API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 26th, 2020
63
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 68.80 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 01 minutes and 14 seconds
  5.  
  6. ================================= CPU ==================================
  7. COUNT: c
  8. MHZ: 3696
  9. VENDOR: GenuineIntel
  10. FAMILY: 6
  11. MODEL: 9e
  12. STEPPING: a
  13.  
  14. ================================== OS ==================================
  15. Product: WinNt, suite: TerminalServer SingleUserTS Personal
  16. BUILD_VERSION: 10.0.19041.330 (WinBuild.160101.0800)
  17. BUILD: 19041
  18. SERVICEPACK: 330
  19. PLATFORM_TYPE: x64
  20. NAME: Windows 10
  21. EDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal
  22. BUILD_TIMESTAMP: unknown_date
  23. BUILDDATESTAMP: 160101.0800
  24. BUILDLAB: WinBuild
  25. BUILDOSVER: 10.0.19041.330
  26.  
  27. =============================== DEBUGGER ===============================
  28. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  29. Copyright (c) Microsoft Corporation. All rights reserved.
  30.  
  31. =============================== COMMENTS ===============================
  32. * Information gathered from different dump files may be different. If
  33. Windows updates between two dump files, two or more OS versions may
  34. be shown above.
  35. * Additional BIOS information was not included in the dump file(s). This
  36. can be caused by an outdated BIOS.
  37.  
  38. ========================================================================
  39. ======================= Dump #1: ANALYZE VERBOSE =======================
  40. ======================= File: 062620-4140-01.dmp =======================
  41. ========================================================================
  42.  
  43. Mini Kernel Dump File: Only registers and stack trace are available
  44. Windows 10 Kernel Version 19041 MP (12 procs) Free x64
  45. Kernel base = 0xfffff800`83c00000 PsLoadedModuleList = 0xfffff800`8482a2b0
  46. Debug session time: Fri Jun 26 13:09:08.380 2020 (UTC - 4:00)
  47. System Uptime: 0 days 0:37:17.047
  48.  
  49. BugCheck 34, {944, ffffffffc0000420, 0, 0}
  50. Probably caused by : ntkrnlmp.exe ( nt!CcUninitializeCacheMap+1afd99 )
  51. Followup: MachineOwner
  52.  
  53. CACHE_MANAGER (34)
  54. See the comment for FAT_FILE_SYSTEM (0x23)
  55.  
  56. Arguments:
  57. Arg1: 0000000000000944
  58. Arg2: ffffffffc0000420
  59. Arg3: 0000000000000000
  60. Arg4: 0000000000000000
  61.  
  62. Debugging Details:
  63. DUMP_CLASS: 1
  64. DUMP_QUALIFIER: 400
  65. DUMP_TYPE: 2
  66. DUMP_FILE_ATTRIBUTES: 0x8
  67. Kernel Generated Triage Dump
  68. EXCEPTION_RECORD: ffffffffc0000420 -- (.exr 0xffffffffc0000420)
  69. Cannot read Exception record @ ffffffffc0000420
  70. CUSTOMER_CRASH_COUNT: 1
  71. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  72. BUGCHECK_STR: 0x34
  73.  
  74. PROCESS_NAME: System
  75.  
  76. CURRENT_IRQL: 2
  77. LAST_CONTROL_TRANSFER: from fffff800840313b9 to fffff80083fdda20
  78. STACK_TEXT:
  79. ffffb285`e79e9a98 fffff800`840313b9 : 00000000`00000034 00000000`00000944 ffffffff`c0000420 00000000`00000000 : nt!KeBugCheckEx
  80. ffffb285`e79e9aa0 fffff800`86b0fed0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!CcUninitializeCacheMap+0x1afd99
  81. ffffb285`e79e9b60 fffff800`86b00bd0 : ffffa281`2ba52800 ffffa281`2ba528a0 00000000`00000000 ffffa281`2ba52a00 : Ntfs!NtfsDeleteInternalAttributeStream+0x10c
  82. ffffb285`e79e9ba0 fffff800`869eace5 : ffffa281`2ba528a0 ffffa281`2ba52a00 00000000`00000000 ffffa281`2ba52a00 : Ntfs!NtfsRemoveScb+0x130
  83. ffffb285`e79e9c00 fffff800`869ea9b9 : ffffa281`2ddc05e0 00000000`00000000 ffffdb0d`fd51e180 ffffa281`2ba528a0 : Ntfs!NtfsPrepareFcbForRemoval+0x75
  84. ffffb285`e79e9c40 fffff800`86b008ea : ffffdb0e`04d4a018 ffffdb0d`fd51e180 ffffa281`2ddc05a0 ffffa281`2ddc09f8 : Ntfs!NtfsTeardownFromLcb+0x2c9
  85. ffffb285`e79e9ce0 fffff800`869dd560 : ffffdb0e`04d4a018 ffffb285`e79e9de2 ffffa281`2ddc09f8 ffffa281`2ddc05a0 : Ntfs!NtfsTeardownStructures+0xea
  86. ffffb285`e79e9d60 fffff800`86acb6a7 : ffffb285`e79e9f00 ffffa281`00000001 00000000`00000000 ffffa281`2ddc0500 : Ntfs!NtfsDecrementCloseCounts+0xb0
  87. ffffb285`e79e9da0 fffff800`86ac81c1 : ffffdb0e`04d4a018 ffffa281`2ddc0700 ffffa281`2ddc05a0 ffffdb0d`fd51e180 : Ntfs!NtfsCommonClose+0x467
  88. ffffb285`e79e9e80 fffff800`86b2f014 : ffffb285`e79ea2f0 fffff800`83e46d25 ffffdb0e`042c6100 fffff800`84211fbb : Ntfs!NtfsFspCloseInternal+0x241
  89. ffffb285`e79e9fe0 fffff800`86aeb91c : 00000000`00000000 00000000`00000000 ffffdb0d`fd51e180 ffffa281`2391e460 : Ntfs!NtfsFlushVolume+0x10c
  90. ffffb285`e79ea0f0 fffff800`86aeaaf9 : ffffdb0e`02131a98 ffffdb0e`01d9fa20 ffffdb0e`02131a01 ffffb285`e79ea320 : Ntfs!NtfsCommonFlushBuffers+0x8d0
  91. ffffb285`e79ea210 fffff800`83e371f8 : ffffb285`e79ea320 ffffdb0e`02131a98 ffffdb0d`00000000 ffffdb0e`01d9fa20 : Ntfs!NtfsCommonFlushBuffersCallout+0x19
  92. ffffb285`e79ea240 fffff800`83e3716d : fffff800`86aeaae0 ffffb285`e79ea320 00000000`00000000 fffff800`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  93. ffffb285`e79ea2b0 fffff800`86aaa5fb : 00000000`00000000 00000000`00000310 ffffb285`e79eb000 00000000`00000030 : nt!KeExpandKernelStackAndCalloutEx+0x1d
  94. ffffb285`e79ea2f0 fffff800`86aaa525 : 00000000`00000000 ffffdb0d`f9add1c0 ffffb285`e79ea388 00000000`00000000 : Ntfs!NtfsCommonFlushBuffersOnNewStack+0x67
  95. ffffb285`e79ea360 fffff800`83e46d25 : ffffdb0e`038e84a0 ffffdb0e`01d9fa20 ffffdb0e`02131a98 ffffb285`e79ea388 : Ntfs!NtfsFsdFlushBuffers+0xe5
  96. ffffb285`e79ea3d0 fffff800`808b6ccf : ffffb285`e79ea448 ffffb285`e79ea4f0 ffffb285`e79ea430 00000000`00000000 : nt!IofCallDriver+0x55
  97. ffffb285`e79ea410 fffff800`808b48d3 : ffffb285`e79ea4a0 00000000`00000000 00000000`00000000 ffffdb0d`f9aaeb80 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28f
  98. ffffb285`e79ea480 fffff800`83e46d25 : ffffdb0e`01d9fa20 ffffdb0d`f849c000 ffffb285`e79ea710 00000000`00000000 : FLTMGR!FltpDispatch+0xa3
  99. ffffb285`e79ea4e0 fffff800`8420eb18 : ffffb285`e79ea710 ffffdb0e`01d9fa20 00000000`00000001 00000000`00000000 : nt!IofCallDriver+0x55
  100. ffffb285`e79ea520 fffff800`842ec0f9 : ffffdb0e`00000000 ffffb285`e79ea710 00000000`00000000 ffffb285`e79ea710 : nt!IopSynchronousServiceTail+0x1a8
  101. ffffb285`e79ea5c0 fffff800`842ebee6 : ffffdb0e`01791040 00000000`00000000 ffffdb0d`fd38cd60 00000000`00000000 : nt!NtFlushBuffersFileEx+0x1f9
  102. ffffb285`e79ea650 fffff800`83fef375 : fffff800`83c00000 fffff800`83e0198e ffffb285`e79ea8e0 00000000`00000000 : nt!NtFlushBuffersFile+0x16
  103. ffffb285`e79ea690 fffff800`83fe1880 : fffff800`845a45ca ffffb285`e6bef470 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
  104. ffffb285`e79ea828 fffff800`845a45ca : ffffb285`e6bef470 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiServiceLinkage
  105. ffffb285`e79ea830 fffff800`83f46715 : ffffdb0e`01791040 ffffdb0e`01791040 fffff800`845a4440 00000000`00000001 : nt!PopFlushVolumeWorker+0x18a
  106. ffffb285`e79eab10 fffff800`83fe5078 : ffffcb01`6a55a180 ffffdb0e`01791040 fffff800`83f466c0 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  107. ffffb285`e79eab60 00000000`00000000 : ffffb285`e79eb000 ffffb285`e79e4000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  108. STACK_COMMAND: kb
  109. THREAD_SHA1_HASH_MOD_FUNC: 43f7b136cf5cc46624075a6455a6b6b346a966f9
  110. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 7d9c051ff9e9b85b738d9e76b3291308b3af3d8c
  111. THREAD_SHA1_HASH_MOD: 8e49d1ed9c175267305950cab8dabd3bd45d3494
  112. FOLLOWUP_IP:
  113. nt!CcUninitializeCacheMap+1afd99
  114. fffff800`840313b9 cc int 3
  115. FAULT_INSTR_CODE: 838d48cc
  116. SYMBOL_STACK_INDEX: 1
  117. SYMBOL_NAME: nt!CcUninitializeCacheMap+1afd99
  118. FOLLOWUP_NAME: MachineOwner
  119. MODULE_NAME: nt
  120.  
  121. IMAGE_NAME: ntkrnlmp.exe
  122.  
  123. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  124. IMAGE_VERSION: 10.0.19041.330
  125. BUCKET_ID_FUNC_OFFSET: 1afd99
  126. FAILURE_BUCKET_ID: 0x34_nt!CcUninitializeCacheMap
  127. BUCKET_ID: 0x34_nt!CcUninitializeCacheMap
  128. PRIMARY_PROBLEM_CLASS: 0x34_nt!CcUninitializeCacheMap
  129. TARGET_TIME: 2020-06-26T17:09:08.000Z
  130. SUITE_MASK: 784
  131. PRODUCT_TYPE: 1
  132. USER_LCID: 0
  133. FAILURE_ID_HASH_STRING: km:0x34_nt!ccuninitializecachemap
  134. FAILURE_ID_HASH: {8e05a99b-1bec-5629-33ce-0f8c05cbbfc6}
  135. Followup: MachineOwner
  136.  
  137. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  138.  
  139. Oct 09 2015 - wdcsam64.sys - Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  140. Jan 21 2019 - imaucxhpal.sys - MA-USB (UCX) HPAL driver
  141. Jan 21 2019 - iwigig.sys - WiGig MAC driver (Intel)
  142. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  143. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  144. May 07 2019 - e1d68x64.sys - Intel(R) Gigabit Adapter driver
  145. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  146.  
  147. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  148.  
  149. Image name: wdcsam64.sys
  150. Search : https://www.google.com/search?q=wdcsam64.sys
  151. ADA Info : Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  152. Timestamp : Fri Oct 9 2015
  153.  
  154. Image name: imaucxhpal.sys
  155. Search : https://www.google.com/search?q=imaucxhpal.sys
  156. ADA Info : MA-USB (UCX) HPAL driver
  157. Timestamp : Mon Jan 21 2019
  158.  
  159. Image name: iwigig.sys
  160. Search : https://www.google.com/search?q=iwigig.sys
  161. ADA Info : WiGig MAC driver (Intel)
  162. Timestamp : Mon Jan 21 2019
  163.  
  164. Image name: nvhda64v.sys
  165. Search : https://www.google.com/search?q=nvhda64v.sys
  166. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  167. Timestamp : Tue Mar 19 2019
  168.  
  169. Image name: TeeDriverW8x64.sys
  170. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  171. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  172. Timestamp : Thu Apr 4 2019
  173.  
  174. Image name: e1d68x64.sys
  175. Search : https://www.google.com/search?q=e1d68x64.sys
  176. ADA Info : Intel(R) Gigabit Adapter driver
  177. Timestamp : Tue May 7 2019
  178.  
  179. Image name: nvlddmkm.sys
  180. Search : https://www.google.com/search?q=nvlddmkm.sys
  181. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  182. Timestamp : Wed Oct 2 2019
  183.  
  184. ====================== Dump #1: MICROSOFT DRIVERS ======================
  185.  
  186. ACPI.sys ACPI Driver for NT (Microsoft)
  187. acpiex.sys ACPIEx Driver (Microsoft)
  188. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  189. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  190. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  191. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  192. ahcache.sys Application Compatibility Cache (Microsoft)
  193. bam.sys BAM Kernal driver (Microsoft)
  194. BasicDisplay.sys Basic Display driver (Microsoft)
  195. BasicRender.sys Basic Render driver (Microsoft)
  196. Beep.SYS BEEP driver (Microsoft)
  197. bindflt.sys Windows Bind Filter driver (Microsoft)
  198. BOOTVID.dll VGA Boot Driver (Microsoft)
  199. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  200. cdd.dll Canonical Display Driver (Microsoft)
  201. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  202. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  203. CI.dll Code Integrity Module (Microsoft)
  204. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  205. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  206. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  207. CLFS.SYS Common Log File System Driver (Microsoft)
  208. clipsp.sys CLIP Service (Microsoft)
  209. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  210. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  211. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  212. condrv.sys Console Driver (Microsoft)
  213. crashdmp.sys Crash Dump driver (Microsoft)
  214. dfsc.sys DFS Namespace Client Driver (Microsoft)
  215. disk.sys PnP Disk Driver (Microsoft)
  216. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  217. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  218. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  219. dump_storport.sys Provides disk access during crash dump file generation (Microsoft)
  220. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  221. dxgmms2.sys DirectX Graphics MMS
  222. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  223. fastfat.SYS Fast FAT File System Driver (Microsoft)
  224. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  225. fileinfo.sys FileInfo Filter Driver (Microsoft)
  226. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  227. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  228. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  229. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  230. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  231. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  232. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  233. HdAudio.sys High Definition Audio Function driver (Microsoft)
  234. hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  235. hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  236. hiber_storport.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  237. HIDCLASS.SYS Hid Class Library (Microsoft)
  238. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  239. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  240. HTTP.sys HTTP Protocol Stack (Microsoft)
  241. intelpep.sys Intel Power Engine Plugin (Microsoft)
  242. intelppm.sys Processor Device Driver (Microsoft)
  243. IntelTA.sys Intel Telemetry Driver
  244. iorate.sys I/O rate control Filter (Microsoft)
  245. kbdclass.sys Keyboard Class Driver (Microsoft)
  246. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  247. kdcom.dll Kernel Debugger HW Extension DLL (Microsoft)
  248. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  249. ks.sys Kernal CSA Library (Microsoft)
  250. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  251. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  252. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  253. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  254. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  255. mcupdate.dll Media Center Update (Microsoft)
  256. mmcss.sys MMCSS Driver (Microsoft)
  257. monitor.sys Monitor Driver (Microsoft)
  258. mouclass.sys Mouse Class Driver (Microsoft)
  259. mouhid.sys HID Mouse Filter Driver (Microsoft)
  260. mountmgr.sys Mount Point Manager (Microsoft)
  261. MpKslDrv.sys Microsoft Anti-malware Protection driver
  262. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  263. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  264. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  265. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  266. Msfs.SYS Mailslot driver (Microsoft)
  267. msisadrv.sys ISA Driver (Microsoft)
  268. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  269. msquic.sys Windows QUIC Driver
  270. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  271. mssmbios.sys System Management BIOS driver (Microsoft)
  272. mup.sys Multiple UNC Provider driver (Microsoft)
  273. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  274. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  275. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  276. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  277. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  278. NDProxy.sys NDIS Proxy driver (Microsoft)
  279. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  280. netbios.sys NetBIOS Interface driver (Microsoft)
  281. netbt.sys MBT Transport driver (Microsoft)
  282. NETIO.SYS Network I/O Subsystem (Microsoft)
  283. Npfs.SYS NPFS driver (Microsoft)
  284. npsvctrig.sys Named pipe service triggers (Microsoft)
  285. nsiproxy.sys NSI Proxy driver (Microsoft)
  286. Ntfs.sys NT File System Driver (Microsoft)
  287. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  288. ntosext.sys NTOS Extension Host driver (Microsoft)
  289. Null.SYS NULL Driver (Microsoft)
  290. pacer.sys QoS Packet Scheduler (Microsoft)
  291. partmgr.sys Partition driver (Microsoft)
  292. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  293. pcw.sys Performance Counter Driver (Microsoft)
  294. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  295. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  296. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  297. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  298. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  299. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  300. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  301. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  302. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  303. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  304. rdpvideominiport.sys RDP Video Miniport driver (Microsoft)
  305. rdyboost.sys ReadyBoost Driver (Microsoft)
  306. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  307. serenum.sys Serial Port Enumerator (Microsoft)
  308. serial.sys Serial Device Driver
  309. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  310. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  311. spaceport.sys Storage Spaces driver (Microsoft)
  312. srv2.sys Smb 2.0 Server driver (Microsoft)
  313. srvnet.sys Server Network driver (Microsoft)
  314. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  315. stornvme.sys NVM Express Storport Miniport driver (Microsoft)
  316. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  317. storqosflt.sys Storage QoS Filter driver (Microsoft)
  318. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  319. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  320. tcpip.sys TCP/IP Protocol driver (Microsoft)
  321. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  322. TDI.SYS TDI Wrapper driver (Microsoft)
  323. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  324. tm.sys Kernel Transaction Manager driver (Microsoft)
  325. ucx01000.sys USB Controller Extension (Microsoft)
  326. udfs.sys UDF File System driver (Microsoft)
  327. UEFI.sys UEFI NT driver (Microsoft)
  328. umbus.sys User-Mode Bus Enumerator (Microsoft)
  329. usbaudio.sys USB Audio Class Driver (Microsoft)
  330. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  331. USBD.SYS Universal Serial Bus Driver (Microsoft)
  332. UsbHub3.sys USB3 HUB driver (Microsoft)
  333. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  334. USBXHCI.SYS USB XHCI driver (Microsoft)
  335. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  336. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  337. volmgr.sys Volume Manager Driver (Microsoft)
  338. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  339. volsnap.sys Volume Shadow Copy driver (Microsoft)
  340. volume.sys Volume driver (Microsoft)
  341. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  342. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  343. watchdog.sys Watchdog driver (Microsoft)
  344. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  345. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  346. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  347. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  348. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  349. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  350. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  351. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  352. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  353. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  354. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  355. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  356. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  357. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  358. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  359. Wof.sys Windows Overlay Filter (Microsoft)
  360. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  361. WppRecorder.sys WPP Trace Recorder (Microsoft)
  362. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  363.  
  364. ====================== Dump #1: UNLOADED MODULES =======================
  365.  
  366. fffff800`9a5e0000 fffff800`9a5ef000 dump_storpor
  367. fffff800`99a40000 fffff800`99a73000 dump_storahc
  368. fffff800`99aa0000 fffff800`99abe000 dump_dumpfve
  369. fffff800`9b110000 fffff800`9b165000 WUDFRd.sys
  370. fffff800`9a3e0000 fffff800`9a3fc000 dam.sys
  371. fffff800`86400000 fffff800`86411000 WdBoot.sys
  372. fffff800`874b0000 fffff800`874c0000 hwpolicy.sys
  373.  
  374. ====================== Dump #1: BIOS INFORMATION =======================
  375.  
  376. sysinfo: could not find necessary interfaces.
  377. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  378.  
  379. ========================== Dump #1: Extra #1 ===========================
  380.  
  381. 0: kd> !verifier
  382. fffff8008482a6c0: Unable to get verifier list.
  383.  
  384. ========================== Dump #1: Extra #2 ===========================
  385.  
  386. 0: kd> !thread
  387. THREAD ffffdb0e01791040 Cid 0004.2810 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
  388. IRP List:
  389. Unable to read nt!_IRP @ ffffdb0e01d9fa20
  390. Not impersonating
  391. GetUlongFromAddress: unable to read from fffff8008481143c
  392. Owning Process ffffdb0df849c040 Image: System
  393. Attached Process N/A Image: N/A
  394. fffff78000000000: Unable to get shared data
  395. Wait Start TickCount 143171
  396. Context Switch Count 287 IdealProcessor: 0
  397. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  398. UserTime 00:00:00.000
  399. KernelTime 00:00:00.000
  400. Win32 Start Address nt!PopFlushVolumeWorker (0xfffff800845a4440)
  401. Stack Init ffffb285e79eab90 Current ffffb285e79e8760
  402. Base ffffb285e79eb000 Limit ffffb285e79e4000 Call 0000000000000000
  403. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  404. Child-SP RetAddr : Args to Child : Call Site
  405. ffffb285`e79e9a98 fffff800`840313b9 : 00000000`00000034 00000000`00000944 ffffffff`c0000420 00000000`00000000 : nt!KeBugCheckEx
  406. ffffb285`e79e9aa0 fffff800`86b0fed0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!CcUninitializeCacheMap+0x1afd99
  407. ffffb285`e79e9b60 fffff800`86b00bd0 : ffffa281`2ba52800 ffffa281`2ba528a0 00000000`00000000 ffffa281`2ba52a00 : Ntfs!NtfsDeleteInternalAttributeStream+0x10c
  408. ffffb285`e79e9ba0 fffff800`869eace5 : ffffa281`2ba528a0 ffffa281`2ba52a00 00000000`00000000 ffffa281`2ba52a00 : Ntfs!NtfsRemoveScb+0x130
  409. ffffb285`e79e9c00 fffff800`869ea9b9 : ffffa281`2ddc05e0 00000000`00000000 ffffdb0d`fd51e180 ffffa281`2ba528a0 : Ntfs!NtfsPrepareFcbForRemoval+0x75
  410. ffffb285`e79e9c40 fffff800`86b008ea : ffffdb0e`04d4a018 ffffdb0d`fd51e180 ffffa281`2ddc05a0 ffffa281`2ddc09f8 : Ntfs!NtfsTeardownFromLcb+0x2c9
  411. ffffb285`e79e9ce0 fffff800`869dd560 : ffffdb0e`04d4a018 ffffb285`e79e9de2 ffffa281`2ddc09f8 ffffa281`2ddc05a0 : Ntfs!NtfsTeardownStructures+0xea
  412. ffffb285`e79e9d60 fffff800`86acb6a7 : ffffb285`e79e9f00 ffffa281`00000001 00000000`00000000 ffffa281`2ddc0500 : Ntfs!NtfsDecrementCloseCounts+0xb0
  413. ffffb285`e79e9da0 fffff800`86ac81c1 : ffffdb0e`04d4a018 ffffa281`2ddc0700 ffffa281`2ddc05a0 ffffdb0d`fd51e180 : Ntfs!NtfsCommonClose+0x467
  414. ffffb285`e79e9e80 fffff800`86b2f014 : ffffb285`e79ea2f0 fffff800`83e46d25 ffffdb0e`042c6100 fffff800`84211fbb : Ntfs!NtfsFspCloseInternal+0x241
  415. ffffb285`e79e9fe0 fffff800`86aeb91c : 00000000`00000000 00000000`00000000 ffffdb0d`fd51e180 ffffa281`2391e460 : Ntfs!NtfsFlushVolume+0x10c
  416. ffffb285`e79ea0f0 fffff800`86aeaaf9 : ffffdb0e`02131a98 ffffdb0e`01d9fa20 ffffdb0e`02131a01 ffffb285`e79ea320 : Ntfs!NtfsCommonFlushBuffers+0x8d0
  417. ffffb285`e79ea210 fffff800`83e371f8 : ffffb285`e79ea320 ffffdb0e`02131a98 ffffdb0d`00000000 ffffdb0e`01d9fa20 : Ntfs!NtfsCommonFlushBuffersCallout+0x19
  418. ffffb285`e79ea240 fffff800`83e3716d : fffff800`86aeaae0 ffffb285`e79ea320 00000000`00000000 fffff800`00000000 : nt!KeExpandKernelStackAndCalloutInternal+0x78
  419. ffffb285`e79ea2b0 fffff800`86aaa5fb : 00000000`00000000 00000000`00000310 ffffb285`e79eb000 00000000`00000030 : nt!KeExpandKernelStackAndCalloutEx+0x1d
  420. ffffb285`e79ea2f0 fffff800`86aaa525 : 00000000`00000000 ffffdb0d`f9add1c0 ffffb285`e79ea388 00000000`00000000 : Ntfs!NtfsCommonFlushBuffersOnNewStack+0x67
  421. ffffb285`e79ea360 fffff800`83e46d25 : ffffdb0e`038e84a0 ffffdb0e`01d9fa20 ffffdb0e`02131a98 ffffb285`e79ea388 : Ntfs!NtfsFsdFlushBuffers+0xe5
  422. ffffb285`e79ea3d0 fffff800`808b6ccf : ffffb285`e79ea448 ffffb285`e79ea4f0 ffffb285`e79ea430 00000000`00000000 : nt!IofCallDriver+0x55
  423. ffffb285`e79ea410 fffff800`808b48d3 : ffffb285`e79ea4a0 00000000`00000000 00000000`00000000 ffffdb0d`f9aaeb80 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28f
  424. ffffb285`e79ea480 fffff800`83e46d25 : ffffdb0e`01d9fa20 ffffdb0d`f849c000 ffffb285`e79ea710 00000000`00000000 : FLTMGR!FltpDispatch+0xa3
  425. ffffb285`e79ea4e0 fffff800`8420eb18 : ffffb285`e79ea710 ffffdb0e`01d9fa20 00000000`00000001 00000000`00000000 : nt!IofCallDriver+0x55
  426. ffffb285`e79ea520 fffff800`842ec0f9 : ffffdb0e`00000000 ffffb285`e79ea710 00000000`00000000 ffffb285`e79ea710 : nt!IopSynchronousServiceTail+0x1a8
  427. ffffb285`e79ea5c0 fffff800`842ebee6 : ffffdb0e`01791040 00000000`00000000 ffffdb0d`fd38cd60 00000000`00000000 : nt!NtFlushBuffersFileEx+0x1f9
  428. ffffb285`e79ea650 fffff800`83fef375 : fffff800`83c00000 fffff800`83e0198e ffffb285`e79ea8e0 00000000`00000000 : nt!NtFlushBuffersFile+0x16
  429. ffffb285`e79ea690 fffff800`83fe1880 : fffff800`845a45ca ffffb285`e6bef470 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 (TrapFrame @ ffffb285`e79ea690)
  430. ffffb285`e79ea828 fffff800`845a45ca : ffffb285`e6bef470 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiServiceLinkage
  431. ffffb285`e79ea830 fffff800`83f46715 : ffffdb0e`01791040 ffffdb0e`01791040 fffff800`845a4440 00000000`00000001 : nt!PopFlushVolumeWorker+0x18a
  432. ffffb285`e79eab10 fffff800`83fe5078 : ffffcb01`6a55a180 ffffdb0e`01791040 fffff800`83f466c0 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  433. ffffb285`e79eab60 00000000`00000000 : ffffb285`e79eb000 ffffb285`e79e4000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  434.  
  435.  
  436. ========================================================================
  437. ======================= Dump #2: ANALYZE VERBOSE =======================
  438. ======================= File: 062620-4109-01.dmp =======================
  439. ========================================================================
  440.  
  441. Mini Kernel Dump File: Only registers and stack trace are available
  442. Windows 10 Kernel Version 19041 MP (12 procs) Free x64
  443. Kernel base = 0xfffff802`0ee00000 PsLoadedModuleList = 0xfffff802`0fa2a2b0
  444. Debug session time: Fri Jun 26 18:45:27.123 2020 (UTC - 4:00)
  445. System Uptime: 0 days 0:20:07.790
  446.  
  447. BugCheck 1A, {41792, ffff903ffe4da3f8, 100000000000000, 0}
  448. Probably caused by : memory_corruption ( ONE_BIT )
  449. Followup: MachineOwner
  450.  
  451. MEMORY_MANAGEMENT (1a)
  452. # Any other values for parameter 1 must be individually examined.
  453.  
  454. Arguments:
  455. Arg1: 0000000000041792, A corrupt PTE has been detected. Parameter 2 contains the address of
  456. the PTE. Parameters 3/4 contain the low/high parts of the PTE.
  457. Arg2: ffff903ffe4da3f8
  458. Arg3: 0100000000000000
  459. Arg4: 0000000000000000
  460.  
  461. Debugging Details:
  462. DUMP_CLASS: 1
  463. DUMP_QUALIFIER: 400
  464. DUMP_TYPE: 2
  465. DUMP_FILE_ATTRIBUTES: 0x8
  466. Kernel Generated Triage Dump
  467. MEMORY_CORRUPTOR: ONE_BIT
  468. BUGCHECK_STR: 0x1a_41792
  469. CUSTOMER_CRASH_COUNT: 1
  470. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
  471.  
  472. PROCESS_NAME: svchost.exe
  473.  
  474. CURRENT_IRQL: 2
  475. STACK_TEXT:
  476. ffff8684`bf36f1c8 fffff802`0f25418e : 00000000`0000001a 00000000`00041792 ffff903f`fe4da3f8 01000000`00000000 : nt!KeBugCheckEx
  477. ffff8684`bf36f1d0 fffff802`0f0c215f : ffffa501`524a5700 00007ffc`9b460000 00000000`00000002 ffff8684`bf36f3c0 : nt!MiDeleteVa+0x191e6e
  478. ffff8684`bf36f2c0 fffff802`0f0a787f : 00000000`00000000 00000000`00000060 ffffa501`524a57c0 00000000`00000000 : nt!MiDeletePagablePteRange+0x31f
  479. ffff8684`bf36f740 fffff802`0f3eab99 : ffffa501`524a5080 00000000`00000000 00000000`00000000 ffffa501`00000001 : nt!MiDeleteVad+0x41f
  480. ffff8684`bf36f870 fffff802`0f3ea972 : ffffa501`55e98220 00007ffc`9b460000 ffffa501`524a5080 00000000`00000000 : nt!MiUnmapVad+0x49
  481. ffff8684`bf36f8a0 fffff802`0f3ea7e9 : ffffa501`526ab080 fffff802`0f1ef375 00000000`00000000 00000000`00000000 : nt!MiUnmapViewOfSection+0x152
  482. ffff8684`bf36f980 fffff802`0f3ea3ec : ffffa501`526ab080 00000180`04a2c130 00000000`00000001 ffffa501`524a5080 : nt!NtUnmapViewOfSectionEx+0x99
  483. ffff8684`bf36f9d0 fffff802`0f1ef375 : ffffa501`526ab000 00000000`00000010 ffff8684`bf36fa80 ffffa501`00000000 : nt!NtUnmapViewOfSection+0xc
  484. ffff8684`bf36fa00 00007ffc`9ebeb2d4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
  485. 00000060`3fa7cd08 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`9ebeb2d4
  486. STACK_COMMAND: kb
  487. THREAD_SHA1_HASH_MOD_FUNC: 960b7cb4384a69a432e1bb91134d79d8580a5250
  488. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 65b113d111711ecf7a86f1e57421062255defe4e
  489. THREAD_SHA1_HASH_MOD: 9f457f347057f10e1df248e166a3e95e6570ecfe
  490. SYMBOL_NAME: ONE_BIT
  491. FOLLOWUP_NAME: MachineOwner
  492. MODULE_NAME: hardware
  493.  
  494. IMAGE_NAME: memory_corruption
  495.  
  496. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  497. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
  498. BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
  499. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_ONE_BIT
  500. TARGET_TIME: 2020-06-26T22:45:27.000Z
  501. SUITE_MASK: 784
  502. PRODUCT_TYPE: 1
  503. USER_LCID: 0
  504. FAILURE_ID_HASH_STRING: km:memory_corruption_one_bit
  505. FAILURE_ID_HASH: {e3faf315-c3d0-81db-819a-6c43d23c63a7}
  506. Followup: MachineOwner
  507.  
  508. ====================== Dump #2: 3RD PARTY DRIVERS ======================
  509.  
  510. Oct 09 2015 - wdcsam64.sys - Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  511. Jan 21 2019 - imaucxhpal.sys - MA-USB (UCX) HPAL driver
  512. Jan 21 2019 - iwigig.sys - WiGig MAC driver (Intel)
  513. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  514. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  515. May 07 2019 - e1d68x64.sys - Intel(R) Gigabit Adapter driver
  516. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  517.  
  518. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
  519.  
  520. Image name: wdcsam64.sys
  521. Search : https://www.google.com/search?q=wdcsam64.sys
  522. ADA Info : Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  523. Timestamp : Fri Oct 9 2015
  524.  
  525. Image name: imaucxhpal.sys
  526. Search : https://www.google.com/search?q=imaucxhpal.sys
  527. ADA Info : MA-USB (UCX) HPAL driver
  528. Timestamp : Mon Jan 21 2019
  529.  
  530. Image name: iwigig.sys
  531. Search : https://www.google.com/search?q=iwigig.sys
  532. ADA Info : WiGig MAC driver (Intel)
  533. Timestamp : Mon Jan 21 2019
  534.  
  535. Image name: nvhda64v.sys
  536. Search : https://www.google.com/search?q=nvhda64v.sys
  537. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  538. Timestamp : Tue Mar 19 2019
  539.  
  540. Image name: TeeDriverW8x64.sys
  541. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  542. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  543. Timestamp : Thu Apr 4 2019
  544.  
  545. Image name: e1d68x64.sys
  546. Search : https://www.google.com/search?q=e1d68x64.sys
  547. ADA Info : Intel(R) Gigabit Adapter driver
  548. Timestamp : Tue May 7 2019
  549.  
  550. Image name: nvlddmkm.sys
  551. Search : https://www.google.com/search?q=nvlddmkm.sys
  552. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  553. Timestamp : Wed Oct 2 2019
  554.  
  555. ====================== Dump #2: MICROSOFT DRIVERS ======================
  556.  
  557. ACPI.sys ACPI Driver for NT (Microsoft)
  558. acpiex.sys ACPIEx Driver (Microsoft)
  559. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  560. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  561. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  562. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  563. ahcache.sys Application Compatibility Cache (Microsoft)
  564. bam.sys BAM Kernal driver (Microsoft)
  565. BasicDisplay.sys Basic Display driver (Microsoft)
  566. BasicRender.sys Basic Render driver (Microsoft)
  567. Beep.SYS BEEP driver (Microsoft)
  568. bindflt.sys Windows Bind Filter driver (Microsoft)
  569. BOOTVID.dll VGA Boot Driver (Microsoft)
  570. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  571. cdd.dll Canonical Display Driver (Microsoft)
  572. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  573. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  574. CI.dll Code Integrity Module (Microsoft)
  575. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  576. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  577. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  578. CLFS.SYS Common Log File System Driver (Microsoft)
  579. clipsp.sys CLIP Service (Microsoft)
  580. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  581. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  582. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  583. condrv.sys Console Driver (Microsoft)
  584. crashdmp.sys Crash Dump driver (Microsoft)
  585. dfsc.sys DFS Namespace Client Driver (Microsoft)
  586. disk.sys PnP Disk Driver (Microsoft)
  587. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  588. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  589. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  590. dump_storport.sys Provides disk access during crash dump file generation (Microsoft)
  591. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  592. dxgmms2.sys DirectX Graphics MMS
  593. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  594. fastfat.SYS Fast FAT File System Driver (Microsoft)
  595. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  596. fileinfo.sys FileInfo Filter Driver (Microsoft)
  597. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  598. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  599. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  600. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  601. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  602. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  603. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  604. HdAudio.sys High Definition Audio Function driver (Microsoft)
  605. HIDCLASS.SYS Hid Class Library (Microsoft)
  606. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  607. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  608. HTTP.sys HTTP Protocol Stack (Microsoft)
  609. intelpep.sys Intel Power Engine Plugin (Microsoft)
  610. intelppm.sys Processor Device Driver (Microsoft)
  611. IntelTA.sys Intel Telemetry Driver
  612. iorate.sys I/O rate control Filter (Microsoft)
  613. kbdclass.sys Keyboard Class Driver (Microsoft)
  614. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  615. kdcom.dll Kernel Debugger HW Extension DLL (Microsoft)
  616. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  617. ks.sys Kernal CSA Library (Microsoft)
  618. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  619. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  620. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  621. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  622. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  623. mcupdate.dll Media Center Update (Microsoft)
  624. mmcss.sys MMCSS Driver (Microsoft)
  625. monitor.sys Monitor Driver (Microsoft)
  626. mouclass.sys Mouse Class Driver (Microsoft)
  627. mouhid.sys HID Mouse Filter Driver (Microsoft)
  628. mountmgr.sys Mount Point Manager (Microsoft)
  629. MpKslDrv.sys Microsoft Anti-malware Protection driver
  630. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  631. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  632. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  633. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  634. Msfs.SYS Mailslot driver (Microsoft)
  635. msisadrv.sys ISA Driver (Microsoft)
  636. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  637. msquic.sys Windows QUIC Driver
  638. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  639. mssmbios.sys System Management BIOS driver (Microsoft)
  640. mup.sys Multiple UNC Provider driver (Microsoft)
  641. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  642. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  643. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  644. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  645. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  646. NDProxy.sys NDIS Proxy driver (Microsoft)
  647. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  648. netbios.sys NetBIOS Interface driver (Microsoft)
  649. netbt.sys MBT Transport driver (Microsoft)
  650. NETIO.SYS Network I/O Subsystem (Microsoft)
  651. Npfs.SYS NPFS driver (Microsoft)
  652. npsvctrig.sys Named pipe service triggers (Microsoft)
  653. nsiproxy.sys NSI Proxy driver (Microsoft)
  654. Ntfs.sys NT File System Driver (Microsoft)
  655. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  656. ntosext.sys NTOS Extension Host driver (Microsoft)
  657. Null.SYS NULL Driver (Microsoft)
  658. pacer.sys QoS Packet Scheduler (Microsoft)
  659. partmgr.sys Partition driver (Microsoft)
  660. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  661. pcw.sys Performance Counter Driver (Microsoft)
  662. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  663. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  664. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  665. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  666. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  667. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  668. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  669. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  670. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  671. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  672. rdyboost.sys ReadyBoost Driver (Microsoft)
  673. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  674. serenum.sys Serial Port Enumerator (Microsoft)
  675. serial.sys Serial Device Driver
  676. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  677. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  678. spaceport.sys Storage Spaces driver (Microsoft)
  679. srv2.sys Smb 2.0 Server driver (Microsoft)
  680. srvnet.sys Server Network driver (Microsoft)
  681. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  682. stornvme.sys NVM Express Storport Miniport driver (Microsoft)
  683. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  684. storqosflt.sys Storage QoS Filter driver (Microsoft)
  685. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  686. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  687. tcpip.sys TCP/IP Protocol driver (Microsoft)
  688. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  689. TDI.SYS TDI Wrapper driver (Microsoft)
  690. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  691. tm.sys Kernel Transaction Manager driver (Microsoft)
  692. ucx01000.sys USB Controller Extension (Microsoft)
  693. udfs.sys UDF File System driver (Microsoft)
  694. UEFI.sys UEFI NT driver (Microsoft)
  695. umbus.sys User-Mode Bus Enumerator (Microsoft)
  696. usbaudio.sys USB Audio Class Driver (Microsoft)
  697. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  698. USBD.SYS Universal Serial Bus Driver (Microsoft)
  699. UsbHub3.sys USB3 HUB driver (Microsoft)
  700. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  701. USBXHCI.SYS USB XHCI driver (Microsoft)
  702. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  703. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  704. volmgr.sys Volume Manager Driver (Microsoft)
  705. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  706. volsnap.sys Volume Shadow Copy driver (Microsoft)
  707. volume.sys Volume driver (Microsoft)
  708. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  709. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  710. watchdog.sys Watchdog driver (Microsoft)
  711. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  712. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  713. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  714. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  715. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  716. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  717. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  718. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  719. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  720. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  721. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  722. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  723. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  724. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  725. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  726. Wof.sys Windows Overlay Filter (Microsoft)
  727. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  728. WppRecorder.sys WPP Trace Recorder (Microsoft)
  729. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  730.  
  731. ====================== Dump #2: UNLOADED MODULES =======================
  732.  
  733. fffff802`68fc0000 fffff802`68fc8000 magdrvamd64.
  734. fffff802`68fb0000 fffff802`68fb8000 magdrvamd64.
  735. fffff802`25030000 fffff802`2503f000 dump_storpor
  736. fffff802`25080000 fffff802`250b3000 dump_storahc
  737. fffff802`250e0000 fffff802`250fe000 dump_dumpfve
  738. fffff802`27f30000 fffff802`27f85000 WUDFRd.sys
  739. fffff802`25ac0000 fffff802`25adc000 dam.sys
  740. fffff802`11c00000 fffff802`11c11000 WdBoot.sys
  741. fffff802`12cb0000 fffff802`12cc0000 hwpolicy.sys
  742.  
  743. ====================== Dump #2: BIOS INFORMATION =======================
  744.  
  745. sysinfo: could not find necessary interfaces.
  746. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  747.  
  748. ========================== Dump #2: Extra #1 ===========================
  749.  
  750. 5: kd> !verifier
  751. fffff8020fa2a6c0: Unable to get verifier list.
  752.  
  753. ========================== Dump #2: Extra #2 ===========================
  754.  
  755. 5: kd> !thread
  756. THREAD ffffa501526ab080 Cid 10d8.1ad4 Teb: 000000603f417000 Win32Thread: 0000000000000000 RUNNING on processor 5
  757. Not impersonating
  758. GetUlongFromAddress: unable to read from fffff8020fa1143c
  759. Owning Process ffffa501524a5080 Image: svchost.exe
  760. Attached Process N/A Image: N/A
  761. fffff78000000000: Unable to get shared data
  762. Wait Start TickCount 77298
  763. Context Switch Count 3 IdealProcessor: 5
  764. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  765. UserTime 00:00:00.000
  766. KernelTime 00:00:00.000
  767. Win32 Start Address 0x00007ffc9eb620e0
  768. Stack Init ffff8684bf36fb90 Current ffff8684bf36f2c0
  769. Base ffff8684bf370000 Limit ffff8684bf369000 Call 0000000000000000
  770. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  771. Child-SP RetAddr : Args to Child : Call Site
  772. ffff8684`bf36f1c8 fffff802`0f25418e : 00000000`0000001a 00000000`00041792 ffff903f`fe4da3f8 01000000`00000000 : nt!KeBugCheckEx
  773. ffff8684`bf36f1d0 fffff802`0f0c215f : ffffa501`524a5700 00007ffc`9b460000 00000000`00000002 ffff8684`bf36f3c0 : nt!MiDeleteVa+0x191e6e
  774. ffff8684`bf36f2c0 fffff802`0f0a787f : 00000000`00000000 00000000`00000060 ffffa501`524a57c0 00000000`00000000 : nt!MiDeletePagablePteRange+0x31f
  775. ffff8684`bf36f740 fffff802`0f3eab99 : ffffa501`524a5080 00000000`00000000 00000000`00000000 ffffa501`00000001 : nt!MiDeleteVad+0x41f
  776. ffff8684`bf36f870 fffff802`0f3ea972 : ffffa501`55e98220 00007ffc`9b460000 ffffa501`524a5080 00000000`00000000 : nt!MiUnmapVad+0x49
  777. ffff8684`bf36f8a0 fffff802`0f3ea7e9 : ffffa501`526ab080 fffff802`0f1ef375 00000000`00000000 00000000`00000000 : nt!MiUnmapViewOfSection+0x152
  778. ffff8684`bf36f980 fffff802`0f3ea3ec : ffffa501`526ab080 00000180`04a2c130 00000000`00000001 ffffa501`524a5080 : nt!NtUnmapViewOfSectionEx+0x99
  779. ffff8684`bf36f9d0 fffff802`0f1ef375 : ffffa501`526ab000 00000000`00000010 ffff8684`bf36fa80 ffffa501`00000000 : nt!NtUnmapViewOfSection+0xc
  780. ffff8684`bf36fa00 00007ffc`9ebeb2d4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25 (TrapFrame @ ffff8684`bf36fa00)
  781. 00000060`3fa7cd08 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`9ebeb2d4
  782.  
  783.  
  784. ========================================================================
  785. ======================= Dump #3: ANALYZE VERBOSE =======================
  786. ======================= File: 062620-3953-01.dmp =======================
  787. ========================================================================
  788.  
  789. Mini Kernel Dump File: Only registers and stack trace are available
  790. Windows 10 Kernel Version 19041 MP (12 procs) Free x64
  791. Kernel base = 0xfffff802`7e000000 PsLoadedModuleList = 0xfffff802`7ec2a2b0
  792. Debug session time: Fri Jun 26 19:45:21.339 2020 (UTC - 4:00)
  793. System Uptime: 0 days 0:59:27.006
  794.  
  795. BugCheck 1E, {ffffffffc0000005, fffff8027e225101, 0, ffffffffffffffff}
  796. Probably caused by : Unknown_Image ( nt!ExAcquireFastMutex+101 )
  797. Followup: MachineOwner
  798.  
  799. KMODE_EXCEPTION_NOT_HANDLED (1e)
  800. This is a very common bugcheck. Usually the exception address pinpoints
  801. the driver/function that caused the problem. Always note this address
  802. as well as the link date of the driver/image that contains this address.
  803.  
  804. Arguments:
  805. Arg1: ffffffffc0000005, The exception code that was not handled
  806. Arg2: fffff8027e225101, The address that the exception occurred at
  807. Arg3: 0000000000000000, Parameter 0 of the exception
  808. Arg4: ffffffffffffffff, Parameter 1 of the exception
  809.  
  810. Debugging Details:
  811. DUMP_CLASS: 1
  812. DUMP_QUALIFIER: 400
  813. DUMP_TYPE: 2
  814. DUMP_FILE_ATTRIBUTES: 0x8
  815. Kernel Generated Triage Dump
  816. READ_ADDRESS: fffff8027ecfa388: Unable to get MiVisibleState
  817. ffffffffffffffff
  818. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
  819. FAULTING_IP:
  820. nt!ExAcquireFastMutex+101
  821. fffff802`7e225101 f00fba3600 lock btr dword ptr [rsi],0
  822. EXCEPTION_PARAMETER2: ffffffffffffffff
  823. BUGCHECK_STR: 0x1E_c0000005_R
  824. CUSTOMER_CRASH_COUNT: 1
  825.  
  826. PROCESS_NAME: steamwebhelper
  827.  
  828. CURRENT_IRQL: 1
  829. EXCEPTION_RECORD: 0000000000000001 -- (.exr 0x1)
  830. Cannot read Exception record @ 0000000000000001
  831. TRAP_FRAME: ffffe189a901f508 -- (.trap 0xffffe189a901f508)
  832. NOTE: The trap frame does not contain all registers.
  833. Some register values may be zeroed or incorrect.
  834. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
  835. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
  836. rip=ffff9381b0cd5180 rsp=0000000000000000 rbp=ffffbc82e9ca3060
  837. r8=ffff0c717a96adef r9=ffffe508ed4060c0 r10=ffffe189a901f680
  838. r11=0000000000000001 r12=0000000000000000 r13=0000000000000000
  839. r14=0000000000000000 r15=0000000000000000
  840. iopl=0 nv up di pl nz ac pe nc
  841. ffff9381`b0cd5180 ?? ???
  842. Resetting default scope
  843. LAST_CONTROL_TRANSFER: from fffff8027e42edf9 to fffff8027e3dda20
  844. STACK_TEXT:
  845. ffffe189`a901e918 fffff802`7e42edf9 : 00000000`0000001e ffffffff`c0000005 fffff802`7e225101 00000000`00000000 : nt!KeBugCheckEx
  846. ffffe189`a901e920 fffff802`7e3efa6c : 00000000`00000001 ffffe189`a901f508 ffffe189`a901f508 00000000`00000000 : nt!KiDispatchException+0x1b3d59
  847. ffffe189`a901efe0 fffff802`7e3eb7a0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x12c
  848. ffffe189`a901f1c0 fffff802`7e225101 : ffffe508`ef509118 02000000`00000018 ffffe508`e2893040 00000000`00000000 : nt!KiGeneralProtectionFault+0x320
  849. ffffe189`a901f350 fffff802`7e891c01 : 00000000`00000000 00000000`00000001 00000000`00000000 fffff802`7ec31de8 : nt!ExAcquireFastMutex+0x101
  850. ffffe189`a901f3a0 fffff802`7e893728 : 00000000`00000002 ffffe508`ef509080 ffffe508`ef509378 00000000`00000000 : nt!DbgkpQueueMessage+0x1b9
  851. ffffe189`a901f5a0 fffff802`7e80f345 : 00000000`00000000 ffffe189`a901fa80 ffffe508`ef509080 fffff802`7ed22640 : nt!DbgkpSendApiMessage+0xa4
  852. ffffe189`a901f5f0 fffff802`7e65edfb : ffff9381`b1136180 ffff9381`b1136180 ffffe508`ef509080 00000000`00000000 : nt!DbgkCreateThread+0x1b0421
  853. ffffe189`a901f7d0 fffff802`7e3e53e8 : ffff9381`b1136180 ffffe508`ef509080 ffff9381`b1141340 00000000`00000000 : nt!PspUserThreadStartup+0xbb
  854. ffffe189`a901f8c0 fffff802`7e3e5350 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThread+0x28
  855. ffffe189`a901fa00 00007ff9`3d2fcea0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThreadReturn
  856. 000000f0`751ffb28 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`3d2fcea0
  857. STACK_COMMAND: kb
  858. THREAD_SHA1_HASH_MOD_FUNC: 3e0ad8521d541f1ec6916b3f425b6bb7261d7291
  859. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: a1c506f700c692767b246ec025495a5714399513
  860. THREAD_SHA1_HASH_MOD: b28610981796779b4ac02f58898fde25728a775c
  861. FOLLOWUP_IP:
  862. nt!ExAcquireFastMutex+101
  863. fffff802`7e225101 f00fba3600 lock btr dword ptr [rsi],0
  864. FAULT_INSTR_CODE: 36ba0ff0
  865. SYMBOL_STACK_INDEX: 4
  866. SYMBOL_NAME: nt!ExAcquireFastMutex+101
  867. FOLLOWUP_NAME: MachineOwner
  868.  
  869. IMAGE_NAME: Unknown_Image
  870.  
  871. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  872. IMAGE_VERSION: 10.0.19041.330
  873. MODULE_NAME: Unknown_Module
  874. BUCKET_ID: RAISED_IRQL_USER_FAULT_0x1E_c0000005_R
  875. DEFAULT_BUCKET_ID: RAISED_IRQL_USER_FAULT_0x1E_c0000005_R
  876. PRIMARY_PROBLEM_CLASS: RAISED_IRQL_USER_FAULT
  877. FAILURE_BUCKET_ID: RAISED_IRQL_USER_FAULT_0x1E_c0000005_R
  878. TARGET_TIME: 2020-06-26T23:45:21.000Z
  879. SUITE_MASK: 784
  880. PRODUCT_TYPE: 1
  881. USER_LCID: 0
  882. FAILURE_ID_HASH_STRING: km:raised_irql_user_fault_0x1e_c0000005_r
  883. FAILURE_ID_HASH: {d1e1826c-605d-7a79-a04d-b8220695ad88}
  884. Followup: MachineOwner
  885.  
  886. ====================== Dump #3: 3RD PARTY DRIVERS ======================
  887.  
  888. Oct 09 2015 - wdcsam64.sys - Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  889. Jan 21 2019 - imaucxhpal.sys - MA-USB (UCX) HPAL driver
  890. Jan 21 2019 - iwigig.sys - WiGig MAC driver (Intel)
  891. Mar 19 2019 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  892. Apr 04 2019 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
  893. May 07 2019 - e1d68x64.sys - Intel(R) Gigabit Adapter driver
  894. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  895.  
  896. ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
  897.  
  898. Image name: wdcsam64.sys
  899. Search : https://www.google.com/search?q=wdcsam64.sys
  900. ADA Info : Western Digital SCSI Arcitecture Model (SAM) WDM driver https://support.wdc.com/
  901. Timestamp : Fri Oct 9 2015
  902.  
  903. Image name: imaucxhpal.sys
  904. Search : https://www.google.com/search?q=imaucxhpal.sys
  905. ADA Info : MA-USB (UCX) HPAL driver
  906. Timestamp : Mon Jan 21 2019
  907.  
  908. Image name: iwigig.sys
  909. Search : https://www.google.com/search?q=iwigig.sys
  910. ADA Info : WiGig MAC driver (Intel)
  911. Timestamp : Mon Jan 21 2019
  912.  
  913. Image name: nvhda64v.sys
  914. Search : https://www.google.com/search?q=nvhda64v.sys
  915. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  916. Timestamp : Tue Mar 19 2019
  917.  
  918. Image name: TeeDriverW8x64.sys
  919. Search : https://www.google.com/search?q=TeeDriverW8x64.sys
  920. ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
  921. Timestamp : Thu Apr 4 2019
  922.  
  923. Image name: e1d68x64.sys
  924. Search : https://www.google.com/search?q=e1d68x64.sys
  925. ADA Info : Intel(R) Gigabit Adapter driver
  926. Timestamp : Tue May 7 2019
  927.  
  928. Image name: nvlddmkm.sys
  929. Search : https://www.google.com/search?q=nvlddmkm.sys
  930. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  931. Timestamp : Wed Oct 2 2019
  932.  
  933. ====================== Dump #3: MICROSOFT DRIVERS ======================
  934.  
  935. ACPI.sys ACPI Driver for NT (Microsoft)
  936. acpiex.sys ACPIEx Driver (Microsoft)
  937. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  938. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  939. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  940. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  941. ahcache.sys Application Compatibility Cache (Microsoft)
  942. bam.sys BAM Kernal driver (Microsoft)
  943. BasicDisplay.sys Basic Display driver (Microsoft)
  944. BasicRender.sys Basic Render driver (Microsoft)
  945. Beep.SYS BEEP driver (Microsoft)
  946. bindflt.sys Windows Bind Filter driver (Microsoft)
  947. BOOTVID.dll VGA Boot Driver (Microsoft)
  948. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  949. cdd.dll Canonical Display Driver (Microsoft)
  950. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  951. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  952. CI.dll Code Integrity Module (Microsoft)
  953. CimFS.SYS Consumer IR Class Driver for eHome (Microsoft)
  954. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  955. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  956. CLFS.SYS Common Log File System Driver (Microsoft)
  957. clipsp.sys CLIP Service (Microsoft)
  958. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  959. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  960. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  961. condrv.sys Console Driver (Microsoft)
  962. crashdmp.sys Crash Dump driver (Microsoft)
  963. dfsc.sys DFS Namespace Client Driver (Microsoft)
  964. disk.sys PnP Disk Driver (Microsoft)
  965. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  966. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  967. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  968. dump_storport.sys Provides disk access during crash dump file generation (Microsoft)
  969. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  970. dxgmms2.sys DirectX Graphics MMS
  971. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  972. fastfat.SYS Fast FAT File System Driver (Microsoft)
  973. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  974. fileinfo.sys FileInfo Filter Driver (Microsoft)
  975. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  976. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  977. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  978. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  979. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  980. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  981. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  982. HdAudio.sys High Definition Audio Function driver (Microsoft)
  983. HIDCLASS.SYS Hid Class Library (Microsoft)
  984. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  985. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  986. HTTP.sys HTTP Protocol Stack (Microsoft)
  987. intelpep.sys Intel Power Engine Plugin (Microsoft)
  988. intelppm.sys Processor Device Driver (Microsoft)
  989. IntelTA.sys Intel Telemetry Driver
  990. iorate.sys I/O rate control Filter (Microsoft)
  991. kbdclass.sys Keyboard Class Driver (Microsoft)
  992. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  993. kdcom.dll Kernel Debugger HW Extension DLL (Microsoft)
  994. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  995. ks.sys Kernal CSA Library (Microsoft)
  996. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  997. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  998. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  999. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  1000. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  1001. mcupdate.dll Media Center Update (Microsoft)
  1002. mmcss.sys MMCSS Driver (Microsoft)
  1003. monitor.sys Monitor Driver (Microsoft)
  1004. mouclass.sys Mouse Class Driver (Microsoft)
  1005. mouhid.sys HID Mouse Filter Driver (Microsoft)
  1006. mountmgr.sys Mount Point Manager (Microsoft)
  1007. MpKslDrv.sys Microsoft Anti-malware Protection driver
  1008. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  1009. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  1010. mrxsmb10.sys Longhorn SMB Downlevel SubRdr (Microsoft)
  1011. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  1012. Msfs.SYS Mailslot driver (Microsoft)
  1013. msisadrv.sys ISA Driver (Microsoft)
  1014. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  1015. msquic.sys Windows QUIC Driver
  1016. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1017. mssmbios.sys System Management BIOS driver (Microsoft)
  1018. mup.sys Multiple UNC Provider driver (Microsoft)
  1019. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1020. ndiscap.sys Microsoft NDIS Packet Capture Filter Driver
  1021. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  1022. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  1023. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  1024. NDProxy.sys NDIS Proxy driver (Microsoft)
  1025. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  1026. netbios.sys NetBIOS Interface driver (Microsoft)
  1027. netbt.sys MBT Transport driver (Microsoft)
  1028. NETIO.SYS Network I/O Subsystem (Microsoft)
  1029. Npfs.SYS NPFS driver (Microsoft)
  1030. npsvctrig.sys Named pipe service triggers (Microsoft)
  1031. nsiproxy.sys NSI Proxy driver (Microsoft)
  1032. Ntfs.sys NT File System Driver (Microsoft)
  1033. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  1034. ntosext.sys NTOS Extension Host driver (Microsoft)
  1035. Null.SYS NULL Driver (Microsoft)
  1036. pacer.sys QoS Packet Scheduler (Microsoft)
  1037. partmgr.sys Partition driver (Microsoft)
  1038. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1039. pcw.sys Performance Counter Driver (Microsoft)
  1040. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1041. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  1042. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  1043. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1044. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  1045. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  1046. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  1047. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  1048. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  1049. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  1050. rdyboost.sys ReadyBoost Driver (Microsoft)
  1051. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  1052. serenum.sys Serial Port Enumerator (Microsoft)
  1053. serial.sys Serial Device Driver
  1054. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1055. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1056. spaceport.sys Storage Spaces driver (Microsoft)
  1057. srv2.sys Smb 2.0 Server driver (Microsoft)
  1058. srvnet.sys Server Network driver (Microsoft)
  1059. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  1060. stornvme.sys NVM Express Storport Miniport driver (Microsoft)
  1061. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  1062. storqosflt.sys Storage QoS Filter driver (Microsoft)
  1063. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  1064. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  1065. tcpip.sys TCP/IP Protocol driver (Microsoft)
  1066. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  1067. TDI.SYS TDI Wrapper driver (Microsoft)
  1068. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  1069. tm.sys Kernel Transaction Manager driver (Microsoft)
  1070. ucx01000.sys USB Controller Extension (Microsoft)
  1071. udfs.sys UDF File System driver (Microsoft)
  1072. UEFI.sys UEFI NT driver (Microsoft)
  1073. umbus.sys User-Mode Bus Enumerator (Microsoft)
  1074. usbaudio.sys USB Audio Class Driver (Microsoft)
  1075. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  1076. USBD.SYS Universal Serial Bus Driver (Microsoft)
  1077. UsbHub3.sys USB3 HUB driver (Microsoft)
  1078. USBSTOR.SYS USB Mass Storage Class driver (Microsoft)
  1079. USBXHCI.SYS USB XHCI driver (Microsoft)
  1080. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  1081. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  1082. volmgr.sys Volume Manager Driver (Microsoft)
  1083. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  1084. volsnap.sys Volume Shadow Copy driver (Microsoft)
  1085. volume.sys Volume driver (Microsoft)
  1086. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  1087. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  1088. watchdog.sys Watchdog driver (Microsoft)
  1089. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  1090. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  1091. WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
  1092. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  1093. WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
  1094. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  1095. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  1096. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  1097. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  1098. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  1099. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  1100. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  1101. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  1102. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  1103. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  1104. Wof.sys Windows Overlay Filter (Microsoft)
  1105. WpdUpFltr.sys Portable Device Upper Class Filter driver (Microsoft)
  1106. WppRecorder.sys WPP Trace Recorder (Microsoft)
  1107. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  1108.  
  1109. ====================== Dump #3: UNLOADED MODULES =======================
  1110.  
  1111. fffff802`d7f70000 fffff802`d7f78000 magdrvamd64.
  1112. fffff802`d7f60000 fffff802`d7f68000 magdrvamd64.
  1113. fffff802`94190000 fffff802`9419f000 dump_storpor
  1114. fffff802`93e00000 fffff802`93e33000 dump_storahc
  1115. fffff802`93e60000 fffff802`93e7e000 dump_dumpfve
  1116. fffff802`95130000 fffff802`95185000 WUDFRd.sys
  1117. fffff802`95bd0000 fffff802`95bec000 dam.sys
  1118. fffff802`80800000 fffff802`80811000 WdBoot.sys
  1119. fffff802`818b0000 fffff802`818c0000 hwpolicy.sys
  1120.  
  1121. ====================== Dump #3: BIOS INFORMATION =======================
  1122.  
  1123. sysinfo: could not find necessary interfaces.
  1124. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  1125.  
  1126. ========================== Dump #3: Extra #1 ===========================
  1127.  
  1128. 11: kd> !verifier
  1129. fffff8027ec2a6c0: Unable to get verifier list.
  1130.  
  1131. ========================== Dump #3: Extra #2 ===========================
  1132.  
  1133. 11: kd> !thread
  1134. THREAD ffffe508ef509080 Cid 2350.197c Teb: 000000f074e6d000 Win32Thread: 0000000000000000 RUNNING on processor b
  1135. Not impersonating
  1136. GetUlongFromAddress: unable to read from fffff8027ec1143c
  1137. Owning Process ffffe508ed4060c0 Image: steamwebhelper
  1138. Attached Process N/A Image: N/A
  1139. fffff78000000000: Unable to get shared data
  1140. Wait Start TickCount 0
  1141. Context Switch Count 1 IdealProcessor: 11
  1142. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  1143. UserTime 00:00:00.000
  1144. KernelTime 00:00:00.000
  1145. Win32 Start Address 0x00007ff9065b48c0
  1146. Stack Init ffffe189a901fb90 Current ffffe189a901f880
  1147. Base ffffe189a9020000 Limit ffffe189a9019000 Call 0000000000000000
  1148. Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  1149. Child-SP RetAddr : Args to Child : Call Site
  1150. ffffe189`a901e918 fffff802`7e42edf9 : 00000000`0000001e ffffffff`c0000005 fffff802`7e225101 00000000`00000000 : nt!KeBugCheckEx
  1151. ffffe189`a901e920 fffff802`7e3efa6c : 00000000`00000001 ffffe189`a901f508 ffffe189`a901f508 00000000`00000000 : nt!KiDispatchException+0x1b3d59
  1152. ffffe189`a901efe0 fffff802`7e3eb7a0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x12c
  1153. ffffe189`a901f1c0 fffff802`7e225101 : ffffe508`ef509118 02000000`00000018 ffffe508`e2893040 00000000`00000000 : nt!KiGeneralProtectionFault+0x320 (TrapFrame @ ffffe189`a901f1c0)
  1154. ffffe189`a901f350 fffff802`7e891c01 : 00000000`00000000 00000000`00000001 00000000`00000000 fffff802`7ec31de8 : nt!ExAcquireFastMutex+0x101
  1155. ffffe189`a901f3a0 fffff802`7e893728 : 00000000`00000002 ffffe508`ef509080 ffffe508`ef509378 00000000`00000000 : nt!DbgkpQueueMessage+0x1b9
  1156. ffffe189`a901f5a0 fffff802`7e80f345 : 00000000`00000000 ffffe189`a901fa80 ffffe508`ef509080 fffff802`7ed22640 : nt!DbgkpSendApiMessage+0xa4
  1157. ffffe189`a901f5f0 fffff802`7e65edfb : ffff9381`b1136180 ffff9381`b1136180 ffffe508`ef509080 00000000`00000000 : nt!DbgkCreateThread+0x1b0421
  1158. ffffe189`a901f7d0 fffff802`7e3e53e8 : ffff9381`b1136180 ffffe508`ef509080 ffff9381`b1141340 00000000`00000000 : nt!PspUserThreadStartup+0xbb
  1159. ffffe189`a901f8c0 fffff802`7e3e5350 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThread+0x28
  1160. ffffe189`a901fa00 00007ff9`3d2fcea0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThreadReturn (TrapFrame @ ffffe189`a901fa00)
  1161. 000000f0`751ffb28 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`3d2fcea0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!