Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.91
- Time to analyze file(s): 00 hours and 00 minutes and 48 seconds
- ================================= BIOS =================================
- VENDOR: American Megatrends Inc.
- VERSION: 1301
- DATE: 03/14/2018
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: ASUSTeK COMPUTER INC.
- PRODUCT: STRIX Z270G GAMING
- VERSION: Rev 1.xx
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 0MHz
- 0MHz
- 16384MB 2400MHz 0000 V1D4LF16GB1G81G82400
- 0MHz
- ================================= CPU ==================================
- Processor Version: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
- COUNT: 8
- MHZ: 4200
- VENDOR: GenuineIntel
- FAMILY: 6
- MODEL: 9e
- STEPPING: 9
- MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 8E'00000000 (cache) 8E'00000000 (init)
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS
- BUILD_VERSION: 10.0.18362.778 (WinBuild.160101.0800)
- BUILD: 18362
- SERVICEPACK: 778
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS
- BUILD_TIMESTAMP: 2015-10-23 02:39:54
- BUILDDATESTAMP: 160101.0800
- BUILDLAB: WinBuild
- BUILDOSVER: 10.0.18362.778
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in a full BIOS section.
- ========================================================================
- ======================= Dump #1: ANALYZE VERBOSE =======================
- ======================= File: 042220-5656-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff804`83000000 PsLoadedModuleList = 0xfffff804`83448150
- Debug session time: Tue Apr 21 22:48:03.002 2020 (UTC - 4:00)
- System Uptime: 0 days 1:36:46.191
- BugCheck 3B, {c0000005, fffff804848c84f0, ffff868e41a6ea10, 0}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- SYSTEM_SERVICE_EXCEPTION (3b)
- An exception happened while executing a system service routine.
- Arguments:
- Arg1: 00000000c0000005, Exception code that caused the bugcheck
- Arg2: fffff804848c84f0, Address of the instruction which caused the bugcheck
- Arg3: ffff868e41a6ea10, Address of the context record for the exception that caused the bugcheck
- Arg4: 0000000000000000, zero.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DUMP_FILE_ATTRIBUTES: 0x8
- Kernel Generated Triage Dump
- EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
- FAULTING_IP:
- FLTMGR!TreeUnlinkMulti+50
- fffff804`848c84f0 483b7b20 cmp rdi,qword ptr [rbx+20h]
- CONTEXT: ffff868e41a6ea10 -- (.cxr 0xffff868e41a6ea10)
- rax=000000000000008f rbx=000000000000008f rcx=ffffb6033a5969a0
- rdx=ffffb6033cd8fd60 rsi=0000000000000000 rdi=ffffb6033cd8fd60
- rip=fffff804848c84f0 rsp=ffff868e41a6f400 rbp=ffff868e41a6f579
- r8=ffffffffffffffff r9=7fffb6033a596988 r10=fffff80483112460
- r11=ffffb6033985d040 r12=ffffb6032ee52680 r13=0000000000002000
- r14=ffffb6033a5969a0 r15=00000000ffffdfff
- iopl=0 nv up ei pl nz na pe nc
- cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202
- FLTMGR!TreeUnlinkMulti+0x50:
- fffff804`848c84f0 483b7b20 cmp rdi,qword ptr [rbx+20h] ds:002b:00000000`000000af=????????????????
- Resetting default scope
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x3B
- PROCESS_NAME: MsMpEng.exe
- CURRENT_IRQL: 0
- LAST_CONTROL_TRANSFER: from fffff804848fdcdf to fffff804848c84f0
- STACK_TEXT:
- ffff868e`41a6f400 fffff804`848fdcdf : ffffb603`3a596920 ffffb603`00000000 ffff868e`00000000 ffffb603`2ee52010 : FLTMGR!TreeUnlinkMulti+0x50
- ffff868e`41a6f450 fffff804`848c4fc9 : ffffb603`3a596920 ffffb603`00000000 ffffb603`ffff7fff 00000000`00008000 : FLTMGR!FltpRemoveAllNamesCachedForFileObject+0xbf
- ffff868e`41a6f4d0 fffff804`848c45a0 : ffff868e`41a6f6b0 ffffb603`3cd8fd00 ffffb603`3d561002 00000000`00000400 : FLTMGR!FltpPerformPreCallbacks+0x869
- ffff868e`41a6f5e0 fffff804`848c4112 : ffffb603`3d561010 ffff868e`41a6f6b0 ffffb603`3d561010 ffff868e`41a6f6c0 : FLTMGR!FltpPassThroughInternal+0x90
- ffff868e`41a6f610 fffff804`848c3efe : ffffffff`fffe7960 ffffb603`2ec98d90 00000000`00000000 ffffb603`3cd8fd00 : FLTMGR!FltpPassThrough+0x162
- ffff868e`41a6f690 fffff804`8310a929 : ffffb603`3cd8fd60 fffff804`83041640 00000000`00004966 00000000`00000000 : FLTMGR!FltpDispatch+0x9e
- ffff868e`41a6f6f0 fffff804`836b0b2d : ffffb603`3cd8fd60 ffffb603`2ee42930 ffffb603`2ec98d90 ffffb603`3d561010 : nt!IofCallDriver+0x59
- ffff868e`41a6f730 fffff804`836c3740 : ffff868e`41a6f939 00000000`00000000 ffffb603`2caf5c40 ffffb603`3d561010 : nt!IopDeleteFile+0x12d
- ffff868e`41a6f7b0 fffff804`83113269 : 00000000`00000000 00000000`00000000 ffff868e`41a6f939 ffffb603`3cd8fd60 : nt!ObpRemoveObjectRoutine+0x80
- ffff868e`41a6f810 fffff804`836b5ab7 : 00000000`ffff8005 ffffb603`3cd8fd30 ffffb603`00000000 00000000`00007ffb : nt!ObfDereferenceObjectWithTag+0xc9
- ffff868e`41a6f850 fffff804`836badae : 00000000`00000b9c ffff6cf8`cd0a9655 00000000`00000000 fffff804`831d412c : nt!ObCloseHandleTableEntry+0x2c7
- ffff868e`41a6f990 fffff804`831d414e : ffffb603`3985d040 0000000b`afd7d5f8 ffff868e`41a6fa80 ffff868e`00000000 : nt!NtClose+0xde
- ffff868e`41a6fa00 00007ffd`6341c254 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x2b9
- 0000000b`afd7d308 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`6341c254
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !FLTMGR
- fffff804848c8017-fffff804848c8018 2 bytes - FLTMGR!GetContextFromStreamList+37
- [ 48 ff:4c 8b ]
- fffff804848c801e-fffff804848c8022 5 bytes - FLTMGR!GetContextFromStreamList+3e (+0x07)
- [ 0f 1f 44 00 00:e8 cd b1 83 fe ]
- fffff804848c8029-fffff804848c802a 2 bytes - FLTMGR!GetContextFromStreamList+49 (+0x0b)
- [ 48 ff:4c 8b ]
- fffff804848c8030-fffff804848c8034 5 bytes - FLTMGR!GetContextFromStreamList+50 (+0x07)
- [ 0f 1f 44 00 00:e8 eb a5 84 fe ]
- fffff804848c8131-fffff804848c8132 2 bytes - FLTMGR!GetContextFromStreamList+151 (+0x101)
- [ 48 ff:4c 8b ]
- fffff804848c8138-fffff804848c813c 5 bytes - FLTMGR!GetContextFromStreamList+158 (+0x07)
- [ 0f 1f 44 00 00:e8 53 a2 8f fe ]
- fffff804848c8144-fffff804848c8145 2 bytes - FLTMGR!GetContextFromStreamList+164 (+0x0c)
- [ 48 ff:4c 8b ]
- fffff804848c814b-fffff804848c8151 7 bytes - FLTMGR!GetContextFromStreamList+16b (+0x07)
- [ 0f 1f 44 00 00 48 ff:e8 e0 a7 84 fe 4c 8b ]
- fffff804848c8157-fffff804848c815b 5 bytes - FLTMGR!GetContextFromStreamList+177 (+0x0c)
- [ 0f 1f 44 00 00:e8 54 b0 83 fe ]
- fffff804848c8204-fffff804848c8205 2 bytes - FLTMGR!FltGetFileNameInformation+74 (+0xad)
- [ 48 ff:4c 8b ]
- fffff804848c820b-fffff804848c820f 5 bytes - FLTMGR!FltGetFileNameInformation+7b (+0x07)
- [ 0f 1f 44 00 00:e8 a0 dd 83 fe ]
- fffff804848c8247-fffff804848c8248 2 bytes - FLTMGR!FltGetFileNameInformation+b7 (+0x3c)
- [ 48 ff:4c 8b ]
- fffff804848c824e-fffff804848c8252 5 bytes - FLTMGR!FltGetFileNameInformation+be (+0x07)
- [ 0f 1f 44 00 00:e8 8d 7d 7f fe ]
- fffff804848c8283-fffff804848c8284 2 bytes - FLTMGR!FltGetFileNameInformation+f3 (+0x35)
- [ 48 ff:4c 8b ]
- fffff804848c828a-fffff804848c828e 5 bytes - FLTMGR!FltGetFileNameInformation+fa (+0x07)
- [ 0f 1f 44 00 00:e8 d1 1f 90 fe ]
- fffff804848c82bd-fffff804848c82be 2 bytes - FLTMGR!FltGetFileNameInformation+12d (+0x33)
- [ 48 ff:4c 8b ]
- fffff804848c82c4-fffff804848c82c8 5 bytes - FLTMGR!FltGetFileNameInformation+134 (+0x07)
- [ 0f 1f 44 00 00:e8 37 3c 77 fe ]
- fffff804848c835a-fffff804848c835b 2 bytes - FLTMGR!FltGetFileNameInformation+1ca (+0x96)
- [ 48 ff:4c 8b ]
- fffff804848c8361-fffff804848c8365 5 bytes - FLTMGR!FltGetFileNameInformation+1d1 (+0x07)
- [ 0f 1f 44 00 00:e8 da 89 77 fe ]
- fffff804848c8379-fffff804848c837a 2 bytes - FLTMGR!FltGetFileNameInformation+1e9 (+0x18)
- [ 48 ff:4c 8b ]
- fffff804848c8380-fffff804848c8384 5 bytes - FLTMGR!FltGetFileNameInformation+1f0 (+0x07)
- [ 0f 1f 44 00 00:e8 1b 1f 90 fe ]
- fffff804848c852d-fffff804848c852e 2 bytes - FLTMGR!TreeUnlinkMulti+8d (+0x1ad)
- [ 48 ff:4c 8b ]
- fffff804848c8534-fffff804848c8538 5 bytes - FLTMGR!TreeUnlinkMulti+94 (+0x07)
- [ 0f 1f 44 00 00:e8 47 2c 78 fe ]
- fffff804848c8589-fffff804848c858a 2 bytes - FLTMGR!TreeUnlinkMulti+e9 (+0x55)
- [ 48 ff:4c 8b ]
- fffff804848c8590-fffff804848c8594 5 bytes - FLTMGR!TreeUnlinkMulti+f0 (+0x07)
- [ 0f 1f 44 00 00:e8 eb 2b 78 fe ]
- fffff804848c85e1-fffff804848c85e2 2 bytes - FLTMGR!TreeUnlinkMulti+141 (+0x51)
- [ 48 ff:4c 8b ]
- fffff804848c85e8-fffff804848c85ec 5 bytes - FLTMGR!TreeUnlinkMulti+148 (+0x07)
- [ 0f 1f 44 00 00:e8 93 2b 78 fe ]
- fffff804848c8730-fffff804848c8731 2 bytes - FLTMGR!DoReleaseContext+c0 (+0x148)
- [ 48 ff:4c 8b ]
- fffff804848c8737-fffff804848c873b 5 bytes - FLTMGR!DoReleaseContext+c7 (+0x07)
- [ 0f 1f 44 00 00:e8 04 86 77 fe ]
- fffff804848c8759-fffff804848c875a 2 bytes - FLTMGR!DoReleaseContext+e9 (+0x22)
- [ 48 ff:4c 8b ]
- fffff804848c8760-fffff804848c8764 5 bytes - FLTMGR!DoReleaseContext+f0 (+0x07)
- [ 0f 1f 44 00 00:e8 1b 95 77 fe ]
- fffff804848c8789-fffff804848c878a 2 bytes - FLTMGR!DoReleaseContext+119 (+0x29)
- [ 48 ff:4c 8b ]
- fffff804848c8790-fffff804848c8794 5 bytes - FLTMGR!DoReleaseContext+120 (+0x07)
- [ 0f 1f 44 00 00:e8 0b 1b 90 fe ]
- fffff804848c87b8-fffff804848c87b9 2 bytes - FLTMGR!DoReleaseContext+148 (+0x28)
- [ 48 ff:4c 8b ]
- fffff804848c87bf-fffff804848c87c3 5 bytes - FLTMGR!DoReleaseContext+14f (+0x07)
- [ 0f 1f 44 00 00:e8 4c 68 aa fe ]
- fffff804848c8832-fffff804848c8833 2 bytes - FLTMGR!FltpReleaseStreamListCtrl+52 (+0x73)
- [ 48 ff:4c 8b ]
- fffff804848c8839-fffff804848c883d 5 bytes - FLTMGR!FltpReleaseStreamListCtrl+59 (+0x07)
- [ 0f 1f 44 00 00:e8 02 85 77 fe ]
- fffff804848c886d-fffff804848c886e 2 bytes - FLTMGR!FltpReleaseStreamListCtrl+8d (+0x34)
- [ 48 ff:4c 8b ]
- fffff804848c8874-fffff804848c8878 5 bytes - FLTMGR!FltpReleaseStreamListCtrl+94 (+0x07)
- [ 0f 1f 44 00 00:e8 27 1a 90 fe ]
- fffff804848c8882-fffff804848c8883 2 bytes - FLTMGR!FltpReleaseStreamListCtrl+a2 (+0x0e)
- [ 48 ff:4c 8b ]
- fffff804848c8889-fffff804848c888d 5 bytes - FLTMGR!FltpReleaseStreamListCtrl+a9 (+0x07)
- [ 0f 1f 44 00 00:e8 02 af 7a fe ]
- fffff804848c8a6b-fffff804848c8a6c 2 bytes - FLTMGR!FltpFreeNameGenerationContext+1f (+0x1e2)
- [ 48 ff:4c 8b ]
- fffff804848c8a72-fffff804848c8a76 5 bytes - FLTMGR!FltpFreeNameGenerationContext+26 (+0x07)
- [ 0f 1f 44 00 00:e8 09 92 77 fe ]
- fffff804848c8a84-fffff804848c8a85 2 bytes - FLTMGR!FltpFreeNameGenerationContext+38 (+0x12)
- [ 48 ff:4c 8b ]
- fffff804848c8a8b-fffff804848c8a8f 5 bytes - FLTMGR!FltpFreeNameGenerationContext+3f (+0x07)
- [ 0f 1f 44 00 00:e8 f0 91 77 fe ]
- fffff804848c8a9d-fffff804848c8a9e 2 bytes - FLTMGR!FltpFreeNameGenerationContext+51 (+0x12)
- [ 48 ff:4c 8b ]
- fffff804848c8aa4-fffff804848c8aa8 5 bytes - FLTMGR!FltpFreeNameGenerationContext+58 (+0x07)
- [ 0f 1f 44 00 00:e8 d7 91 77 fe ]
- fffff804848c8ac3-fffff804848c8ac4 2 bytes - FLTMGR!FltpFreeNameGenerationContext+77 (+0x1f)
- [ 48 ff:4c 8b ]
- fffff804848c8aca-fffff804848c8ace 5 bytes - FLTMGR!FltpFreeNameGenerationContext+7e (+0x07)
- [ 0f 1f 44 00 00:e8 71 82 77 fe ]
- fffff804848c8ae2-fffff804848c8ae3 2 bytes - FLTMGR!FltpFreeNameGenerationContext+96 (+0x18)
- [ 48 ff:4c 8b ]
- WARNING: !chkimg output was truncated to 50 lines. Invoke !chkimg without '-lo [num_lines]' to view entire output.
- 237 errors : !FLTMGR (fffff804848c8017-fffff804848c8e64)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- STACK_COMMAND: .cxr 0xffff868e41a6ea10 ; kb
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-04-22T02:48:03.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #1: 3RD PARTY DRIVERS ======================
- Sep 20 2015 - ICCWDT.sys - Intel(R) Watchdog Timer driver
- Apr 28 2017 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Oct 03 2017 - TeeDriverW8x64.sys - Intel Management Engine Interface driver https://downloadcenter.intel.com/
- Oct 17 2017 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Feb 27 2019 - iaStorAC.sys - Intel Rapid Storage Technology driver
- Apr 24 2019 - iqvw64e.sys - Intel Network Adapter Diagnostic driver http://www.intel.com/
- Jun 27 2019 - e1d68x64.sys - Intel(R) Gigabit Adapter driver
- Aug 08 2019 - btfilter.sys - Qualcomm Atheros BT Filter driver https://www.qualcomm.com/
- Jan 19 2020 - Qcamain10x64.sys - Qualcomm Atheros Network Adapter driver http://www.killernetworking.com/
- Mar 25 2020 - BEDaisy.sys - BattlEye Anti Cheat driver
- Apr 03 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
- Image name: ICCWDT.sys
- Search : https://www.google.com/search?q=ICCWDT.sys
- ADA Info : Intel(R) Watchdog Timer driver
- Timestamp : Sun Sep 20 2015
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Fri Apr 28 2017
- Image name: TeeDriverW8x64.sys
- Search : https://www.google.com/search?q=TeeDriverW8x64.sys
- ADA Info : Intel Management Engine Interface driver https://downloadcenter.intel.com/
- Timestamp : Tue Oct 3 2017
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Tue Oct 17 2017
- Image name: iaStorAC.sys
- Search : https://www.google.com/search?q=iaStorAC.sys
- ADA Info : Intel Rapid Storage Technology driver
- Timestamp : Wed Feb 27 2019
- Image name: iqvw64e.sys
- Search : https://www.google.com/search?q=iqvw64e.sys
- ADA Info : Intel Network Adapter Diagnostic driver http://www.intel.com/
- Timestamp : Wed Apr 24 2019
- Image name: e1d68x64.sys
- Search : https://www.google.com/search?q=e1d68x64.sys
- ADA Info : Intel(R) Gigabit Adapter driver
- Timestamp : Thu Jun 27 2019
- Image name: btfilter.sys
- Search : https://www.google.com/search?q=btfilter.sys
- ADA Info : Qualcomm Atheros BT Filter driver https://www.qualcomm.com/
- Timestamp : Thu Aug 8 2019
- Image name: Qcamain10x64.sys
- Search : https://www.google.com/search?q=Qcamain10x64.sys
- ADA Info : Qualcomm Atheros Network Adapter driver http://www.killernetworking.com/
- Timestamp : Sun Jan 19 2020
- Image name: BEDaisy.sys
- Search : https://www.google.com/search?q=BEDaisy.sys
- ADA Info : BattlEye Anti Cheat driver
- Timestamp : Wed Mar 25 2020
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Fri Apr 3 2020
- ====================== Dump #1: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- bthport.sys Bluetooth Bus driver (Microsoft)
- BTHUSB.sys Bluetooth Miniport driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_iaStorAC.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storport.sys Provides disk access during crash dump file generation (Microsoft)
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- fastfat.SYS Fast FAT File System Driver (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HdAudio.sys High Definition Audio Function driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kdcom.dll Kernel Debugger HW Extension DLL (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate.dll Media Center Update (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- UEFI.sys UEFI NT driver (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwifibus.sys Virtual Wireless Bus driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- vwifimp.sys Virtual WiFi Miniport Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WdFilter.sys Microsoft Anti-malware file system filter driver (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- wdiwifi.sys WDI Driver Framework driver (Microsoft)
- WdNisDrv.sys Microsoft Network Realtime Inspection driver (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- ====================== Dump #1: UNLOADED MODULES =======================
- fffff804`9e8d0000 fffff804`9e966000 e1d68x64.sys
- fffff804`99f90000 fffff804`99f9f000 dump_storpor
- fffff804`9bed0000 fffff804`9ca76000 dump_iaStorA
- fffff804`9caa0000 fffff804`9cabe000 dump_dumpfve
- fffff804`99fa0000 fffff804`99fbe000 dam.sys
- fffff804`84db0000 fffff804`84dc1000 WdBoot.sys
- fffff804`86920000 fffff804`86931000 hwpolicy.sys
- ====================== Dump #1: BIOS INFORMATION =======================
- [SMBIOS Data Tables v3.0]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 4119 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 1301
- BIOS Starting Address Segment f000
- BIOS Release Date 03/14/2018
- BIOS ROM Size 1000000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 5
- BIOS Minor Revision 12
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer System manufacturer
- Product Name System Product Name
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber SKU
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product STRIX Z270G GAMING
- Version Rev 1.xx
- Feature Flags 09h
- -680610080: - -680610032: - ÷7£ý
- Location Default string
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 22 - Handle 0003h]
- Manufacturer Default string
- Chassis Type Desktop
- Version Default string
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 0
- Contained Element Size 3
- [Onboard Devices Information (Type 10) - Length 6 - Handle 0023h]
- Number of Devices 1
- 01: Type Video [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0024h]
- Number of Strings 4
- 1 Default string
- 2 Default string
- 3 MIRO
- 4 Default string
- [System Configuration Options (Type 12) - Length 5 - Handle 0025h]
- [Physical Memory Array (Type 16) - Length 23 - Handle 0040h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 67108864KB
- Number of Memory Devices 4
- [Memory Device (Type 17) - Length 40 - Handle 0041h]
- Physical Memory Array Handle 0040h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 02h - Unknown
- Device Locator ChannelA-DIMM1
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0042h]
- Physical Memory Array Handle 0040h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 02h - Unknown
- Device Locator ChannelA-DIMM2
- Bank Locator BANK 1
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0043h]
- Physical Memory Array Handle 0040h
- Total Width 64 bits
- Data Width 64 bits
- Size 16384MB
- Form Factor 09h - DIMM
- Device Locator ChannelB-DIMM1
- Bank Locator BANK 2
- Memory Type 1ah - Specification Reserved
- Type Detail 4080h - Synchronous
- Speed 2400MHz
- Manufacturer 0000
- Part Number V1D4LF16GB1G81G82400
- [Memory Device (Type 17) - Length 40 - Handle 0044h]
- Physical Memory Array Handle 0040h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 02h - Unknown
- Device Locator ChannelB-DIMM2
- Bank Locator BANK 3
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0045h]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 0040h
- Partition Width 01
- [Cache Information (Type 7) - Length 19 - Handle 0046h]
- Socket Designation L1 Cache
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type ParitySingle-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0047h]
- Socket Designation L2 Cache
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 4-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0048h]
- Socket Designation L3 Cache
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 2000h - 8192K
- Installed Size 2000h - 8192K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- [Processor Information (Type 4) - Length 48 - Handle 0049h]
- Socket Designation LGA1151
- Processor Type Central Processor
- Processor Family c6h - Specification Reserved
- Processor Manufacturer Intel(R) Corporation
- Processor ID e9060900fffbebbf
- Processor Version Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
- Processor Voltage 8bh - 1.1V
- External Clock 100MHz
- Max Speed 8300MHz
- Current Speed 4200MHz
- Status Enabled Populated
- Processor Upgrade Other
- L1 Cache Handle 0046h
- L2 Cache Handle 0047h
- L3 Cache Handle 0048h
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ah]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Device Handle 0043h
- Mem Array Mapped Adr Handle 0045h
- Interleave Position [None]
- Interleave Data Depth [None]
- ========================== Dump #1: Extra #1 ===========================
- 1: kd> !verifier
- fffff80483448580: Unable to get verifier list.
- ========================== Dump #1: Extra #2 ===========================
- 1: kd> !thread
- THREAD ffffb6033985d040 Cid 0dac.1758 Teb: 0000000baf675000 Win32Thread: 0000000000000000 RUNNING on processor 1
- IRP List:
- Unable to read nt!_IRP @ ffffb6033d561010
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8048342ca14
- Owning Process ffffb6032cbea080 Image: MsMpEng.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 371596
- Context Switch Count 30919 IdealProcessor: 5
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ffd633b3ce0
- Stack Init ffff868e41a6fb90 Current ffff868e41a6f300
- Base ffff868e41a70000 Limit ffff868e41a69000 Call 0000000000000000
- Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffff868e`41a6e0d8 fffff804`831d41e9 : 00000000`0000003b 00000000`c0000005 fffff804`848c84f0 ffff868e`41a6ea10 : nt!KeBugCheckEx
- ffff868e`41a6e0e0 fffff804`831d363c : fffff804`848c3efe fffff804`831a2c27 ffff868e`41a6e7d0 fffff804`830fd154 : nt!KiBugCheckDispatch+0x69
- ffff868e`41a6e220 fffff804`831cb17f : fffff804`83511000 fffff804`83000000 0005e380`00ab7000 00000000`0010001f : nt!KiSystemServiceHandler+0x7c
- ffff868e`41a6e260 fffff804`830fa2c5 : 00000000`000000de 00000000`00000000 ffff868e`41a6e7d0 00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0xf
- ffff868e`41a6e290 fffff804`830fe85e : ffff868e`41a6f1c8 ffff868e`41a6ef10 ffff868e`41a6f1c8 ffffb603`3cd8fd60 : nt!RtlDispatchException+0x4a5
- ffff868e`41a6e9e0 fffff804`831d431d : fffff2f9`7cbe5000 ffff868e`41a6f270 ffff8000`00000000 00000000`000000af : nt!KiDispatchException+0x16e
- ffff868e`41a6f090 fffff804`831d0503 : 00000000`00000000 00000000`00000000 ffffb603`2ee52680 00000000`00000000 : nt!KiExceptionDispatch+0x11d
- ffff868e`41a6f270 fffff804`848c84f0 : ffffb603`3985d360 fffff804`8311254d ffffb603`3985d040 ffffb603`3a596988 : nt!KiPageFault+0x443 (TrapFrame @ ffff868e`41a6f270)
- ffff868e`41a6f400 fffff804`848fdcdf : ffffb603`3a596920 ffffb603`00000000 ffff868e`00000000 ffffb603`2ee52010 : FLTMGR!TreeUnlinkMulti+0x50
- ffff868e`41a6f450 fffff804`848c4fc9 : ffffb603`3a596920 ffffb603`00000000 ffffb603`ffff7fff 00000000`00008000 : FLTMGR!FltpRemoveAllNamesCachedForFileObject+0xbf
- ffff868e`41a6f4d0 fffff804`848c45a0 : ffff868e`41a6f6b0 ffffb603`3cd8fd00 ffffb603`3d561002 00000000`00000400 : FLTMGR!FltpPerformPreCallbacks+0x869
- ffff868e`41a6f5e0 fffff804`848c4112 : ffffb603`3d561010 ffff868e`41a6f6b0 ffffb603`3d561010 ffff868e`41a6f6c0 : FLTMGR!FltpPassThroughInternal+0x90
- ffff868e`41a6f610 fffff804`848c3efe : ffffffff`fffe7960 ffffb603`2ec98d90 00000000`00000000 ffffb603`3cd8fd00 : FLTMGR!FltpPassThrough+0x162
- ffff868e`41a6f690 fffff804`8310a929 : ffffb603`3cd8fd60 fffff804`83041640 00000000`00004966 00000000`00000000 : FLTMGR!FltpDispatch+0x9e
- ffff868e`41a6f6f0 fffff804`836b0b2d : ffffb603`3cd8fd60 ffffb603`2ee42930 ffffb603`2ec98d90 ffffb603`3d561010 : nt!IofCallDriver+0x59
- ffff868e`41a6f730 fffff804`836c3740 : ffff868e`41a6f939 00000000`00000000 ffffb603`2caf5c40 ffffb603`3d561010 : nt!IopDeleteFile+0x12d
- ffff868e`41a6f7b0 fffff804`83113269 : 00000000`00000000 00000000`00000000 ffff868e`41a6f939 ffffb603`3cd8fd60 : nt!ObpRemoveObjectRoutine+0x80
- ffff868e`41a6f810 fffff804`836b5ab7 : 00000000`ffff8005 ffffb603`3cd8fd30 ffffb603`00000000 00000000`00007ffb : nt!ObfDereferenceObjectWithTag+0xc9
- ffff868e`41a6f850 fffff804`836badae : 00000000`00000b9c ffff6cf8`cd0a9655 00000000`00000000 fffff804`831d412c : nt!ObCloseHandleTableEntry+0x2c7
- ffff868e`41a6f990 fffff804`831d414e : ffffb603`3985d040 0000000b`afd7d5f8 ffff868e`41a6fa80 ffff868e`00000000 : nt!NtClose+0xde
- ffff868e`41a6fa00 00007ffd`6341c254 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x2b9 (TrapFrame @ ffff868e`41a6fa00)
- 0000000b`afd7d308 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`6341c254
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement