices, Inc http://support.amd.com/
- Timestamp : Mon Jun 5 2017
- Image path: \SystemRoot\System32\drivers\AMDPCIDev.sys
- Image name: AMDPCIDev.sys
- Search : https://www.google.com/search?q=AMDPCIDev.sys
- ADA Info : Advanced Micro Devices PCI Device driver
- Timestamp : Thu Apr 12 2018
- Image path: \??\C:\ProgramData\LGHUB\depots\57944\driver_cpu_temperature\logi_core_temp.sys
- Image name: logi_core_temp.sys
- Search : https://www.google.com/search?q=logi_core_temp.sys
- ADA Info : Logitech G HUB driver https://support.logitech.com/en_us/software/lghub
- Timestamp : Fri Nov 16 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_bus_enum.sys
- Image name: logi_joy_bus_enum.sys
- Search : https://www.google.com/search?q=logi_joy_bus_enum.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\drivers\logi_joy_xlcore.sys
- Image name: logi_joy_xlcore.sys
- Search : https://www.google.com/search?q=logi_joy_xlcore.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Tue Nov 20 2018
- Image path: \SystemRoot\system32\DRIVERS\dokan1.sys
- Image name: dokan1.sys
- Search : https://www.google.com/search?q=dokan1.sys
- ADA Info : Dokan Project driver (ISLOG)
- Timestamp : Fri Mar 8 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Mapped memory image file: C:\ProgramData\dbg\sym\rt640x64.sys\5CE7AF86ad000\rt640x64.sys
- Image path: \SystemRoot\System32\drivers\rt640x64.sys
- Image name: rt640x64.sys
- Search : https://www.google.com/search?q=rt640x64.sys
- ADA Info : Realtek NICDRV 8169 PCIe GBE Family Controller driver https://www.realtek.com/en/
- Timestamp : Fri May 24 2019
- File version: 9.1.410.2015
- Product version: 9.1.410.2015
- File flags: 8 (Mask 3F) Private
- File OS: 40004 NT Win32
- File type: 3.6 Driver
- File date: 00000000.00000000
- CompanyName: Realtek
- ProductName: Realtek 8125/8136/8168/8169 PCI/PCIe Adapters
- InternalName: rt640x64.sys
- OriginalFilename: rt640x64.sys
- ProductVersion: 9.001.0410.2015
- FileVersion: 9.001.0410.2015
- FileDescription: Realtek 8125/8136/8168/8169 NDIS 6.40 64-bit Driver
- LegalCopyright: Copyright (C) 2019 Realtek Semiconductor Corporation. All Right Reserved.
- Image path: \SystemRoot\System32\drivers\amdgpio2.sys
- Image name: amdgpio2.sys
- Search : https://www.google.com/search?q=amdgpio2.sys
- ADA Info : AMD GPIO Controller Driver from Advanced Micro Devices http://support.amd.com/
- Timestamp : Sun Sep 29 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys
- Image name: UcmCxUcsiNvppc.sys
- Search : https://www.google.com/search?q=UcmCxUcsiNvppc.sys
- ADA Info : NVIDIA USB Type-C Port Policy Controller driver
- Timestamp : Sun Jan 26 2020
- Image path: \SystemRoot\System32\drivers\tapmullvad0901.sys
- Image name: tapmullvad0901.sys
- Search : https://www.google.com/search?q=tapmullvad0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project)
- Timestamp : Thu Jan 30 2020
- Image path: \SystemRoot\system32\drivers\logi_joy_vir_hid.sys
- Image name: logi_joy_vir_hid.sys
- Search : https://www.google.com/search?q=logi_joy_vir_hid.sys
- ADA Info : Logitech Joystick driver
- Timestamp : Mon Apr 20 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- ====================== Dump #4: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- amdppm.sys Processor Device Driver
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dc1-controller.sys KMDF driver for DC1 Controller
- DevAuthE.sys Xbox Device Authentication Driver
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gameflt.sys Gaming Install Filter driver (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- i8042prt.sys i8042 Keyboard / PS/2 Mouse driver (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- IntelTA.sys Intel Telemetry Driver
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_AuthenticAMD.dll AMD Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msgpioclx.sys GPIO Class Extension Driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- MSKSSRV.sys MS KS Server driver
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msquic.sys Windows QUIC Driver
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- UcmCx.sys USB Connector Manager KMDF Class Extension
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbaudio.sys USB Audio Class Driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- xboxgip.sys Game Input Protocol Driver
- xinputhid.sys XINPUT filter driver for HID
- xvdd.sys XVD Disk driver (Microsoft)
- ====================== Dump #4: UNLOADED MODULES =======================
- fffff802`1c8e0000 fffff802`1c8f1000 MSKSSRV.sys
- fffff802`1b3f0000 fffff802`1b3ff000 dump_storpor
- fffff802`1ae40000 fffff802`1ae73000 dump_storahc
- fffff802`1aea0000 fffff802`1aebe000 dump_dumpfve
- fffff802`1b900000 fffff802`1b91c000 dam.sys
- fffff802`19800000 fffff802`19811000 WdBoot.sys
- fffff802`197f0000 fffff802`197f9000 MbamElam.sys
- fffff802`1a880000 fffff802`1a890000 hwpolicy.sys
- ====================== Dump #4: BIOS INFORMATION =======================
- [SMBIOS Data Tables v3.2]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 1763 bytes]
- [BIOS Information (Type 0) - Length 26 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version P3.50
- BIOS Starting Address Segment f000
- BIOS Release Date 07/18/2019
- BIOS ROM Size 1000000
- BIOS Characteristics
- 07: - PCI Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 5
- BIOS Minor Revision 14
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASRock
- Product B450M Pro4
- Version
- Feature Flags 09h
- 855422688: - 855422736: - «?uþ
- Location
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 3
- [OEM Strings (Type 11) - Length 5 - Handle 0008h]
- Number of Strings 1
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 000bh]
- [Physical Memory Array (Type 16) - Length 23 - Handle 000ch]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 134217728KB
- Memory Error Inf Handle 000bh
- Number of Memory Devices 4
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 000dh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 000ch
- Partition Width 02
- [Cache Information (Type 7) - Length 27 - Handle 000eh]
- Socket Designation L1 - Cache
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0240h - 576K
- Installed Size 0240h - 576K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 000fh]
- Socket Designation L2 - Cache
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0c00h - 3072K
- Installed Size 0c00h - 3072K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 27 - Handle 0010h]
- Socket Designation L3 - Cache
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 4000h - 16384K
- Installed Size 4000h - 16384K
- Supported SRAM Type 0010h - Pipeline-Burst
- Current SRAM Type 0010h - Pipeline-Burst
- Cache Speed 1ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- [Processor Information (Type 4) - Length 48 - Handle 0011h]
- Socket Designation AM4
- Processor Type Central Processor
- Processor Family 6bh - Specification Reserved
- Processor Manufacturer Advanced Micro Devices, Inc.
- Processor ID 820f8000fffb8b17
- Processor Version AMD Ryzen 5 2600 Six-Core Processor
- Processor Voltage 8bh - 1.1V
- External Clock 100MHz
- Max Speed 3900MHz
- Current Speed 3400MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 000eh
- L2 Cache Handle 000fh
- L3 Cache Handle 0010h
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0012h]
- [Memory Device (Type 17) - Length 84 - Handle 0013h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0012h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL A
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0014h]
- [Memory Device (Type 17) - Length 84 - Handle 0015h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0014h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL A
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0016h]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 0015h
- Mem Array Mapped Adr Handle 000dh
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0017h]
- [Memory Device (Type 17) - Length 84 - Handle 0018h]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0017h
- Form Factor 02h - Unknown
- Device Locator DIMM 0
- Bank Locator P0 CHANNEL B
- Memory Type 02h - Unknown
- Type Detail 0004h - Unknown
- Speed 0MHz
- Manufacturer Unknown
- Part Number Unknown
- [32Bit Memory Error Information (Type 18) - Length 23 - Handle 0019h]
- [Memory Device (Type 17) - Length 84 - Handle 001ah]
- Physical Memory Array Handle 000ch
- Memory Error Info Handle 0019h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM 1
- Bank Locator P0 CHANNEL B
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2133MHz
- Manufacturer Unknown
- Part Number F4-3000C16-8GVRB
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 001bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 001ah
- Mem Array Mapped Adr Handle 000dh
- ========================== Dump #4: Extra #1 ===========================
- 0: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #4: Extra #2 ===========================
- 0: kd> !thread
- THREAD fffff80218326600 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8021821143c
- Owning Process fffff80218323a00 Image: System Process
- Attached Process ffffd68dd807f040 Image: System
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 107265
- Context Switch Count 4382798 IdealProcessor: 0
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!KiIdleLoop (0xfffff802179e1630)
- Stack Init fffff8021ac6bc90 Current fffff8021ac6bc20
- Base fffff8021ac6c000 Limit fffff8021ac66000 Call 0000000000000000
- Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- fffff802`1ac792b8 fffff802`179efa29 : 00000000`0000000a 00000000`00000000 00000000`0000000e 00000000`00000000 : nt!KeBugCheckEx
- fffff802`1ac792c0 fffff802`179ebd29 : fffff802`1ac79800 ffffd68d`dd122000 fffff802`1ea1fa64 ffffd68d`dd122000 : nt!KiBugCheckDispatch+0x69
- fffff802`1ac79400 fffff802`1e240104 : fffff802`1e239e9f fffff802`1e23278b fffff802`1ac795d0 fffff802`1783aad9 : nt!KiPageFault+0x469 (TrapFrame @ fffff802`1ac79400)
- fffff802`1ac79590 fffff802`1e239e9f : fffff802`1e23278b fffff802`1ac795d0 fffff802`1783aad9 00000000`00000000 : nvlddmkm+0x20104
- fffff802`1ac79598 fffff802`1e23278b : fffff802`1ac795d0 fffff802`1783aad9 00000000`00000000 00000000`00000000 : nvlddmkm+0x19e9f
- fffff802`1ac795a0 fffff802`1ac795d0 : fffff802`1783aad9 00000000`00000000 00000000`00000000 ffffd68d`df2c4000 : nvlddmkm+0x1278b
- fffff802`1ac795a8 fffff802`1783aad9 : 00000000`00000000 00000000`00000000 ffffd68d`df2c4000 fffff802`1e231798 : 0xfffff802`1ac795d0
- fffff802`1ac795b0 00000000`00000000 : 00000000`00000000 fffff802`1e9f827d ffffd68d`dd0eb000 fffff802`1ac79770 : nt!EtwpLogKernelEvent+0x249
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement