API tools faq
paste
Advertisement
gardenman

Untitled

gardenman
Aug 10th, 2020
138
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 352.42 KB | None | 0 0
raw download clone embed print report
  1. ========================== AUTO DUMP ANALYZER ==========================
  2. Auto Dump Analyzer
  3. Version: 0.91
  4. Time to analyze file(s): 00 hours and 08 minutes and 20 seconds
  5.  
  6. ================================ SYSTEM ================================
  7. MANUFACTURER: ASUS
  8. PRODUCT_NAME: All Series
  9. SKU: [Removed]
  10.  
  11. ================================= BIOS =================================
  12. VENDOR: American Megatrends Inc.
  13. VERSION: 1304
  14. DATE: 07/11/2014
  15.  
  16. ============================= MOTHERBOARD ==============================
  17. MANUFACTURER: ASUSTeK COMPUTER INC.
  18. PRODUCT: Z97-A
  19. VERSION: Rev 1.xx
  20.  
  21. ================================= RAM ==================================
  22. Size Speed Manufacturer Part No.
  23. -------------- -------------- ------------------- ----------------------
  24. 0MHz
  25. 8192MB 1600MHz 0215 CMY16GX3M2A1600C9
  26. 0MHz
  27. 8192MB 1600MHz 0215 CMY16GX3M2A1600C9
  28.  
  29. ================================= CPU ==================================
  30. Processor Version: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
  31. COUNT: 8
  32. MHZ: 4007
  33. VENDOR: GenuineIntel
  34. FAMILY: 6
  35. MODEL: 3c
  36. STEPPING: 3
  37. MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 27'00000000 (cache) 27'00000000 (init)
  38. MHZ: 3998
  39.  
  40. ================================== OS ==================================
  41. Product: WinNt, suite: TerminalServer SingleUserTS
  42. Built by: 18362.1.amd64fre.19h1_release.190318-1202
  43. BUILD_VERSION: 10.0.18362.959 (WinBuild.160101.0800)
  44. BUILD: 18362
  45. SERVICEPACK: 959
  46. PLATFORM_TYPE: x64
  47. NAME: Windows 10
  48. EDITION: Windows 10 WinNt TerminalServer SingleUserTS
  49. BUILD_TIMESTAMP: unknown_date
  50. BUILDDATESTAMP: 160101.0800
  51. BUILDLAB: WinBuild
  52. BUILDOSVER: 10.0.18362.959
  53. SERVICEPACK: 0
  54.  
  55. =============================== DEBUGGER ===============================
  56. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
  57. Copyright (c) Microsoft Corporation. All rights reserved.
  58.  
  59. =============================== COMMENTS ===============================
  60. * Information gathered from different dump files may be different. If
  61. Windows updates between two dump files, two or more OS versions may
  62. be shown above.
  63. * If the user updates the BIOS between dump files, two or more versions
  64. and dates may be shown above.
  65. * More RAM information can be found below in a full BIOS section.
  66.  
  67. ========================================================================
  68. ======================= Dump #1: ANALYZE VERBOSE =======================
  69. ====================== File: 080920-76765-01.dmp =======================
  70. ========================================================================
  71.  
  72. Mini Kernel Dump File: Only registers and stack trace are available
  73. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  74. Kernel base = 0xfffff804`75600000 PsLoadedModuleList = 0xfffff804`75a48190
  75. Debug session time: Sun Aug 9 14:41:03.760 2020 (UTC - 4:00)
  76. System Uptime: 0 days 0:00:12.393
  77.  
  78. BugCheck 124, {0, ffff800500b8a028, be000000, 800400}
  79. Probably caused by : memory_corruption
  80. Followup: memory_corruption
  81.  
  82. WHEA_UNCORRECTABLE_ERROR (124)
  83. A fatal hardware error has occurred. Parameter 1 identifies the type of error
  84. source that reported the error. Parameter 2 holds the address of the
  85. WHEA_ERROR_RECORD structure that describes the error conditon.
  86.  
  87. Arguments:
  88. Arg1: 0000000000000000, Machine Check Exception
  89. Arg2: ffff800500b8a028, Address of the WHEA_ERROR_RECORD structure.
  90. Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
  91. Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
  92.  
  93. Debugging Details:
  94. DUMP_CLASS: 1
  95. DUMP_QUALIFIER: 400
  96. DUMP_TYPE: 2
  97. BUGCHECK_STR: 0x124_GenuineIntel
  98. CUSTOMER_CRASH_COUNT: 1
  99. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  100.  
  101. PROCESS_NAME: svchost.exe
  102.  
  103. CURRENT_IRQL: f
  104. STACK_TEXT:
  105. ffffd880`975eeb58 fffff804`760ff188 : 00000000`00000124 00000000`00000000 ffff8005`00b8a028 00000000`be000000 : nt!KeBugCheckEx
  106. ffffd880`975eeb60 fffff804`797f1920 : ffff8004`fe3f7bd0 00000000`00000000 ffff8005`00b8a028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  107. ffffd880`975eeba0 fffff804`75941092 : ffff8004`fe3f7bd0 ffffd880`975eec29 00000000`00000000 ffff8005`00b8a028 : PSHED!PshedBugCheckSystem+0x10
  108. ffffd880`975eebd0 fffff804`76100ae6 : ffffd880`975eecf0 00000000`00000004 ffff8004`fe3f7c20 ffff8004`fe3f7bd0 : nt!WheaReportHwError+0x382
  109. ffffd880`975eec90 fffff804`76100f7a : 00000000`00000010 ffff8004`fe3f7c20 ffffd880`975eee48 ffffd880`975ef090 : hal!HalpMcaReportError+0x72
  110. ffffd880`975eedf0 fffff804`76100e54 : ffff8004`fe2a9e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  111. ffffd880`975eee40 fffff804`761010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  112. ffffd880`975eee80 fffff804`76100168 : 00000000`00000000 ffffd880`975ef110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  113. ffffd880`975eeeb0 fffff804`76101347 : ffff8004`fe2a9e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  114. ffffd880`975eeee0 fffff804`758a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  115. ffffd880`975eef10 fffff804`757d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  116. ffffd880`975eef40 fffff804`757d106f : ffffd880`00000000 fffff804`757d0fac 00000000`00696976 00000000`00000000 : nt!KxMcheckAbort+0x7a
  117. ffffd880`975ef080 fffff804`75616768 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff9182`b44d8f30 : nt!KiMcheckAbort+0x26f
  118. ffffa682`35cb35e0 fffff804`756165b0 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KxFlushNonGlobalTb+0xd8
  119. ffffa682`35cb36f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeFlushTb+0x230
  120. STACK_COMMAND: kb
  121. CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
  122. ffffd6a271247809-ffffd6a27124780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
  123. [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
  124. ffffd6a271247879-ffffd6a27124787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
  125. [ 48 ff:4c 8b ]
  126. ffffd6a271247880-ffffd6a271247883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
  127. [ 0f 1f 44 00:e8 9b eb 20 ]
  128. ffffd6a271248985-ffffd6a271248986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
  129. [ 48 ff:4c 8b ]
  130. ffffd6a27124898c-ffffd6a27124898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
  131. [ 0f 1f 44 00:e8 8f da 20 ]
  132. ffffd6a271248995-ffffd6a271248996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
  133. [ 48 ff:4c 8b ]
  134. ffffd6a27124899c-ffffd6a27124899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
  135. [ 0f 1f 44 00:e8 7f da 20 ]
  136. 24 errors : !win32kbase (ffffd6a271247809-ffffd6a27124899f)
  137. MODULE_NAME: memory_corruption
  138.  
  139. IMAGE_NAME: memory_corruption
  140.  
  141. FOLLOWUP_NAME: memory_corruption
  142. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  143. MEMORY_CORRUPTOR: LARGE
  144. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  145. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  146. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  147. TARGET_TIME: 2020-08-09T18:41:03.000Z
  148. SUITE_MASK: 272
  149. PRODUCT_TYPE: 1
  150. USER_LCID: 0
  151. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  152. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  153. Followup: memory_corruption
  154.  
  155. ====================== Dump #1: 3RD PARTY DRIVERS ======================
  156.  
  157. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  158. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  159. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  160. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  161. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  162. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  163. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  164. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  165. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  166. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  167. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  168. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  169. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  170. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  171. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  172. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  173. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  174. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  175. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  176. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  177. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  178. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  179. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  180. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  181. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  182. Jun 23 2020 - aswNetHub.sys - Avast driver
  183. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  184. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  185. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  186. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  187. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  188. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  189. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  190.  
  191. ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
  192.  
  193. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  194. Image name: LGBusEnum.sys
  195. Search : https://www.google.com/search?q=LGBusEnum.sys
  196. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  197. Timestamp : Mon Nov 23 2009
  198.  
  199. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  200. Image name: AsUpIO.sys
  201. Search : https://www.google.com/search?q=AsUpIO.sys
  202. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  203. Timestamp : Mon Aug 2 2010
  204.  
  205. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  206. Image name: BazisVirtualCDBus.sys
  207. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  208. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  209. Timestamp : Mon Aug 8 2011
  210.  
  211. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  212. Image name: PxHlpa64.sys
  213. Search : https://www.google.com/search?q=PxHlpa64.sys
  214. ADA Info : Sonic CD/DVD driver
  215. Timestamp : Mon Oct 17 2011
  216.  
  217. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  218. Image name: AiCharger.sys
  219. Search : https://www.google.com/search?q=AiCharger.sys
  220. ADA Info : Asus Charger driver
  221. Timestamp : Thu Mar 22 2012
  222.  
  223. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  224. Image name: AsIO.sys
  225. Search : https://www.google.com/search?q=AsIO.sys
  226. ADA Info : ASUS Input Output driver http://www.asus.com/
  227. Timestamp : Wed Aug 22 2012
  228.  
  229. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  230. Image name: RTKVHD64.sys
  231. Search : https://www.google.com/search?q=RTKVHD64.sys
  232. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  233. Timestamp : Thu Apr 24 2014
  234.  
  235. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  236. Image name: TeeDriverx64.sys
  237. Search : https://www.google.com/search?q=TeeDriverx64.sys
  238. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  239. Timestamp : Tue Sep 23 2014
  240.  
  241. Image path: \SystemRoot\System32\drivers\tap0901.sys
  242. Image name: tap0901.sys
  243. Search : https://www.google.com/search?q=tap0901.sys
  244. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  245. Timestamp : Thu Apr 21 2016
  246.  
  247. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  248. Image name: tapwindscribe0901.sys
  249. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  250. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  251. Timestamp : Thu Mar 16 2017
  252.  
  253. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  254. Image name: YSDrv.sys
  255. Search : https://www.google.com/search?q=YSDrv.sys
  256. ADA Info : VirtualBox Support driver
  257. Timestamp : Wed Oct 11 2017
  258.  
  259. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  260. Image name: e1d65x64.sys
  261. Search : https://www.google.com/search?q=e1d65x64.sys
  262. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  263. Timestamp : Thu Jan 24 2019
  264.  
  265. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  266. Image name: nvvad64v.sys
  267. Search : https://www.google.com/search?q=nvvad64v.sys
  268. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  269. Timestamp : Thu Mar 14 2019
  270.  
  271. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  272. Image name: mbae64.sys
  273. Search : https://www.google.com/search?q=mbae64.sys
  274. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  275. Timestamp : Thu Apr 25 2019
  276.  
  277. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  278. Image name: nvlddmkm.sys
  279. Search : https://www.google.com/search?q=nvlddmkm.sys
  280. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  281. Timestamp : Wed Oct 2 2019
  282.  
  283. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  284. Image name: NvModuleTracker.sys
  285. Search : https://www.google.com/search?q=NvModuleTracker.sys
  286. ADA Info : NVIDIA Module Tracker driver
  287. Timestamp : Fri Nov 29 2019
  288.  
  289. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  290. Image name: nvvhci.sys
  291. Search : https://www.google.com/search?q=nvvhci.sys
  292. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  293. Timestamp : Fri Jan 10 2020
  294.  
  295. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  296. Image name: MbamChameleon.sys
  297. Search : https://www.google.com/search?q=MbamChameleon.sys
  298. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  299. Timestamp : Thu Jun 4 2020
  300.  
  301. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  302. Image name: nvhda64v.sys
  303. Search : https://www.google.com/search?q=nvhda64v.sys
  304. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  305. Timestamp : Tue Jun 9 2020
  306.  
  307. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  308. Image name: aswArPot.sys
  309. Search : https://www.google.com/search?q=aswArPot.sys
  310. ADA Info : Avast Antivirus http://www.avast.com/
  311. Timestamp : Tue Jun 23 2020
  312.  
  313. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  314. Image name: aswbidsdriver.sys
  315. Search : https://www.google.com/search?q=aswbidsdriver.sys
  316. ADA Info : Avast Antivirus http://www.avast.com/
  317. Timestamp : Tue Jun 23 2020
  318.  
  319. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  320. Image name: aswbidsh.sys
  321. Search : https://www.google.com/search?q=aswbidsh.sys
  322. ADA Info : Avast Antivirus http://www.avast.com/
  323. Timestamp : Tue Jun 23 2020
  324.  
  325. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  326. Image name: aswbuniv.sys
  327. Search : https://www.google.com/search?q=aswbuniv.sys
  328. ADA Info : Avast Antivirus http://www.avast.com/
  329. Timestamp : Tue Jun 23 2020
  330.  
  331. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  332. Image name: aswKbd.sys
  333. Search : https://www.google.com/search?q=aswKbd.sys
  334. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  335. Timestamp : Tue Jun 23 2020
  336.  
  337. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  338. Image name: aswMonFlt.sys
  339. Search : https://www.google.com/search?q=aswMonFlt.sys
  340. ADA Info : Avast Antivirus http://www.avast.com/
  341. Timestamp : Tue Jun 23 2020
  342.  
  343. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  344. Image name: aswNetHub.sys
  345. Search : https://www.google.com/search?q=aswNetHub.sys
  346. ADA Info : Avast driver
  347. Timestamp : Tue Jun 23 2020
  348.  
  349. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  350. Image name: aswRdr2.sys
  351. Search : https://www.google.com/search?q=aswRdr2.sys
  352. ADA Info : Avast Antivirus http://www.avast.com/
  353. Timestamp : Tue Jun 23 2020
  354.  
  355. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  356. Image name: aswRvrt.sys
  357. Search : https://www.google.com/search?q=aswRvrt.sys
  358. ADA Info : Avast Antivirus http://www.avast.com/
  359. Timestamp : Tue Jun 23 2020
  360.  
  361. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  362. Image name: aswSnx.sys
  363. Search : https://www.google.com/search?q=aswSnx.sys
  364. ADA Info : Avast Antivirus http://www.avast.com/
  365. Timestamp : Tue Jun 23 2020
  366.  
  367. Image path: \SystemRoot\system32\drivers\aswSP.sys
  368. Image name: aswSP.sys
  369. Search : https://www.google.com/search?q=aswSP.sys
  370. ADA Info : Avast Antivirus http://www.avast.com/
  371. Timestamp : Tue Jun 23 2020
  372.  
  373. Image path: \SystemRoot\system32\drivers\aswStm.sys
  374. Image name: aswStm.sys
  375. Search : https://www.google.com/search?q=aswStm.sys
  376. ADA Info : Avast Antivirus http://www.avast.com/
  377. Timestamp : Tue Jun 23 2020
  378.  
  379. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  380. Image name: aswVmm.sys
  381. Search : https://www.google.com/search?q=aswVmm.sys
  382. ADA Info : Avast Antivirus http://www.avast.com/
  383. Timestamp : Tue Jun 23 2020
  384.  
  385. Image path: \SystemRoot\system32\drivers\aswElam.sys
  386. Image name: aswElam.sys
  387. Search : https://www.google.com/search?q=aswElam.sys
  388. ADA Info : Avast ELAM driver
  389. Timestamp : Fri Jul 17 2020
  390.  
  391. ====================== Dump #1: MICROSOFT DRIVERS ======================
  392.  
  393. ACPI.sys ACPI Driver for NT (Microsoft)
  394. acpiex.sys ACPIEx Driver (Microsoft)
  395. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  396. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  397. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  398. ahcache.sys Application Compatibility Cache (Microsoft)
  399. bam.sys BAM Kernal driver (Microsoft)
  400. BasicDisplay.sys Basic Display driver (Microsoft)
  401. BasicRender.sys Basic Render driver (Microsoft)
  402. Beep.SYS BEEP driver (Microsoft)
  403. BOOTVID.dll VGA Boot Driver (Microsoft)
  404. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  405. cdd.dll Canonical Display Driver (Microsoft)
  406. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  407. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  408. CI.dll Code Integrity Module (Microsoft)
  409. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  410. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  411. CLFS.SYS Common Log File System Driver (Microsoft)
  412. clipsp.sys CLIP Service (Microsoft)
  413. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  414. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  415. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  416. crashdmp.sys Crash Dump driver (Microsoft)
  417. csc.sys Windows Client Side Caching driver (Microsoft)
  418. dfsc.sys DFS Namespace Client Driver (Microsoft)
  419. disk.sys PnP Disk Driver (Microsoft)
  420. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  421. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  422. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  423. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  424. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  425. dxgmms2.sys DirectX Graphics MMS
  426. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  427. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  428. fileinfo.sys FileInfo Filter Driver (Microsoft)
  429. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  430. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  431. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  432. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  433. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  434. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  435. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  436. HIDCLASS.SYS Hid Class Library (Microsoft)
  437. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  438. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  439. HTTP.sys HTTP Protocol Stack (Microsoft)
  440. intelpep.sys Intel Power Engine Plugin (Microsoft)
  441. intelppm.sys Processor Device Driver (Microsoft)
  442. iorate.sys I/O rate control Filter (Microsoft)
  443. kbdclass.sys Keyboard Class Driver (Microsoft)
  444. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  445. kd.dll Local Kernal Debugger (Microsoft)
  446. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  447. ks.sys Kernal CSA Library (Microsoft)
  448. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  449. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  450. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  451. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  452. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  453. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  454. mmcss.sys MMCSS Driver (Microsoft)
  455. monitor.sys Monitor Driver (Microsoft)
  456. mouclass.sys Mouse Class Driver (Microsoft)
  457. mouhid.sys HID Mouse Filter Driver (Microsoft)
  458. mountmgr.sys Mount Point Manager (Microsoft)
  459. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  460. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  461. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  462. Msfs.SYS Mailslot driver (Microsoft)
  463. msisadrv.sys ISA Driver (Microsoft)
  464. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  465. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  466. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  467. mssmbios.sys System Management BIOS driver (Microsoft)
  468. mup.sys Multiple UNC Provider driver (Microsoft)
  469. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  470. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  471. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  472. netbios.sys NetBIOS Interface driver (Microsoft)
  473. netbt.sys MBT Transport driver (Microsoft)
  474. NETIO.SYS Network I/O Subsystem (Microsoft)
  475. Npfs.SYS NPFS driver (Microsoft)
  476. npsvctrig.sys Named pipe service triggers (Microsoft)
  477. nsiproxy.sys NSI Proxy driver (Microsoft)
  478. Ntfs.sys NT File System Driver (Microsoft)
  479. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  480. ntosext.sys NTOS Extension Host driver (Microsoft)
  481. Null.SYS NULL Driver (Microsoft)
  482. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  483. pacer.sys QoS Packet Scheduler (Microsoft)
  484. partmgr.sys Partition driver (Microsoft)
  485. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  486. pcw.sys Performance Counter Driver (Microsoft)
  487. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  488. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  489. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  490. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  491. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  492. rdyboost.sys ReadyBoost Driver (Microsoft)
  493. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  494. serenum.sys Serial Port Enumerator (Microsoft)
  495. serial.sys Serial Device Driver
  496. serscan.sys Serial Imaging Device Driver (Microsoft)
  497. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  498. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  499. spaceport.sys Storage Spaces driver (Microsoft)
  500. srv2.sys Smb 2.0 Server driver (Microsoft)
  501. srvnet.sys Server Network driver (Microsoft)
  502. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  503. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  504. storqosflt.sys Storage QoS Filter driver (Microsoft)
  505. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  506. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  507. tcpip.sys TCP/IP Protocol driver (Microsoft)
  508. TDI.SYS TDI Wrapper driver (Microsoft)
  509. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  510. tm.sys Kernel Transaction Manager driver (Microsoft)
  511. ucx01000.sys USB Controller Extension (Microsoft)
  512. umbus.sys User-Mode Bus Enumerator (Microsoft)
  513. umpass.sys Generic pass-through driver (Microsoft)
  514. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  515. USBD.SYS Universal Serial Bus Driver (Microsoft)
  516. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  517. usbhub.sys Default Hub Driver for USB (Microsoft)
  518. UsbHub3.sys USB3 HUB driver (Microsoft)
  519. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  520. USBXHCI.SYS USB XHCI driver (Microsoft)
  521. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  522. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  523. volmgr.sys Volume Manager Driver (Microsoft)
  524. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  525. volsnap.sys Volume Shadow Copy driver (Microsoft)
  526. volume.sys Volume driver (Microsoft)
  527. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  528. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  529. watchdog.sys Watchdog driver (Microsoft)
  530. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  531. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  532. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  533. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  534. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  535. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  536. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  537. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  538. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  539. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  540. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  541. winquic.sys QUIC Transport Protocol driver (Microsoft)
  542. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  543. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  544. Wof.sys Windows Overlay Filter (Microsoft)
  545. WppRecorder.sys WPP Trace Recorder (Microsoft)
  546. WSDPrint.sys Web Services Print Device driver (Microsoft)
  547. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  548. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  549.  
  550. ====================== Dump #1: UNLOADED MODULES =======================
  551.  
  552. fffff804`7bbc0000 fffff804`7bbcf000 dump_storpor
  553. fffff804`7b400000 fffff804`7b42f000 dump_storahc
  554. fffff804`7b450000 fffff804`7b46e000 dump_dumpfve
  555. fffff804`7deb0000 fffff804`7df01000 WUDFRd.sys
  556. fffff804`7bec0000 fffff804`7bede000 dam.sys
  557. fffff804`79e20000 fffff804`79e29000 MbamElam.sys
  558. fffff804`7ae20000 fffff804`7ae31000 hwpolicy.sys
  559.  
  560. ====================== Dump #1: BIOS INFORMATION =======================
  561.  
  562. [SMBIOS Data Tables v2.8]
  563. [DMI Version - 0]
  564. [2.0 Calling Convention - No]
  565. [Table Size - 3167 bytes]
  566. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  567. Vendor American Megatrends Inc.
  568. BIOS Version 1304
  569. BIOS Starting Address Segment f000
  570. BIOS Release Date 07/11/2014
  571. BIOS ROM Size 800000
  572. BIOS Characteristics
  573. 07: - PCI Supported
  574. 10: - APM Supported
  575. 11: - Upgradeable FLASH BIOS
  576. 12: - BIOS Shadowing Supported
  577. 15: - CD-Boot Supported
  578. 16: - Selectable Boot Supported
  579. 17: - BIOS ROM Socketed
  580. 19: - EDD Supported
  581. 23: - 1.2MB Floppy Supported
  582. 24: - 720KB Floppy Supported
  583. 25: - 2.88MB Floppy Supported
  584. 26: - Print Screen Device Supported
  585. 27: - Keyboard Services Supported
  586. 28: - Serial Services Supported
  587. 29: - Printer Services Supported
  588. 32: - BIOS Vendor Reserved
  589. BIOS Characteristic Extensions
  590. 00: - ACPI Supported
  591. 01: - USB Legacy Supported
  592. 08: - BIOS Boot Specification Supported
  593. 10: - Specification Reserved
  594. 11: - Specification Reserved
  595. BIOS Major Revision 4
  596. BIOS Minor Revision 6
  597. EC Firmware Major Revision 255
  598. EC Firmware Minor Revision 255
  599. [System Information (Type 1) - Length 27 - Handle 0001h]
  600. Manufacturer ASUS
  601. Product Name All Series
  602. Version System Version
  603. UUID 00000000-0000-0000-0000-000000000000
  604. Wakeup Type Power Switch
  605. SKUNumber All
  606. Family ASUS MB
  607. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  608. Manufacturer ASUSTeK COMPUTER INC.
  609. Product Z97-A
  610. Version Rev 1.xx
  611. Feature Flags 09h
  612. 1830401760: - 1830401808: - «Q¦ý
  613. Chassis Handle 0003h
  614. Board Type 0ah - Processor/Memory Module
  615. Number of Child Handles 0
  616. [System Enclosure (Type 3) - Length 25 - Handle 0003h]
  617. Chassis Type Desktop
  618. Bootup State Safe
  619. Power Supply State Safe
  620. Thermal State Safe
  621. Security Status None
  622. OEM Defined 0
  623. Height 0U
  624. Number of Power Cords 1
  625. Number of Contained Elements 1
  626. Contained Element Size 3
  627. [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
  628. Number of Devices 2
  629. 01: Type Video [enabled]
  630. 02: Type Ethernet [enabled]
  631. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  632. Number of Strings 4
  633. 3 Ferrari
  634. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  635. [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
  636. Location 03h - SystemBoard/Motherboard
  637. Use 03h - System Memory
  638. Memory Error Correction 03h - None
  639. Maximum Capacity 33554432KB
  640. Number of Memory Devices 4
  641. [Memory Device (Type 17) - Length 40 - Handle 0047h]
  642. Physical Memory Array Handle 0046h
  643. Total Width 0 bits
  644. Data Width 0 bits
  645. Form Factor 09h - DIMM
  646. Device Locator DIMM_A1
  647. Bank Locator BANK 0
  648. Memory Type 02h - Unknown
  649. Type Detail 0000h -
  650. Speed 0MHz
  651. [Memory Device (Type 17) - Length 40 - Handle 0048h]
  652. Physical Memory Array Handle 0046h
  653. Total Width 64 bits
  654. Data Width 64 bits
  655. Size 8192MB
  656. Form Factor 09h - DIMM
  657. Device Locator DIMM_A2
  658. Bank Locator BANK 1
  659. Memory Type 18h - Specification Reserved
  660. Type Detail 0080h - Synchronous
  661. Speed 1600MHz
  662. Manufacturer 0215
  663. Part Number CMY16GX3M2A1600C9
  664. [Memory Device (Type 17) - Length 40 - Handle 0049h]
  665. Physical Memory Array Handle 0046h
  666. Total Width 0 bits
  667. Data Width 0 bits
  668. Form Factor 09h - DIMM
  669. Device Locator DIMM_B1
  670. Bank Locator BANK 2
  671. Memory Type 02h - Unknown
  672. Type Detail 0000h -
  673. Speed 0MHz
  674. [Memory Device (Type 17) - Length 40 - Handle 004ah]
  675. Physical Memory Array Handle 0046h
  676. Total Width 64 bits
  677. Data Width 64 bits
  678. Size 8192MB
  679. Form Factor 09h - DIMM
  680. Device Locator DIMM_B2
  681. Bank Locator BANK 3
  682. Memory Type 18h - Specification Reserved
  683. Type Detail 0080h - Synchronous
  684. Speed 1600MHz
  685. Manufacturer 0215
  686. Part Number CMY16GX3M2A1600C9
  687. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
  688. Starting Address 00000000h
  689. Ending Address 00ffffffh
  690. Memory Array Handle 0046h
  691. Partition Width 04
  692. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
  693. Starting Address 00000000h
  694. Ending Address 007fffffh
  695. Memory Device Handle 004ah
  696. Mem Array Mapped Adr Handle 004bh
  697. Interleave Position 01
  698. Interleave Data Depth 02
  699. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
  700. Starting Address 00800000h
  701. Ending Address 00ffffffh
  702. Memory Device Handle 004ah
  703. Mem Array Mapped Adr Handle 004bh
  704. Interleave Position 02
  705. Interleave Data Depth 02
  706. [Processor Information (Type 4) - Length 42 - Handle 0053h]
  707. Socket Designation SOCKET 1150
  708. Processor Type Central Processor
  709. Processor Family 01h - Other
  710. Processor Manufacturer Intel
  711. Processor ID c3060300fffbebbf
  712. Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
  713. Processor Voltage 8ch - 1.2V
  714. External Clock 100MHz
  715. Max Speed 3800MHz
  716. Current Speed 4000MHz
  717. Status Enabled Populated
  718. Processor Upgrade Specification Reserved
  719. L1 Cache Handle 0054h
  720. L2 Cache Handle 0055h
  721. L3 Cache Handle 0056h
  722. [Cache Information (Type 7) - Length 19 - Handle 0054h]
  723. Socket Designation CPU Internal L1
  724. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  725. Maximum Cache Size 0100h - 256K
  726. Installed Size 0100h - 256K
  727. Supported SRAM Type 0020h - Synchronous
  728. Current SRAM Type 0020h - Synchronous
  729. Cache Speed 0ns
  730. Error Correction Type ParitySingle-Bit ECC
  731. System Cache Type Other
  732. Associativity 8-way Set-Associative
  733. [Cache Information (Type 7) - Length 19 - Handle 0055h]
  734. Socket Designation CPU Internal L2
  735. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  736. Maximum Cache Size 0400h - 1024K
  737. Installed Size 0400h - 1024K
  738. Supported SRAM Type 0020h - Synchronous
  739. Current SRAM Type 0020h - Synchronous
  740. Cache Speed 0ns
  741. Error Correction Type Multi-Bit ECC
  742. System Cache Type Unified
  743. Associativity 8-way Set-Associative
  744. [Cache Information (Type 7) - Length 19 - Handle 0056h]
  745. Socket Designation CPU Internal L3
  746. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  747. Maximum Cache Size 2000h - 8192K
  748. Installed Size 2000h - 8192K
  749. Supported SRAM Type 0020h - Synchronous
  750. Current SRAM Type 0020h - Synchronous
  751. Cache Speed 0ns
  752. Error Correction Type Specification Reserved
  753. System Cache Type Unified
  754. Associativity 16-way Set-Associative
  755.  
  756. ========================== Dump #1: Extra #1 ===========================
  757.  
  758. 4: kd> !verifier
  759. Verify Flags Level 0x00000000
  760. STANDARD FLAGS:
  761. [X] (0x00000000) Automatic Checks
  762. [ ] (0x00000001) Special pool
  763. [ ] (0x00000002) Force IRQL checking
  764. [ ] (0x00000008) Pool tracking
  765. [ ] (0x00000010) I/O verification
  766. [ ] (0x00000020) Deadlock detection
  767. [ ] (0x00000080) DMA checking
  768. [ ] (0x00000100) Security checks
  769. [ ] (0x00000800) Miscellaneous checks
  770. [ ] (0x00020000) DDI compliance checking
  771. ADDITIONAL FLAGS:
  772. [ ] (0x00000004) Randomized low resources simulation
  773. [ ] (0x00000200) Force pending I/O requests
  774. [ ] (0x00000400) IRP logging
  775. [ ] (0x00002000) Invariant MDL checking for stack
  776. [ ] (0x00004000) Invariant MDL checking for driver
  777. [ ] (0x00008000) Power framework delay fuzzing
  778. [ ] (0x00010000) Port/miniport interface checking
  779. [ ] (0x00040000) Systematic low resources simulation
  780. [ ] (0x00080000) DDI compliance checking (additional)
  781. [ ] (0x00200000) NDIS/WIFI verification
  782. [ ] (0x00800000) Kernel synchronization delay fuzzing
  783. [ ] (0x01000000) VM switch verification
  784. [ ] (0x02000000) Code integrity checks
  785. [X] Indicates flag is enabled
  786. Summary of All Verifier Statistics
  787. RaiseIrqls 0x0
  788. AcquireSpinLocks 0x0
  789. Synch Executions 0x0
  790. Trims 0x0
  791. Pool Allocations Attempted 0x0
  792. Pool Allocations Succeeded 0x0
  793. Pool Allocations Succeeded SpecialPool 0x0
  794. Pool Allocations With NO TAG 0x0
  795. Pool Allocations Failed 0x0
  796. Current paged pool allocations 0x0 for 00000000 bytes
  797. Peak paged pool allocations 0x0 for 00000000 bytes
  798. Current nonpaged pool allocations 0x0 for 00000000 bytes
  799. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  800.  
  801. ========================== Dump #1: Extra #2 ===========================
  802.  
  803. 4: kd> !thread
  804. THREAD ffff8005074c7080 Cid 1394.139c Teb: 000000ac2026a000 Win32Thread: ffff8005001758d0 RUNNING on processor 4
  805. IRP List:
  806. Unable to read nt!_IRP @ ffff800507091bf0
  807. Not impersonating
  808. GetUlongFromAddress: unable to read from fffff80475a2ca14
  809. Owning Process ffff8005074c0080 Image: svchost.exe
  810. Attached Process N/A Image: N/A
  811. fffff78000000000: Unable to get shared data
  812. Wait Start TickCount 791
  813. Context Switch Count 182 IdealProcessor: 4
  814. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  815. UserTime 00:00:00.000
  816. KernelTime 00:00:00.000
  817. Win32 Start Address 0x00007ffbd51d2dc0
  818. Stack Init ffffa68235cb4c90 Current ffffa68235cb31a0
  819. Base ffffa68235cb5000 Limit ffffa68235caf000 Call 0000000000000000
  820. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  821. Child-SP RetAddr : Args to Child : Call Site
  822. ffffd880`975eeb58 fffff804`760ff188 : 00000000`00000124 00000000`00000000 ffff8005`00b8a028 00000000`be000000 : nt!KeBugCheckEx
  823. ffffd880`975eeb60 fffff804`797f1920 : ffff8004`fe3f7bd0 00000000`00000000 ffff8005`00b8a028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  824. ffffd880`975eeba0 fffff804`75941092 : ffff8004`fe3f7bd0 ffffd880`975eec29 00000000`00000000 ffff8005`00b8a028 : PSHED!PshedBugCheckSystem+0x10
  825. ffffd880`975eebd0 fffff804`76100ae6 : ffffd880`975eecf0 00000000`00000004 ffff8004`fe3f7c20 ffff8004`fe3f7bd0 : nt!WheaReportHwError+0x382
  826. ffffd880`975eec90 fffff804`76100f7a : 00000000`00000010 ffff8004`fe3f7c20 ffffd880`975eee48 ffffd880`975ef090 : hal!HalpMcaReportError+0x72
  827. ffffd880`975eedf0 fffff804`76100e54 : ffff8004`fe2a9e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  828. ffffd880`975eee40 fffff804`761010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  829. ffffd880`975eee80 fffff804`76100168 : 00000000`00000000 ffffd880`975ef110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  830. ffffd880`975eeeb0 fffff804`76101347 : ffff8004`fe2a9e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  831. ffffd880`975eeee0 fffff804`758a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  832. ffffd880`975eef10 fffff804`757d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  833. ffffd880`975eef40 fffff804`757d106f : ffffd880`00000000 fffff804`757d0fac 00000000`00696976 00000000`00000000 : nt!KxMcheckAbort+0x7a
  834. ffffd880`975ef080 fffff804`75616768 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff9182`b44d8f30 : nt!KiMcheckAbort+0x26f (TrapFrame @ ffffd880`975ef090)
  835. ffffa682`35cb35e0 fffff804`756165b0 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KxFlushNonGlobalTb+0xd8
  836. ffffa682`35cb36f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeFlushTb+0x230
  837.  
  838.  
  839. ========================================================================
  840. ======================= Dump #2: ANALYZE VERBOSE =======================
  841. ======================= File: 080920-7609-01.dmp =======================
  842. ========================================================================
  843.  
  844. Mini Kernel Dump File: Only registers and stack trace are available
  845. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  846. Kernel base = 0xfffff804`24a00000 PsLoadedModuleList = 0xfffff804`24e48190
  847. Debug session time: Sun Aug 9 16:25:28.977 2020 (UTC - 4:00)
  848. System Uptime: 0 days 0:00:26.613
  849.  
  850. BugCheck 124, {0, ffffb70801314028, be000000, 800400}
  851. Probably caused by : memory_corruption
  852. Followup: memory_corruption
  853.  
  854. WHEA_UNCORRECTABLE_ERROR (124)
  855. A fatal hardware error has occurred. Parameter 1 identifies the type of error
  856. source that reported the error. Parameter 2 holds the address of the
  857. WHEA_ERROR_RECORD structure that describes the error conditon.
  858.  
  859. Arguments:
  860. Arg1: 0000000000000000, Machine Check Exception
  861. Arg2: ffffb70801314028, Address of the WHEA_ERROR_RECORD structure.
  862. Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
  863. Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
  864.  
  865. Debugging Details:
  866. DUMP_CLASS: 1
  867. DUMP_QUALIFIER: 400
  868. DUMP_TYPE: 2
  869. BUGCHECK_STR: 0x124_GenuineIntel
  870. CUSTOMER_CRASH_COUNT: 1
  871. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  872.  
  873. PROCESS_NAME: svchost.exe
  874.  
  875. CURRENT_IRQL: f
  876. STACK_TEXT:
  877. ffffc701`1fa0cb58 fffff804`249a4188 : 00000000`00000124 00000000`00000000 ffffb708`01314028 00000000`be000000 : nt!KeBugCheckEx
  878. ffffc701`1fa0cb60 fffff804`28001920 : ffffb707`fcaf1bd0 00000000`00000000 ffffb708`01314028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  879. ffffc701`1fa0cba0 fffff804`24d41092 : ffffb707`fcaf1bd0 ffffc701`1fa0cc29 00000000`00000000 ffffb708`01314028 : PSHED!PshedBugCheckSystem+0x10
  880. ffffc701`1fa0cbd0 fffff804`249a5ae6 : ffffc701`1fa0ccf0 00000000`00000004 ffffb707`fcaf1c20 ffffb707`fcaf1bd0 : nt!WheaReportHwError+0x382
  881. ffffc701`1fa0cc90 fffff804`249a5f7a : 00000000`00000010 ffffb707`fcaf1c20 ffffc701`1fa0ce48 ffffc701`1fa0d090 : hal!HalpMcaReportError+0x72
  882. ffffc701`1fa0cdf0 fffff804`249a5e54 : ffffb707`fc6a7e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  883. ffffc701`1fa0ce40 fffff804`249a60c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  884. ffffc701`1fa0ce80 fffff804`249a5168 : 00000000`00000000 ffffc701`1fa0d110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  885. ffffc701`1fa0ceb0 fffff804`249a6347 : ffffb707`fc6a7e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  886. ffffc701`1fa0cee0 fffff804`24ca4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  887. ffffc701`1fa0cf10 fffff804`24bd13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  888. ffffc701`1fa0cf40 fffff804`24bd106f : ffffff47`00000000 fffff804`24bd0fac fffff285`b1e13f40 00000000`00000000 : nt!KxMcheckAbort+0x7a
  889. ffffc701`1fa0d080 fffff804`24a447ef : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f
  890. fffff285`b1e13f00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeYieldProcessorEx+0x1f
  891. STACK_COMMAND: kb
  892. CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
  893. ffff885d18c97809-ffff885d18c9780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
  894. [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
  895. ffff885d18c97879-ffff885d18c9787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
  896. [ 48 ff:4c 8b ]
  897. ffff885d18c97880-ffff885d18c97883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
  898. [ 0f 1f 44 00:e8 9b eb 20 ]
  899. ffff885d18c98985-ffff885d18c98986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
  900. [ 48 ff:4c 8b ]
  901. ffff885d18c9898c-ffff885d18c9898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
  902. [ 0f 1f 44 00:e8 8f da 20 ]
  903. ffff885d18c98995-ffff885d18c98996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
  904. [ 48 ff:4c 8b ]
  905. ffff885d18c9899c-ffff885d18c9899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
  906. [ 0f 1f 44 00:e8 7f da 20 ]
  907. 24 errors : !win32kbase (ffff885d18c97809-ffff885d18c9899f)
  908. MODULE_NAME: memory_corruption
  909.  
  910. IMAGE_NAME: memory_corruption
  911.  
  912. FOLLOWUP_NAME: memory_corruption
  913. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  914. MEMORY_CORRUPTOR: LARGE
  915. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  916. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  917. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  918. TARGET_TIME: 2020-08-09T20:25:28.000Z
  919. SUITE_MASK: 272
  920. PRODUCT_TYPE: 1
  921. USER_LCID: 0
  922. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  923. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  924. Followup: memory_corruption
  925.  
  926. ====================== Dump #2: 3RD PARTY DRIVERS ======================
  927.  
  928. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  929. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  930. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  931. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  932. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  933. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  934. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  935. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  936. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  937. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  938. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  939. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  940. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  941. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  942. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  943. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  944. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  945. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  946. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  947. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  948. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  949. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  950. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  951. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  952. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  953. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  954. Jun 23 2020 - aswNetHub.sys - Avast driver
  955. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  956. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  957. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  958. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  959. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  960. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  961. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  962.  
  963. ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
  964.  
  965. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  966. Image name: LGBusEnum.sys
  967. Search : https://www.google.com/search?q=LGBusEnum.sys
  968. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  969. Timestamp : Mon Nov 23 2009
  970.  
  971. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  972. Image name: sadp_npf64.sys
  973. Search : https://www.google.com/search?q=sadp_npf64.sys
  974. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  975. Timestamp : Fri Jun 25 2010
  976.  
  977. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  978. Image name: AsUpIO.sys
  979. Search : https://www.google.com/search?q=AsUpIO.sys
  980. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  981. Timestamp : Mon Aug 2 2010
  982.  
  983. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  984. Image name: BazisVirtualCDBus.sys
  985. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  986. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  987. Timestamp : Mon Aug 8 2011
  988.  
  989. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  990. Image name: PxHlpa64.sys
  991. Search : https://www.google.com/search?q=PxHlpa64.sys
  992. ADA Info : Sonic CD/DVD driver
  993. Timestamp : Mon Oct 17 2011
  994.  
  995. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  996. Image name: AiCharger.sys
  997. Search : https://www.google.com/search?q=AiCharger.sys
  998. ADA Info : Asus Charger driver
  999. Timestamp : Thu Mar 22 2012
  1000.  
  1001. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  1002. Image name: GEARAspiWDM.sys
  1003. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  1004. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  1005. Timestamp : Thu May 3 2012
  1006.  
  1007. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  1008. Image name: AsIO.sys
  1009. Search : https://www.google.com/search?q=AsIO.sys
  1010. ADA Info : ASUS Input Output driver http://www.asus.com/
  1011. Timestamp : Wed Aug 22 2012
  1012.  
  1013. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  1014. Image name: rzpmgrk.sys
  1015. Search : https://www.google.com/search?q=rzpmgrk.sys
  1016. ADA Info : Razer Overlay Support https://www.razer.com/
  1017. Timestamp : Thu Apr 17 2014
  1018.  
  1019. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  1020. Image name: RTKVHD64.sys
  1021. Search : https://www.google.com/search?q=RTKVHD64.sys
  1022. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  1023. Timestamp : Thu Apr 24 2014
  1024.  
  1025. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  1026. Image name: TeeDriverx64.sys
  1027. Search : https://www.google.com/search?q=TeeDriverx64.sys
  1028. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  1029. Timestamp : Tue Sep 23 2014
  1030.  
  1031. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  1032. Image name: rzpnk.sys
  1033. Search : https://www.google.com/search?q=rzpnk.sys
  1034. ADA Info : Razer Overlay Support https://www.razer.com/
  1035. Timestamp : Fri Oct 17 2014
  1036.  
  1037. Image path: \SystemRoot\System32\drivers\tap0901.sys
  1038. Image name: tap0901.sys
  1039. Search : https://www.google.com/search?q=tap0901.sys
  1040. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  1041. Timestamp : Thu Apr 21 2016
  1042.  
  1043. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  1044. Image name: tapwindscribe0901.sys
  1045. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  1046. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  1047. Timestamp : Thu Mar 16 2017
  1048.  
  1049. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  1050. Image name: YSDrv.sys
  1051. Search : https://www.google.com/search?q=YSDrv.sys
  1052. ADA Info : VirtualBox Support driver
  1053. Timestamp : Wed Oct 11 2017
  1054.  
  1055. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  1056. Image name: IntelHaxm.sys
  1057. Search : https://www.google.com/search?q=IntelHaxm.sys
  1058. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  1059. Timestamp : Tue Sep 18 2018
  1060.  
  1061. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  1062. Image name: e1d65x64.sys
  1063. Search : https://www.google.com/search?q=e1d65x64.sys
  1064. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  1065. Timestamp : Thu Jan 24 2019
  1066.  
  1067. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  1068. Image name: nvvad64v.sys
  1069. Search : https://www.google.com/search?q=nvvad64v.sys
  1070. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  1071. Timestamp : Thu Mar 14 2019
  1072.  
  1073. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  1074. Image name: NvModuleTracker.sys
  1075. Search : https://www.google.com/search?q=NvModuleTracker.sys
  1076. ADA Info : NVIDIA Module Tracker driver
  1077. Timestamp : Fri Nov 29 2019
  1078.  
  1079. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  1080. Image name: nvvhci.sys
  1081. Search : https://www.google.com/search?q=nvvhci.sys
  1082. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1083. Timestamp : Fri Jan 10 2020
  1084.  
  1085. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  1086. Image name: aswArPot.sys
  1087. Search : https://www.google.com/search?q=aswArPot.sys
  1088. ADA Info : Avast Antivirus http://www.avast.com/
  1089. Timestamp : Tue Jun 23 2020
  1090.  
  1091. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  1092. Image name: aswbidsdriver.sys
  1093. Search : https://www.google.com/search?q=aswbidsdriver.sys
  1094. ADA Info : Avast Antivirus http://www.avast.com/
  1095. Timestamp : Tue Jun 23 2020
  1096.  
  1097. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  1098. Image name: aswbidsh.sys
  1099. Search : https://www.google.com/search?q=aswbidsh.sys
  1100. ADA Info : Avast Antivirus http://www.avast.com/
  1101. Timestamp : Tue Jun 23 2020
  1102.  
  1103. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  1104. Image name: aswbuniv.sys
  1105. Search : https://www.google.com/search?q=aswbuniv.sys
  1106. ADA Info : Avast Antivirus http://www.avast.com/
  1107. Timestamp : Tue Jun 23 2020
  1108.  
  1109. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  1110. Image name: aswKbd.sys
  1111. Search : https://www.google.com/search?q=aswKbd.sys
  1112. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  1113. Timestamp : Tue Jun 23 2020
  1114.  
  1115. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  1116. Image name: aswMonFlt.sys
  1117. Search : https://www.google.com/search?q=aswMonFlt.sys
  1118. ADA Info : Avast Antivirus http://www.avast.com/
  1119. Timestamp : Tue Jun 23 2020
  1120.  
  1121. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  1122. Image name: aswNetHub.sys
  1123. Search : https://www.google.com/search?q=aswNetHub.sys
  1124. ADA Info : Avast driver
  1125. Timestamp : Tue Jun 23 2020
  1126.  
  1127. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  1128. Image name: aswRdr2.sys
  1129. Search : https://www.google.com/search?q=aswRdr2.sys
  1130. ADA Info : Avast Antivirus http://www.avast.com/
  1131. Timestamp : Tue Jun 23 2020
  1132.  
  1133. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  1134. Image name: aswRvrt.sys
  1135. Search : https://www.google.com/search?q=aswRvrt.sys
  1136. ADA Info : Avast Antivirus http://www.avast.com/
  1137. Timestamp : Tue Jun 23 2020
  1138.  
  1139. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  1140. Image name: aswSnx.sys
  1141. Search : https://www.google.com/search?q=aswSnx.sys
  1142. ADA Info : Avast Antivirus http://www.avast.com/
  1143. Timestamp : Tue Jun 23 2020
  1144.  
  1145. Image path: \SystemRoot\system32\drivers\aswSP.sys
  1146. Image name: aswSP.sys
  1147. Search : https://www.google.com/search?q=aswSP.sys
  1148. ADA Info : Avast Antivirus http://www.avast.com/
  1149. Timestamp : Tue Jun 23 2020
  1150.  
  1151. Image path: \SystemRoot\system32\drivers\aswStm.sys
  1152. Image name: aswStm.sys
  1153. Search : https://www.google.com/search?q=aswStm.sys
  1154. ADA Info : Avast Antivirus http://www.avast.com/
  1155. Timestamp : Tue Jun 23 2020
  1156.  
  1157. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  1158. Image name: aswVmm.sys
  1159. Search : https://www.google.com/search?q=aswVmm.sys
  1160. ADA Info : Avast Antivirus http://www.avast.com/
  1161. Timestamp : Tue Jun 23 2020
  1162.  
  1163. Image path: \SystemRoot\system32\drivers\aswElam.sys
  1164. Image name: aswElam.sys
  1165. Search : https://www.google.com/search?q=aswElam.sys
  1166. ADA Info : Avast ELAM driver
  1167. Timestamp : Fri Jul 17 2020
  1168.  
  1169. ====================== Dump #2: MICROSOFT DRIVERS ======================
  1170.  
  1171. ACPI.sys ACPI Driver for NT (Microsoft)
  1172. acpiex.sys ACPIEx Driver (Microsoft)
  1173. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  1174. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  1175. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  1176. ahcache.sys Application Compatibility Cache (Microsoft)
  1177. bam.sys BAM Kernal driver (Microsoft)
  1178. BasicDisplay.sys Basic Display driver (Microsoft)
  1179. BasicRender.sys Basic Render driver (Microsoft)
  1180. Beep.SYS BEEP driver (Microsoft)
  1181. BOOTVID.dll VGA Boot Driver (Microsoft)
  1182. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  1183. cdd.dll Canonical Display Driver (Microsoft)
  1184. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  1185. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1186. CI.dll Code Integrity Module (Microsoft)
  1187. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1188. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  1189. CLFS.SYS Common Log File System Driver (Microsoft)
  1190. clipsp.sys CLIP Service (Microsoft)
  1191. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1192. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1193. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  1194. crashdmp.sys Crash Dump driver (Microsoft)
  1195. csc.sys Windows Client Side Caching driver (Microsoft)
  1196. dfsc.sys DFS Namespace Client Driver (Microsoft)
  1197. disk.sys PnP Disk Driver (Microsoft)
  1198. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  1199. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1200. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1201. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1202. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  1203. dxgmms2.sys DirectX Graphics MMS
  1204. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  1205. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  1206. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1207. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1208. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1209. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1210. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1211. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  1212. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1213. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  1214. HIDCLASS.SYS Hid Class Library (Microsoft)
  1215. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  1216. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  1217. HTTP.sys HTTP Protocol Stack (Microsoft)
  1218. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1219. intelppm.sys Processor Device Driver (Microsoft)
  1220. iorate.sys I/O rate control Filter (Microsoft)
  1221. kbdclass.sys Keyboard Class Driver (Microsoft)
  1222. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  1223. kd.dll Local Kernal Debugger (Microsoft)
  1224. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  1225. ks.sys Kernal CSA Library (Microsoft)
  1226. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  1227. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  1228. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  1229. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  1230. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  1231. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  1232. mmcss.sys MMCSS Driver (Microsoft)
  1233. monitor.sys Monitor Driver (Microsoft)
  1234. mouclass.sys Mouse Class Driver (Microsoft)
  1235. mouhid.sys HID Mouse Filter Driver (Microsoft)
  1236. mountmgr.sys Mount Point Manager (Microsoft)
  1237. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  1238. mqac.sys Message Queuing Device driver (Microsoft)
  1239. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  1240. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  1241. Msfs.SYS Mailslot driver (Microsoft)
  1242. msisadrv.sys ISA Driver (Microsoft)
  1243. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  1244. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  1245. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  1246. mssmbios.sys System Management BIOS driver (Microsoft)
  1247. mup.sys Multiple UNC Provider driver (Microsoft)
  1248. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  1249. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  1250. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  1251. NDProxy.sys NDIS Proxy driver (Microsoft)
  1252. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  1253. netbios.sys NetBIOS Interface driver (Microsoft)
  1254. netbt.sys MBT Transport driver (Microsoft)
  1255. NETIO.SYS Network I/O Subsystem (Microsoft)
  1256. Npfs.SYS NPFS driver (Microsoft)
  1257. npsvctrig.sys Named pipe service triggers (Microsoft)
  1258. nsiproxy.sys NSI Proxy driver (Microsoft)
  1259. Ntfs.sys NT File System Driver (Microsoft)
  1260. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  1261. ntosext.sys NTOS Extension Host driver (Microsoft)
  1262. Null.SYS NULL Driver (Microsoft)
  1263. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  1264. pacer.sys QoS Packet Scheduler (Microsoft)
  1265. partmgr.sys Partition driver (Microsoft)
  1266. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  1267. pcw.sys Performance Counter Driver (Microsoft)
  1268. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  1269. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  1270. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  1271. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  1272. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  1273. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  1274. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  1275. rdyboost.sys ReadyBoost Driver (Microsoft)
  1276. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  1277. serenum.sys Serial Port Enumerator (Microsoft)
  1278. serial.sys Serial Device Driver
  1279. serscan.sys Serial Imaging Device Driver (Microsoft)
  1280. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  1281. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  1282. spaceport.sys Storage Spaces driver (Microsoft)
  1283. srv.sys Server driver (Microsoft)
  1284. srv2.sys Smb 2.0 Server driver (Microsoft)
  1285. srvnet.sys Server Network driver (Microsoft)
  1286. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  1287. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  1288. storqosflt.sys Storage QoS Filter driver (Microsoft)
  1289. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  1290. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  1291. tcpip.sys TCP/IP Protocol driver (Microsoft)
  1292. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  1293. TDI.SYS TDI Wrapper driver (Microsoft)
  1294. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  1295. tm.sys Kernel Transaction Manager driver (Microsoft)
  1296. ucx01000.sys USB Controller Extension (Microsoft)
  1297. umbus.sys User-Mode Bus Enumerator (Microsoft)
  1298. umpass.sys Generic pass-through driver (Microsoft)
  1299. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  1300. USBD.SYS Universal Serial Bus Driver (Microsoft)
  1301. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  1302. usbhub.sys Default Hub Driver for USB (Microsoft)
  1303. UsbHub3.sys USB3 HUB driver (Microsoft)
  1304. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  1305. USBXHCI.SYS USB XHCI driver (Microsoft)
  1306. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  1307. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  1308. volmgr.sys Volume Manager Driver (Microsoft)
  1309. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  1310. volsnap.sys Volume Shadow Copy driver (Microsoft)
  1311. volume.sys Volume driver (Microsoft)
  1312. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  1313. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  1314. watchdog.sys Watchdog driver (Microsoft)
  1315. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  1316. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  1317. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  1318. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  1319. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  1320. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  1321. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  1322. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  1323. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  1324. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  1325. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  1326. winquic.sys QUIC Transport Protocol driver (Microsoft)
  1327. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  1328. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  1329. Wof.sys Windows Overlay Filter (Microsoft)
  1330. WppRecorder.sys WPP Trace Recorder (Microsoft)
  1331. WSDPrint.sys Web Services Print Device driver (Microsoft)
  1332. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  1333. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  1334.  
  1335. ====================== Dump #2: UNLOADED MODULES =======================
  1336.  
  1337. fffff804`2c7f0000 fffff804`2c85f000 HdAudio.sys
  1338. fffff804`2b7a0000 fffff804`2b7f1000 WUDFRd.sys
  1339. fffff804`2a5a0000 fffff804`2a5be000 dam.sys
  1340. fffff804`29610000 fffff804`29621000 hwpolicy.sys
  1341.  
  1342. ====================== Dump #2: BIOS INFORMATION =======================
  1343.  
  1344. [SMBIOS Data Tables v2.8]
  1345. [DMI Version - 0]
  1346. [2.0 Calling Convention - No]
  1347. [Table Size - 3121 bytes]
  1348. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  1349. Vendor American Megatrends Inc.
  1350. BIOS Version 1304
  1351. BIOS Starting Address Segment f000
  1352. BIOS Release Date 07/11/2014
  1353. BIOS ROM Size 800000
  1354. BIOS Characteristics
  1355. 07: - PCI Supported
  1356. 10: - APM Supported
  1357. 11: - Upgradeable FLASH BIOS
  1358. 12: - BIOS Shadowing Supported
  1359. 15: - CD-Boot Supported
  1360. 16: - Selectable Boot Supported
  1361. 17: - BIOS ROM Socketed
  1362. 19: - EDD Supported
  1363. 23: - 1.2MB Floppy Supported
  1364. 24: - 720KB Floppy Supported
  1365. 25: - 2.88MB Floppy Supported
  1366. 26: - Print Screen Device Supported
  1367. 27: - Keyboard Services Supported
  1368. 28: - Serial Services Supported
  1369. 29: - Printer Services Supported
  1370. 32: - BIOS Vendor Reserved
  1371. BIOS Characteristic Extensions
  1372. 00: - ACPI Supported
  1373. 01: - USB Legacy Supported
  1374. 08: - BIOS Boot Specification Supported
  1375. 10: - Specification Reserved
  1376. 11: - Specification Reserved
  1377. BIOS Major Revision 4
  1378. BIOS Minor Revision 6
  1379. EC Firmware Major Revision 255
  1380. EC Firmware Minor Revision 255
  1381. [System Information (Type 1) - Length 27 - Handle 0001h]
  1382. Manufacturer ASUS
  1383. Product Name All Series
  1384. Version System Version
  1385. UUID 00000000-0000-0000-0000-000000000000
  1386. Wakeup Type Power Switch
  1387. SKUNumber All
  1388. Family ASUS MB
  1389. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  1390. Manufacturer ASUSTeK COMPUTER INC.
  1391. Product Z97-A
  1392. Version Rev 1.xx
  1393. Feature Flags 09h
  1394. 1830401760: - 1830401808: - «Q¦ý
  1395. Chassis Handle 0003h
  1396. Board Type 0ah - Processor/Memory Module
  1397. Number of Child Handles 0
  1398. [System Enclosure (Type 3) - Length 25 - Handle 0003h]
  1399. Chassis Type Desktop
  1400. Bootup State Safe
  1401. Power Supply State Safe
  1402. Thermal State Safe
  1403. Security Status None
  1404. OEM Defined 0
  1405. Height 0U
  1406. Number of Power Cords 1
  1407. Number of Contained Elements 1
  1408. Contained Element Size 3
  1409. [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
  1410. Number of Devices 2
  1411. 01: Type Video [enabled]
  1412. 02: Type Ethernet [enabled]
  1413. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  1414. Number of Strings 4
  1415. 3 Ferrari
  1416. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  1417. [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
  1418. Location 03h - SystemBoard/Motherboard
  1419. Use 03h - System Memory
  1420. Memory Error Correction 03h - None
  1421. Maximum Capacity 33554432KB
  1422. Number of Memory Devices 4
  1423. [Memory Device (Type 17) - Length 40 - Handle 0047h]
  1424. Physical Memory Array Handle 0046h
  1425. Total Width 0 bits
  1426. Data Width 0 bits
  1427. Form Factor 09h - DIMM
  1428. Device Locator DIMM_A1
  1429. Bank Locator BANK 0
  1430. Memory Type 02h - Unknown
  1431. Type Detail 0000h -
  1432. Speed 0MHz
  1433. [Memory Device (Type 17) - Length 40 - Handle 0048h]
  1434. Physical Memory Array Handle 0046h
  1435. Total Width 64 bits
  1436. Data Width 64 bits
  1437. Size 8192MB
  1438. Form Factor 09h - DIMM
  1439. Device Locator DIMM_A2
  1440. Bank Locator BANK 1
  1441. Memory Type 18h - Specification Reserved
  1442. Type Detail 0080h - Synchronous
  1443. Speed 1600MHz
  1444. Manufacturer 0215
  1445. Part Number CMY16GX3M2A1600C9
  1446. [Memory Device (Type 17) - Length 40 - Handle 0049h]
  1447. Physical Memory Array Handle 0046h
  1448. Total Width 0 bits
  1449. Data Width 0 bits
  1450. Form Factor 09h - DIMM
  1451. Device Locator DIMM_B1
  1452. Bank Locator BANK 2
  1453. Memory Type 02h - Unknown
  1454. Type Detail 0000h -
  1455. Speed 0MHz
  1456. [Memory Device (Type 17) - Length 40 - Handle 004ah]
  1457. Physical Memory Array Handle 0046h
  1458. Total Width 0 bits
  1459. Data Width 0 bits
  1460. Form Factor 09h - DIMM
  1461. Device Locator DIMM_B2
  1462. Bank Locator BANK 3
  1463. Memory Type 02h - Unknown
  1464. Type Detail 0000h -
  1465. Speed 0MHz
  1466. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
  1467. Starting Address 00000000h
  1468. Ending Address 007fffffh
  1469. Memory Array Handle 0046h
  1470. Partition Width 04
  1471. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
  1472. Starting Address 00000000h
  1473. Ending Address 007fffffh
  1474. Memory Device Handle 004ah
  1475. Mem Array Mapped Adr Handle 004bh
  1476. Interleave Position 01
  1477. Interleave Data Depth 02
  1478. [Processor Information (Type 4) - Length 42 - Handle 005ch]
  1479. Socket Designation SOCKET 1150
  1480. Processor Type Central Processor
  1481. Processor Family 01h - Other
  1482. Processor Manufacturer Intel
  1483. Processor ID c3060300fffbebbf
  1484. Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
  1485. Processor Voltage 8ch - 1.2V
  1486. External Clock 100MHz
  1487. Max Speed 3800MHz
  1488. Current Speed 4000MHz
  1489. Status Enabled Populated
  1490. Processor Upgrade Specification Reserved
  1491. L1 Cache Handle 005dh
  1492. L2 Cache Handle 005eh
  1493. L3 Cache Handle 005fh
  1494. [Cache Information (Type 7) - Length 19 - Handle 005dh]
  1495. Socket Designation CPU Internal L1
  1496. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  1497. Maximum Cache Size 0100h - 256K
  1498. Installed Size 0100h - 256K
  1499. Supported SRAM Type 0020h - Synchronous
  1500. Current SRAM Type 0020h - Synchronous
  1501. Cache Speed 0ns
  1502. Error Correction Type ParitySingle-Bit ECC
  1503. System Cache Type Other
  1504. Associativity 8-way Set-Associative
  1505. [Cache Information (Type 7) - Length 19 - Handle 005eh]
  1506. Socket Designation CPU Internal L2
  1507. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  1508. Maximum Cache Size 0400h - 1024K
  1509. Installed Size 0400h - 1024K
  1510. Supported SRAM Type 0020h - Synchronous
  1511. Current SRAM Type 0020h - Synchronous
  1512. Cache Speed 0ns
  1513. Error Correction Type Multi-Bit ECC
  1514. System Cache Type Unified
  1515. Associativity 8-way Set-Associative
  1516. [Cache Information (Type 7) - Length 19 - Handle 005fh]
  1517. Socket Designation CPU Internal L3
  1518. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  1519. Maximum Cache Size 2000h - 8192K
  1520. Installed Size 2000h - 8192K
  1521. Supported SRAM Type 0020h - Synchronous
  1522. Current SRAM Type 0020h - Synchronous
  1523. Cache Speed 0ns
  1524. Error Correction Type Specification Reserved
  1525. System Cache Type Unified
  1526. Associativity 16-way Set-Associative
  1527.  
  1528. ========================== Dump #2: Extra #1 ===========================
  1529.  
  1530. 4: kd> !verifier
  1531. Verify Flags Level 0x00000000
  1532. STANDARD FLAGS:
  1533. [X] (0x00000000) Automatic Checks
  1534. [ ] (0x00000001) Special pool
  1535. [ ] (0x00000002) Force IRQL checking
  1536. [ ] (0x00000008) Pool tracking
  1537. [ ] (0x00000010) I/O verification
  1538. [ ] (0x00000020) Deadlock detection
  1539. [ ] (0x00000080) DMA checking
  1540. [ ] (0x00000100) Security checks
  1541. [ ] (0x00000800) Miscellaneous checks
  1542. [ ] (0x00020000) DDI compliance checking
  1543. ADDITIONAL FLAGS:
  1544. [ ] (0x00000004) Randomized low resources simulation
  1545. [ ] (0x00000200) Force pending I/O requests
  1546. [ ] (0x00000400) IRP logging
  1547. [ ] (0x00002000) Invariant MDL checking for stack
  1548. [ ] (0x00004000) Invariant MDL checking for driver
  1549. [ ] (0x00008000) Power framework delay fuzzing
  1550. [ ] (0x00010000) Port/miniport interface checking
  1551. [ ] (0x00040000) Systematic low resources simulation
  1552. [ ] (0x00080000) DDI compliance checking (additional)
  1553. [ ] (0x00200000) NDIS/WIFI verification
  1554. [ ] (0x00800000) Kernel synchronization delay fuzzing
  1555. [ ] (0x01000000) VM switch verification
  1556. [ ] (0x02000000) Code integrity checks
  1557. [X] Indicates flag is enabled
  1558. Summary of All Verifier Statistics
  1559. RaiseIrqls 0x0
  1560. AcquireSpinLocks 0x0
  1561. Synch Executions 0x0
  1562. Trims 0x0
  1563. Pool Allocations Attempted 0x0
  1564. Pool Allocations Succeeded 0x0
  1565. Pool Allocations Succeeded SpecialPool 0x0
  1566. Pool Allocations With NO TAG 0x0
  1567. Pool Allocations Failed 0x0
  1568. Current paged pool allocations 0x0 for 00000000 bytes
  1569. Peak paged pool allocations 0x0 for 00000000 bytes
  1570. Current nonpaged pool allocations 0x0 for 00000000 bytes
  1571. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  1572.  
  1573. ========================== Dump #2: Extra #2 ===========================
  1574.  
  1575. 4: kd> !thread
  1576. THREAD ffffb70803a86040 Cid 052c.05b8 Teb: 000000b81eedd000 Win32Thread: 0000000000000000 RUNNING on processor 4
  1577. Not impersonating
  1578. GetUlongFromAddress: unable to read from fffff80424e2ca14
  1579. Owning Process ffffb7080397e080 Image: svchost.exe
  1580. Attached Process N/A Image: N/A
  1581. fffff78000000000: Unable to get shared data
  1582. Wait Start TickCount 1681
  1583. Context Switch Count 156 IdealProcessor: 1
  1584. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  1585. UserTime 00:00:00.000
  1586. KernelTime 00:00:00.000
  1587. Win32 Start Address 0x00007ff840113ce0
  1588. Stack Init fffff285b1e14c90 Current fffff285b1e13ad0
  1589. Base fffff285b1e15000 Limit fffff285b1e0f000 Call 0000000000000000
  1590. Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  1591. Child-SP RetAddr : Args to Child : Call Site
  1592. ffffc701`1fa0cb58 fffff804`249a4188 : 00000000`00000124 00000000`00000000 ffffb708`01314028 00000000`be000000 : nt!KeBugCheckEx
  1593. ffffc701`1fa0cb60 fffff804`28001920 : ffffb707`fcaf1bd0 00000000`00000000 ffffb708`01314028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  1594. ffffc701`1fa0cba0 fffff804`24d41092 : ffffb707`fcaf1bd0 ffffc701`1fa0cc29 00000000`00000000 ffffb708`01314028 : PSHED!PshedBugCheckSystem+0x10
  1595. ffffc701`1fa0cbd0 fffff804`249a5ae6 : ffffc701`1fa0ccf0 00000000`00000004 ffffb707`fcaf1c20 ffffb707`fcaf1bd0 : nt!WheaReportHwError+0x382
  1596. ffffc701`1fa0cc90 fffff804`249a5f7a : 00000000`00000010 ffffb707`fcaf1c20 ffffc701`1fa0ce48 ffffc701`1fa0d090 : hal!HalpMcaReportError+0x72
  1597. ffffc701`1fa0cdf0 fffff804`249a5e54 : ffffb707`fc6a7e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  1598. ffffc701`1fa0ce40 fffff804`249a60c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  1599. ffffc701`1fa0ce80 fffff804`249a5168 : 00000000`00000000 ffffc701`1fa0d110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  1600. ffffc701`1fa0ceb0 fffff804`249a6347 : ffffb707`fc6a7e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  1601. ffffc701`1fa0cee0 fffff804`24ca4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  1602. ffffc701`1fa0cf10 fffff804`24bd13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  1603. ffffc701`1fa0cf40 fffff804`24bd106f : ffffff47`00000000 fffff804`24bd0fac fffff285`b1e13f40 00000000`00000000 : nt!KxMcheckAbort+0x7a
  1604. ffffc701`1fa0d080 fffff804`24a447ef : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f (TrapFrame @ ffffc701`1fa0d090)
  1605. fffff285`b1e13f00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeYieldProcessorEx+0x1f
  1606.  
  1607.  
  1608. ========================================================================
  1609. ======================= Dump #3: ANALYZE VERBOSE =======================
  1610. ====================== File: 080920-25968-01.dmp =======================
  1611. ========================================================================
  1612.  
  1613. Mini Kernel Dump File: Only registers and stack trace are available
  1614. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  1615. Kernel base = 0xfffff807`4b200000 PsLoadedModuleList = 0xfffff807`4b648190
  1616. Debug session time: Sun Aug 9 14:58:46.298 2020 (UTC - 4:00)
  1617. System Uptime: 0 days 0:00:41.933
  1618.  
  1619. BugCheck 124, {0, ffffc80ccd0b7028, be000000, 800400}
  1620. Probably caused by : memory_corruption
  1621. Followup: memory_corruption
  1622.  
  1623. WHEA_UNCORRECTABLE_ERROR (124)
  1624. A fatal hardware error has occurred. Parameter 1 identifies the type of error
  1625. source that reported the error. Parameter 2 holds the address of the
  1626. WHEA_ERROR_RECORD structure that describes the error conditon.
  1627.  
  1628. Arguments:
  1629. Arg1: 0000000000000000, Machine Check Exception
  1630. Arg2: ffffc80ccd0b7028, Address of the WHEA_ERROR_RECORD structure.
  1631. Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
  1632. Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
  1633.  
  1634. Debugging Details:
  1635. DUMP_CLASS: 1
  1636. DUMP_QUALIFIER: 400
  1637. DUMP_TYPE: 2
  1638. BUGCHECK_STR: 0x124_GenuineIntel
  1639. CUSTOMER_CRASH_COUNT: 1
  1640. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  1641.  
  1642. PROCESS_NAME: nvcontainer.exe
  1643.  
  1644. CURRENT_IRQL: f
  1645. STACK_TEXT:
  1646. fffff807`4ea82918 fffff807`4bcff188 : 00000000`00000124 00000000`00000000 ffffc80c`cd0b7028 00000000`be000000 : nt!KeBugCheckEx
  1647. fffff807`4ea82920 fffff807`4d1f1920 : ffffc80c`cbffe430 00000000`00000000 ffffc80c`cd0b7028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  1648. fffff807`4ea82960 fffff807`4b541092 : ffffc80c`cbffe430 fffff807`4ea829e9 00000000`00000000 ffffc80c`cd0b7028 : PSHED!PshedBugCheckSystem+0x10
  1649. fffff807`4ea82990 fffff807`4bd00ae6 : fffff807`4ea82ab0 00000000`00000000 ffffc80c`cbffe480 ffffc80c`cbffe430 : nt!WheaReportHwError+0x382
  1650. fffff807`4ea82a50 fffff807`4bd00f7a : 00000000`00000010 ffffc80c`cbffe480 fffff807`4ea82c08 fffff807`4ea82e50 : hal!HalpMcaReportError+0x72
  1651. fffff807`4ea82bb0 fffff807`4bd00e54 : ffffc80c`cb2a7b80 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  1652. fffff807`4ea82c00 fffff807`4bd010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  1653. fffff807`4ea82c40 fffff807`4bd00168 : 00000000`00000000 fffff807`4ea82ed0 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  1654. fffff807`4ea82c70 fffff807`4bd01347 : ffffc80c`cb2a7b80 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  1655. fffff807`4ea82ca0 fffff807`4b4a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  1656. fffff807`4ea82cd0 fffff807`4b3d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  1657. fffff807`4ea82d00 fffff807`4b3d106f : 00000000`00000000 00000000`00000000 00000000`4c28ae45 00000000`00000000 : nt!KxMcheckAbort+0x7a
  1658. fffff807`4ea82e40 00007ffb`77c186c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f
  1659. 00000087`e0efc3c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`77c186c8
  1660. STACK_COMMAND: kb
  1661. CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
  1662. fffff267216b7809-fffff267216b780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
  1663. [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
  1664. fffff267216b7879-fffff267216b787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
  1665. [ 48 ff:4c 8b ]
  1666. fffff267216b7880-fffff267216b7883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
  1667. [ 0f 1f 44 00:e8 9b eb 20 ]
  1668. fffff267216b8985-fffff267216b8986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
  1669. [ 48 ff:4c 8b ]
  1670. fffff267216b898c-fffff267216b898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
  1671. [ 0f 1f 44 00:e8 8f da 20 ]
  1672. fffff267216b8995-fffff267216b8996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
  1673. [ 48 ff:4c 8b ]
  1674. fffff267216b899c-fffff267216b899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
  1675. [ 0f 1f 44 00:e8 7f da 20 ]
  1676. 24 errors : !win32kbase (fffff267216b7809-fffff267216b899f)
  1677. MODULE_NAME: memory_corruption
  1678.  
  1679. IMAGE_NAME: memory_corruption
  1680.  
  1681. FOLLOWUP_NAME: memory_corruption
  1682. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  1683. MEMORY_CORRUPTOR: LARGE
  1684. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1685. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  1686. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  1687. TARGET_TIME: 2020-08-09T18:58:46.000Z
  1688. SUITE_MASK: 272
  1689. PRODUCT_TYPE: 1
  1690. USER_LCID: 0
  1691. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  1692. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  1693. Followup: memory_corruption
  1694.  
  1695. ====================== Dump #3: 3RD PARTY DRIVERS ======================
  1696.  
  1697. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  1698. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  1699. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  1700. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  1701. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  1702. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  1703. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  1704. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  1705. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  1706. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  1707. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  1708. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  1709. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  1710. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  1711. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  1712. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  1713. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  1714. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  1715. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  1716. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1717. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  1718. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  1719. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  1720. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  1721. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  1722. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  1723. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  1724. Jun 23 2020 - aswNetHub.sys - Avast driver
  1725. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  1726. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  1727. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  1728. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  1729. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  1730. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  1731. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  1732.  
  1733. ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
  1734.  
  1735. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  1736. Image name: LGBusEnum.sys
  1737. Search : https://www.google.com/search?q=LGBusEnum.sys
  1738. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  1739. Timestamp : Mon Nov 23 2009
  1740.  
  1741. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  1742. Image name: sadp_npf64.sys
  1743. Search : https://www.google.com/search?q=sadp_npf64.sys
  1744. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  1745. Timestamp : Fri Jun 25 2010
  1746.  
  1747. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  1748. Image name: AsUpIO.sys
  1749. Search : https://www.google.com/search?q=AsUpIO.sys
  1750. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  1751. Timestamp : Mon Aug 2 2010
  1752.  
  1753. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  1754. Image name: BazisVirtualCDBus.sys
  1755. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  1756. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  1757. Timestamp : Mon Aug 8 2011
  1758.  
  1759. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  1760. Image name: PxHlpa64.sys
  1761. Search : https://www.google.com/search?q=PxHlpa64.sys
  1762. ADA Info : Sonic CD/DVD driver
  1763. Timestamp : Mon Oct 17 2011
  1764.  
  1765. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  1766. Image name: AiCharger.sys
  1767. Search : https://www.google.com/search?q=AiCharger.sys
  1768. ADA Info : Asus Charger driver
  1769. Timestamp : Thu Mar 22 2012
  1770.  
  1771. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  1772. Image name: AsIO.sys
  1773. Search : https://www.google.com/search?q=AsIO.sys
  1774. ADA Info : ASUS Input Output driver http://www.asus.com/
  1775. Timestamp : Wed Aug 22 2012
  1776.  
  1777. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  1778. Image name: rzpmgrk.sys
  1779. Search : https://www.google.com/search?q=rzpmgrk.sys
  1780. ADA Info : Razer Overlay Support https://www.razer.com/
  1781. Timestamp : Thu Apr 17 2014
  1782.  
  1783. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  1784. Image name: RTKVHD64.sys
  1785. Search : https://www.google.com/search?q=RTKVHD64.sys
  1786. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  1787. Timestamp : Thu Apr 24 2014
  1788.  
  1789. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  1790. Image name: TeeDriverx64.sys
  1791. Search : https://www.google.com/search?q=TeeDriverx64.sys
  1792. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  1793. Timestamp : Tue Sep 23 2014
  1794.  
  1795. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  1796. Image name: rzpnk.sys
  1797. Search : https://www.google.com/search?q=rzpnk.sys
  1798. ADA Info : Razer Overlay Support https://www.razer.com/
  1799. Timestamp : Fri Oct 17 2014
  1800.  
  1801. Image path: \SystemRoot\System32\drivers\tap0901.sys
  1802. Image name: tap0901.sys
  1803. Search : https://www.google.com/search?q=tap0901.sys
  1804. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  1805. Timestamp : Thu Apr 21 2016
  1806.  
  1807. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  1808. Image name: tapwindscribe0901.sys
  1809. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  1810. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  1811. Timestamp : Thu Mar 16 2017
  1812.  
  1813. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  1814. Image name: YSDrv.sys
  1815. Search : https://www.google.com/search?q=YSDrv.sys
  1816. ADA Info : VirtualBox Support driver
  1817. Timestamp : Wed Oct 11 2017
  1818.  
  1819. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  1820. Image name: IntelHaxm.sys
  1821. Search : https://www.google.com/search?q=IntelHaxm.sys
  1822. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  1823. Timestamp : Tue Sep 18 2018
  1824.  
  1825. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  1826. Image name: e1d65x64.sys
  1827. Search : https://www.google.com/search?q=e1d65x64.sys
  1828. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  1829. Timestamp : Thu Jan 24 2019
  1830.  
  1831. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  1832. Image name: nvvad64v.sys
  1833. Search : https://www.google.com/search?q=nvvad64v.sys
  1834. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  1835. Timestamp : Thu Mar 14 2019
  1836.  
  1837. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  1838. Image name: nvlddmkm.sys
  1839. Search : https://www.google.com/search?q=nvlddmkm.sys
  1840. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  1841. Timestamp : Wed Oct 2 2019
  1842.  
  1843. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  1844. Image name: NvModuleTracker.sys
  1845. Search : https://www.google.com/search?q=NvModuleTracker.sys
  1846. ADA Info : NVIDIA Module Tracker driver
  1847. Timestamp : Fri Nov 29 2019
  1848.  
  1849. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  1850. Image name: nvvhci.sys
  1851. Search : https://www.google.com/search?q=nvvhci.sys
  1852. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  1853. Timestamp : Fri Jan 10 2020
  1854.  
  1855. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  1856. Image name: nvhda64v.sys
  1857. Search : https://www.google.com/search?q=nvhda64v.sys
  1858. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  1859. Timestamp : Tue Jun 9 2020
  1860.  
  1861. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  1862. Image name: aswArPot.sys
  1863. Search : https://www.google.com/search?q=aswArPot.sys
  1864. ADA Info : Avast Antivirus http://www.avast.com/
  1865. Timestamp : Tue Jun 23 2020
  1866.  
  1867. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  1868. Image name: aswbidsdriver.sys
  1869. Search : https://www.google.com/search?q=aswbidsdriver.sys
  1870. ADA Info : Avast Antivirus http://www.avast.com/
  1871. Timestamp : Tue Jun 23 2020
  1872.  
  1873. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  1874. Image name: aswbidsh.sys
  1875. Search : https://www.google.com/search?q=aswbidsh.sys
  1876. ADA Info : Avast Antivirus http://www.avast.com/
  1877. Timestamp : Tue Jun 23 2020
  1878.  
  1879. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  1880. Image name: aswbuniv.sys
  1881. Search : https://www.google.com/search?q=aswbuniv.sys
  1882. ADA Info : Avast Antivirus http://www.avast.com/
  1883. Timestamp : Tue Jun 23 2020
  1884.  
  1885. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  1886. Image name: aswKbd.sys
  1887. Search : https://www.google.com/search?q=aswKbd.sys
  1888. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  1889. Timestamp : Tue Jun 23 2020
  1890.  
  1891. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  1892. Image name: aswMonFlt.sys
  1893. Search : https://www.google.com/search?q=aswMonFlt.sys
  1894. ADA Info : Avast Antivirus http://www.avast.com/
  1895. Timestamp : Tue Jun 23 2020
  1896.  
  1897. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  1898. Image name: aswNetHub.sys
  1899. Search : https://www.google.com/search?q=aswNetHub.sys
  1900. ADA Info : Avast driver
  1901. Timestamp : Tue Jun 23 2020
  1902.  
  1903. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  1904. Image name: aswRdr2.sys
  1905. Search : https://www.google.com/search?q=aswRdr2.sys
  1906. ADA Info : Avast Antivirus http://www.avast.com/
  1907. Timestamp : Tue Jun 23 2020
  1908.  
  1909. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  1910. Image name: aswRvrt.sys
  1911. Search : https://www.google.com/search?q=aswRvrt.sys
  1912. ADA Info : Avast Antivirus http://www.avast.com/
  1913. Timestamp : Tue Jun 23 2020
  1914.  
  1915. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  1916. Image name: aswSnx.sys
  1917. Search : https://www.google.com/search?q=aswSnx.sys
  1918. ADA Info : Avast Antivirus http://www.avast.com/
  1919. Timestamp : Tue Jun 23 2020
  1920.  
  1921. Image path: \SystemRoot\system32\drivers\aswSP.sys
  1922. Image name: aswSP.sys
  1923. Search : https://www.google.com/search?q=aswSP.sys
  1924. ADA Info : Avast Antivirus http://www.avast.com/
  1925. Timestamp : Tue Jun 23 2020
  1926.  
  1927. Image path: \SystemRoot\system32\drivers\aswStm.sys
  1928. Image name: aswStm.sys
  1929. Search : https://www.google.com/search?q=aswStm.sys
  1930. ADA Info : Avast Antivirus http://www.avast.com/
  1931. Timestamp : Tue Jun 23 2020
  1932.  
  1933. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  1934. Image name: aswVmm.sys
  1935. Search : https://www.google.com/search?q=aswVmm.sys
  1936. ADA Info : Avast Antivirus http://www.avast.com/
  1937. Timestamp : Tue Jun 23 2020
  1938.  
  1939. Image path: \SystemRoot\system32\drivers\aswElam.sys
  1940. Image name: aswElam.sys
  1941. Search : https://www.google.com/search?q=aswElam.sys
  1942. ADA Info : Avast ELAM driver
  1943. Timestamp : Fri Jul 17 2020
  1944.  
  1945. ====================== Dump #3: MICROSOFT DRIVERS ======================
  1946.  
  1947. ACPI.sys ACPI Driver for NT (Microsoft)
  1948. acpiex.sys ACPIEx Driver (Microsoft)
  1949. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  1950. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  1951. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  1952. ahcache.sys Application Compatibility Cache (Microsoft)
  1953. bam.sys BAM Kernal driver (Microsoft)
  1954. BasicDisplay.sys Basic Display driver (Microsoft)
  1955. BasicRender.sys Basic Render driver (Microsoft)
  1956. Beep.SYS BEEP driver (Microsoft)
  1957. BOOTVID.dll VGA Boot Driver (Microsoft)
  1958. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  1959. cdd.dll Canonical Display Driver (Microsoft)
  1960. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  1961. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  1962. CI.dll Code Integrity Module (Microsoft)
  1963. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  1964. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  1965. CLFS.SYS Common Log File System Driver (Microsoft)
  1966. clipsp.sys CLIP Service (Microsoft)
  1967. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  1968. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  1969. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  1970. crashdmp.sys Crash Dump driver (Microsoft)
  1971. csc.sys Windows Client Side Caching driver (Microsoft)
  1972. dfsc.sys DFS Namespace Client Driver (Microsoft)
  1973. disk.sys PnP Disk Driver (Microsoft)
  1974. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  1975. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1976. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1977. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  1978. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  1979. dxgmms2.sys DirectX Graphics MMS
  1980. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  1981. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  1982. fileinfo.sys FileInfo Filter Driver (Microsoft)
  1983. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  1984. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  1985. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  1986. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  1987. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  1988. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  1989. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  1990. HIDCLASS.SYS Hid Class Library (Microsoft)
  1991. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  1992. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  1993. HTTP.sys HTTP Protocol Stack (Microsoft)
  1994. intelpep.sys Intel Power Engine Plugin (Microsoft)
  1995. intelppm.sys Processor Device Driver (Microsoft)
  1996. iorate.sys I/O rate control Filter (Microsoft)
  1997. kbdclass.sys Keyboard Class Driver (Microsoft)
  1998. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  1999. kd.dll Local Kernal Debugger (Microsoft)
  2000. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  2001. ks.sys Kernal CSA Library (Microsoft)
  2002. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  2003. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  2004. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  2005. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  2006. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  2007. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  2008. mmcss.sys MMCSS Driver (Microsoft)
  2009. monitor.sys Monitor Driver (Microsoft)
  2010. mouclass.sys Mouse Class Driver (Microsoft)
  2011. mouhid.sys HID Mouse Filter Driver (Microsoft)
  2012. mountmgr.sys Mount Point Manager (Microsoft)
  2013. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  2014. mqac.sys Message Queuing Device driver (Microsoft)
  2015. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  2016. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  2017. Msfs.SYS Mailslot driver (Microsoft)
  2018. msisadrv.sys ISA Driver (Microsoft)
  2019. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  2020. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  2021. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  2022. mssmbios.sys System Management BIOS driver (Microsoft)
  2023. mup.sys Multiple UNC Provider driver (Microsoft)
  2024. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  2025. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  2026. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  2027. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  2028. netbios.sys NetBIOS Interface driver (Microsoft)
  2029. netbt.sys MBT Transport driver (Microsoft)
  2030. NETIO.SYS Network I/O Subsystem (Microsoft)
  2031. Npfs.SYS NPFS driver (Microsoft)
  2032. npsvctrig.sys Named pipe service triggers (Microsoft)
  2033. nsiproxy.sys NSI Proxy driver (Microsoft)
  2034. Ntfs.sys NT File System Driver (Microsoft)
  2035. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  2036. ntosext.sys NTOS Extension Host driver (Microsoft)
  2037. Null.SYS NULL Driver (Microsoft)
  2038. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  2039. pacer.sys QoS Packet Scheduler (Microsoft)
  2040. partmgr.sys Partition driver (Microsoft)
  2041. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  2042. pcw.sys Performance Counter Driver (Microsoft)
  2043. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  2044. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  2045. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  2046. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  2047. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  2048. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  2049. rdyboost.sys ReadyBoost Driver (Microsoft)
  2050. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  2051. serenum.sys Serial Port Enumerator (Microsoft)
  2052. serial.sys Serial Device Driver
  2053. serscan.sys Serial Imaging Device Driver (Microsoft)
  2054. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  2055. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  2056. spaceport.sys Storage Spaces driver (Microsoft)
  2057. srv.sys Server driver (Microsoft)
  2058. srv2.sys Smb 2.0 Server driver (Microsoft)
  2059. srvnet.sys Server Network driver (Microsoft)
  2060. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  2061. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  2062. storqosflt.sys Storage QoS Filter driver (Microsoft)
  2063. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  2064. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  2065. tcpip.sys TCP/IP Protocol driver (Microsoft)
  2066. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  2067. TDI.SYS TDI Wrapper driver (Microsoft)
  2068. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  2069. tm.sys Kernel Transaction Manager driver (Microsoft)
  2070. ucx01000.sys USB Controller Extension (Microsoft)
  2071. umbus.sys User-Mode Bus Enumerator (Microsoft)
  2072. umpass.sys Generic pass-through driver (Microsoft)
  2073. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  2074. USBD.SYS Universal Serial Bus Driver (Microsoft)
  2075. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  2076. usbhub.sys Default Hub Driver for USB (Microsoft)
  2077. UsbHub3.sys USB3 HUB driver (Microsoft)
  2078. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  2079. USBXHCI.SYS USB XHCI driver (Microsoft)
  2080. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  2081. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  2082. volmgr.sys Volume Manager Driver (Microsoft)
  2083. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  2084. volsnap.sys Volume Shadow Copy driver (Microsoft)
  2085. volume.sys Volume driver (Microsoft)
  2086. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  2087. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  2088. watchdog.sys Watchdog driver (Microsoft)
  2089. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  2090. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  2091. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  2092. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  2093. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  2094. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  2095. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  2096. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  2097. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  2098. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  2099. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  2100. winquic.sys QUIC Transport Protocol driver (Microsoft)
  2101. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  2102. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  2103. Wof.sys Windows Overlay Filter (Microsoft)
  2104. WppRecorder.sys WPP Trace Recorder (Microsoft)
  2105. WSDPrint.sys Web Services Print Device driver (Microsoft)
  2106. WSDScan.sys Web Service Based Scan Device driver (Microsoft)
  2107. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  2108.  
  2109. ====================== Dump #3: UNLOADED MODULES =======================
  2110.  
  2111. fffff807`4f710000 fffff807`4f71f000 dump_storpor
  2112. fffff807`4f750000 fffff807`4f77f000 dump_storahc
  2113. fffff807`4f7a0000 fffff807`4f7be000 dump_dumpfve
  2114. fffff807`52280000 fffff807`522d1000 WUDFRd.sys
  2115. fffff807`508f0000 fffff807`5090e000 dam.sys
  2116. fffff807`4e810000 fffff807`4e821000 hwpolicy.sys
  2117.  
  2118. ====================== Dump #3: BIOS INFORMATION =======================
  2119.  
  2120. sysinfo: could not find necessary interfaces.
  2121. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  2122.  
  2123. ========================== Dump #3: Extra #1 ===========================
  2124.  
  2125. 0: kd> !verifier
  2126. Verify Flags Level 0x00000000
  2127. STANDARD FLAGS:
  2128. [X] (0x00000000) Automatic Checks
  2129. [ ] (0x00000001) Special pool
  2130. [ ] (0x00000002) Force IRQL checking
  2131. [ ] (0x00000008) Pool tracking
  2132. [ ] (0x00000010) I/O verification
  2133. [ ] (0x00000020) Deadlock detection
  2134. [ ] (0x00000080) DMA checking
  2135. [ ] (0x00000100) Security checks
  2136. [ ] (0x00000800) Miscellaneous checks
  2137. [ ] (0x00020000) DDI compliance checking
  2138. ADDITIONAL FLAGS:
  2139. [ ] (0x00000004) Randomized low resources simulation
  2140. [ ] (0x00000200) Force pending I/O requests
  2141. [ ] (0x00000400) IRP logging
  2142. [ ] (0x00002000) Invariant MDL checking for stack
  2143. [ ] (0x00004000) Invariant MDL checking for driver
  2144. [ ] (0x00008000) Power framework delay fuzzing
  2145. [ ] (0x00010000) Port/miniport interface checking
  2146. [ ] (0x00040000) Systematic low resources simulation
  2147. [ ] (0x00080000) DDI compliance checking (additional)
  2148. [ ] (0x00200000) NDIS/WIFI verification
  2149. [ ] (0x00800000) Kernel synchronization delay fuzzing
  2150. [ ] (0x01000000) VM switch verification
  2151. [ ] (0x02000000) Code integrity checks
  2152. [X] Indicates flag is enabled
  2153. Summary of All Verifier Statistics
  2154. RaiseIrqls 0x0
  2155. AcquireSpinLocks 0x0
  2156. Synch Executions 0x0
  2157. Trims 0x0
  2158. Pool Allocations Attempted 0x0
  2159. Pool Allocations Succeeded 0x0
  2160. Pool Allocations Succeeded SpecialPool 0x0
  2161. Pool Allocations With NO TAG 0x0
  2162. Pool Allocations Failed 0x0
  2163. Current paged pool allocations 0x0 for 00000000 bytes
  2164. Peak paged pool allocations 0x0 for 00000000 bytes
  2165. Current nonpaged pool allocations 0x0 for 00000000 bytes
  2166. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  2167.  
  2168. ========================== Dump #3: Extra #2 ===========================
  2169.  
  2170. 0: kd> !thread
  2171. THREAD ffffc80cd476c080 Cid 0714.16c4 Teb: 00000087e0dba000 Win32Thread: ffffc80cd3c14bf0 RUNNING on processor 0
  2172. IRP List:
  2173. Unable to read nt!_IRP @ ffffc80cd35e8a70
  2174. Not impersonating
  2175. GetUlongFromAddress: unable to read from fffff8074b62ca14
  2176. Owning Process ffffc80cd4bea080 Image: nvcontainer.exe
  2177. Attached Process N/A Image: N/A
  2178. fffff78000000000: Unable to get shared data
  2179. Wait Start TickCount 2683
  2180. Context Switch Count 413 IdealProcessor: 2
  2181. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  2182. UserTime 00:00:00.000
  2183. KernelTime 00:00:00.000
  2184. Win32 Start Address 0x00007ff6737145a0
  2185. Stack Init ffffeb0ffca74c90 Current ffffeb0ffca74970
  2186. Base ffffeb0ffca75000 Limit ffffeb0ffca6f000 Call 0000000000000000
  2187. Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
  2188. Child-SP RetAddr : Args to Child : Call Site
  2189. fffff807`4ea82918 fffff807`4bcff188 : 00000000`00000124 00000000`00000000 ffffc80c`cd0b7028 00000000`be000000 : nt!KeBugCheckEx
  2190. fffff807`4ea82920 fffff807`4d1f1920 : ffffc80c`cbffe430 00000000`00000000 ffffc80c`cd0b7028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
  2191. fffff807`4ea82960 fffff807`4b541092 : ffffc80c`cbffe430 fffff807`4ea829e9 00000000`00000000 ffffc80c`cd0b7028 : PSHED!PshedBugCheckSystem+0x10
  2192. fffff807`4ea82990 fffff807`4bd00ae6 : fffff807`4ea82ab0 00000000`00000000 ffffc80c`cbffe480 ffffc80c`cbffe430 : nt!WheaReportHwError+0x382
  2193. fffff807`4ea82a50 fffff807`4bd00f7a : 00000000`00000010 ffffc80c`cbffe480 fffff807`4ea82c08 fffff807`4ea82e50 : hal!HalpMcaReportError+0x72
  2194. fffff807`4ea82bb0 fffff807`4bd00e54 : ffffc80c`cb2a7b80 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
  2195. fffff807`4ea82c00 fffff807`4bd010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
  2196. fffff807`4ea82c40 fffff807`4bd00168 : 00000000`00000000 fffff807`4ea82ed0 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
  2197. fffff807`4ea82c70 fffff807`4bd01347 : ffffc80c`cb2a7b80 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
  2198. fffff807`4ea82ca0 fffff807`4b4a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
  2199. fffff807`4ea82cd0 fffff807`4b3d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
  2200. fffff807`4ea82d00 fffff807`4b3d106f : 00000000`00000000 00000000`00000000 00000000`4c28ae45 00000000`00000000 : nt!KxMcheckAbort+0x7a
  2201. fffff807`4ea82e40 00007ffb`77c186c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f (TrapFrame @ fffff807`4ea82e50)
  2202. 00000087`e0efc3c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`77c186c8
  2203.  
  2204.  
  2205. ========================================================================
  2206. ======================= Dump #4: ANALYZE VERBOSE =======================
  2207. ====================== File: 080920-13265-01.dmp =======================
  2208. ========================================================================
  2209.  
  2210. Mini Kernel Dump File: Only registers and stack trace are available
  2211. Mini Kernel Dump does not have process information
  2212. Unable to load image Unknown_Module_00000000`00410000, Win32 error 0n2
  2213. *** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00410000
  2214. *** ERROR: Module load completed but symbols could not be loaded for Unknown_Module_00000000`00410000
  2215. Debugger can not determine kernel base address
  2216. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  2217. Kernel base = 0xfffff802`60800000 PsLoadedModuleList = 0xfffff802`60c48190
  2218. Debug session time: Sun Aug 9 15:25:06.799 2020 (UTC - 4:00)
  2219. System Uptime: 0 days 0:00:17.427
  2220. Unable to load image Unknown_Module_00000000`00410000, Win32 error 0n2
  2221. *** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00410000
  2222. *** ERROR: Module load completed but symbols could not be loaded for Unknown_Module_00000000`00410000
  2223. Debugger can not determine kernel base address
  2224.  
  2225. BugCheck 101, {18, 0, ffffad819afe0180, 2}
  2226. ***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.
  2227. Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )
  2228. Followup: MachineOwner
  2229.  
  2230. CLOCK_WATCHDOG_TIMEOUT (101)
  2231. An expected clock interrupt was not received on a secondary processor in an
  2232. MP system within the allocated interval. This indicates that the specified
  2233. processor is hung and not processing interrupts.
  2234.  
  2235. Arguments:
  2236. Arg1: 0000000000000018, Clock interrupt time out interval in nominal clock ticks.
  2237. Arg2: 0000000000000000, 0.
  2238. Arg3: ffffad819afe0180, The PRCB address of the hung processor.
  2239. Arg4: 0000000000000002, The index of the hung processor.
  2240.  
  2241. Debugging Details:
  2242. ***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.
  2243. DUMP_CLASS: 1
  2244. DUMP_QUALIFIER: 400
  2245. DUMP_TYPE: 2
  2246. BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_8_PROC
  2247. CUSTOMER_CRASH_COUNT: 1
  2248. CURRENT_IRQL: 0
  2249. STACK_TEXT:
  2250. fffff802`66275b08 fffff802`609fca42 : 00000000`00000101 00000000`00000018 00000000`00000000 ffffad81`9afe0180 : 0xfffff802`609c23c0
  2251. fffff802`66275b10 00000000`00000101 : 00000000`00000018 00000000`00000000 ffffad81`9afe0180 00000000`00000002 : 0xfffff802`609fca42
  2252. fffff802`66275b18 00000000`00000018 : 00000000`00000000 ffffad81`9afe0180 00000000`00000002 00000000`00000000 : 0x101
  2253. fffff802`66275b20 00000000`00000000 : ffffad81`9afe0180 00000000`00000002 00000000`00000000 00000000`00000000 : 0x18
  2254. STACK_COMMAND: kb
  2255. SYMBOL_NAME: ANALYSIS_INCONCLUSIVE
  2256. FOLLOWUP_NAME: MachineOwner
  2257. MODULE_NAME: Unknown_Module
  2258.  
  2259. IMAGE_NAME: Unknown_Image
  2260.  
  2261. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  2262. BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
  2263. DEFAULT_BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
  2264. PRIMARY_PROBLEM_CLASS: CORRUPT_MODULELIST
  2265. FAILURE_BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
  2266. TARGET_TIME: 2020-08-09T19:25:06.000Z
  2267. SUITE_MASK: 272
  2268. PRODUCT_TYPE: 1
  2269. USER_LCID: 0
  2270. FAILURE_ID_HASH_STRING: km:corrupt_modulelist_clock_watchdog_timeout_8_proc
  2271. FAILURE_ID_HASH: {e4bedac2-0af7-9aeb-9262-0bdc5e5aa891}
  2272. Followup: MachineOwner
  2273.  
  2274. ====================== Dump #4: 3RD PARTY DRIVERS ======================
  2275.  
  2276. unavailable - Unknown_Module_00000000`00410000 -
  2277.  
  2278. ================== Dump #4: 3RD PARTY DRIVERS (FULL) ===================
  2279.  
  2280. Image name: Unknown_Module_00000000`00410000
  2281. Search : https://www.google.com/search?q=Unknown_Module_00000000`00410000
  2282. Timestamp : unavailable (00000000)
  2283.  
  2284. ====================== Dump #4: MICROSOFT DRIVERS ======================
  2285.  
  2286.  
  2287. ====================== Dump #4: UNLOADED MODULES =======================
  2288.  
  2289.  
  2290. ====================== Dump #4: BIOS INFORMATION =======================
  2291.  
  2292. sysinfo: could not find necessary interfaces.
  2293. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  2294.  
  2295. ========================== Dump #4: Extra #1 ===========================
  2296.  
  2297. 0: kd> !verifier
  2298. 00000000: Unable to get verifier list.
  2299.  
  2300. ========================== Dump #4: Extra #2 ===========================
  2301.  
  2302. 0: kd> !thread
  2303. GetPointerFromAddress: unable to read from fffff80260b82678
  2304. ffff9a09f995b080: Unable to get thread contents
  2305.  
  2306.  
  2307. ========================================================================
  2308. ======================= Dump #5: ANALYZE VERBOSE =======================
  2309. ====================== File: 080620-72296-01.dmp =======================
  2310. ========================================================================
  2311.  
  2312. Mini Kernel Dump File: Only registers and stack trace are available
  2313. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  2314. Kernel base = 0xfffff805`14600000 PsLoadedModuleList = 0xfffff805`14a48190
  2315. Debug session time: Thu Aug 6 16:57:34.687 2020 (UTC - 4:00)
  2316. System Uptime: 0 days 0:37:14.314
  2317.  
  2318. BugCheck 9F, {3, ffff950a3fc6cda0, ffffb1884646f8b0, ffff950a58fb5a30}
  2319. Implicit thread is now ffff950a`59da8040
  2320. *** WARNING: Unable to verify timestamp for win32k.sys
  2321. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  2322. Probably caused by : memory_corruption
  2323. Followup: memory_corruption
  2324.  
  2325. DRIVER_POWER_STATE_FAILURE (9f)
  2326. A driver has failed to complete a power IRP within a specific time.
  2327.  
  2328. Arguments:
  2329. Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
  2330. Arg2: ffff950a3fc6cda0, Physical Device Object of the stack
  2331. Arg3: ffffb1884646f8b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
  2332. Arg4: ffff950a58fb5a30, The blocked IRP
  2333.  
  2334. Debugging Details:
  2335. Implicit thread is now ffff950a`59da8040
  2336. DUMP_CLASS: 1
  2337. DUMP_QUALIFIER: 400
  2338. DUMP_TYPE: 2
  2339. DRVPOWERSTATE_SUBCODE: 3
  2340. FAULTING_THREAD: 59da8040
  2341. CUSTOMER_CRASH_COUNT: 1
  2342. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  2343. BUGCHECK_STR: 0x9F
  2344.  
  2345. PROCESS_NAME: System
  2346.  
  2347. CURRENT_IRQL: 2
  2348. LAST_CONTROL_TRANSFER: from fffff805146a46ad to fffff805147c9106
  2349. STACK_TEXT:
  2350. ffffb188`4b8bc4f0 fffff805`146a46ad : ffffd900`00000001 00000000`00000008 ffffd900`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
  2351. ffffb188`4b8bc630 fffff805`146a3534 : ffff950a`59da8040 00000000`00000000 ffffb308`2a6f92c0 fffff805`00000000 : nt!KiSwapThread+0xbfd
  2352. ffffb188`4b8bc6d0 fffff805`146a2cd5 : ffffd714`21c5fda4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
  2353. ffffb188`4b8bc770 fffff805`187b9920 : ffff950a`447875b0 fffff805`00000000 ffff950a`44787500 fffff805`00000000 : nt!KeWaitForSingleObject+0x255
  2354. ffffb188`4b8bc850 fffff805`187acb89 : 00000000`00000020 00000000`00000005 ffff950a`44787590 fffff805`1879c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  2355. ffffb188`4b8bc890 fffff805`186f4728 : ffff950a`447861a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  2356. ffffb188`4b8bc8e0 fffff805`186b280d : ffff950a`447861a0 00000000`00000000 ffff950a`44786d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
  2357. ffffb188`4b8bc9d0 fffff805`186b3246 : ffff950a`447861a0 00000000`00000000 ffff950a`58fb5a30 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
  2358. ffffb188`4b8bca20 fffff805`186b3931 : 00000000`00000000 ffff950a`00000004 ffff950a`58fb5a30 ffff950a`447861a0 : ndis!ndisSetSystemPower+0x19e
  2359. ffffb188`4b8bcaa0 fffff805`186b9e84 : ffff950a`58fb5a30 ffff950a`3fc6cda0 ffff950a`58fb5b48 ffff950a`447861a0 : ndis!ndisSetPower+0x109
  2360. ffffb188`4b8bcb00 fffff805`1477a08f : ffff950a`44786050 ffffb188`4b8bcbe0 00000000`00000000 ffff950a`58fb5a30 : ndis!ndisPowerDispatch+0x114
  2361. ffffb188`4b8bcb60 fffff805`1471e155 : ffffffff`fa0a1f00 ffff950a`59da8040 fffff805`14779eb0 005f0031`00000001 : nt!PopIrpWorker+0x1df
  2362. ffffb188`4b8bcc10 fffff805`147c99c8 : ffffd900`989e2180 ffff950a`59da8040 fffff805`1471e100 004f0056`005c0000 : nt!PspSystemThreadStartup+0x55
  2363. ffffb188`4b8bcc60 00000000`00000000 : ffffb188`4b8bd000 ffffb188`4b8b7000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  2364. STACK_COMMAND: .thread 0xffff950a59da8040 ; kb
  2365. CHKIMG_EXTENSION: !chkimg -lo 50 -d !kbdclass
  2366. fffff80510dd5c1d-fffff80510dd5c1e 2 bytes - kbdclass!KeyboardClassWaitWakeComplete+1d
  2367. [ 48 ff:4c 8b ]
  2368. fffff80510dd5c24-fffff80510dd5c28 5 bytes - kbdclass!KeyboardClassWaitWakeComplete+24 (+0x07)
  2369. [ 0f 1f 44 00 00:e8 47 a9 85 03 ]
  2370. fffff80510dd5c7d-fffff80510dd5c7e 2 bytes - kbdclass!KeyboardClassWaitWakeComplete+7d (+0x59)
  2371. [ 48 ff:4c 8b ]
  2372. fffff80510dd5c84-fffff80510dd5c88 5 bytes - kbdclass!KeyboardClassWaitWakeComplete+84 (+0x07)
  2373. [ 0f 1f 44 00 00:e8 77 a6 85 03 ]
  2374. 14 errors : !kbdclass (fffff80510dd5c1d-fffff80510dd5c88)
  2375. MODULE_NAME: memory_corruption
  2376.  
  2377. IMAGE_NAME: memory_corruption
  2378.  
  2379. FOLLOWUP_NAME: memory_corruption
  2380. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  2381. MEMORY_CORRUPTOR: LARGE
  2382. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  2383. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  2384. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  2385. TARGET_TIME: 2020-08-06T20:57:34.000Z
  2386. SUITE_MASK: 272
  2387. PRODUCT_TYPE: 1
  2388. USER_LCID: 0
  2389. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  2390. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  2391. Followup: memory_corruption
  2392.  
  2393. ====================== Dump #5: 3RD PARTY DRIVERS ======================
  2394.  
  2395. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  2396. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  2397. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  2398. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  2399. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  2400. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  2401. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  2402. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  2403. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  2404. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  2405. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  2406. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  2407. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  2408. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  2409. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  2410. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  2411. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  2412. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  2413. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  2414. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  2415. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  2416. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  2417. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  2418. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  2419. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  2420. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  2421. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  2422. Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  2423. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  2424. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  2425. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  2426. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  2427. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  2428. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  2429. Jun 23 2020 - aswNetHub.sys - Avast driver
  2430. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  2431. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  2432. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  2433. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  2434. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  2435. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  2436. Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  2437. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  2438. Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  2439.  
  2440. ================== Dump #5: 3RD PARTY DRIVERS (FULL) ===================
  2441.  
  2442. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  2443. Image name: LGBusEnum.sys
  2444. Search : https://www.google.com/search?q=LGBusEnum.sys
  2445. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  2446. Timestamp : Mon Nov 23 2009
  2447.  
  2448. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  2449. Image name: sadp_npf64.sys
  2450. Search : https://www.google.com/search?q=sadp_npf64.sys
  2451. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  2452. Timestamp : Fri Jun 25 2010
  2453.  
  2454. Image path: \SystemRoot\system32\drivers\NPF.sys
  2455. Image name: NPF.sys
  2456. Search : https://www.google.com/search?q=NPF.sys
  2457. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  2458. Timestamp : Fri Jun 25 2010
  2459.  
  2460. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  2461. Image name: AsUpIO.sys
  2462. Search : https://www.google.com/search?q=AsUpIO.sys
  2463. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  2464. Timestamp : Mon Aug 2 2010
  2465.  
  2466. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  2467. Image name: BazisVirtualCDBus.sys
  2468. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  2469. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  2470. Timestamp : Mon Aug 8 2011
  2471.  
  2472. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  2473. Image name: PxHlpa64.sys
  2474. Search : https://www.google.com/search?q=PxHlpa64.sys
  2475. ADA Info : Sonic CD/DVD driver
  2476. Timestamp : Mon Oct 17 2011
  2477.  
  2478. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  2479. Image name: AiCharger.sys
  2480. Search : https://www.google.com/search?q=AiCharger.sys
  2481. ADA Info : Asus Charger driver
  2482. Timestamp : Thu Mar 22 2012
  2483.  
  2484. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  2485. Image name: GEARAspiWDM.sys
  2486. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  2487. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  2488. Timestamp : Thu May 3 2012
  2489.  
  2490. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  2491. Image name: AsIO.sys
  2492. Search : https://www.google.com/search?q=AsIO.sys
  2493. ADA Info : ASUS Input Output driver http://www.asus.com/
  2494. Timestamp : Wed Aug 22 2012
  2495.  
  2496. Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
  2497. Image name: IOMap64.sys
  2498. Search : https://www.google.com/search?q=IOMap64.sys
  2499. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  2500. Timestamp : Tue Jul 2 2013
  2501.  
  2502. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  2503. Image name: rzpmgrk.sys
  2504. Search : https://www.google.com/search?q=rzpmgrk.sys
  2505. ADA Info : Razer Overlay Support https://www.razer.com/
  2506. Timestamp : Thu Apr 17 2014
  2507.  
  2508. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  2509. Image name: RTKVHD64.sys
  2510. Search : https://www.google.com/search?q=RTKVHD64.sys
  2511. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  2512. Timestamp : Thu Apr 24 2014
  2513.  
  2514. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  2515. Image name: TeeDriverx64.sys
  2516. Search : https://www.google.com/search?q=TeeDriverx64.sys
  2517. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  2518. Timestamp : Tue Sep 23 2014
  2519.  
  2520. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  2521. Image name: rzpnk.sys
  2522. Search : https://www.google.com/search?q=rzpnk.sys
  2523. ADA Info : Razer Overlay Support https://www.razer.com/
  2524. Timestamp : Fri Oct 17 2014
  2525.  
  2526. Image path: \SystemRoot\System32\drivers\tap0901.sys
  2527. Image name: tap0901.sys
  2528. Search : https://www.google.com/search?q=tap0901.sys
  2529. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  2530. Timestamp : Thu Apr 21 2016
  2531.  
  2532. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  2533. Image name: tapwindscribe0901.sys
  2534. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  2535. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  2536. Timestamp : Thu Mar 16 2017
  2537.  
  2538. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  2539. Image name: YSDrv.sys
  2540. Search : https://www.google.com/search?q=YSDrv.sys
  2541. ADA Info : VirtualBox Support driver
  2542. Timestamp : Wed Oct 11 2017
  2543.  
  2544. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  2545. Image name: IntelHaxm.sys
  2546. Search : https://www.google.com/search?q=IntelHaxm.sys
  2547. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  2548. Timestamp : Tue Sep 18 2018
  2549.  
  2550. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  2551. Image name: e1d65x64.sys
  2552. Search : https://www.google.com/search?q=e1d65x64.sys
  2553. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  2554. Timestamp : Thu Jan 24 2019
  2555.  
  2556. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  2557. Image name: nvvad64v.sys
  2558. Search : https://www.google.com/search?q=nvvad64v.sys
  2559. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  2560. Timestamp : Thu Mar 14 2019
  2561.  
  2562. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  2563. Image name: mbae64.sys
  2564. Search : https://www.google.com/search?q=mbae64.sys
  2565. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  2566. Timestamp : Thu Apr 25 2019
  2567.  
  2568. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  2569. Image name: nvlddmkm.sys
  2570. Search : https://www.google.com/search?q=nvlddmkm.sys
  2571. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  2572. Timestamp : Wed Oct 2 2019
  2573.  
  2574. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  2575. Image name: mbamswissarmy.sys
  2576. Search : https://www.google.com/search?q=mbamswissarmy.sys
  2577. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  2578. Timestamp : Wed Nov 20 2019
  2579.  
  2580. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  2581. Image name: NvModuleTracker.sys
  2582. Search : https://www.google.com/search?q=NvModuleTracker.sys
  2583. ADA Info : NVIDIA Module Tracker driver
  2584. Timestamp : Fri Nov 29 2019
  2585.  
  2586. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  2587. Image name: nvvhci.sys
  2588. Search : https://www.google.com/search?q=nvvhci.sys
  2589. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  2590. Timestamp : Fri Jan 10 2020
  2591.  
  2592. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  2593. Image name: MbamChameleon.sys
  2594. Search : https://www.google.com/search?q=MbamChameleon.sys
  2595. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  2596. Timestamp : Thu Jun 4 2020
  2597.  
  2598. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  2599. Image name: nvhda64v.sys
  2600. Search : https://www.google.com/search?q=nvhda64v.sys
  2601. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  2602. Timestamp : Tue Jun 9 2020
  2603.  
  2604. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  2605. Image name: mwac.sys
  2606. Search : https://www.google.com/search?q=mwac.sys
  2607. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  2608. Timestamp : Mon Jun 22 2020
  2609.  
  2610. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  2611. Image name: aswArPot.sys
  2612. Search : https://www.google.com/search?q=aswArPot.sys
  2613. ADA Info : Avast Antivirus http://www.avast.com/
  2614. Timestamp : Tue Jun 23 2020
  2615.  
  2616. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  2617. Image name: aswbidsdriver.sys
  2618. Search : https://www.google.com/search?q=aswbidsdriver.sys
  2619. ADA Info : Avast Antivirus http://www.avast.com/
  2620. Timestamp : Tue Jun 23 2020
  2621.  
  2622. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  2623. Image name: aswbidsh.sys
  2624. Search : https://www.google.com/search?q=aswbidsh.sys
  2625. ADA Info : Avast Antivirus http://www.avast.com/
  2626. Timestamp : Tue Jun 23 2020
  2627.  
  2628. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  2629. Image name: aswbuniv.sys
  2630. Search : https://www.google.com/search?q=aswbuniv.sys
  2631. ADA Info : Avast Antivirus http://www.avast.com/
  2632. Timestamp : Tue Jun 23 2020
  2633.  
  2634. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  2635. Image name: aswKbd.sys
  2636. Search : https://www.google.com/search?q=aswKbd.sys
  2637. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  2638. Timestamp : Tue Jun 23 2020
  2639.  
  2640. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  2641. Image name: aswMonFlt.sys
  2642. Search : https://www.google.com/search?q=aswMonFlt.sys
  2643. ADA Info : Avast Antivirus http://www.avast.com/
  2644. Timestamp : Tue Jun 23 2020
  2645.  
  2646. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  2647. Image name: aswNetHub.sys
  2648. Search : https://www.google.com/search?q=aswNetHub.sys
  2649. ADA Info : Avast driver
  2650. Timestamp : Tue Jun 23 2020
  2651.  
  2652. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  2653. Image name: aswRdr2.sys
  2654. Search : https://www.google.com/search?q=aswRdr2.sys
  2655. ADA Info : Avast Antivirus http://www.avast.com/
  2656. Timestamp : Tue Jun 23 2020
  2657.  
  2658. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  2659. Image name: aswRvrt.sys
  2660. Search : https://www.google.com/search?q=aswRvrt.sys
  2661. ADA Info : Avast Antivirus http://www.avast.com/
  2662. Timestamp : Tue Jun 23 2020
  2663.  
  2664. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  2665. Image name: aswSnx.sys
  2666. Search : https://www.google.com/search?q=aswSnx.sys
  2667. ADA Info : Avast Antivirus http://www.avast.com/
  2668. Timestamp : Tue Jun 23 2020
  2669.  
  2670. Image path: \SystemRoot\system32\drivers\aswSP.sys
  2671. Image name: aswSP.sys
  2672. Search : https://www.google.com/search?q=aswSP.sys
  2673. ADA Info : Avast Antivirus http://www.avast.com/
  2674. Timestamp : Tue Jun 23 2020
  2675.  
  2676. Image path: \SystemRoot\system32\drivers\aswStm.sys
  2677. Image name: aswStm.sys
  2678. Search : https://www.google.com/search?q=aswStm.sys
  2679. ADA Info : Avast Antivirus http://www.avast.com/
  2680. Timestamp : Tue Jun 23 2020
  2681.  
  2682. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  2683. Image name: aswVmm.sys
  2684. Search : https://www.google.com/search?q=aswVmm.sys
  2685. ADA Info : Avast Antivirus http://www.avast.com/
  2686. Timestamp : Tue Jun 23 2020
  2687.  
  2688. Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
  2689. Image name: mbam.sys
  2690. Search : https://www.google.com/search?q=mbam.sys
  2691. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  2692. Timestamp : Tue Jul 7 2020
  2693.  
  2694. Image path: \SystemRoot\system32\drivers\aswElam.sys
  2695. Image name: aswElam.sys
  2696. Search : https://www.google.com/search?q=aswElam.sys
  2697. ADA Info : Avast ELAM driver
  2698. Timestamp : Fri Jul 17 2020
  2699.  
  2700. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  2701. Image name: farflt.sys
  2702. Search : https://www.google.com/search?q=farflt.sys
  2703. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  2704. Timestamp : Fri Jul 17 2020
  2705.  
  2706. ====================== Dump #5: MICROSOFT DRIVERS ======================
  2707.  
  2708. ACPI.sys ACPI Driver for NT (Microsoft)
  2709. acpiex.sys ACPIEx Driver (Microsoft)
  2710. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  2711. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  2712. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  2713. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  2714. ahcache.sys Application Compatibility Cache (Microsoft)
  2715. bam.sys BAM Kernal driver (Microsoft)
  2716. BasicDisplay.sys Basic Display driver (Microsoft)
  2717. BasicRender.sys Basic Render driver (Microsoft)
  2718. Beep.SYS BEEP driver (Microsoft)
  2719. bindflt.sys Windows Bind Filter driver (Microsoft)
  2720. BOOTVID.dll VGA Boot Driver (Microsoft)
  2721. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  2722. cdd.dll Canonical Display Driver (Microsoft)
  2723. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  2724. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  2725. CI.dll Code Integrity Module (Microsoft)
  2726. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  2727. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  2728. CLFS.SYS Common Log File System Driver (Microsoft)
  2729. clipsp.sys CLIP Service (Microsoft)
  2730. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  2731. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  2732. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  2733. condrv.sys Console Driver (Microsoft)
  2734. crashdmp.sys Crash Dump driver (Microsoft)
  2735. csc.sys Windows Client Side Caching driver (Microsoft)
  2736. dfsc.sys DFS Namespace Client Driver (Microsoft)
  2737. disk.sys PnP Disk Driver (Microsoft)
  2738. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  2739. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2740. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2741. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  2742. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  2743. dxgmms2.sys DirectX Graphics MMS
  2744. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  2745. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  2746. fileinfo.sys FileInfo Filter Driver (Microsoft)
  2747. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  2748. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  2749. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  2750. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  2751. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  2752. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  2753. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  2754. hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  2755. hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  2756. hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  2757. HIDCLASS.SYS Hid Class Library (Microsoft)
  2758. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  2759. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  2760. HTTP.sys HTTP Protocol Stack (Microsoft)
  2761. intelpep.sys Intel Power Engine Plugin (Microsoft)
  2762. intelppm.sys Processor Device Driver (Microsoft)
  2763. iorate.sys I/O rate control Filter (Microsoft)
  2764. kbdclass.sys Keyboard Class Driver (Microsoft)
  2765. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  2766. kd.dll Local Kernal Debugger (Microsoft)
  2767. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  2768. ks.sys Kernal CSA Library (Microsoft)
  2769. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  2770. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  2771. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  2772. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  2773. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  2774. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  2775. mmcss.sys MMCSS Driver (Microsoft)
  2776. monitor.sys Monitor Driver (Microsoft)
  2777. mouclass.sys Mouse Class Driver (Microsoft)
  2778. mouhid.sys HID Mouse Filter Driver (Microsoft)
  2779. mountmgr.sys Mount Point Manager (Microsoft)
  2780. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  2781. mqac.sys Message Queuing Device driver (Microsoft)
  2782. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  2783. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  2784. Msfs.SYS Mailslot driver (Microsoft)
  2785. msisadrv.sys ISA Driver (Microsoft)
  2786. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  2787. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  2788. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  2789. mssmbios.sys System Management BIOS driver (Microsoft)
  2790. mup.sys Multiple UNC Provider driver (Microsoft)
  2791. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  2792. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  2793. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  2794. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  2795. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  2796. NDProxy.sys NDIS Proxy driver (Microsoft)
  2797. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  2798. netbios.sys NetBIOS Interface driver (Microsoft)
  2799. netbt.sys MBT Transport driver (Microsoft)
  2800. NETIO.SYS Network I/O Subsystem (Microsoft)
  2801. Npfs.SYS NPFS driver (Microsoft)
  2802. npsvctrig.sys Named pipe service triggers (Microsoft)
  2803. nsiproxy.sys NSI Proxy driver (Microsoft)
  2804. Ntfs.sys NT File System Driver (Microsoft)
  2805. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  2806. ntosext.sys NTOS Extension Host driver (Microsoft)
  2807. Null.SYS NULL Driver (Microsoft)
  2808. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  2809. pacer.sys QoS Packet Scheduler (Microsoft)
  2810. partmgr.sys Partition driver (Microsoft)
  2811. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  2812. pcw.sys Performance Counter Driver (Microsoft)
  2813. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  2814. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  2815. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  2816. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  2817. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  2818. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  2819. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  2820. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  2821. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  2822. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  2823. rdyboost.sys ReadyBoost Driver (Microsoft)
  2824. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  2825. serenum.sys Serial Port Enumerator (Microsoft)
  2826. serial.sys Serial Device Driver
  2827. serscan.sys Serial Imaging Device Driver (Microsoft)
  2828. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  2829. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  2830. spaceport.sys Storage Spaces driver (Microsoft)
  2831. srv.sys Server driver (Microsoft)
  2832. srv2.sys Smb 2.0 Server driver (Microsoft)
  2833. srvnet.sys Server Network driver (Microsoft)
  2834. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  2835. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  2836. storqosflt.sys Storage QoS Filter driver (Microsoft)
  2837. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  2838. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  2839. tcpip.sys TCP/IP Protocol driver (Microsoft)
  2840. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  2841. TDI.SYS TDI Wrapper driver (Microsoft)
  2842. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  2843. tm.sys Kernel Transaction Manager driver (Microsoft)
  2844. ucx01000.sys USB Controller Extension (Microsoft)
  2845. umbus.sys User-Mode Bus Enumerator (Microsoft)
  2846. umpass.sys Generic pass-through driver (Microsoft)
  2847. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  2848. USBD.SYS Universal Serial Bus Driver (Microsoft)
  2849. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  2850. usbhub.sys Default Hub Driver for USB (Microsoft)
  2851. UsbHub3.sys USB3 HUB driver (Microsoft)
  2852. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  2853. USBXHCI.SYS USB XHCI driver (Microsoft)
  2854. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  2855. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  2856. volmgr.sys Volume Manager Driver (Microsoft)
  2857. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  2858. volsnap.sys Volume Shadow Copy driver (Microsoft)
  2859. volume.sys Volume driver (Microsoft)
  2860. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  2861. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  2862. watchdog.sys Watchdog driver (Microsoft)
  2863. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  2864. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  2865. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  2866. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  2867. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  2868. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  2869. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  2870. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  2871. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  2872. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  2873. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  2874. winquic.sys QUIC Transport Protocol driver (Microsoft)
  2875. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  2876. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  2877. Wof.sys Windows Overlay Filter (Microsoft)
  2878. WppRecorder.sys WPP Trace Recorder (Microsoft)
  2879. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  2880.  
  2881. ====================== Dump #5: UNLOADED MODULES =======================
  2882.  
  2883. fffff805`10bd0000 fffff805`10bde000 WSDPrint.sys
  2884. fffff805`10570000 fffff805`10b45000 iqvw64e.sys
  2885. fffff805`10be0000 fffff805`10bee000 WSDScan.sys
  2886. fffff805`19450000 fffff805`1945f000 dump_storpor
  2887. fffff805`19490000 fffff805`194bf000 dump_storahc
  2888. fffff805`194e0000 fffff805`194fe000 dump_dumpfve
  2889. fffff805`1bd80000 fffff805`1bdd1000 WUDFRd.sys
  2890. fffff805`19ef0000 fffff805`19f0e000 dam.sys
  2891. fffff805`17e20000 fffff805`17e29000 MbamElam.sys
  2892. fffff805`18e20000 fffff805`18e31000 hwpolicy.sys
  2893.  
  2894. ====================== Dump #5: BIOS INFORMATION =======================
  2895.  
  2896. sysinfo: could not find necessary interfaces.
  2897. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  2898.  
  2899. ========================== Dump #5: Extra #1 ===========================
  2900.  
  2901. 6: kd> !verifier
  2902. Verify Flags Level 0x00000000
  2903. STANDARD FLAGS:
  2904. [X] (0x00000000) Automatic Checks
  2905. [ ] (0x00000001) Special pool
  2906. [ ] (0x00000002) Force IRQL checking
  2907. [ ] (0x00000008) Pool tracking
  2908. [ ] (0x00000010) I/O verification
  2909. [ ] (0x00000020) Deadlock detection
  2910. [ ] (0x00000080) DMA checking
  2911. [ ] (0x00000100) Security checks
  2912. [ ] (0x00000800) Miscellaneous checks
  2913. [ ] (0x00020000) DDI compliance checking
  2914. ADDITIONAL FLAGS:
  2915. [ ] (0x00000004) Randomized low resources simulation
  2916. [ ] (0x00000200) Force pending I/O requests
  2917. [ ] (0x00000400) IRP logging
  2918. [ ] (0x00002000) Invariant MDL checking for stack
  2919. [ ] (0x00004000) Invariant MDL checking for driver
  2920. [ ] (0x00008000) Power framework delay fuzzing
  2921. [ ] (0x00010000) Port/miniport interface checking
  2922. [ ] (0x00040000) Systematic low resources simulation
  2923. [ ] (0x00080000) DDI compliance checking (additional)
  2924. [ ] (0x00200000) NDIS/WIFI verification
  2925. [ ] (0x00800000) Kernel synchronization delay fuzzing
  2926. [ ] (0x01000000) VM switch verification
  2927. [ ] (0x02000000) Code integrity checks
  2928. [X] Indicates flag is enabled
  2929. Summary of All Verifier Statistics
  2930. RaiseIrqls 0x0
  2931. AcquireSpinLocks 0x0
  2932. Synch Executions 0x0
  2933. Trims 0x0
  2934. Pool Allocations Attempted 0x0
  2935. Pool Allocations Succeeded 0x0
  2936. Pool Allocations Succeeded SpecialPool 0x0
  2937. Pool Allocations With NO TAG 0x0
  2938. Pool Allocations Failed 0x0
  2939. Current paged pool allocations 0x0 for 00000000 bytes
  2940. Peak paged pool allocations 0x0 for 00000000 bytes
  2941. Current nonpaged pool allocations 0x0 for 00000000 bytes
  2942. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  2943.  
  2944. ========================== Dump #5: Extra #2 ===========================
  2945.  
  2946. 6: kd> !thread
  2947. THREAD ffffd90098d8a240 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 6
  2948. Not impersonating
  2949. GetUlongFromAddress: unable to read from fffff80514a2ca14
  2950. Owning Process fffff80514b8e9c0 Image: System Process
  2951. Attached Process ffff950a3fc6b040 Image: System
  2952. fffff78000000000: Unable to get shared data
  2953. Wait Start TickCount 142991
  2954. Context Switch Count 2312886 IdealProcessor: 6
  2955. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  2956. UserTime 00:00:00.000
  2957. KernelTime 00:00:00.000
  2958. Win32 Start Address nt!KiIdleLoop (0xfffff805147c5e70)
  2959. Stack Init ffffb1884646fc90 Current ffffb1884646fc20
  2960. Base ffffb18846470000 Limit ffffb1884646a000 Call 0000000000000000
  2961. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
  2962. Child-SP RetAddr : Args to Child : Call Site
  2963. ffffb188`4646f878 fffff805`148ee7f7 : 00000000`0000009f 00000000`00000003 ffff950a`3fc6cda0 ffffb188`4646f8b0 : nt!KeBugCheckEx
  2964. ffffb188`4646f880 fffff805`148ee701 : ffff950a`559fe780 00000000`00000008 ffffd900`98d79100 ffffd900`98d79180 : nt!PopIrpWatchdogBugcheck+0xef
  2965. ffffb188`4646f8f0 fffff805`146512f9 : ffff950a`559fe7b8 00000000`00000002 00000000`00000080 ffff950a`44cce050 : nt!PopIrpWatchdog+0x31
  2966. ffffb188`4646f940 fffff805`14650059 : 00000000`00000010 00000000`00989680 00000000`00014cf0 00000000`00000008 : nt!KiProcessExpiredTimerList+0x169
  2967. ffffb188`4646fa30 fffff805`147c5eee : 00000000`00000000 ffffd900`98d79180 ffffd900`98d8a240 ffff950a`4e7ef080 : nt!KiRetireDpcList+0x4e9
  2968. ffffb188`4646fc60 00000000`00000000 : ffffb188`46470000 ffffb188`4646a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
  2969.  
  2970.  
  2971. ========================================================================
  2972. ======================= Dump #6: ANALYZE VERBOSE =======================
  2973. ====================== File: 080620-38093-01.dmp =======================
  2974. ========================================================================
  2975.  
  2976. Mini Kernel Dump File: Only registers and stack trace are available
  2977. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  2978. Kernel base = 0xfffff806`4e200000 PsLoadedModuleList = 0xfffff806`4e648190
  2979. Debug session time: Wed Aug 5 03:47:25.130 2020 (UTC - 4:00)
  2980. System Uptime: 0 days 1:43:40.758
  2981.  
  2982. BugCheck 9F, {3, ffffab0512cc9d80, fffff80653c678b0, ffffab051f3db760}
  2983. Implicit thread is now ffffab05`1ed65040
  2984. *** WARNING: Unable to verify timestamp for win32k.sys
  2985. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  2986. Probably caused by : memory_corruption
  2987. Followup: memory_corruption
  2988.  
  2989. DRIVER_POWER_STATE_FAILURE (9f)
  2990. A driver has failed to complete a power IRP within a specific time.
  2991.  
  2992. Arguments:
  2993. Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
  2994. Arg2: ffffab0512cc9d80, Physical Device Object of the stack
  2995. Arg3: fffff80653c678b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
  2996. Arg4: ffffab051f3db760, The blocked IRP
  2997.  
  2998. Debugging Details:
  2999. Implicit thread is now ffffab05`1ed65040
  3000. DUMP_CLASS: 1
  3001. DUMP_QUALIFIER: 400
  3002. DUMP_TYPE: 2
  3003. DRVPOWERSTATE_SUBCODE: 3
  3004. FAULTING_THREAD: 1ed65040
  3005. CUSTOMER_CRASH_COUNT: 1
  3006. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  3007. BUGCHECK_STR: 0x9F
  3008.  
  3009. PROCESS_NAME: System
  3010.  
  3011. CURRENT_IRQL: 2
  3012. LAST_CONTROL_TRANSFER: from fffff8064e2a46ad to fffff8064e3c9106
  3013. STACK_TEXT:
  3014. ffff830e`279e94f0 fffff806`4e2a46ad : ffff8780`00000001 00000000`0000000d ffff8780`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
  3015. ffff830e`279e9630 fffff806`4e2a3534 : ffffab05`1ed65040 00000000`00000000 ffffc209`781f9e60 fffff806`00000000 : nt!KiSwapThread+0xbfd
  3016. ffff830e`279e96d0 fffff806`4e2a2cd5 : ffffb137`7e55db97 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
  3017. ffff830e`279e9770 fffff806`533b9920 : ffffab05`177a15b0 fffff806`00000000 ffffab05`177a1500 fffff806`00000000 : nt!KeWaitForSingleObject+0x255
  3018. ffff830e`279e9850 fffff806`533acb89 : 00000000`00000020 00000000`00000005 ffffab05`177a1590 fffff806`5339c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  3019. ffff830e`279e9890 fffff806`532f4728 : ffffab05`177a01a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  3020. ffff830e`279e98e0 fffff806`532b280d : ffffab05`177a01a0 00000000`00000000 ffffab05`177a0d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
  3021. ffff830e`279e99d0 fffff806`532b3246 : ffffab05`177a01a0 00000000`00000000 ffffab05`1f3db760 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
  3022. ffff830e`279e9a20 fffff806`532b3931 : 00000000`00000000 ffffab05`00000004 ffffab05`1f3db760 ffffab05`177a01a0 : ndis!ndisSetSystemPower+0x19e
  3023. ffff830e`279e9aa0 fffff806`532b9e84 : ffffab05`1f3db760 ffffab05`12cc9d80 ffffab05`1f3db878 ffffab05`177a01a0 : ndis!ndisSetPower+0x109
  3024. ffff830e`279e9b00 fffff806`4e37a08f : ffffab05`177a0050 ffff830e`279e9be0 fffff806`4e379e00 ffffab05`1f3db760 : ndis!ndisPowerDispatch+0x114
  3025. ffff830e`279e9b60 fffff806`4e31e155 : ffffffff`fa0a1f00 ffffab05`1ed65040 fffff806`4e379eb0 00430020`00000001 : nt!PopIrpWorker+0x1df
  3026. ffff830e`279e9c10 fffff806`4e3c99c8 : ffff8780`b4d79180 ffffab05`1ed65040 fffff806`4e31e100 006e0065`0069006c : nt!PspSystemThreadStartup+0x55
  3027. ffff830e`279e9c60 00000000`00000000 : ffff830e`279ea000 ffff830e`279e4000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  3028. STACK_COMMAND: .thread 0xffffab051ed65040 ; kb
  3029. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  3030. fffff8064e2d3d52-fffff8064e2d3d57 6 bytes - nt!PspReaper+a2
  3031. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3032. fffff8064e312b5a-fffff8064e312b5f 6 bytes - nt!IopInvalidDeviceRequest+2a (+0x3ee08)
  3033. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3034. fffff8064e312b6a-fffff8064e312b6f 6 bytes - nt!KiFlushProcessTbWorker+a (+0x10)
  3035. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3036. fffff8064e312b8e-fffff8064e312b93 6 bytes - nt!MiGetNextPageTableTail+1e (+0x24)
  3037. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3038. fffff8064e312bde-fffff8064e312be3 6 bytes - nt!MiAdjustFaultList+4a (+0x50)
  3039. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3040. fffff8064e312c16-fffff8064e312c1b 6 bytes - nt!SeSetTokenTrustLink+32 (+0x38)
  3041. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3042. fffff8064e31e182-fffff8064e31e187 6 bytes - nt!PspSystemThreadStartup+82 (+0xb56c)
  3043. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3044. fffff8064e36483e-fffff8064e364843 6 bytes - nt!KiTimerExpirationDpc+de (+0x466bc)
  3045. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3046. fffff8064e36fcda-fffff8064e36fcdf 6 bytes - nt!ExpTimeZoneDpcRoutine+fa (+0xb49c)
  3047. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3048. fffff8064e37605a-fffff8064e37605f 6 bytes - nt!EmpCheckErrataList+a (+0x6380)
  3049. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3050. fffff8064e376096-fffff8064e37609b 6 bytes - nt!IoAllocateErrorLogEntry+36 (+0x3c)
  3051. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3052. fffff8064e3c239a-fffff8064e3c239b 2 bytes - nt!ZwLoadKey3+2a (+0x4c304)
  3053. [ 84 00:4c 87 ]
  3054. fffff8064e3c239d-fffff8064e3c239f 3 bytes - nt!ZwLoadKey3+2d (+0x03)
  3055. [ 00 00 00:98 c3 90 ]
  3056. fffff8064e3c23ba-fffff8064e3c23bb 2 bytes - nt!KiBugCheckReturn+16 (+0x1d)
  3057. [ 84 00:4c 87 ]
  3058. fffff8064e3c23bd-fffff8064e3c23bf 3 bytes - nt!KiBugCheckReturn+19 (+0x03)
  3059. [ 00 00 00:98 c3 90 ]
  3060. fffff8064e3c24ea-fffff8064e3c24eb 2 bytes - nt!KeBugCheckEx+12a (+0x12d)
  3061. [ 84 00:4c 87 ]
  3062. fffff8064e3c24ed-fffff8064e3c24ef 3 bytes - nt!KeBugCheckEx+12d (+0x03)
  3063. [ 00 00 00:98 c3 90 ]
  3064. fffff8064e3c25ea-fffff8064e3c25eb 2 bytes - nt!KeContextToKframes+fa (+0xfd)
  3065. [ 84 00:4c 87 ]
  3066. fffff8064e3c25ed-fffff8064e3c25ef 3 bytes - nt!KeContextToKframes+fd (+0x03)
  3067. [ 00 00 00:98 c3 90 ]
  3068. fffff8064e3c263a-fffff8064e3c263b 2 bytes - nt!KiSaveInitialProcessorControlState+4a (+0x4d)
  3069. [ 84 00:4c 87 ]
  3070. fffff8064e3c263d-fffff8064e3c263f 3 bytes - nt!KiSaveInitialProcessorControlState+4d (+0x03)
  3071. [ 00 00 00:98 c3 90 ]
  3072. fffff8064e3c270a-fffff8064e3c270f 6 bytes - nt!KiRestoreProcessorControlState+ca (+0xcd)
  3073. [ 66 0f 1f 44 00 00:4c 87 00 98 c3 90 ]
  3074. fffff8064e3c288a-fffff8064e3c288b 2 bytes - nt!KiSaveProcessorControlState+17a (+0x180)
  3075. [ 84 00:4c 87 ]
  3076. fffff8064e3c288d-fffff8064e3c288f 3 bytes - nt!KiSaveProcessorControlState+17d (+0x03)
  3077. [ 00 00 00:98 c3 90 ]
  3078. fffff8064e3c290a-fffff8064e3c290f 6 bytes - nt!KiRestoreDebugRegisterState+7a (+0x7d)
  3079. [ cc 0f 1f 44 00 00:4c 87 00 98 c3 90 ]
  3080. fffff8064e3c2a9a-fffff8064e3c2a9b 2 bytes - nt!KiSaveDebugRegisterState+18a (+0x190)
  3081. [ 84 00:4c 87 ]
  3082. fffff8064e3c2a9d-fffff8064e3c2a9f 3 bytes - nt!KiSaveDebugRegisterState+18d (+0x03)
  3083. [ 00 00 00:98 c3 90 ]
  3084. fffff8064e3c2aaa-fffff8064e3c2aaf 6 bytes - nt!KeGetCurrentStackPointer+a (+0x0d)
  3085. [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
  3086. fffff8064e3c2aba-fffff8064e3c2abb 2 bytes - nt!KeResetLegacyFloatingPointState+a (+0x10)
  3087. [ 1f 80:4c 87 ]
  3088. fffff8064e3c2abd-fffff8064e3c2abf 3 bytes - nt!KeResetLegacyFloatingPointState+d (+0x03)
  3089. [ 00 00 00:98 c3 90 ]
  3090. fffff8064e3c2aca-fffff8064e3c2acf 6 bytes - nt!KeSaveLegacyFloatingPointControlWord+a (+0x0d)
  3091. [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
  3092. fffff8064e3c2aea-fffff8064e3c2aeb 2 bytes - nt!KeRestoreLegacyFloatingPointControlWord+1a (+0x20)
  3093. [ 84 00:4c 87 ]
  3094. fffff8064e3c2aed-fffff8064e3c2aef 3 bytes - nt!KeRestoreLegacyFloatingPointControlWord+1d (+0x03)
  3095. [ 00 00 00:98 c3 90 ]
  3096. fffff8064e3c2daa-fffff8064e3c2daf 6 bytes - nt!NtContinue+2ba (+0x2bd)
  3097. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3098. fffff8064e3c916a-fffff8064e3c916f 6 bytes - nt!KiSwapContext+da (+0x63c0)
  3099. [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
  3100. fffff8064e3c91fa-fffff8064e3c91ff 6 bytes - nt!KiDispatchInterruptContinue+4a (+0x90)
  3101. [ cc cc cc 0f 1f 00:4c 87 00 98 c3 90 ]
  3102. fffff8064e3c99da-fffff8064e3c99df 6 bytes - nt!KiStartSystemThread+3a (+0x7e0)
  3103. [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
  3104. fffff8064e4b333a-fffff8064e4b333f 6 bytes - nt!KiForceIdleStopDpcRoutine+ea (+0xe9960)
  3105. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3106. fffff8064e4ee702-fffff8064e4ee707 6 bytes - nt!PopIrpWatchdog+32 (+0x3b3c8)
  3107. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3108. fffff8064e4ee7fa-fffff8064e4ee7ff 6 bytes - nt!PopIrpWatchdogBugcheck+f2 (+0xf8)
  3109. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3110. fffff8064e4ee8ee-fffff8064e4ee8f3 6 bytes - nt!PopReadShutdownPolicy+ee (+0xf4)
  3111. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3112. fffff8064eacbc4a-fffff8064eacbc4f 6 bytes - nt!PspProcessRundownWorker+aa
  3113. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3114. fffff8064eacbcb2-fffff8064eacbcb7 6 bytes - nt!PspProcessRundownWorkerSingle+62 (+0x68)
  3115. [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
  3116. 195 errors : !nt (fffff8064e2d3d52-fffff8064eacbcb7)
  3117. MODULE_NAME: memory_corruption
  3118.  
  3119. IMAGE_NAME: memory_corruption
  3120.  
  3121. FOLLOWUP_NAME: memory_corruption
  3122. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  3123. MEMORY_CORRUPTOR: LARGE
  3124. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3125. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3126. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  3127. TARGET_TIME: 2020-08-05T07:47:25.000Z
  3128. SUITE_MASK: 272
  3129. PRODUCT_TYPE: 1
  3130. USER_LCID: 0
  3131. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  3132. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  3133. Followup: memory_corruption
  3134.  
  3135. ====================== Dump #6: 3RD PARTY DRIVERS ======================
  3136.  
  3137. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  3138. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  3139. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  3140. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  3141. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  3142. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  3143. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  3144. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  3145. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  3146. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  3147. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  3148. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  3149. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  3150. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  3151. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  3152. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  3153. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  3154. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  3155. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3156. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  3157. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  3158. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  3159. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  3160. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  3161. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  3162. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  3163. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  3164. Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  3165. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  3166. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  3167. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  3168. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  3169. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  3170. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  3171. Jun 23 2020 - aswNetHub.sys - Avast driver
  3172. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  3173. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  3174. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  3175. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  3176. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  3177. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  3178. Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  3179. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  3180. Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  3181.  
  3182. ================== Dump #6: 3RD PARTY DRIVERS (FULL) ===================
  3183.  
  3184. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  3185. Image name: LGBusEnum.sys
  3186. Search : https://www.google.com/search?q=LGBusEnum.sys
  3187. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  3188. Timestamp : Mon Nov 23 2009
  3189.  
  3190. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  3191. Image name: sadp_npf64.sys
  3192. Search : https://www.google.com/search?q=sadp_npf64.sys
  3193. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  3194. Timestamp : Fri Jun 25 2010
  3195.  
  3196. Image path: \SystemRoot\system32\drivers\NPF.sys
  3197. Image name: NPF.sys
  3198. Search : https://www.google.com/search?q=NPF.sys
  3199. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  3200. Timestamp : Fri Jun 25 2010
  3201.  
  3202. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  3203. Image name: AsUpIO.sys
  3204. Search : https://www.google.com/search?q=AsUpIO.sys
  3205. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  3206. Timestamp : Mon Aug 2 2010
  3207.  
  3208. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  3209. Image name: BazisVirtualCDBus.sys
  3210. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  3211. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  3212. Timestamp : Mon Aug 8 2011
  3213.  
  3214. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  3215. Image name: PxHlpa64.sys
  3216. Search : https://www.google.com/search?q=PxHlpa64.sys
  3217. ADA Info : Sonic CD/DVD driver
  3218. Timestamp : Mon Oct 17 2011
  3219.  
  3220. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  3221. Image name: AiCharger.sys
  3222. Search : https://www.google.com/search?q=AiCharger.sys
  3223. ADA Info : Asus Charger driver
  3224. Timestamp : Thu Mar 22 2012
  3225.  
  3226. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  3227. Image name: GEARAspiWDM.sys
  3228. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  3229. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  3230. Timestamp : Thu May 3 2012
  3231.  
  3232. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  3233. Image name: AsIO.sys
  3234. Search : https://www.google.com/search?q=AsIO.sys
  3235. ADA Info : ASUS Input Output driver http://www.asus.com/
  3236. Timestamp : Wed Aug 22 2012
  3237.  
  3238. Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
  3239. Image name: IOMap64.sys
  3240. Search : https://www.google.com/search?q=IOMap64.sys
  3241. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  3242. Timestamp : Tue Jul 2 2013
  3243.  
  3244. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  3245. Image name: rzpmgrk.sys
  3246. Search : https://www.google.com/search?q=rzpmgrk.sys
  3247. ADA Info : Razer Overlay Support https://www.razer.com/
  3248. Timestamp : Thu Apr 17 2014
  3249.  
  3250. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  3251. Image name: RTKVHD64.sys
  3252. Search : https://www.google.com/search?q=RTKVHD64.sys
  3253. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  3254. Timestamp : Thu Apr 24 2014
  3255.  
  3256. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  3257. Image name: TeeDriverx64.sys
  3258. Search : https://www.google.com/search?q=TeeDriverx64.sys
  3259. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  3260. Timestamp : Tue Sep 23 2014
  3261.  
  3262. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  3263. Image name: rzpnk.sys
  3264. Search : https://www.google.com/search?q=rzpnk.sys
  3265. ADA Info : Razer Overlay Support https://www.razer.com/
  3266. Timestamp : Fri Oct 17 2014
  3267.  
  3268. Image path: \SystemRoot\System32\drivers\tap0901.sys
  3269. Image name: tap0901.sys
  3270. Search : https://www.google.com/search?q=tap0901.sys
  3271. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  3272. Timestamp : Thu Apr 21 2016
  3273.  
  3274. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  3275. Image name: tapwindscribe0901.sys
  3276. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  3277. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  3278. Timestamp : Thu Mar 16 2017
  3279.  
  3280. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  3281. Image name: YSDrv.sys
  3282. Search : https://www.google.com/search?q=YSDrv.sys
  3283. ADA Info : VirtualBox Support driver
  3284. Timestamp : Wed Oct 11 2017
  3285.  
  3286. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  3287. Image name: IntelHaxm.sys
  3288. Search : https://www.google.com/search?q=IntelHaxm.sys
  3289. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  3290. Timestamp : Tue Sep 18 2018
  3291.  
  3292. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  3293. Image name: e1d65x64.sys
  3294. Search : https://www.google.com/search?q=e1d65x64.sys
  3295. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3296. Timestamp : Thu Jan 24 2019
  3297.  
  3298. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  3299. Image name: nvvad64v.sys
  3300. Search : https://www.google.com/search?q=nvvad64v.sys
  3301. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  3302. Timestamp : Thu Mar 14 2019
  3303.  
  3304. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  3305. Image name: mbae64.sys
  3306. Search : https://www.google.com/search?q=mbae64.sys
  3307. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  3308. Timestamp : Thu Apr 25 2019
  3309.  
  3310. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  3311. Image name: nvlddmkm.sys
  3312. Search : https://www.google.com/search?q=nvlddmkm.sys
  3313. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  3314. Timestamp : Wed Oct 2 2019
  3315.  
  3316. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  3317. Image name: mbamswissarmy.sys
  3318. Search : https://www.google.com/search?q=mbamswissarmy.sys
  3319. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  3320. Timestamp : Wed Nov 20 2019
  3321.  
  3322. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  3323. Image name: NvModuleTracker.sys
  3324. Search : https://www.google.com/search?q=NvModuleTracker.sys
  3325. ADA Info : NVIDIA Module Tracker driver
  3326. Timestamp : Fri Nov 29 2019
  3327.  
  3328. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  3329. Image name: nvvhci.sys
  3330. Search : https://www.google.com/search?q=nvvhci.sys
  3331. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  3332. Timestamp : Fri Jan 10 2020
  3333.  
  3334. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  3335. Image name: MbamChameleon.sys
  3336. Search : https://www.google.com/search?q=MbamChameleon.sys
  3337. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  3338. Timestamp : Thu Jun 4 2020
  3339.  
  3340. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  3341. Image name: nvhda64v.sys
  3342. Search : https://www.google.com/search?q=nvhda64v.sys
  3343. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  3344. Timestamp : Tue Jun 9 2020
  3345.  
  3346. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  3347. Image name: mwac.sys
  3348. Search : https://www.google.com/search?q=mwac.sys
  3349. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  3350. Timestamp : Mon Jun 22 2020
  3351.  
  3352. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  3353. Image name: aswArPot.sys
  3354. Search : https://www.google.com/search?q=aswArPot.sys
  3355. ADA Info : Avast Antivirus http://www.avast.com/
  3356. Timestamp : Tue Jun 23 2020
  3357.  
  3358. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  3359. Image name: aswbidsdriver.sys
  3360. Search : https://www.google.com/search?q=aswbidsdriver.sys
  3361. ADA Info : Avast Antivirus http://www.avast.com/
  3362. Timestamp : Tue Jun 23 2020
  3363.  
  3364. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  3365. Image name: aswbidsh.sys
  3366. Search : https://www.google.com/search?q=aswbidsh.sys
  3367. ADA Info : Avast Antivirus http://www.avast.com/
  3368. Timestamp : Tue Jun 23 2020
  3369.  
  3370. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  3371. Image name: aswbuniv.sys
  3372. Search : https://www.google.com/search?q=aswbuniv.sys
  3373. ADA Info : Avast Antivirus http://www.avast.com/
  3374. Timestamp : Tue Jun 23 2020
  3375.  
  3376. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  3377. Image name: aswKbd.sys
  3378. Search : https://www.google.com/search?q=aswKbd.sys
  3379. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  3380. Timestamp : Tue Jun 23 2020
  3381.  
  3382. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  3383. Image name: aswMonFlt.sys
  3384. Search : https://www.google.com/search?q=aswMonFlt.sys
  3385. ADA Info : Avast Antivirus http://www.avast.com/
  3386. Timestamp : Tue Jun 23 2020
  3387.  
  3388. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  3389. Image name: aswNetHub.sys
  3390. Search : https://www.google.com/search?q=aswNetHub.sys
  3391. ADA Info : Avast driver
  3392. Timestamp : Tue Jun 23 2020
  3393.  
  3394. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  3395. Image name: aswRdr2.sys
  3396. Search : https://www.google.com/search?q=aswRdr2.sys
  3397. ADA Info : Avast Antivirus http://www.avast.com/
  3398. Timestamp : Tue Jun 23 2020
  3399.  
  3400. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  3401. Image name: aswRvrt.sys
  3402. Search : https://www.google.com/search?q=aswRvrt.sys
  3403. ADA Info : Avast Antivirus http://www.avast.com/
  3404. Timestamp : Tue Jun 23 2020
  3405.  
  3406. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  3407. Image name: aswSnx.sys
  3408. Search : https://www.google.com/search?q=aswSnx.sys
  3409. ADA Info : Avast Antivirus http://www.avast.com/
  3410. Timestamp : Tue Jun 23 2020
  3411.  
  3412. Image path: \SystemRoot\system32\drivers\aswSP.sys
  3413. Image name: aswSP.sys
  3414. Search : https://www.google.com/search?q=aswSP.sys
  3415. ADA Info : Avast Antivirus http://www.avast.com/
  3416. Timestamp : Tue Jun 23 2020
  3417.  
  3418. Image path: \SystemRoot\system32\drivers\aswStm.sys
  3419. Image name: aswStm.sys
  3420. Search : https://www.google.com/search?q=aswStm.sys
  3421. ADA Info : Avast Antivirus http://www.avast.com/
  3422. Timestamp : Tue Jun 23 2020
  3423.  
  3424. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  3425. Image name: aswVmm.sys
  3426. Search : https://www.google.com/search?q=aswVmm.sys
  3427. ADA Info : Avast Antivirus http://www.avast.com/
  3428. Timestamp : Tue Jun 23 2020
  3429.  
  3430. Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
  3431. Image name: mbam.sys
  3432. Search : https://www.google.com/search?q=mbam.sys
  3433. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  3434. Timestamp : Tue Jul 7 2020
  3435.  
  3436. Image path: \SystemRoot\system32\drivers\aswElam.sys
  3437. Image name: aswElam.sys
  3438. Search : https://www.google.com/search?q=aswElam.sys
  3439. ADA Info : Avast ELAM driver
  3440. Timestamp : Fri Jul 17 2020
  3441.  
  3442. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  3443. Image name: farflt.sys
  3444. Search : https://www.google.com/search?q=farflt.sys
  3445. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  3446. Timestamp : Fri Jul 17 2020
  3447.  
  3448. ====================== Dump #6: MICROSOFT DRIVERS ======================
  3449.  
  3450. ACPI.sys ACPI Driver for NT (Microsoft)
  3451. acpiex.sys ACPIEx Driver (Microsoft)
  3452. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  3453. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  3454. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  3455. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  3456. ahcache.sys Application Compatibility Cache (Microsoft)
  3457. bam.sys BAM Kernal driver (Microsoft)
  3458. BasicDisplay.sys Basic Display driver (Microsoft)
  3459. BasicRender.sys Basic Render driver (Microsoft)
  3460. Beep.SYS BEEP driver (Microsoft)
  3461. bindflt.sys Windows Bind Filter driver (Microsoft)
  3462. BOOTVID.dll VGA Boot Driver (Microsoft)
  3463. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  3464. cdd.dll Canonical Display Driver (Microsoft)
  3465. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  3466. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  3467. CI.dll Code Integrity Module (Microsoft)
  3468. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  3469. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  3470. CLFS.SYS Common Log File System Driver (Microsoft)
  3471. clipsp.sys CLIP Service (Microsoft)
  3472. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  3473. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  3474. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  3475. condrv.sys Console Driver (Microsoft)
  3476. crashdmp.sys Crash Dump driver (Microsoft)
  3477. csc.sys Windows Client Side Caching driver (Microsoft)
  3478. dfsc.sys DFS Namespace Client Driver (Microsoft)
  3479. disk.sys PnP Disk Driver (Microsoft)
  3480. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  3481. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3482. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3483. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  3484. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  3485. dxgmms2.sys DirectX Graphics MMS
  3486. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  3487. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  3488. fileinfo.sys FileInfo Filter Driver (Microsoft)
  3489. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  3490. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  3491. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  3492. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  3493. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  3494. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  3495. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  3496. hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  3497. hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  3498. hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  3499. HIDCLASS.SYS Hid Class Library (Microsoft)
  3500. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  3501. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  3502. HTTP.sys HTTP Protocol Stack (Microsoft)
  3503. intelpep.sys Intel Power Engine Plugin (Microsoft)
  3504. intelppm.sys Processor Device Driver (Microsoft)
  3505. iorate.sys I/O rate control Filter (Microsoft)
  3506. kbdclass.sys Keyboard Class Driver (Microsoft)
  3507. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  3508. kd.dll Local Kernal Debugger (Microsoft)
  3509. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  3510. ks.sys Kernal CSA Library (Microsoft)
  3511. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  3512. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  3513. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  3514. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  3515. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  3516. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  3517. mmcss.sys MMCSS Driver (Microsoft)
  3518. monitor.sys Monitor Driver (Microsoft)
  3519. mouclass.sys Mouse Class Driver (Microsoft)
  3520. mouhid.sys HID Mouse Filter Driver (Microsoft)
  3521. mountmgr.sys Mount Point Manager (Microsoft)
  3522. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  3523. mqac.sys Message Queuing Device driver (Microsoft)
  3524. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  3525. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  3526. Msfs.SYS Mailslot driver (Microsoft)
  3527. msisadrv.sys ISA Driver (Microsoft)
  3528. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  3529. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  3530. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  3531. mssmbios.sys System Management BIOS driver (Microsoft)
  3532. mup.sys Multiple UNC Provider driver (Microsoft)
  3533. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  3534. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  3535. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  3536. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  3537. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  3538. NDProxy.sys NDIS Proxy driver (Microsoft)
  3539. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  3540. netbios.sys NetBIOS Interface driver (Microsoft)
  3541. netbt.sys MBT Transport driver (Microsoft)
  3542. NETIO.SYS Network I/O Subsystem (Microsoft)
  3543. Npfs.SYS NPFS driver (Microsoft)
  3544. npsvctrig.sys Named pipe service triggers (Microsoft)
  3545. nsiproxy.sys NSI Proxy driver (Microsoft)
  3546. Ntfs.sys NT File System Driver (Microsoft)
  3547. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  3548. ntosext.sys NTOS Extension Host driver (Microsoft)
  3549. Null.SYS NULL Driver (Microsoft)
  3550. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  3551. pacer.sys QoS Packet Scheduler (Microsoft)
  3552. partmgr.sys Partition driver (Microsoft)
  3553. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  3554. pcw.sys Performance Counter Driver (Microsoft)
  3555. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  3556. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  3557. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  3558. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  3559. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  3560. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  3561. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  3562. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  3563. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  3564. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  3565. rdyboost.sys ReadyBoost Driver (Microsoft)
  3566. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  3567. serenum.sys Serial Port Enumerator (Microsoft)
  3568. serial.sys Serial Device Driver
  3569. serscan.sys Serial Imaging Device Driver (Microsoft)
  3570. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  3571. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  3572. spaceport.sys Storage Spaces driver (Microsoft)
  3573. srv.sys Server driver (Microsoft)
  3574. srv2.sys Smb 2.0 Server driver (Microsoft)
  3575. srvnet.sys Server Network driver (Microsoft)
  3576. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  3577. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  3578. storqosflt.sys Storage QoS Filter driver (Microsoft)
  3579. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  3580. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  3581. tcpip.sys TCP/IP Protocol driver (Microsoft)
  3582. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  3583. TDI.SYS TDI Wrapper driver (Microsoft)
  3584. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  3585. tm.sys Kernel Transaction Manager driver (Microsoft)
  3586. ucx01000.sys USB Controller Extension (Microsoft)
  3587. umbus.sys User-Mode Bus Enumerator (Microsoft)
  3588. umpass.sys Generic pass-through driver (Microsoft)
  3589. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  3590. USBD.SYS Universal Serial Bus Driver (Microsoft)
  3591. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  3592. usbhub.sys Default Hub Driver for USB (Microsoft)
  3593. UsbHub3.sys USB3 HUB driver (Microsoft)
  3594. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  3595. USBXHCI.SYS USB XHCI driver (Microsoft)
  3596. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  3597. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  3598. volmgr.sys Volume Manager Driver (Microsoft)
  3599. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  3600. volsnap.sys Volume Shadow Copy driver (Microsoft)
  3601. volume.sys Volume driver (Microsoft)
  3602. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  3603. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  3604. watchdog.sys Watchdog driver (Microsoft)
  3605. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  3606. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  3607. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  3608. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  3609. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  3610. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  3611. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  3612. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  3613. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  3614. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  3615. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  3616. winquic.sys QUIC Transport Protocol driver (Microsoft)
  3617. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  3618. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  3619. Wof.sys Windows Overlay Filter (Microsoft)
  3620. WppRecorder.sys WPP Trace Recorder (Microsoft)
  3621. WSDPrint.sys Web Services Print Device driver (Microsoft)
  3622. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  3623.  
  3624. ====================== Dump #6: UNLOADED MODULES =======================
  3625.  
  3626. fffff806`4cbd0000 fffff806`4cbe4000 mbam.sys
  3627. fffff806`556b0000 fffff806`556e4000 farflt.sys
  3628. fffff806`4cba0000 fffff806`4cbc3000 mwac.sys
  3629. fffff806`4c480000 fffff806`4ca55000 iqvw64e.sys
  3630. fffff806`4b0e0000 fffff806`4b0ee000 WSDScan.sys
  3631. fffff806`54120000 fffff806`5412f000 dump_storpor
  3632. fffff806`54160000 fffff806`5418f000 dump_storahc
  3633. fffff806`541b0000 fffff806`541ce000 dump_dumpfve
  3634. fffff806`569b0000 fffff806`56a01000 WUDFRd.sys
  3635. fffff806`54af0000 fffff806`54b0e000 dam.sys
  3636. fffff806`52a20000 fffff806`52a29000 MbamElam.sys
  3637. fffff806`53a20000 fffff806`53a31000 hwpolicy.sys
  3638.  
  3639. ====================== Dump #6: BIOS INFORMATION =======================
  3640.  
  3641. sysinfo: could not find necessary interfaces.
  3642. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  3643.  
  3644. ========================== Dump #6: Extra #1 ===========================
  3645.  
  3646. 0: kd> !verifier
  3647. Verify Flags Level 0x00000000
  3648. STANDARD FLAGS:
  3649. [X] (0x00000000) Automatic Checks
  3650. [ ] (0x00000001) Special pool
  3651. [ ] (0x00000002) Force IRQL checking
  3652. [ ] (0x00000008) Pool tracking
  3653. [ ] (0x00000010) I/O verification
  3654. [ ] (0x00000020) Deadlock detection
  3655. [ ] (0x00000080) DMA checking
  3656. [ ] (0x00000100) Security checks
  3657. [ ] (0x00000800) Miscellaneous checks
  3658. [ ] (0x00020000) DDI compliance checking
  3659. ADDITIONAL FLAGS:
  3660. [ ] (0x00000004) Randomized low resources simulation
  3661. [ ] (0x00000200) Force pending I/O requests
  3662. [ ] (0x00000400) IRP logging
  3663. [ ] (0x00002000) Invariant MDL checking for stack
  3664. [ ] (0x00004000) Invariant MDL checking for driver
  3665. [ ] (0x00008000) Power framework delay fuzzing
  3666. [ ] (0x00010000) Port/miniport interface checking
  3667. [ ] (0x00040000) Systematic low resources simulation
  3668. [ ] (0x00080000) DDI compliance checking (additional)
  3669. [ ] (0x00200000) NDIS/WIFI verification
  3670. [ ] (0x00800000) Kernel synchronization delay fuzzing
  3671. [ ] (0x01000000) VM switch verification
  3672. [ ] (0x02000000) Code integrity checks
  3673. [X] Indicates flag is enabled
  3674. Summary of All Verifier Statistics
  3675. RaiseIrqls 0x0
  3676. AcquireSpinLocks 0x0
  3677. Synch Executions 0x0
  3678. Trims 0x0
  3679. Pool Allocations Attempted 0x0
  3680. Pool Allocations Succeeded 0x0
  3681. Pool Allocations Succeeded SpecialPool 0x0
  3682. Pool Allocations With NO TAG 0x0
  3683. Pool Allocations Failed 0x0
  3684. Current paged pool allocations 0x0 for 00000000 bytes
  3685. Peak paged pool allocations 0x0 for 00000000 bytes
  3686. Current nonpaged pool allocations 0x0 for 00000000 bytes
  3687. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  3688.  
  3689. ========================== Dump #6: Extra #2 ===========================
  3690.  
  3691. 0: kd> !thread
  3692. THREAD fffff8064e791400 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
  3693. Not impersonating
  3694. GetUlongFromAddress: unable to read from fffff8064e62ca14
  3695. Owning Process fffff8064e78e9c0 Image: System Process
  3696. Attached Process ffffab0512c84040 Image: System
  3697. fffff78000000000: Unable to get shared data
  3698. Wait Start TickCount 398124
  3699. Context Switch Count 13875424 IdealProcessor: 0
  3700. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  3701. UserTime 00:00:00.000
  3702. KernelTime 00:00:00.000
  3703. Win32 Start Address nt!KiIdleLoop (0xfffff8064e3c5e70)
  3704. Stack Init fffff80653c67c90 Current fffff80653c67c20
  3705. Base fffff80653c68000 Limit fffff80653c62000 Call 0000000000000000
  3706. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 5
  3707. Child-SP RetAddr : Args to Child : Call Site
  3708. fffff806`53c67878 fffff806`4e4ee7f7 : 00000000`0000009f 00000000`00000003 ffffab05`12cc9d80 fffff806`53c678b0 : nt!KeBugCheckEx
  3709. fffff806`53c67880 fffff806`4e4ee701 : ffffab05`1e737390 00000000`00000001 fffff806`4d07e100 fffff806`4d07e180 : nt!PopIrpWatchdogBugcheck+0xef
  3710. fffff806`53c678f0 fffff806`4e2512f9 : ffffab05`1e7373c8 0000000e`7bdc3fc8 00000001`00000002 ffffab05`17cbe050 : nt!PopIrpWatchdog+0x31
  3711. fffff806`53c67940 fffff806`4e250059 : 00000000`0000001e 00000000`00989680 00000000`00039ef7 00000000`0000000f : nt!KiProcessExpiredTimerList+0x169
  3712. fffff806`53c67a30 fffff806`4e3c5eee : 00000000`00000000 fffff806`4d07e180 fffff806`4e791400 ffffab05`1fe31080 : nt!KiRetireDpcList+0x4e9
  3713. fffff806`53c67c60 00000000`00000000 : fffff806`53c68000 fffff806`53c62000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
  3714.  
  3715.  
  3716. ========================================================================
  3717. ======================= Dump #7: ANALYZE VERBOSE =======================
  3718. ====================== File: 080320-34765-01.dmp =======================
  3719. ========================================================================
  3720.  
  3721. Mini Kernel Dump File: Only registers and stack trace are available
  3722. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  3723. Kernel base = 0xfffff801`10200000 PsLoadedModuleList = 0xfffff801`10648190
  3724. Debug session time: Tue Aug 4 04:52:30.273 2020 (UTC - 4:00)
  3725. System Uptime: 0 days 1:11:35.901
  3726.  
  3727. BugCheck 1000009F, {4, 12c, ffffb20a31446040, ffffe58e2b8538e0}
  3728. Implicit thread is now ffffb20a`31446040
  3729. *** WARNING: Unable to verify timestamp for win32k.sys
  3730. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  3731. Probably caused by : memory_corruption
  3732. Followup: memory_corruption
  3733.  
  3734. DRIVER_POWER_STATE_FAILURE (9f)
  3735. A driver has failed to complete a power IRP within a specific time.
  3736.  
  3737. Arguments:
  3738. Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
  3739. subsystem.
  3740. Arg2: 000000000000012c, Timeout in seconds.
  3741. Arg3: ffffb20a31446040, The thread currently holding on to the Pnp lock.
  3742. Arg4: ffffe58e2b8538e0, nt!TRIAGE_9F_PNP on Win7 and higher
  3743.  
  3744. Debugging Details:
  3745. Implicit thread is now ffffb20a`31446040
  3746. DUMP_CLASS: 1
  3747. DUMP_QUALIFIER: 400
  3748. DUMP_TYPE: 2
  3749. DRVPOWERSTATE_SUBCODE: 4
  3750. FAULTING_THREAD: 31446040
  3751. CUSTOMER_CRASH_COUNT: 1
  3752. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  3753. BUGCHECK_STR: 0x9F
  3754.  
  3755. PROCESS_NAME: System
  3756.  
  3757. CURRENT_IRQL: 2
  3758. LOCK_ADDRESS: fffff801106629e0 -- (!locks fffff801106629e0)
  3759. Resource @ nt!PiEngineLock (0xfffff801106629e0) Exclusively owned
  3760. Contention Count = 27
  3761. NumberOfExclusiveWaiters = 3
  3762. Threads: ffffb20a31446040-01<*> << Too many exclusive waiters to list>>
  3763. 1 total locks, 1 locks currently held
  3764. PNP_TRIAGE:
  3765. Lock address : 0xfffff801106629e0
  3766. Thread Count : 1
  3767. Thread address: 0xffffb20a31446040
  3768. Thread wait : 0x3e6f9
  3769. LAST_CONTROL_TRANSFER: from fffff801102a46ad to fffff801103c9106
  3770. STACK_TEXT:
  3771. ffffe58e`345a9f30 fffff801`102a46ad : ffffa081`f77d2180 8000007f`fffffffe ffffa081`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  3772. ffffe58e`345aa070 fffff801`102a3534 : ffffb20a`31446040 00000000`00000000 ffffb20a`00000000 ffff8280`00000000 : nt!KiSwapThread+0xbfd
  3773. ffffe58e`345aa110 fffff801`102a2cd5 : 00000000`00000001 fffff801`00000000 ffffb20a`224a6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  3774. ffffe58e`345aa1b0 fffff801`143b9920 : ffffb20a`2229c5b0 fffff801`00000000 ffffb20a`2229b100 fffff801`00000000 : nt!KeWaitForSingleObject+0x255
  3775. ffffe58e`345aa290 fffff801`143acb89 : 00000000`00000008 ffffe58e`345aa330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  3776. ffffe58e`345aa2d0 fffff801`143abefd : ffff8280`e5df2680 fffff801`143abee0 ffff8280`e56449d8 fffff801`1436c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  3777. ffffe58e`345aa320 fffff801`143a7933 : ffff8280`e5df26c0 fffff801`143abee0 ffff8280`e56449d8 ffffb20a`2229b1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  3778. ffffe58e`345aa350 fffff801`143a7879 : 00000000`00000000 fffff801`1436c6d8 00000000`00000000 ffff8280`e56449d0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  3779. ffffe58e`345aa3a0 fffff801`143a768b : 00000000`00000000 ffffb20a`2936cd18 00000000`00000010 fffff801`142bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  3780. ffffe58e`345aa3d0 fffff801`143d9934 : ffffb20a`2936c9a0 ffffe58e`345aa4e8 ffffe58e`345aa4e8 ffffb20a`2936c9e8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  3781. ffffe58e`345aa420 fffff801`143327c6 : ffffb20a`2936c9a0 fffff801`14385050 fffff801`14385050 fffff801`1436d790 : ndis!NdisDeregisterProtocol+0xd4
  3782. ffffe58e`345aa490 fffff801`0c39111a : fffff801`0c399000 fffff801`00000000 ffffb20a`2936b9b0 ffffe58e`345aa570 : ndis!NdisDeregisterProtocolDriver+0x66
  3783. ffffe58e`345aa4e0 fffff801`0c39c484 : 00000000`000000e7 ffffe58e`345aa568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  3784. ffffe58e`345aa510 fffff801`143b7d73 : ffffb20a`2936b9b0 ffffb20a`2936b9b0 fffff801`14385050 ffffb20a`293cae30 : raspppoe!MpUnload+0x44
  3785. ffffe58e`345aa540 fffff801`1433cdd4 : ffffb20a`293cae30 00000000`00000000 ffffb20a`293cae30 ffffb20a`293cae30 : ndis!ndisMInvokeDriverUnload+0x67
  3786. ffffe58e`345aa580 fffff801`109662d7 : ffffb20a`293cae30 00000000`00000000 ffffe58e`345aa740 ffff8280`f3048050 : ndis!ndisMUnloadEx+0x94
  3787. ffffe58e`345aa5e0 fffff801`109319ce : ffffb20a`293caf80 00000000`00000000 fffff801`1098cb01 ffffb20a`293cae30 : nt!IopUnloadDriver+0x20f
  3788. ffffe58e`345aa710 fffff801`10372004 : ffffb20a`2938ba20 ffffd076`db786c10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  3789. ffffe58e`345aa760 fffff801`109315cf : ffffb20a`2938ba20 fffff801`00000000 00000000`00000000 fffff801`10662940 : nt!PnpRemoveLockedDeviceNode+0x240
  3790. ffffe58e`345aa7c0 fffff801`1093126a : ffffb20a`2938ba20 ffffe58e`345aa840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  3791. ffffe58e`345aa800 fffff801`10932b51 : ffffb20a`2887dde0 00000000`00000002 ffffb20a`28564290 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  3792. ffffe58e`345aa880 fffff801`10930994 : 00000000`00000000 ffffe58e`345aa900 ffffb20a`2887dde0 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  3793. ffffe58e`345aa8d0 fffff801`10930371 : ffffb20a`28564290 00000000`00000001 ffffb20a`28564290 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
  3794. ffffe58e`345aa910 fffff801`10371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffb20a`27b9c9a0 : nt!PnpChainDereferenceComplete+0xfd
  3795. ffffe58e`345aa940 fffff801`1092fb1a : 00000000`00000008 ffffe58e`345aaa49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  3796. ffffe58e`345aa9c0 fffff801`1090924e : ffffe58e`345aab10 ffffb20a`27b9c900 ffffe58e`345aab00 ffff8281`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  3797. ffffe58e`345aaab0 fffff801`107c96d8 : ffff8281`13943140 ffff8281`18616b10 ffff8281`18616b10 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  3798. ffffe58e`345aaae0 fffff801`10283965 : ffffb20a`1d924c50 ffffb20a`31446040 ffffb20a`1d924c50 ffffb20a`2e470e08 : nt!PnpDeviceEventWorker+0x2d8
  3799. ffffe58e`345aab70 fffff801`1031e155 : ffffb20a`31446040 00000000`00000080 ffffb20a`1d862040 00000000`00000001 : nt!ExpWorkerThread+0x105
  3800. ffffe58e`345aac10 fffff801`103c99c8 : ffffa081`f76c6180 ffffb20a`31446040 fffff801`1031e100 000001d9`66b3fd70 : nt!PspSystemThreadStartup+0x55
  3801. ffffe58e`345aac60 00000000`00000000 : ffffe58e`345ab000 ffffe58e`345a5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  3802. STACK_COMMAND: .thread 0xffffb20a31446040 ; kb
  3803. CHKIMG_EXTENSION: !chkimg -lo 50 -d !ndis
  3804. fffff801142a26ec-fffff801142a26ed 2 bytes - ndis!ndisMTimerDpcX+3c
  3805. [ 48 ff:4c 8b ]
  3806. fffff801142a26f3-fffff801142a26f7 5 bytes - ndis!ndisMTimerDpcX+43 (+0x07)
  3807. [ 0f 1f 44 00 00:e8 78 de f8 fb ]
  3808. fffff801142a2732-fffff801142a2733 2 bytes - ndis!ndisMTimerDpcX+82 (+0x3f)
  3809. [ 48 ff:4c 8b ]
  3810. fffff801142a2739-fffff801142a273d 5 bytes - ndis!ndisMTimerDpcX+89 (+0x07)
  3811. [ 0f 1f 44 00 00:e8 c2 db f8 fb ]
  3812. fffff801142a278b-fffff801142a2790 6 bytes - ndis!ndisMTimerDpcX+db (+0x52)
  3813. [ ff 15 17 24 0f 00:e8 10 fb 16 00 90 ]
  3814. fffff801142a279d-fffff801142a279e 2 bytes - ndis!ndisMTimerDpcX+ed (+0x12)
  3815. [ 48 ff:4c 8b ]
  3816. fffff801142a27a4-fffff801142a27a8 5 bytes - ndis!ndisMTimerDpcX+f4 (+0x07)
  3817. [ 0f 1f 44 00 00:e8 c7 dd f8 fb ]
  3818. 27 errors : !ndis (fffff801142a26ec-fffff801142a27a8)
  3819. MODULE_NAME: memory_corruption
  3820.  
  3821. IMAGE_NAME: memory_corruption
  3822.  
  3823. FOLLOWUP_NAME: memory_corruption
  3824. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  3825. MEMORY_CORRUPTOR: LARGE
  3826. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3827. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  3828. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  3829. TARGET_TIME: 2020-08-04T08:52:30.000Z
  3830. SUITE_MASK: 272
  3831. PRODUCT_TYPE: 1
  3832. USER_LCID: 0
  3833. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  3834. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  3835. Followup: memory_corruption
  3836.  
  3837. ====================== Dump #7: 3RD PARTY DRIVERS ======================
  3838.  
  3839. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  3840. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  3841. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  3842. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  3843. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  3844. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  3845. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  3846. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  3847. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  3848. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  3849. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  3850. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  3851. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  3852. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  3853. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  3854. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  3855. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  3856. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  3857. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3858. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  3859. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  3860. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  3861. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  3862. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  3863. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  3864. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  3865. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  3866. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  3867. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  3868. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  3869. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  3870. Jun 23 2020 - aswNetHub.sys - Avast driver
  3871. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  3872. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  3873. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  3874. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  3875. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  3876. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  3877.  
  3878. ================== Dump #7: 3RD PARTY DRIVERS (FULL) ===================
  3879.  
  3880. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  3881. Image name: LGBusEnum.sys
  3882. Search : https://www.google.com/search?q=LGBusEnum.sys
  3883. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  3884. Timestamp : Mon Nov 23 2009
  3885.  
  3886. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  3887. Image name: sadp_npf64.sys
  3888. Search : https://www.google.com/search?q=sadp_npf64.sys
  3889. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  3890. Timestamp : Fri Jun 25 2010
  3891.  
  3892. Image path: \SystemRoot\system32\drivers\NPF.sys
  3893. Image name: NPF.sys
  3894. Search : https://www.google.com/search?q=NPF.sys
  3895. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  3896. Timestamp : Fri Jun 25 2010
  3897.  
  3898. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  3899. Image name: AsUpIO.sys
  3900. Search : https://www.google.com/search?q=AsUpIO.sys
  3901. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  3902. Timestamp : Mon Aug 2 2010
  3903.  
  3904. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  3905. Image name: BazisVirtualCDBus.sys
  3906. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  3907. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  3908. Timestamp : Mon Aug 8 2011
  3909.  
  3910. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  3911. Image name: PxHlpa64.sys
  3912. Search : https://www.google.com/search?q=PxHlpa64.sys
  3913. ADA Info : Sonic CD/DVD driver
  3914. Timestamp : Mon Oct 17 2011
  3915.  
  3916. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  3917. Image name: AiCharger.sys
  3918. Search : https://www.google.com/search?q=AiCharger.sys
  3919. ADA Info : Asus Charger driver
  3920. Timestamp : Thu Mar 22 2012
  3921.  
  3922. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  3923. Image name: GEARAspiWDM.sys
  3924. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  3925. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  3926. Timestamp : Thu May 3 2012
  3927.  
  3928. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  3929. Image name: AsIO.sys
  3930. Search : https://www.google.com/search?q=AsIO.sys
  3931. ADA Info : ASUS Input Output driver http://www.asus.com/
  3932. Timestamp : Wed Aug 22 2012
  3933.  
  3934. Image name: IOMap64.sys
  3935. Search : https://www.google.com/search?q=IOMap64.sys
  3936. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  3937. Timestamp : Tue Jul 2 2013
  3938.  
  3939. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  3940. Image name: rzpmgrk.sys
  3941. Search : https://www.google.com/search?q=rzpmgrk.sys
  3942. ADA Info : Razer Overlay Support https://www.razer.com/
  3943. Timestamp : Thu Apr 17 2014
  3944.  
  3945. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  3946. Image name: RTKVHD64.sys
  3947. Search : https://www.google.com/search?q=RTKVHD64.sys
  3948. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  3949. Timestamp : Thu Apr 24 2014
  3950.  
  3951. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  3952. Image name: TeeDriverx64.sys
  3953. Search : https://www.google.com/search?q=TeeDriverx64.sys
  3954. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  3955. Timestamp : Tue Sep 23 2014
  3956.  
  3957. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  3958. Image name: rzpnk.sys
  3959. Search : https://www.google.com/search?q=rzpnk.sys
  3960. ADA Info : Razer Overlay Support https://www.razer.com/
  3961. Timestamp : Fri Oct 17 2014
  3962.  
  3963. Image path: \SystemRoot\System32\drivers\tap0901.sys
  3964. Image name: tap0901.sys
  3965. Search : https://www.google.com/search?q=tap0901.sys
  3966. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  3967. Timestamp : Thu Apr 21 2016
  3968.  
  3969. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  3970. Image name: tapwindscribe0901.sys
  3971. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  3972. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  3973. Timestamp : Thu Mar 16 2017
  3974.  
  3975. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  3976. Image name: YSDrv.sys
  3977. Search : https://www.google.com/search?q=YSDrv.sys
  3978. ADA Info : VirtualBox Support driver
  3979. Timestamp : Wed Oct 11 2017
  3980.  
  3981. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  3982. Image name: IntelHaxm.sys
  3983. Search : https://www.google.com/search?q=IntelHaxm.sys
  3984. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  3985. Timestamp : Tue Sep 18 2018
  3986.  
  3987. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  3988. Image name: e1d65x64.sys
  3989. Search : https://www.google.com/search?q=e1d65x64.sys
  3990. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  3991. Timestamp : Thu Jan 24 2019
  3992.  
  3993. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  3994. Image name: nvvad64v.sys
  3995. Search : https://www.google.com/search?q=nvvad64v.sys
  3996. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  3997. Timestamp : Thu Mar 14 2019
  3998.  
  3999. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  4000. Image name: nvlddmkm.sys
  4001. Search : https://www.google.com/search?q=nvlddmkm.sys
  4002. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  4003. Timestamp : Wed Oct 2 2019
  4004.  
  4005. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  4006. Image name: NvModuleTracker.sys
  4007. Search : https://www.google.com/search?q=NvModuleTracker.sys
  4008. ADA Info : NVIDIA Module Tracker driver
  4009. Timestamp : Fri Nov 29 2019
  4010.  
  4011. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  4012. Image name: nvvhci.sys
  4013. Search : https://www.google.com/search?q=nvvhci.sys
  4014. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  4015. Timestamp : Fri Jan 10 2020
  4016.  
  4017. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  4018. Image name: MbamChameleon.sys
  4019. Search : https://www.google.com/search?q=MbamChameleon.sys
  4020. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  4021. Timestamp : Thu Jun 4 2020
  4022.  
  4023. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  4024. Image name: nvhda64v.sys
  4025. Search : https://www.google.com/search?q=nvhda64v.sys
  4026. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  4027. Timestamp : Tue Jun 9 2020
  4028.  
  4029. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  4030. Image name: aswArPot.sys
  4031. Search : https://www.google.com/search?q=aswArPot.sys
  4032. ADA Info : Avast Antivirus http://www.avast.com/
  4033. Timestamp : Tue Jun 23 2020
  4034.  
  4035. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  4036. Image name: aswbidsdriver.sys
  4037. Search : https://www.google.com/search?q=aswbidsdriver.sys
  4038. ADA Info : Avast Antivirus http://www.avast.com/
  4039. Timestamp : Tue Jun 23 2020
  4040.  
  4041. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  4042. Image name: aswbidsh.sys
  4043. Search : https://www.google.com/search?q=aswbidsh.sys
  4044. ADA Info : Avast Antivirus http://www.avast.com/
  4045. Timestamp : Tue Jun 23 2020
  4046.  
  4047. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  4048. Image name: aswbuniv.sys
  4049. Search : https://www.google.com/search?q=aswbuniv.sys
  4050. ADA Info : Avast Antivirus http://www.avast.com/
  4051. Timestamp : Tue Jun 23 2020
  4052.  
  4053. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  4054. Image name: aswKbd.sys
  4055. Search : https://www.google.com/search?q=aswKbd.sys
  4056. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  4057. Timestamp : Tue Jun 23 2020
  4058.  
  4059. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  4060. Image name: aswMonFlt.sys
  4061. Search : https://www.google.com/search?q=aswMonFlt.sys
  4062. ADA Info : Avast Antivirus http://www.avast.com/
  4063. Timestamp : Tue Jun 23 2020
  4064.  
  4065. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  4066. Image name: aswNetHub.sys
  4067. Search : https://www.google.com/search?q=aswNetHub.sys
  4068. ADA Info : Avast driver
  4069. Timestamp : Tue Jun 23 2020
  4070.  
  4071. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  4072. Image name: aswRdr2.sys
  4073. Search : https://www.google.com/search?q=aswRdr2.sys
  4074. ADA Info : Avast Antivirus http://www.avast.com/
  4075. Timestamp : Tue Jun 23 2020
  4076.  
  4077. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  4078. Image name: aswRvrt.sys
  4079. Search : https://www.google.com/search?q=aswRvrt.sys
  4080. ADA Info : Avast Antivirus http://www.avast.com/
  4081. Timestamp : Tue Jun 23 2020
  4082.  
  4083. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  4084. Image name: aswSnx.sys
  4085. Search : https://www.google.com/search?q=aswSnx.sys
  4086. ADA Info : Avast Antivirus http://www.avast.com/
  4087. Timestamp : Tue Jun 23 2020
  4088.  
  4089. Image path: \SystemRoot\system32\drivers\aswSP.sys
  4090. Image name: aswSP.sys
  4091. Search : https://www.google.com/search?q=aswSP.sys
  4092. ADA Info : Avast Antivirus http://www.avast.com/
  4093. Timestamp : Tue Jun 23 2020
  4094.  
  4095. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  4096. Image name: aswVmm.sys
  4097. Search : https://www.google.com/search?q=aswVmm.sys
  4098. ADA Info : Avast Antivirus http://www.avast.com/
  4099. Timestamp : Tue Jun 23 2020
  4100.  
  4101. Image path: \SystemRoot\system32\drivers\aswElam.sys
  4102. Image name: aswElam.sys
  4103. Search : https://www.google.com/search?q=aswElam.sys
  4104. ADA Info : Avast ELAM driver
  4105. Timestamp : Fri Jul 17 2020
  4106.  
  4107. ====================== Dump #7: MICROSOFT DRIVERS ======================
  4108.  
  4109. ACPI.sys ACPI Driver for NT (Microsoft)
  4110. acpiex.sys ACPIEx Driver (Microsoft)
  4111. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  4112. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  4113. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  4114. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  4115. ahcache.sys Application Compatibility Cache (Microsoft)
  4116. bam.sys BAM Kernal driver (Microsoft)
  4117. BasicDisplay.sys Basic Display driver (Microsoft)
  4118. BasicRender.sys Basic Render driver (Microsoft)
  4119. Beep.SYS BEEP driver (Microsoft)
  4120. bindflt.sys Windows Bind Filter driver (Microsoft)
  4121. BOOTVID.dll VGA Boot Driver (Microsoft)
  4122. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  4123. cdd.dll Canonical Display Driver (Microsoft)
  4124. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  4125. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  4126. CI.dll Code Integrity Module (Microsoft)
  4127. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  4128. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  4129. CLFS.SYS Common Log File System Driver (Microsoft)
  4130. clipsp.sys CLIP Service (Microsoft)
  4131. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  4132. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  4133. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  4134. condrv.sys Console Driver (Microsoft)
  4135. crashdmp.sys Crash Dump driver (Microsoft)
  4136. csc.sys Windows Client Side Caching driver (Microsoft)
  4137. dfsc.sys DFS Namespace Client Driver (Microsoft)
  4138. disk.sys PnP Disk Driver (Microsoft)
  4139. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  4140. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4141. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4142. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4143. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  4144. dxgmms2.sys DirectX Graphics MMS
  4145. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  4146. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  4147. fileinfo.sys FileInfo Filter Driver (Microsoft)
  4148. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  4149. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  4150. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  4151. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  4152. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  4153. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  4154. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  4155. HIDCLASS.SYS Hid Class Library (Microsoft)
  4156. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  4157. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  4158. HTTP.sys HTTP Protocol Stack (Microsoft)
  4159. intelpep.sys Intel Power Engine Plugin (Microsoft)
  4160. intelppm.sys Processor Device Driver (Microsoft)
  4161. iorate.sys I/O rate control Filter (Microsoft)
  4162. kbdclass.sys Keyboard Class Driver (Microsoft)
  4163. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  4164. kd.dll Local Kernal Debugger (Microsoft)
  4165. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  4166. ks.sys Kernal CSA Library (Microsoft)
  4167. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  4168. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  4169. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  4170. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  4171. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  4172. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  4173. mmcss.sys MMCSS Driver (Microsoft)
  4174. monitor.sys Monitor Driver (Microsoft)
  4175. mouclass.sys Mouse Class Driver (Microsoft)
  4176. mouhid.sys HID Mouse Filter Driver (Microsoft)
  4177. mountmgr.sys Mount Point Manager (Microsoft)
  4178. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  4179. mqac.sys Message Queuing Device driver (Microsoft)
  4180. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  4181. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  4182. Msfs.SYS Mailslot driver (Microsoft)
  4183. msisadrv.sys ISA Driver (Microsoft)
  4184. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  4185. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  4186. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  4187. mssmbios.sys System Management BIOS driver (Microsoft)
  4188. mup.sys Multiple UNC Provider driver (Microsoft)
  4189. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  4190. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  4191. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  4192. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  4193. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  4194. NDProxy.sys NDIS Proxy driver (Microsoft)
  4195. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  4196. netbios.sys NetBIOS Interface driver (Microsoft)
  4197. netbt.sys MBT Transport driver (Microsoft)
  4198. NETIO.SYS Network I/O Subsystem (Microsoft)
  4199. Npfs.SYS NPFS driver (Microsoft)
  4200. npsvctrig.sys Named pipe service triggers (Microsoft)
  4201. nsiproxy.sys NSI Proxy driver (Microsoft)
  4202. Ntfs.sys NT File System Driver (Microsoft)
  4203. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  4204. ntosext.sys NTOS Extension Host driver (Microsoft)
  4205. Null.SYS NULL Driver (Microsoft)
  4206. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  4207. pacer.sys QoS Packet Scheduler (Microsoft)
  4208. partmgr.sys Partition driver (Microsoft)
  4209. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  4210. pcw.sys Performance Counter Driver (Microsoft)
  4211. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  4212. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  4213. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  4214. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  4215. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  4216. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  4217. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  4218. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  4219. rdyboost.sys ReadyBoost Driver (Microsoft)
  4220. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  4221. serenum.sys Serial Port Enumerator (Microsoft)
  4222. serial.sys Serial Device Driver
  4223. serscan.sys Serial Imaging Device Driver (Microsoft)
  4224. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  4225. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  4226. spaceport.sys Storage Spaces driver (Microsoft)
  4227. srv.sys Server driver (Microsoft)
  4228. srv2.sys Smb 2.0 Server driver (Microsoft)
  4229. srvnet.sys Server Network driver (Microsoft)
  4230. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  4231. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  4232. storqosflt.sys Storage QoS Filter driver (Microsoft)
  4233. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  4234. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  4235. tcpip.sys TCP/IP Protocol driver (Microsoft)
  4236. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  4237. TDI.SYS TDI Wrapper driver (Microsoft)
  4238. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  4239. tm.sys Kernel Transaction Manager driver (Microsoft)
  4240. ucx01000.sys USB Controller Extension (Microsoft)
  4241. umbus.sys User-Mode Bus Enumerator (Microsoft)
  4242. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  4243. USBD.SYS Universal Serial Bus Driver (Microsoft)
  4244. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  4245. usbhub.sys Default Hub Driver for USB (Microsoft)
  4246. UsbHub3.sys USB3 HUB driver (Microsoft)
  4247. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  4248. USBXHCI.SYS USB XHCI driver (Microsoft)
  4249. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  4250. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  4251. volmgr.sys Volume Manager Driver (Microsoft)
  4252. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  4253. volsnap.sys Volume Shadow Copy driver (Microsoft)
  4254. volume.sys Volume driver (Microsoft)
  4255. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  4256. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  4257. watchdog.sys Watchdog driver (Microsoft)
  4258. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  4259. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  4260. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  4261. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  4262. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  4263. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  4264. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  4265. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  4266. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  4267. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  4268. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  4269. winquic.sys QUIC Transport Protocol driver (Microsoft)
  4270. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  4271. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  4272. Wof.sys Windows Overlay Filter (Microsoft)
  4273. WppRecorder.sys WPP Trace Recorder (Microsoft)
  4274. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  4275.  
  4276. ====================== Dump #7: UNLOADED MODULES =======================
  4277.  
  4278. fffff801`0c360000 fffff801`0c381000 raspptp.sys
  4279. fffff801`0c330000 fffff801`0c353000 rasl2tp.sys
  4280. fffff801`0bfc0000 fffff801`0bfcc000 umpass.sys
  4281. fffff801`0bfa0000 fffff801`0bfae000 WSDPrint.sys
  4282. fffff801`15f50000 fffff801`15f85000 aswStm.sys
  4283. fffff801`0c9e0000 fffff801`0ca20000 mbamswissarm
  4284. fffff801`0ca20000 fffff801`0ca43000 mwac.sys
  4285. fffff801`0ca90000 fffff801`0caa4000 mbam.sys
  4286. fffff801`0ca50000 fffff801`0ca84000 farflt.sys
  4287. fffff801`15a40000 fffff801`15a67000 mbae64.sys
  4288. fffff801`0c3c0000 fffff801`0c995000 iqvw64e.sys
  4289. fffff801`0bfb0000 fffff801`0bfbe000 WSDScan.sys
  4290. fffff801`16040000 fffff801`1604f000 dump_storpor
  4291. fffff801`16080000 fffff801`160af000 dump_storahc
  4292. fffff801`160d0000 fffff801`160ee000 dump_dumpfve
  4293. fffff801`17d30000 fffff801`17d81000 WUDFRd.sys
  4294. fffff801`15aa0000 fffff801`15abe000 dam.sys
  4295. fffff801`13a20000 fffff801`13a29000 MbamElam.sys
  4296. fffff801`14a20000 fffff801`14a31000 hwpolicy.sys
  4297.  
  4298. ====================== Dump #7: BIOS INFORMATION =======================
  4299.  
  4300. sysinfo: could not find necessary interfaces.
  4301. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  4302.  
  4303. ========================== Dump #7: Extra #1 ===========================
  4304.  
  4305. 4: kd> !verifier
  4306. Verify Flags Level 0x00000000
  4307. STANDARD FLAGS:
  4308. [X] (0x00000000) Automatic Checks
  4309. [ ] (0x00000001) Special pool
  4310. [ ] (0x00000002) Force IRQL checking
  4311. [ ] (0x00000008) Pool tracking
  4312. [ ] (0x00000010) I/O verification
  4313. [ ] (0x00000020) Deadlock detection
  4314. [ ] (0x00000080) DMA checking
  4315. [ ] (0x00000100) Security checks
  4316. [ ] (0x00000800) Miscellaneous checks
  4317. [ ] (0x00020000) DDI compliance checking
  4318. ADDITIONAL FLAGS:
  4319. [ ] (0x00000004) Randomized low resources simulation
  4320. [ ] (0x00000200) Force pending I/O requests
  4321. [ ] (0x00000400) IRP logging
  4322. [ ] (0x00002000) Invariant MDL checking for stack
  4323. [ ] (0x00004000) Invariant MDL checking for driver
  4324. [ ] (0x00008000) Power framework delay fuzzing
  4325. [ ] (0x00010000) Port/miniport interface checking
  4326. [ ] (0x00040000) Systematic low resources simulation
  4327. [ ] (0x00080000) DDI compliance checking (additional)
  4328. [ ] (0x00200000) NDIS/WIFI verification
  4329. [ ] (0x00800000) Kernel synchronization delay fuzzing
  4330. [ ] (0x01000000) VM switch verification
  4331. [ ] (0x02000000) Code integrity checks
  4332. [X] Indicates flag is enabled
  4333. Summary of All Verifier Statistics
  4334. RaiseIrqls 0x0
  4335. AcquireSpinLocks 0x0
  4336. Synch Executions 0x0
  4337. Trims 0x0
  4338. Pool Allocations Attempted 0x0
  4339. Pool Allocations Succeeded 0x0
  4340. Pool Allocations Succeeded SpecialPool 0x0
  4341. Pool Allocations With NO TAG 0x0
  4342. Pool Allocations Failed 0x0
  4343. Current paged pool allocations 0x0 for 00000000 bytes
  4344. Peak paged pool allocations 0x0 for 00000000 bytes
  4345. Current nonpaged pool allocations 0x0 for 00000000 bytes
  4346. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  4347.  
  4348. ========================== Dump #7: Extra #2 ===========================
  4349.  
  4350. 4: kd> !thread
  4351. THREAD ffffb20a31446040 Cid 0004.5778 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
  4352. ffffb20a2229c5b0 NotificationEvent
  4353. Not impersonating
  4354. GetUlongFromAddress: unable to read from fffff8011062ca14
  4355. Owning Process ffffb20a1d862040 Image: System
  4356. Attached Process N/A Image: N/A
  4357. fffff78000000000: Unable to get shared data
  4358. Wait Start TickCount 255737
  4359. Context Switch Count 7728 IdealProcessor: 5 NoStackSwap
  4360. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  4361. UserTime 00:00:00.000
  4362. KernelTime 00:00:00.000
  4363. Win32 Start Address nt!ExpWorkerThread (0xfffff80110283860)
  4364. Stack Init ffffe58e345aac90 Current ffffe58e345a9ef0
  4365. Base ffffe58e345ab000 Limit ffffe58e345a5000 Call 0000000000000000
  4366. Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
  4367. Child-SP RetAddr : Args to Child : Call Site
  4368. ffffe58e`345a9f30 fffff801`102a46ad : ffffa081`f77d2180 8000007f`fffffffe ffffa081`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  4369. ffffe58e`345aa070 fffff801`102a3534 : ffffb20a`31446040 00000000`00000000 ffffb20a`00000000 ffff8280`00000000 : nt!KiSwapThread+0xbfd
  4370. ffffe58e`345aa110 fffff801`102a2cd5 : 00000000`00000001 fffff801`00000000 ffffb20a`224a6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  4371. ffffe58e`345aa1b0 fffff801`143b9920 : ffffb20a`2229c5b0 fffff801`00000000 ffffb20a`2229b100 fffff801`00000000 : nt!KeWaitForSingleObject+0x255
  4372. ffffe58e`345aa290 fffff801`143acb89 : 00000000`00000008 ffffe58e`345aa330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  4373. ffffe58e`345aa2d0 fffff801`143abefd : ffff8280`e5df2680 fffff801`143abee0 ffff8280`e56449d8 fffff801`1436c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  4374. ffffe58e`345aa320 fffff801`143a7933 : ffff8280`e5df26c0 fffff801`143abee0 ffff8280`e56449d8 ffffb20a`2229b1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  4375. ffffe58e`345aa350 fffff801`143a7879 : 00000000`00000000 fffff801`1436c6d8 00000000`00000000 ffff8280`e56449d0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  4376. ffffe58e`345aa3a0 fffff801`143a768b : 00000000`00000000 ffffb20a`2936cd18 00000000`00000010 fffff801`142bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  4377. ffffe58e`345aa3d0 fffff801`143d9934 : ffffb20a`2936c9a0 ffffe58e`345aa4e8 ffffe58e`345aa4e8 ffffb20a`2936c9e8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  4378. ffffe58e`345aa420 fffff801`143327c6 : ffffb20a`2936c9a0 fffff801`14385050 fffff801`14385050 fffff801`1436d790 : ndis!NdisDeregisterProtocol+0xd4
  4379. ffffe58e`345aa490 fffff801`0c39111a : fffff801`0c399000 fffff801`00000000 ffffb20a`2936b9b0 ffffe58e`345aa570 : ndis!NdisDeregisterProtocolDriver+0x66
  4380. ffffe58e`345aa4e0 fffff801`0c39c484 : 00000000`000000e7 ffffe58e`345aa568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  4381. ffffe58e`345aa510 fffff801`143b7d73 : ffffb20a`2936b9b0 ffffb20a`2936b9b0 fffff801`14385050 ffffb20a`293cae30 : raspppoe!MpUnload+0x44
  4382. ffffe58e`345aa540 fffff801`1433cdd4 : ffffb20a`293cae30 00000000`00000000 ffffb20a`293cae30 ffffb20a`293cae30 : ndis!ndisMInvokeDriverUnload+0x67
  4383. ffffe58e`345aa580 fffff801`109662d7 : ffffb20a`293cae30 00000000`00000000 ffffe58e`345aa740 ffff8280`f3048050 : ndis!ndisMUnloadEx+0x94
  4384. ffffe58e`345aa5e0 fffff801`109319ce : ffffb20a`293caf80 00000000`00000000 fffff801`1098cb01 ffffb20a`293cae30 : nt!IopUnloadDriver+0x20f
  4385. ffffe58e`345aa710 fffff801`10372004 : ffffb20a`2938ba20 ffffd076`db786c10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  4386. ffffe58e`345aa760 fffff801`109315cf : ffffb20a`2938ba20 fffff801`00000000 00000000`00000000 fffff801`10662940 : nt!PnpRemoveLockedDeviceNode+0x240
  4387. ffffe58e`345aa7c0 fffff801`1093126a : ffffb20a`2938ba20 ffffe58e`345aa840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  4388. ffffe58e`345aa800 fffff801`10932b51 : ffffb20a`2887dde0 00000000`00000002 ffffb20a`28564290 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  4389. ffffe58e`345aa880 fffff801`10930994 : 00000000`00000000 ffffe58e`345aa900 ffffb20a`2887dde0 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  4390. ffffe58e`345aa8d0 fffff801`10930371 : ffffb20a`28564290 00000000`00000001 ffffb20a`28564290 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
  4391. ffffe58e`345aa910 fffff801`10371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffb20a`27b9c9a0 : nt!PnpChainDereferenceComplete+0xfd
  4392. ffffe58e`345aa940 fffff801`1092fb1a : 00000000`00000008 ffffe58e`345aaa49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  4393. ffffe58e`345aa9c0 fffff801`1090924e : ffffe58e`345aab10 ffffb20a`27b9c900 ffffe58e`345aab00 ffff8281`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  4394. ffffe58e`345aaab0 fffff801`107c96d8 : ffff8281`13943140 ffff8281`18616b10 ffff8281`18616b10 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  4395. ffffe58e`345aaae0 fffff801`10283965 : ffffb20a`1d924c50 ffffb20a`31446040 ffffb20a`1d924c50 ffffb20a`2e470e08 : nt!PnpDeviceEventWorker+0x2d8
  4396. ffffe58e`345aab70 fffff801`1031e155 : ffffb20a`31446040 00000000`00000080 ffffb20a`1d862040 00000000`00000001 : nt!ExpWorkerThread+0x105
  4397. ffffe58e`345aac10 fffff801`103c99c8 : ffffa081`f76c6180 ffffb20a`31446040 fffff801`1031e100 000001d9`66b3fd70 : nt!PspSystemThreadStartup+0x55
  4398. ffffe58e`345aac60 00000000`00000000 : ffffe58e`345ab000 ffffe58e`345a5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  4399.  
  4400.  
  4401. ========================================================================
  4402. ======================= Dump #8: ANALYZE VERBOSE =======================
  4403. ====================== File: 073020-33734-01.dmp =======================
  4404. ========================================================================
  4405.  
  4406. Mini Kernel Dump File: Only registers and stack trace are available
  4407. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  4408. Kernel base = 0xfffff807`41200000 PsLoadedModuleList = 0xfffff807`41648190
  4409. Debug session time: Fri Jul 31 05:14:42.167 2020 (UTC - 4:00)
  4410. System Uptime: 0 days 1:38:07.804
  4411.  
  4412. BugCheck 1000009F, {4, 12c, ffffaf0895252040, fffff80745c678e0}
  4413. Implicit thread is now ffffaf08`95252040
  4414. *** WARNING: Unable to verify timestamp for win32k.sys
  4415. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  4416. Probably caused by : memory_corruption
  4417. Followup: memory_corruption
  4418.  
  4419. DRIVER_POWER_STATE_FAILURE (9f)
  4420. A driver has failed to complete a power IRP within a specific time.
  4421.  
  4422. Arguments:
  4423. Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
  4424. subsystem.
  4425. Arg2: 000000000000012c, Timeout in seconds.
  4426. Arg3: ffffaf0895252040, The thread currently holding on to the Pnp lock.
  4427. Arg4: fffff80745c678e0, nt!TRIAGE_9F_PNP on Win7 and higher
  4428.  
  4429. Debugging Details:
  4430. Implicit thread is now ffffaf08`95252040
  4431. DUMP_CLASS: 1
  4432. DUMP_QUALIFIER: 400
  4433. DUMP_TYPE: 2
  4434. DRVPOWERSTATE_SUBCODE: 4
  4435. FAULTING_THREAD: 95252040
  4436. CUSTOMER_CRASH_COUNT: 1
  4437. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  4438. BUGCHECK_STR: 0x9F
  4439.  
  4440. PROCESS_NAME: System
  4441.  
  4442. CURRENT_IRQL: 2
  4443. LOCK_ADDRESS: fffff807416629e0 -- (!locks fffff807416629e0)
  4444. Resource @ nt!PiEngineLock (0xfffff807416629e0) Exclusively owned
  4445. Contention Count = 29
  4446. NumberOfExclusiveWaiters = 3
  4447. Threads: ffffaf0895252040-01<*> << Too many exclusive waiters to list>>
  4448. 1 total locks, 1 locks currently held
  4449. PNP_TRIAGE:
  4450. Lock address : 0xfffff807416629e0
  4451. Thread Count : 1
  4452. Thread address: 0xffffaf0895252040
  4453. Thread wait : 0x574f3
  4454. LAST_CONTROL_TRANSFER: from fffff807412a46ad to fffff807413c9106
  4455. STACK_TEXT:
  4456. ffffed89`fd056f30 fffff807`412a46ad : ffffd380`5acc6180 0000007d`fffffffe ffffd380`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  4457. ffffed89`fd057070 fffff807`412a3534 : ffffaf08`95252040 00000000`00000000 ffffaf08`00000000 ffffc002`00000000 : nt!KiSwapThread+0xbfd
  4458. ffffed89`fd057110 fffff807`412a2cd5 : 00000000`00000001 fffff807`00000000 ffffaf08`89ef0500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  4459. ffffed89`fd0571b0 fffff807`453b9920 : ffffaf08`89eeb5b0 fffff807`00000000 ffffaf08`89eea100 fffff807`00000000 : nt!KeWaitForSingleObject+0x255
  4460. ffffed89`fd057290 fffff807`453acb89 : 00000000`00000008 ffffed89`fd057330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  4461. ffffed89`fd0572d0 fffff807`453abefd : ffffc002`b6df5790 fffff807`453abee0 ffffc002`b6894dc8 fffff807`4536c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  4462. ffffed89`fd057320 fffff807`453a7933 : ffffc002`b6df57d0 fffff807`453abee0 ffffc002`b6894dc8 ffffaf08`89eea1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  4463. ffffed89`fd057350 fffff807`453a7879 : 00000000`00000000 fffff807`4536c6d8 00000000`00000000 ffffc002`b6894dc0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  4464. ffffed89`fd0573a0 fffff807`453a768b : 00000000`00000000 ffffaf08`91ccd8d8 00000000`00000010 fffff807`452bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  4465. ffffed89`fd0573d0 fffff807`453d9934 : ffffaf08`91ccd560 ffffed89`fd0574e8 ffffed89`fd0574e8 ffffaf08`91ccd5a8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  4466. ffffed89`fd057420 fffff807`453327c6 : ffffaf08`91ccd560 fffff807`45385050 fffff807`45385050 fffff807`4536d790 : ndis!NdisDeregisterProtocol+0xd4
  4467. ffffed89`fd057490 fffff807`3db6111a : fffff807`3db69000 fffff807`00000000 ffffaf08`91ccd020 ffffed89`fd057570 : ndis!NdisDeregisterProtocolDriver+0x66
  4468. ffffed89`fd0574e0 fffff807`3db6c484 : 00000000`000000e7 ffffed89`fd057568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  4469. ffffed89`fd057510 fffff807`453b7d73 : ffffaf08`91ccd020 ffffaf08`91ccd020 fffff807`45385050 ffffaf08`915a0e40 : raspppoe!MpUnload+0x44
  4470. ffffed89`fd057540 fffff807`4533cdd4 : ffffaf08`915a0e40 00000000`00000000 ffffaf08`915a0e40 ffffaf08`915a0e40 : ndis!ndisMInvokeDriverUnload+0x67
  4471. ffffed89`fd057580 fffff807`419662d7 : ffffaf08`915a0e40 00000000`00000000 ffffed89`fd057740 ffffc002`dd8e6c90 : ndis!ndisMUnloadEx+0x94
  4472. ffffed89`fd0575e0 fffff807`419319ce : ffffaf08`915a0f90 00000000`00000000 fffff807`4198cb01 ffffaf08`915a0e40 : nt!IopUnloadDriver+0x20f
  4473. ffffed89`fd057710 fffff807`41372004 : ffffaf08`90f68b20 000010fa`4cc2cf10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  4474. ffffed89`fd057760 fffff807`419315cf : ffffaf08`90f68b20 fffff807`00000000 00000000`00000000 fffff807`41662940 : nt!PnpRemoveLockedDeviceNode+0x240
  4475. ffffed89`fd0577c0 fffff807`4193126a : ffffaf08`90f68b20 ffffed89`fd057840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  4476. ffffed89`fd057800 fffff807`41932b51 : ffffaf08`90039960 00000000`00000002 ffffaf08`93949b90 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  4477. ffffed89`fd057880 fffff807`41930994 : 00000000`00000000 ffffed89`fd057900 ffffaf08`90039960 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  4478. ffffed89`fd0578d0 fffff807`41930371 : ffffaf08`93949b90 00000000`00000001 ffffaf08`93949b90 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
  4479. ffffed89`fd057910 fffff807`41371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffaf08`90c2c9a0 : nt!PnpChainDereferenceComplete+0xfd
  4480. ffffed89`fd057940 fffff807`4192fb1a : 00000000`00000008 ffffed89`fd057a49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  4481. ffffed89`fd0579c0 fffff807`4190924e : ffffed89`fd057b10 ffffaf08`90c2c900 ffffed89`fd057b00 ffffc002`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  4482. ffffed89`fd057ab0 fffff807`417c96d8 : ffffc002`da2242a0 ffffc002`def47210 ffffc002`def47210 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  4483. ffffed89`fd057ae0 fffff807`41283965 : ffffaf08`874d0c50 ffffaf08`95252040 ffffaf08`874d0c50 ffffaf08`874d0c50 : nt!PnpDeviceEventWorker+0x2d8
  4484. ffffed89`fd057b70 fffff807`4131e155 : ffffaf08`95252040 00000000`00000080 ffffaf08`87462040 ffffed89`00000001 : nt!ExpWorkerThread+0x105
  4485. ffffed89`fd057c10 fffff807`413c99c8 : ffffd380`5a9e2180 ffffaf08`95252040 fffff807`4131e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  4486. ffffed89`fd057c60 00000000`00000000 : ffffed89`fd058000 ffffed89`fd052000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  4487. STACK_COMMAND: .thread 0xffffaf0895252040 ; kb
  4488. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
  4489. fffff8074125878b-fffff8074125878f 5 bytes - nt!MmAccessFault+37b
  4490. [ df be 7d fb f6:bf 7e fd fa f5 ]
  4491. fffff807412587b8-fffff807412587bc 5 bytes - nt!MmAccessFault+3a8 (+0x2d)
  4492. [ d7 be 7d fb f6:b7 7e fd fa f5 ]
  4493. 10 errors : !nt (fffff8074125878b-fffff807412587bc)
  4494. MODULE_NAME: memory_corruption
  4495.  
  4496. IMAGE_NAME: memory_corruption
  4497.  
  4498. FOLLOWUP_NAME: memory_corruption
  4499. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  4500. MEMORY_CORRUPTOR: LARGE
  4501. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  4502. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  4503. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  4504. TARGET_TIME: 2020-07-31T09:14:42.000Z
  4505. SUITE_MASK: 272
  4506. PRODUCT_TYPE: 1
  4507. USER_LCID: 0
  4508. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  4509. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  4510. Followup: memory_corruption
  4511.  
  4512. ====================== Dump #8: 3RD PARTY DRIVERS ======================
  4513.  
  4514. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  4515. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  4516. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  4517. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  4518. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  4519. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  4520. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  4521. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  4522. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  4523. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  4524. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  4525. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  4526. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  4527. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  4528. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  4529. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  4530. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  4531. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  4532. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  4533. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  4534. Sep 19 2019 - RTCore64.sys - !!! Overclocking Software - RivaTuner - MSI Afterburner http://www.msi.com/ or EVGA Precision X http://www.evga.com/
  4535. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  4536. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  4537. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  4538. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  4539. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  4540. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  4541. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  4542. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  4543. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  4544. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  4545. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  4546. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  4547. Jun 23 2020 - aswNetHub.sys - Avast driver
  4548. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  4549. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  4550. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  4551. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  4552. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  4553.  
  4554. ================== Dump #8: 3RD PARTY DRIVERS (FULL) ===================
  4555.  
  4556. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  4557. Image name: LGBusEnum.sys
  4558. Search : https://www.google.com/search?q=LGBusEnum.sys
  4559. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  4560. Timestamp : Mon Nov 23 2009
  4561.  
  4562. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  4563. Image name: sadp_npf64.sys
  4564. Search : https://www.google.com/search?q=sadp_npf64.sys
  4565. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  4566. Timestamp : Fri Jun 25 2010
  4567.  
  4568. Image path: \SystemRoot\system32\drivers\NPF.sys
  4569. Image name: NPF.sys
  4570. Search : https://www.google.com/search?q=NPF.sys
  4571. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  4572. Timestamp : Fri Jun 25 2010
  4573.  
  4574. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  4575. Image name: AsUpIO.sys
  4576. Search : https://www.google.com/search?q=AsUpIO.sys
  4577. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  4578. Timestamp : Mon Aug 2 2010
  4579.  
  4580. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  4581. Image name: BazisVirtualCDBus.sys
  4582. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  4583. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  4584. Timestamp : Mon Aug 8 2011
  4585.  
  4586. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  4587. Image name: PxHlpa64.sys
  4588. Search : https://www.google.com/search?q=PxHlpa64.sys
  4589. ADA Info : Sonic CD/DVD driver
  4590. Timestamp : Mon Oct 17 2011
  4591.  
  4592. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  4593. Image name: AiCharger.sys
  4594. Search : https://www.google.com/search?q=AiCharger.sys
  4595. ADA Info : Asus Charger driver
  4596. Timestamp : Thu Mar 22 2012
  4597.  
  4598. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  4599. Image name: GEARAspiWDM.sys
  4600. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  4601. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  4602. Timestamp : Thu May 3 2012
  4603.  
  4604. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  4605. Image name: AsIO.sys
  4606. Search : https://www.google.com/search?q=AsIO.sys
  4607. ADA Info : ASUS Input Output driver http://www.asus.com/
  4608. Timestamp : Wed Aug 22 2012
  4609.  
  4610. Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
  4611. Image name: IOMap64.sys
  4612. Search : https://www.google.com/search?q=IOMap64.sys
  4613. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  4614. Timestamp : Tue Jul 2 2013
  4615.  
  4616. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  4617. Image name: rzpmgrk.sys
  4618. Search : https://www.google.com/search?q=rzpmgrk.sys
  4619. ADA Info : Razer Overlay Support https://www.razer.com/
  4620. Timestamp : Thu Apr 17 2014
  4621.  
  4622. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  4623. Image name: RTKVHD64.sys
  4624. Search : https://www.google.com/search?q=RTKVHD64.sys
  4625. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  4626. Timestamp : Thu Apr 24 2014
  4627.  
  4628. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  4629. Image name: TeeDriverx64.sys
  4630. Search : https://www.google.com/search?q=TeeDriverx64.sys
  4631. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  4632. Timestamp : Tue Sep 23 2014
  4633.  
  4634. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  4635. Image name: rzpnk.sys
  4636. Search : https://www.google.com/search?q=rzpnk.sys
  4637. ADA Info : Razer Overlay Support https://www.razer.com/
  4638. Timestamp : Fri Oct 17 2014
  4639.  
  4640. Image path: \SystemRoot\System32\drivers\tap0901.sys
  4641. Image name: tap0901.sys
  4642. Search : https://www.google.com/search?q=tap0901.sys
  4643. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  4644. Timestamp : Thu Apr 21 2016
  4645.  
  4646. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  4647. Image name: tapwindscribe0901.sys
  4648. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  4649. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  4650. Timestamp : Thu Mar 16 2017
  4651.  
  4652. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  4653. Image name: YSDrv.sys
  4654. Search : https://www.google.com/search?q=YSDrv.sys
  4655. ADA Info : VirtualBox Support driver
  4656. Timestamp : Wed Oct 11 2017
  4657.  
  4658. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  4659. Image name: IntelHaxm.sys
  4660. Search : https://www.google.com/search?q=IntelHaxm.sys
  4661. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  4662. Timestamp : Tue Sep 18 2018
  4663.  
  4664. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  4665. Image name: e1d65x64.sys
  4666. Search : https://www.google.com/search?q=e1d65x64.sys
  4667. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  4668. Timestamp : Thu Jan 24 2019
  4669.  
  4670. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  4671. Image name: nvvad64v.sys
  4672. Search : https://www.google.com/search?q=nvvad64v.sys
  4673. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  4674. Timestamp : Thu Mar 14 2019
  4675.  
  4676. Image path: \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
  4677. Image name: RTCore64.sys
  4678. Search : https://www.google.com/search?q=RTCore64.sys
  4679. ADA Info : !!! Overclocking Software - RivaTuner - MSI Afterburner http://www.msi.com/ or EVGA Precision X http://www.evga.com/
  4680. Timestamp : Thu Sep 19 2019
  4681.  
  4682. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  4683. Image name: nvlddmkm.sys
  4684. Search : https://www.google.com/search?q=nvlddmkm.sys
  4685. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  4686. Timestamp : Wed Oct 2 2019
  4687.  
  4688. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  4689. Image name: NvModuleTracker.sys
  4690. Search : https://www.google.com/search?q=NvModuleTracker.sys
  4691. ADA Info : NVIDIA Module Tracker driver
  4692. Timestamp : Fri Nov 29 2019
  4693.  
  4694. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  4695. Image name: nvvhci.sys
  4696. Search : https://www.google.com/search?q=nvvhci.sys
  4697. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  4698. Timestamp : Fri Jan 10 2020
  4699.  
  4700. Image name: MbamChameleon.sys
  4701. Search : https://www.google.com/search?q=MbamChameleon.sys
  4702. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  4703. Timestamp : Thu Jun 4 2020
  4704.  
  4705. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  4706. Image name: nvhda64v.sys
  4707. Search : https://www.google.com/search?q=nvhda64v.sys
  4708. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  4709. Timestamp : Tue Jun 9 2020
  4710.  
  4711. Image name: aswRdr2.sys
  4712. Search : https://www.google.com/search?q=aswRdr2.sys
  4713. ADA Info : Avast Antivirus http://www.avast.com/
  4714. Timestamp : Tue Jun 23 2020
  4715.  
  4716. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  4717. Image name: aswArPot.sys
  4718. Search : https://www.google.com/search?q=aswArPot.sys
  4719. ADA Info : Avast Antivirus http://www.avast.com/
  4720. Timestamp : Tue Jun 23 2020
  4721.  
  4722. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  4723. Image name: aswbidsdriver.sys
  4724. Search : https://www.google.com/search?q=aswbidsdriver.sys
  4725. ADA Info : Avast Antivirus http://www.avast.com/
  4726. Timestamp : Tue Jun 23 2020
  4727.  
  4728. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  4729. Image name: aswbidsh.sys
  4730. Search : https://www.google.com/search?q=aswbidsh.sys
  4731. ADA Info : Avast Antivirus http://www.avast.com/
  4732. Timestamp : Tue Jun 23 2020
  4733.  
  4734. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  4735. Image name: aswbuniv.sys
  4736. Search : https://www.google.com/search?q=aswbuniv.sys
  4737. ADA Info : Avast Antivirus http://www.avast.com/
  4738. Timestamp : Tue Jun 23 2020
  4739.  
  4740. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  4741. Image name: aswKbd.sys
  4742. Search : https://www.google.com/search?q=aswKbd.sys
  4743. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  4744. Timestamp : Tue Jun 23 2020
  4745.  
  4746. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  4747. Image name: aswMonFlt.sys
  4748. Search : https://www.google.com/search?q=aswMonFlt.sys
  4749. ADA Info : Avast Antivirus http://www.avast.com/
  4750. Timestamp : Tue Jun 23 2020
  4751.  
  4752. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  4753. Image name: aswNetHub.sys
  4754. Search : https://www.google.com/search?q=aswNetHub.sys
  4755. ADA Info : Avast driver
  4756. Timestamp : Tue Jun 23 2020
  4757.  
  4758. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  4759. Image name: aswRvrt.sys
  4760. Search : https://www.google.com/search?q=aswRvrt.sys
  4761. ADA Info : Avast Antivirus http://www.avast.com/
  4762. Timestamp : Tue Jun 23 2020
  4763.  
  4764. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  4765. Image name: aswSnx.sys
  4766. Search : https://www.google.com/search?q=aswSnx.sys
  4767. ADA Info : Avast Antivirus http://www.avast.com/
  4768. Timestamp : Tue Jun 23 2020
  4769.  
  4770. Image path: \SystemRoot\system32\drivers\aswSP.sys
  4771. Image name: aswSP.sys
  4772. Search : https://www.google.com/search?q=aswSP.sys
  4773. ADA Info : Avast Antivirus http://www.avast.com/
  4774. Timestamp : Tue Jun 23 2020
  4775.  
  4776. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  4777. Image name: aswVmm.sys
  4778. Search : https://www.google.com/search?q=aswVmm.sys
  4779. ADA Info : Avast Antivirus http://www.avast.com/
  4780. Timestamp : Tue Jun 23 2020
  4781.  
  4782. Image path: \SystemRoot\system32\drivers\aswElam.sys
  4783. Image name: aswElam.sys
  4784. Search : https://www.google.com/search?q=aswElam.sys
  4785. ADA Info : Avast ELAM driver
  4786. Timestamp : Fri Jul 17 2020
  4787.  
  4788. ====================== Dump #8: MICROSOFT DRIVERS ======================
  4789.  
  4790. ACPI.sys ACPI Driver for NT (Microsoft)
  4791. acpiex.sys ACPIEx Driver (Microsoft)
  4792. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  4793. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  4794. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  4795. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  4796. ahcache.sys Application Compatibility Cache (Microsoft)
  4797. bam.sys BAM Kernal driver (Microsoft)
  4798. BasicDisplay.sys Basic Display driver (Microsoft)
  4799. BasicRender.sys Basic Render driver (Microsoft)
  4800. Beep.SYS BEEP driver (Microsoft)
  4801. bindflt.sys Windows Bind Filter driver (Microsoft)
  4802. BOOTVID.dll VGA Boot Driver (Microsoft)
  4803. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  4804. cdd.dll Canonical Display Driver (Microsoft)
  4805. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  4806. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  4807. CI.dll Code Integrity Module (Microsoft)
  4808. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  4809. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  4810. CLFS.SYS Common Log File System Driver (Microsoft)
  4811. clipsp.sys CLIP Service (Microsoft)
  4812. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  4813. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  4814. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  4815. condrv.sys Console Driver (Microsoft)
  4816. crashdmp.sys Crash Dump driver (Microsoft)
  4817. csc.sys Windows Client Side Caching driver (Microsoft)
  4818. dfsc.sys DFS Namespace Client Driver (Microsoft)
  4819. disk.sys PnP Disk Driver (Microsoft)
  4820. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  4821. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4822. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4823. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  4824. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  4825. dxgmms2.sys DirectX Graphics MMS
  4826. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  4827. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  4828. fileinfo.sys FileInfo Filter Driver (Microsoft)
  4829. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  4830. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  4831. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  4832. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  4833. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  4834. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  4835. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  4836. HIDCLASS.SYS Hid Class Library (Microsoft)
  4837. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  4838. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  4839. HTTP.sys HTTP Protocol Stack (Microsoft)
  4840. intelpep.sys Intel Power Engine Plugin (Microsoft)
  4841. intelppm.sys Processor Device Driver (Microsoft)
  4842. iorate.sys I/O rate control Filter (Microsoft)
  4843. kbdclass.sys Keyboard Class Driver (Microsoft)
  4844. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  4845. kd.dll Local Kernal Debugger (Microsoft)
  4846. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  4847. ks.sys Kernal CSA Library (Microsoft)
  4848. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  4849. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  4850. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  4851. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  4852. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  4853. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  4854. mmcss.sys MMCSS Driver (Microsoft)
  4855. monitor.sys Monitor Driver (Microsoft)
  4856. mouclass.sys Mouse Class Driver (Microsoft)
  4857. mouhid.sys HID Mouse Filter Driver (Microsoft)
  4858. mountmgr.sys Mount Point Manager (Microsoft)
  4859. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  4860. mqac.sys Message Queuing Device driver (Microsoft)
  4861. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  4862. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  4863. Msfs.SYS Mailslot driver (Microsoft)
  4864. msisadrv.sys ISA Driver (Microsoft)
  4865. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  4866. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  4867. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  4868. mssmbios.sys System Management BIOS driver (Microsoft)
  4869. mup.sys Multiple UNC Provider driver (Microsoft)
  4870. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  4871. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  4872. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  4873. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  4874. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  4875. NDProxy.sys NDIS Proxy driver (Microsoft)
  4876. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  4877. netbios.sys NetBIOS Interface driver (Microsoft)
  4878. netbt.sys MBT Transport driver (Microsoft)
  4879. NETIO.SYS Network I/O Subsystem (Microsoft)
  4880. Npfs.SYS NPFS driver (Microsoft)
  4881. npsvctrig.sys Named pipe service triggers (Microsoft)
  4882. nsiproxy.sys NSI Proxy driver (Microsoft)
  4883. Ntfs.sys NT File System Driver (Microsoft)
  4884. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  4885. ntosext.sys NTOS Extension Host driver (Microsoft)
  4886. Null.SYS NULL Driver (Microsoft)
  4887. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  4888. pacer.sys QoS Packet Scheduler (Microsoft)
  4889. partmgr.sys Partition driver (Microsoft)
  4890. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  4891. pcw.sys Performance Counter Driver (Microsoft)
  4892. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  4893. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  4894. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  4895. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  4896. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  4897. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  4898. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  4899. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  4900. rdyboost.sys ReadyBoost Driver (Microsoft)
  4901. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  4902. serenum.sys Serial Port Enumerator (Microsoft)
  4903. serial.sys Serial Device Driver
  4904. serscan.sys Serial Imaging Device Driver (Microsoft)
  4905. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  4906. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  4907. spaceport.sys Storage Spaces driver (Microsoft)
  4908. srv.sys Server driver (Microsoft)
  4909. srv2.sys Smb 2.0 Server driver (Microsoft)
  4910. srvnet.sys Server Network driver (Microsoft)
  4911. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  4912. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  4913. storqosflt.sys Storage QoS Filter driver (Microsoft)
  4914. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  4915. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  4916. tcpip.sys TCP/IP Protocol driver (Microsoft)
  4917. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  4918. TDI.SYS TDI Wrapper driver (Microsoft)
  4919. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  4920. tm.sys Kernel Transaction Manager driver (Microsoft)
  4921. ucx01000.sys USB Controller Extension (Microsoft)
  4922. umbus.sys User-Mode Bus Enumerator (Microsoft)
  4923. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  4924. USBD.SYS Universal Serial Bus Driver (Microsoft)
  4925. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  4926. usbhub.sys Default Hub Driver for USB (Microsoft)
  4927. UsbHub3.sys USB3 HUB driver (Microsoft)
  4928. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  4929. USBXHCI.SYS USB XHCI driver (Microsoft)
  4930. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  4931. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  4932. volmgr.sys Volume Manager Driver (Microsoft)
  4933. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  4934. volsnap.sys Volume Shadow Copy driver (Microsoft)
  4935. volume.sys Volume driver (Microsoft)
  4936. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  4937. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  4938. watchdog.sys Watchdog driver (Microsoft)
  4939. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  4940. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  4941. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  4942. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  4943. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  4944. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  4945. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  4946. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  4947. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  4948. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  4949. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  4950. winquic.sys QUIC Transport Protocol driver (Microsoft)
  4951. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  4952. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  4953. Wof.sys Windows Overlay Filter (Microsoft)
  4954. WppRecorder.sys WPP Trace Recorder (Microsoft)
  4955. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  4956.  
  4957. ====================== Dump #8: UNLOADED MODULES =======================
  4958.  
  4959. fffff807`3db30000 fffff807`3db51000 raspptp.sys
  4960. fffff807`3db00000 fffff807`3db23000 rasl2tp.sys
  4961. fffff807`3ddc0000 fffff807`3ddcc000 umpass.sys
  4962. fffff807`3dda0000 fffff807`3ddae000 WSDPrint.sys
  4963. fffff807`49560000 fffff807`49595000 aswStm.sys
  4964. fffff807`3dbd0000 fffff807`3dc10000 mbamswissarm
  4965. fffff807`3dc10000 fffff807`3dc33000 mwac.sys
  4966. fffff807`3dc80000 fffff807`3dc94000 mbam.sys
  4967. fffff807`3dc40000 fffff807`3dc74000 farflt.sys
  4968. fffff807`46ce0000 fffff807`46d07000 mbae64.sys
  4969. fffff807`3d4f0000 fffff807`3dac5000 iqvw64e.sys
  4970. fffff807`3ddb0000 fffff807`3ddbe000 WSDScan.sys
  4971. fffff807`468e0000 fffff807`468ef000 dump_storpor
  4972. fffff807`46920000 fffff807`4694f000 dump_storahc
  4973. fffff807`46970000 fffff807`4698e000 dump_dumpfve
  4974. fffff807`48c00000 fffff807`48c51000 WUDFRd.sys
  4975. fffff807`46d40000 fffff807`46d5e000 dam.sys
  4976. fffff807`44a20000 fffff807`44a29000 MbamElam.sys
  4977. fffff807`45a20000 fffff807`45a31000 hwpolicy.sys
  4978.  
  4979. ====================== Dump #8: BIOS INFORMATION =======================
  4980.  
  4981. sysinfo: could not find necessary interfaces.
  4982. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  4983.  
  4984. ========================== Dump #8: Extra #1 ===========================
  4985.  
  4986. 0: kd> !verifier
  4987. Verify Flags Level 0x00000000
  4988. STANDARD FLAGS:
  4989. [X] (0x00000000) Automatic Checks
  4990. [ ] (0x00000001) Special pool
  4991. [ ] (0x00000002) Force IRQL checking
  4992. [ ] (0x00000008) Pool tracking
  4993. [ ] (0x00000010) I/O verification
  4994. [ ] (0x00000020) Deadlock detection
  4995. [ ] (0x00000080) DMA checking
  4996. [ ] (0x00000100) Security checks
  4997. [ ] (0x00000800) Miscellaneous checks
  4998. [ ] (0x00020000) DDI compliance checking
  4999. ADDITIONAL FLAGS:
  5000. [ ] (0x00000004) Randomized low resources simulation
  5001. [ ] (0x00000200) Force pending I/O requests
  5002. [ ] (0x00000400) IRP logging
  5003. [ ] (0x00002000) Invariant MDL checking for stack
  5004. [ ] (0x00004000) Invariant MDL checking for driver
  5005. [ ] (0x00008000) Power framework delay fuzzing
  5006. [ ] (0x00010000) Port/miniport interface checking
  5007. [ ] (0x00040000) Systematic low resources simulation
  5008. [ ] (0x00080000) DDI compliance checking (additional)
  5009. [ ] (0x00200000) NDIS/WIFI verification
  5010. [ ] (0x00800000) Kernel synchronization delay fuzzing
  5011. [ ] (0x01000000) VM switch verification
  5012. [ ] (0x02000000) Code integrity checks
  5013. [X] Indicates flag is enabled
  5014. Summary of All Verifier Statistics
  5015. RaiseIrqls 0x0
  5016. AcquireSpinLocks 0x0
  5017. Synch Executions 0x0
  5018. Trims 0x0
  5019. Pool Allocations Attempted 0x0
  5020. Pool Allocations Succeeded 0x0
  5021. Pool Allocations Succeeded SpecialPool 0x0
  5022. Pool Allocations With NO TAG 0x0
  5023. Pool Allocations Failed 0x0
  5024. Current paged pool allocations 0x0 for 00000000 bytes
  5025. Peak paged pool allocations 0x0 for 00000000 bytes
  5026. Current nonpaged pool allocations 0x0 for 00000000 bytes
  5027. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  5028.  
  5029. ========================== Dump #8: Extra #2 ===========================
  5030.  
  5031. 0: kd> !thread
  5032. THREAD ffffaf0895252040 Cid 0004.1e38 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
  5033. ffffaf0889eeb5b0 NotificationEvent
  5034. Not impersonating
  5035. GetUlongFromAddress: unable to read from fffff8074162ca14
  5036. Owning Process ffffaf0887462040 Image: System
  5037. Attached Process N/A Image: N/A
  5038. fffff78000000000: Unable to get shared data
  5039. Wait Start TickCount 357619
  5040. Context Switch Count 1528 IdealProcessor: 5 NoStackSwap
  5041. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  5042. UserTime 00:00:00.000
  5043. KernelTime 00:00:00.000
  5044. Win32 Start Address nt!ExpWorkerThread (0xfffff80741283860)
  5045. Stack Init ffffed89fd057c90 Current ffffed89fd056ef0
  5046. Base ffffed89fd058000 Limit ffffed89fd052000 Call 0000000000000000
  5047. Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
  5048. Child-SP RetAddr : Args to Child : Call Site
  5049. ffffed89`fd056f30 fffff807`412a46ad : ffffd380`5acc6180 0000007d`fffffffe ffffd380`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  5050. ffffed89`fd057070 fffff807`412a3534 : ffffaf08`95252040 00000000`00000000 ffffaf08`00000000 ffffc002`00000000 : nt!KiSwapThread+0xbfd
  5051. ffffed89`fd057110 fffff807`412a2cd5 : 00000000`00000001 fffff807`00000000 ffffaf08`89ef0500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  5052. ffffed89`fd0571b0 fffff807`453b9920 : ffffaf08`89eeb5b0 fffff807`00000000 ffffaf08`89eea100 fffff807`00000000 : nt!KeWaitForSingleObject+0x255
  5053. ffffed89`fd057290 fffff807`453acb89 : 00000000`00000008 ffffed89`fd057330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  5054. ffffed89`fd0572d0 fffff807`453abefd : ffffc002`b6df5790 fffff807`453abee0 ffffc002`b6894dc8 fffff807`4536c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  5055. ffffed89`fd057320 fffff807`453a7933 : ffffc002`b6df57d0 fffff807`453abee0 ffffc002`b6894dc8 ffffaf08`89eea1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  5056. ffffed89`fd057350 fffff807`453a7879 : 00000000`00000000 fffff807`4536c6d8 00000000`00000000 ffffc002`b6894dc0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  5057. ffffed89`fd0573a0 fffff807`453a768b : 00000000`00000000 ffffaf08`91ccd8d8 00000000`00000010 fffff807`452bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  5058. ffffed89`fd0573d0 fffff807`453d9934 : ffffaf08`91ccd560 ffffed89`fd0574e8 ffffed89`fd0574e8 ffffaf08`91ccd5a8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  5059. ffffed89`fd057420 fffff807`453327c6 : ffffaf08`91ccd560 fffff807`45385050 fffff807`45385050 fffff807`4536d790 : ndis!NdisDeregisterProtocol+0xd4
  5060. ffffed89`fd057490 fffff807`3db6111a : fffff807`3db69000 fffff807`00000000 ffffaf08`91ccd020 ffffed89`fd057570 : ndis!NdisDeregisterProtocolDriver+0x66
  5061. ffffed89`fd0574e0 fffff807`3db6c484 : 00000000`000000e7 ffffed89`fd057568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  5062. ffffed89`fd057510 fffff807`453b7d73 : ffffaf08`91ccd020 ffffaf08`91ccd020 fffff807`45385050 ffffaf08`915a0e40 : raspppoe!MpUnload+0x44
  5063. ffffed89`fd057540 fffff807`4533cdd4 : ffffaf08`915a0e40 00000000`00000000 ffffaf08`915a0e40 ffffaf08`915a0e40 : ndis!ndisMInvokeDriverUnload+0x67
  5064. ffffed89`fd057580 fffff807`419662d7 : ffffaf08`915a0e40 00000000`00000000 ffffed89`fd057740 ffffc002`dd8e6c90 : ndis!ndisMUnloadEx+0x94
  5065. ffffed89`fd0575e0 fffff807`419319ce : ffffaf08`915a0f90 00000000`00000000 fffff807`4198cb01 ffffaf08`915a0e40 : nt!IopUnloadDriver+0x20f
  5066. ffffed89`fd057710 fffff807`41372004 : ffffaf08`90f68b20 000010fa`4cc2cf10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  5067. ffffed89`fd057760 fffff807`419315cf : ffffaf08`90f68b20 fffff807`00000000 00000000`00000000 fffff807`41662940 : nt!PnpRemoveLockedDeviceNode+0x240
  5068. ffffed89`fd0577c0 fffff807`4193126a : ffffaf08`90f68b20 ffffed89`fd057840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  5069. ffffed89`fd057800 fffff807`41932b51 : ffffaf08`90039960 00000000`00000002 ffffaf08`93949b90 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  5070. ffffed89`fd057880 fffff807`41930994 : 00000000`00000000 ffffed89`fd057900 ffffaf08`90039960 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  5071. ffffed89`fd0578d0 fffff807`41930371 : ffffaf08`93949b90 00000000`00000001 ffffaf08`93949b90 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
  5072. ffffed89`fd057910 fffff807`41371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffaf08`90c2c9a0 : nt!PnpChainDereferenceComplete+0xfd
  5073. ffffed89`fd057940 fffff807`4192fb1a : 00000000`00000008 ffffed89`fd057a49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  5074. ffffed89`fd0579c0 fffff807`4190924e : ffffed89`fd057b10 ffffaf08`90c2c900 ffffed89`fd057b00 ffffc002`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  5075. ffffed89`fd057ab0 fffff807`417c96d8 : ffffc002`da2242a0 ffffc002`def47210 ffffc002`def47210 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  5076. ffffed89`fd057ae0 fffff807`41283965 : ffffaf08`874d0c50 ffffaf08`95252040 ffffaf08`874d0c50 ffffaf08`874d0c50 : nt!PnpDeviceEventWorker+0x2d8
  5077. ffffed89`fd057b70 fffff807`4131e155 : ffffaf08`95252040 00000000`00000080 ffffaf08`87462040 ffffed89`00000001 : nt!ExpWorkerThread+0x105
  5078. ffffed89`fd057c10 fffff807`413c99c8 : ffffd380`5a9e2180 ffffaf08`95252040 fffff807`4131e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  5079. ffffed89`fd057c60 00000000`00000000 : ffffed89`fd058000 ffffed89`fd052000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  5080.  
  5081.  
  5082. ========================================================================
  5083. ======================= Dump #9: ANALYZE VERBOSE =======================
  5084. ====================== File: 072920-90593-01.dmp =======================
  5085. ========================================================================
  5086.  
  5087. Mini Kernel Dump File: Only registers and stack trace are available
  5088. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  5089. Kernel base = 0xfffff804`80400000 PsLoadedModuleList = 0xfffff804`80848190
  5090. Debug session time: Wed Jul 29 20:08:41.677 2020 (UTC - 4:00)
  5091. System Uptime: 0 days 0:32:47.304
  5092.  
  5093. BugCheck 1000009F, {4, 12c, ffff810fe89e7040, fffff48db2c6f8e0}
  5094. Implicit thread is now ffff810f`e89e7040
  5095. *** WARNING: Unable to verify timestamp for win32k.sys
  5096. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  5097. Probably caused by : memory_corruption
  5098. Followup: memory_corruption
  5099.  
  5100. DRIVER_POWER_STATE_FAILURE (9f)
  5101. A driver has failed to complete a power IRP within a specific time.
  5102.  
  5103. Arguments:
  5104. Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
  5105. subsystem.
  5106. Arg2: 000000000000012c, Timeout in seconds.
  5107. Arg3: ffff810fe89e7040, The thread currently holding on to the Pnp lock.
  5108. Arg4: fffff48db2c6f8e0, nt!TRIAGE_9F_PNP on Win7 and higher
  5109.  
  5110. Debugging Details:
  5111. Implicit thread is now ffff810f`e89e7040
  5112. DUMP_CLASS: 1
  5113. DUMP_QUALIFIER: 400
  5114. DUMP_TYPE: 2
  5115. DRVPOWERSTATE_SUBCODE: 4
  5116. FAULTING_THREAD: e89e7040
  5117. CUSTOMER_CRASH_COUNT: 1
  5118. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  5119. BUGCHECK_STR: 0x9F
  5120.  
  5121. PROCESS_NAME: System
  5122.  
  5123. CURRENT_IRQL: 2
  5124. LOCK_ADDRESS: fffff804808629e0 -- (!locks fffff804808629e0)
  5125. Resource @ nt!PiEngineLock (0xfffff804808629e0) Exclusively owned
  5126. Contention Count = 32
  5127. NumberOfExclusiveWaiters = 1
  5128. Threads: ffff810fe89e7040-01<*> << Too many exclusive waiters to list>>
  5129. 1 total locks, 1 locks currently held
  5130. PNP_TRIAGE:
  5131. Lock address : 0xfffff804808629e0
  5132. Thread Count : 1
  5133. Thread address: 0xffff810fe89e7040
  5134. Thread wait : 0x1a0d3
  5135. LAST_CONTROL_TRANSFER: from fffff804804a46ad to fffff804805c9106
  5136. STACK_TEXT:
  5137. fffff48d`b905df30 fffff804`804a46ad : ffffb381`ec9d2180 00100033`fffffffe ffffb381`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  5138. fffff48d`b905e070 fffff804`804a3534 : ffff810f`e89e7040 00000000`00000000 ffff810f`00000000 ffffc486`00000000 : nt!KiSwapThread+0xbfd
  5139. fffff48d`b905e110 fffff804`804a2cd5 : 00000000`00000001 fffff804`00000000 ffff810f`e12e6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  5140. fffff48d`b905e1b0 fffff804`85bb9920 : ffff810f`e119d5b0 fffff804`00000000 ffff810f`e119c100 fffff804`00000000 : nt!KeWaitForSingleObject+0x255
  5141. fffff48d`b905e290 fffff804`85bacb89 : 00000000`00000008 fffff48d`b905e330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  5142. fffff48d`b905e2d0 fffff804`85babefd : ffffc486`46951e60 fffff804`85babee0 ffffc486`46cfcf38 fffff804`85b6c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  5143. fffff48d`b905e320 fffff804`85ba7933 : ffffc486`46951ea0 fffff804`85babee0 ffffc486`46cfcf38 ffff810f`e119c1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  5144. fffff48d`b905e350 fffff804`85ba7879 : 00000000`00000000 fffff804`85b6c6d8 00000000`00000000 ffffc486`46cfcf30 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  5145. fffff48d`b905e3a0 fffff804`85ba768b : 00000000`00000000 ffff810f`e64e4628 00000000`00000010 fffff804`85abb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  5146. fffff48d`b905e3d0 fffff804`85bd9934 : ffff810f`e64e42b0 fffff48d`b905e4e8 fffff48d`b905e4e8 ffff810f`e64e42f8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  5147. fffff48d`b905e420 fffff804`85b327c6 : ffff810f`e64e42b0 fffff804`85b85050 fffff804`85b85050 fffff804`85b6d790 : ndis!NdisDeregisterProtocol+0xd4
  5148. fffff48d`b905e490 fffff804`7e48111a : fffff804`7e489000 fffff804`00000000 ffff810f`e7a77a60 fffff48d`b905e570 : ndis!NdisDeregisterProtocolDriver+0x66
  5149. fffff48d`b905e4e0 fffff804`7e48c484 : 00000000`000000e7 fffff48d`b905e568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  5150. fffff48d`b905e510 fffff804`85bb7d73 : ffff810f`e7a77a60 ffff810f`e7a77a60 fffff804`85b85050 ffff810f`e7864e30 : raspppoe!MpUnload+0x44
  5151. fffff48d`b905e540 fffff804`85b3cdd4 : ffff810f`e7864e30 00000000`00000000 ffff810f`e7864e30 ffff810f`e7864e30 : ndis!ndisMInvokeDriverUnload+0x67
  5152. fffff48d`b905e580 fffff804`80b662d7 : ffff810f`e7864e30 00000000`00000000 fffff48d`b905e740 ffffc486`57a258d0 : ndis!ndisMUnloadEx+0x94
  5153. fffff48d`b905e5e0 fffff804`80b319ce : ffff810f`e7864f80 00000000`00000000 fffff804`80b8cb01 ffff810f`e7864e30 : nt!IopUnloadDriver+0x20f
  5154. fffff48d`b905e710 fffff804`80572004 : ffff810f`e7ac2cb0 00004376`8e49a090 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  5155. fffff48d`b905e760 fffff804`80b315cf : ffff810f`e7ac2cb0 fffff804`00000018 00000000`00000000 fffff804`80862940 : nt!PnpRemoveLockedDeviceNode+0x240
  5156. fffff48d`b905e7c0 fffff804`80b3126a : ffff810f`e7ac2cb0 fffff48d`b905e840 00000000`00000018 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  5157. fffff48d`b905e800 fffff804`80b32b51 : ffff810f`e524be00 00000000`00000002 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  5158. fffff48d`b905e880 fffff804`80b30994 : 00000000`00000000 fffff48d`b905e900 ffff810f`e524be00 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  5159. fffff48d`b905e8d0 fffff804`80b30371 : ffff810f`ec4a5690 00000000`00000001 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDelayedRemoveWorker+0x114
  5160. fffff48d`b905e910 fffff804`80571a54 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff810f`e7ac2cb0 : nt!PnpChainDereferenceComplete+0xfd
  5161. fffff48d`b905e940 fffff804`80b2fb1a : 00000000`00000001 fffff48d`b905ea49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  5162. fffff48d`b905e9c0 fffff804`80b0924e : fffff48d`b905eb10 ffff810f`e7ac2c00 fffff48d`b905eb00 ffffc486`00000001 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  5163. fffff48d`b905eab0 fffff804`809c96d8 : ffffc486`7d102ae0 ffffc486`7b4a7b40 ffffc486`7b4a7b40 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  5164. fffff48d`b905eae0 fffff804`80483965 : ffff810f`dc946c50 ffff810f`e89e7040 ffff810f`dc946c50 ffff810f`dc946c50 : nt!PnpDeviceEventWorker+0x2d8
  5165. fffff48d`b905eb70 fffff804`8051e155 : ffff810f`e89e7040 00000000`00000080 ffff810f`dc87c040 00002425`bd9bbfff : nt!ExpWorkerThread+0x105
  5166. fffff48d`b905ec10 fffff804`805c99c8 : ffffb381`ec8c6180 ffff810f`e89e7040 fffff804`8051e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  5167. fffff48d`b905ec60 00000000`00000000 : fffff48d`b905f000 fffff48d`b9059000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  5168. STACK_COMMAND: .thread 0xffff810fe89e7040 ; kb
  5169. CHKIMG_EXTENSION: !chkimg -lo 50 -d !fvevol
  5170. fffff80486055dd9-fffff80486055dda 2 bytes - fvevol!FveFreeCallback+9
  5171. [ 48 ff:4c 8b ]
  5172. fffff80486055de0-fffff80486055de4 5 bytes - fvevol!FveFreeCallback+10 (+0x07)
  5173. [ 0f 1f 44 00 00:e8 bb 92 71 fa ]
  5174. fffff804860b8f1e-fffff804860b8f1f 2 bytes - fvevol!FveFileSetSize+5e
  5175. [ 48 ff:4c 8b ]
  5176. fffff804860b8f25-fffff804860b8f29 5 bytes - fvevol!FveFileSetSize+65 (+0x07)
  5177. [ 0f 1f 44 00 00:e8 26 5f 50 fa ]
  5178. fffff804860b8fb6-fffff804860b8fb7 2 bytes - fvevol!FveFileFillZeros+5a (+0x91)
  5179. [ 48 ff:4c 8b ]
  5180. fffff804860b8fbd-fffff804860b8fbf 3 bytes - fvevol!FveFileFillZeros+61 (+0x07)
  5181. [ 0f 1f 44:e8 4e 60 ]
  5182. fffff804860b946a-fffff804860b946b 2 bytes - fvevol!FveFileMoveClusters+aa (+0x4ad)
  5183. [ 48 ff:4c 8b ]
  5184. fffff804860b9471-fffff804860b9475 5 bytes - fvevol!FveFileMoveClusters+b1 (+0x07)
  5185. [ 0f 1f 44 00 00:e8 1a 5c 50 fa ]
  5186. fffff804860b9506-fffff804860b9507 2 bytes - fvevol!FveVolumeQueryBitmap+46 (+0x95)
  5187. [ 48 ff:4c 8b ]
  5188. fffff804860b950d-fffff804860b9511 5 bytes - fvevol!FveVolumeQueryBitmap+4d (+0x07)
  5189. [ 0f 1f 44 00 00:e8 7e 5b 50 fa ]
  5190. fffff804860bb1c9-fffff804860bb1ca 2 bytes - fvevol!FveVolumeInitInfo+f9 (+0x1cbc)
  5191. [ 48 ff:4c 8b ]
  5192. fffff804860c4a47-fffff804860c4a48 2 bytes - fvevol!FvePagedAllocCallback+17 (+0x987e)
  5193. [ 48 ff:4c 8b ]
  5194. fffff804860c4a4e-fffff804860c4a52 5 bytes - fvevol!FvePagedAllocCallback+1e (+0x07)
  5195. [ 0f 1f 44 00 00:e8 bd a5 6a fa ]
  5196. fffff804860c4ad6-fffff804860c4ad7 2 bytes - fvevol!PdcPortOpenCommon+66 (+0x88)
  5197. [ 48 ff:4c 8b ]
  5198. fffff804860c4add-fffff804860c4ae1 5 bytes - fvevol!PdcPortOpenCommon+6d (+0x07)
  5199. [ 0f 1f 44 00 00:e8 2e a5 6a fa ]
  5200. fffff804860c4b20-fffff804860c4b21 2 bytes - fvevol!PdcPortOpenCommon+b0 (+0x43)
  5201. [ 48 ff:4c 8b ]
  5202. fffff804860c4b27-fffff804860c4b2b 5 bytes - fvevol!PdcPortOpenCommon+b7 (+0x07)
  5203. [ 0f 1f 44 00 00:e8 b4 c0 3f fa ]
  5204. fffff804860c5c75-fffff804860c5c76 2 bytes - fvevol!FveVolumeCleanupInfo+95 (+0x114e)
  5205. [ 48 ff:4c 8b ]
  5206. fffff804860c5c7c-fffff804860c5c80 5 bytes - fvevol!FveVolumeCleanupInfo+9c (+0x07)
  5207. [ 0f 1f 44 00 00:e8 cf 8e 4f fa ]
  5208. fffff804860e7995-fffff804860e7996 2 bytes - fvevol!FveFileQueryExtentsBuffer+45 (+0x21d19)
  5209. [ 48 ff:4c 8b ]
  5210. fffff804860e799c-fffff804860e79a0 5 bytes - fvevol!FveFileQueryExtentsBuffer+4c (+0x07)
  5211. [ 0f 1f 44 00 00:e8 ef 76 4d fa ]
  5212. 70 errors : !fvevol (fffff80486055dd9-fffff804860e79a0)
  5213. MODULE_NAME: memory_corruption
  5214.  
  5215. IMAGE_NAME: memory_corruption
  5216.  
  5217. FOLLOWUP_NAME: memory_corruption
  5218. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  5219. MEMORY_CORRUPTOR: LARGE
  5220. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  5221. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  5222. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  5223. TARGET_TIME: 2020-07-30T00:08:41.000Z
  5224. SUITE_MASK: 272
  5225. PRODUCT_TYPE: 1
  5226. USER_LCID: 0
  5227. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  5228. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  5229. Followup: memory_corruption
  5230.  
  5231. ====================== Dump #9: 3RD PARTY DRIVERS ======================
  5232.  
  5233. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  5234. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  5235. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  5236. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  5237. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  5238. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  5239. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  5240. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  5241. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  5242. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  5243. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  5244. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  5245. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  5246. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  5247. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  5248. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  5249. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  5250. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  5251. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  5252. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  5253. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  5254. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  5255. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  5256. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  5257. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  5258. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  5259. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  5260. Jun 23 2020 - aswNetHub.sys - Avast driver
  5261. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  5262. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  5263. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  5264. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  5265. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  5266. Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  5267. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  5268.  
  5269. ================== Dump #9: 3RD PARTY DRIVERS (FULL) ===================
  5270.  
  5271. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  5272. Image name: LGBusEnum.sys
  5273. Search : https://www.google.com/search?q=LGBusEnum.sys
  5274. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  5275. Timestamp : Mon Nov 23 2009
  5276.  
  5277. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  5278. Image name: sadp_npf64.sys
  5279. Search : https://www.google.com/search?q=sadp_npf64.sys
  5280. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  5281. Timestamp : Fri Jun 25 2010
  5282.  
  5283. Image path: \SystemRoot\system32\drivers\NPF.sys
  5284. Image name: NPF.sys
  5285. Search : https://www.google.com/search?q=NPF.sys
  5286. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  5287. Timestamp : Fri Jun 25 2010
  5288.  
  5289. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  5290. Image name: AsUpIO.sys
  5291. Search : https://www.google.com/search?q=AsUpIO.sys
  5292. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  5293. Timestamp : Mon Aug 2 2010
  5294.  
  5295. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  5296. Image name: BazisVirtualCDBus.sys
  5297. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  5298. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  5299. Timestamp : Mon Aug 8 2011
  5300.  
  5301. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  5302. Image name: PxHlpa64.sys
  5303. Search : https://www.google.com/search?q=PxHlpa64.sys
  5304. ADA Info : Sonic CD/DVD driver
  5305. Timestamp : Mon Oct 17 2011
  5306.  
  5307. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  5308. Image name: AiCharger.sys
  5309. Search : https://www.google.com/search?q=AiCharger.sys
  5310. ADA Info : Asus Charger driver
  5311. Timestamp : Thu Mar 22 2012
  5312.  
  5313. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  5314. Image name: GEARAspiWDM.sys
  5315. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  5316. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  5317. Timestamp : Thu May 3 2012
  5318.  
  5319. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  5320. Image name: AsIO.sys
  5321. Search : https://www.google.com/search?q=AsIO.sys
  5322. ADA Info : ASUS Input Output driver http://www.asus.com/
  5323. Timestamp : Wed Aug 22 2012
  5324.  
  5325. Image name: IOMap64.sys
  5326. Search : https://www.google.com/search?q=IOMap64.sys
  5327. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  5328. Timestamp : Tue Jul 2 2013
  5329.  
  5330. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  5331. Image name: rzpmgrk.sys
  5332. Search : https://www.google.com/search?q=rzpmgrk.sys
  5333. ADA Info : Razer Overlay Support https://www.razer.com/
  5334. Timestamp : Thu Apr 17 2014
  5335.  
  5336. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  5337. Image name: RTKVHD64.sys
  5338. Search : https://www.google.com/search?q=RTKVHD64.sys
  5339. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  5340. Timestamp : Thu Apr 24 2014
  5341.  
  5342. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  5343. Image name: TeeDriverx64.sys
  5344. Search : https://www.google.com/search?q=TeeDriverx64.sys
  5345. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  5346. Timestamp : Tue Sep 23 2014
  5347.  
  5348. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  5349. Image name: rzpnk.sys
  5350. Search : https://www.google.com/search?q=rzpnk.sys
  5351. ADA Info : Razer Overlay Support https://www.razer.com/
  5352. Timestamp : Fri Oct 17 2014
  5353.  
  5354. Image path: \SystemRoot\System32\drivers\tap0901.sys
  5355. Image name: tap0901.sys
  5356. Search : https://www.google.com/search?q=tap0901.sys
  5357. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  5358. Timestamp : Thu Apr 21 2016
  5359.  
  5360. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  5361. Image name: tapwindscribe0901.sys
  5362. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  5363. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  5364. Timestamp : Thu Mar 16 2017
  5365.  
  5366. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  5367. Image name: YSDrv.sys
  5368. Search : https://www.google.com/search?q=YSDrv.sys
  5369. ADA Info : VirtualBox Support driver
  5370. Timestamp : Wed Oct 11 2017
  5371.  
  5372. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  5373. Image name: IntelHaxm.sys
  5374. Search : https://www.google.com/search?q=IntelHaxm.sys
  5375. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  5376. Timestamp : Tue Sep 18 2018
  5377.  
  5378. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  5379. Image name: e1d65x64.sys
  5380. Search : https://www.google.com/search?q=e1d65x64.sys
  5381. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  5382. Timestamp : Thu Jan 24 2019
  5383.  
  5384. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  5385. Image name: MbamChameleon.sys
  5386. Search : https://www.google.com/search?q=MbamChameleon.sys
  5387. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  5388. Timestamp : Thu Jun 4 2020
  5389.  
  5390. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  5391. Image name: nvhda64v.sys
  5392. Search : https://www.google.com/search?q=nvhda64v.sys
  5393. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  5394. Timestamp : Tue Jun 9 2020
  5395.  
  5396. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  5397. Image name: aswArPot.sys
  5398. Search : https://www.google.com/search?q=aswArPot.sys
  5399. ADA Info : Avast Antivirus http://www.avast.com/
  5400. Timestamp : Tue Jun 23 2020
  5401.  
  5402. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  5403. Image name: aswbidsdriver.sys
  5404. Search : https://www.google.com/search?q=aswbidsdriver.sys
  5405. ADA Info : Avast Antivirus http://www.avast.com/
  5406. Timestamp : Tue Jun 23 2020
  5407.  
  5408. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  5409. Image name: aswbidsh.sys
  5410. Search : https://www.google.com/search?q=aswbidsh.sys
  5411. ADA Info : Avast Antivirus http://www.avast.com/
  5412. Timestamp : Tue Jun 23 2020
  5413.  
  5414. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  5415. Image name: aswbuniv.sys
  5416. Search : https://www.google.com/search?q=aswbuniv.sys
  5417. ADA Info : Avast Antivirus http://www.avast.com/
  5418. Timestamp : Tue Jun 23 2020
  5419.  
  5420. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  5421. Image name: aswKbd.sys
  5422. Search : https://www.google.com/search?q=aswKbd.sys
  5423. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  5424. Timestamp : Tue Jun 23 2020
  5425.  
  5426. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  5427. Image name: aswMonFlt.sys
  5428. Search : https://www.google.com/search?q=aswMonFlt.sys
  5429. ADA Info : Avast Antivirus http://www.avast.com/
  5430. Timestamp : Tue Jun 23 2020
  5431.  
  5432. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  5433. Image name: aswNetHub.sys
  5434. Search : https://www.google.com/search?q=aswNetHub.sys
  5435. ADA Info : Avast driver
  5436. Timestamp : Tue Jun 23 2020
  5437.  
  5438. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  5439. Image name: aswRdr2.sys
  5440. Search : https://www.google.com/search?q=aswRdr2.sys
  5441. ADA Info : Avast Antivirus http://www.avast.com/
  5442. Timestamp : Tue Jun 23 2020
  5443.  
  5444. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  5445. Image name: aswRvrt.sys
  5446. Search : https://www.google.com/search?q=aswRvrt.sys
  5447. ADA Info : Avast Antivirus http://www.avast.com/
  5448. Timestamp : Tue Jun 23 2020
  5449.  
  5450. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  5451. Image name: aswSnx.sys
  5452. Search : https://www.google.com/search?q=aswSnx.sys
  5453. ADA Info : Avast Antivirus http://www.avast.com/
  5454. Timestamp : Tue Jun 23 2020
  5455.  
  5456. Image path: \SystemRoot\system32\drivers\aswSP.sys
  5457. Image name: aswSP.sys
  5458. Search : https://www.google.com/search?q=aswSP.sys
  5459. ADA Info : Avast Antivirus http://www.avast.com/
  5460. Timestamp : Tue Jun 23 2020
  5461.  
  5462. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  5463. Image name: aswVmm.sys
  5464. Search : https://www.google.com/search?q=aswVmm.sys
  5465. ADA Info : Avast Antivirus http://www.avast.com/
  5466. Timestamp : Tue Jun 23 2020
  5467.  
  5468. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
  5469. Image name: nvlddmkm.sys
  5470. Search : https://www.google.com/search?q=nvlddmkm.sys
  5471. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  5472. Timestamp : Sun Jul 5 2020
  5473.  
  5474. Image path: \SystemRoot\system32\drivers\aswElam.sys
  5475. Image name: aswElam.sys
  5476. Search : https://www.google.com/search?q=aswElam.sys
  5477. ADA Info : Avast ELAM driver
  5478. Timestamp : Fri Jul 17 2020
  5479.  
  5480. ====================== Dump #9: MICROSOFT DRIVERS ======================
  5481.  
  5482. ACPI.sys ACPI Driver for NT (Microsoft)
  5483. acpiex.sys ACPIEx Driver (Microsoft)
  5484. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  5485. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  5486. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  5487. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  5488. ahcache.sys Application Compatibility Cache (Microsoft)
  5489. bam.sys BAM Kernal driver (Microsoft)
  5490. BasicDisplay.sys Basic Display driver (Microsoft)
  5491. BasicRender.sys Basic Render driver (Microsoft)
  5492. Beep.SYS BEEP driver (Microsoft)
  5493. bindflt.sys Windows Bind Filter driver (Microsoft)
  5494. BOOTVID.dll VGA Boot Driver (Microsoft)
  5495. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  5496. cdd.dll Canonical Display Driver (Microsoft)
  5497. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  5498. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  5499. CI.dll Code Integrity Module (Microsoft)
  5500. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  5501. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  5502. CLFS.SYS Common Log File System Driver (Microsoft)
  5503. clipsp.sys CLIP Service (Microsoft)
  5504. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  5505. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  5506. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  5507. condrv.sys Console Driver (Microsoft)
  5508. crashdmp.sys Crash Dump driver (Microsoft)
  5509. csc.sys Windows Client Side Caching driver (Microsoft)
  5510. dfsc.sys DFS Namespace Client Driver (Microsoft)
  5511. disk.sys PnP Disk Driver (Microsoft)
  5512. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  5513. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  5514. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  5515. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  5516. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  5517. dxgmms2.sys DirectX Graphics MMS
  5518. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  5519. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  5520. fileinfo.sys FileInfo Filter Driver (Microsoft)
  5521. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  5522. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  5523. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  5524. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  5525. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  5526. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  5527. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  5528. HIDCLASS.SYS Hid Class Library (Microsoft)
  5529. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  5530. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  5531. HTTP.sys HTTP Protocol Stack (Microsoft)
  5532. intelpep.sys Intel Power Engine Plugin (Microsoft)
  5533. intelppm.sys Processor Device Driver (Microsoft)
  5534. iorate.sys I/O rate control Filter (Microsoft)
  5535. kbdclass.sys Keyboard Class Driver (Microsoft)
  5536. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  5537. kd.dll Local Kernal Debugger (Microsoft)
  5538. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  5539. ks.sys Kernal CSA Library (Microsoft)
  5540. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  5541. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  5542. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  5543. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  5544. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  5545. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  5546. mmcss.sys MMCSS Driver (Microsoft)
  5547. monitor.sys Monitor Driver (Microsoft)
  5548. mouclass.sys Mouse Class Driver (Microsoft)
  5549. mouhid.sys HID Mouse Filter Driver (Microsoft)
  5550. mountmgr.sys Mount Point Manager (Microsoft)
  5551. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  5552. mqac.sys Message Queuing Device driver (Microsoft)
  5553. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  5554. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  5555. Msfs.SYS Mailslot driver (Microsoft)
  5556. msisadrv.sys ISA Driver (Microsoft)
  5557. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  5558. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  5559. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  5560. mssmbios.sys System Management BIOS driver (Microsoft)
  5561. mup.sys Multiple UNC Provider driver (Microsoft)
  5562. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  5563. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  5564. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  5565. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  5566. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  5567. NDProxy.sys NDIS Proxy driver (Microsoft)
  5568. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  5569. netbios.sys NetBIOS Interface driver (Microsoft)
  5570. netbt.sys MBT Transport driver (Microsoft)
  5571. NETIO.SYS Network I/O Subsystem (Microsoft)
  5572. Npfs.SYS NPFS driver (Microsoft)
  5573. npsvctrig.sys Named pipe service triggers (Microsoft)
  5574. nsiproxy.sys NSI Proxy driver (Microsoft)
  5575. Ntfs.sys NT File System Driver (Microsoft)
  5576. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  5577. ntosext.sys NTOS Extension Host driver (Microsoft)
  5578. Null.SYS NULL Driver (Microsoft)
  5579. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  5580. pacer.sys QoS Packet Scheduler (Microsoft)
  5581. partmgr.sys Partition driver (Microsoft)
  5582. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  5583. pcw.sys Performance Counter Driver (Microsoft)
  5584. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  5585. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  5586. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  5587. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  5588. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  5589. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  5590. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  5591. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  5592. rdyboost.sys ReadyBoost Driver (Microsoft)
  5593. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  5594. serenum.sys Serial Port Enumerator (Microsoft)
  5595. serial.sys Serial Device Driver
  5596. serscan.sys Serial Imaging Device Driver (Microsoft)
  5597. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  5598. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  5599. spaceport.sys Storage Spaces driver (Microsoft)
  5600. srv.sys Server driver (Microsoft)
  5601. srv2.sys Smb 2.0 Server driver (Microsoft)
  5602. srvnet.sys Server Network driver (Microsoft)
  5603. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  5604. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  5605. storqosflt.sys Storage QoS Filter driver (Microsoft)
  5606. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  5607. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  5608. tcpip.sys TCP/IP Protocol driver (Microsoft)
  5609. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  5610. TDI.SYS TDI Wrapper driver (Microsoft)
  5611. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  5612. tm.sys Kernel Transaction Manager driver (Microsoft)
  5613. ucx01000.sys USB Controller Extension (Microsoft)
  5614. umbus.sys User-Mode Bus Enumerator (Microsoft)
  5615. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  5616. USBD.SYS Universal Serial Bus Driver (Microsoft)
  5617. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  5618. usbhub.sys Default Hub Driver for USB (Microsoft)
  5619. UsbHub3.sys USB3 HUB driver (Microsoft)
  5620. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  5621. USBXHCI.SYS USB XHCI driver (Microsoft)
  5622. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  5623. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  5624. volmgr.sys Volume Manager Driver (Microsoft)
  5625. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  5626. volsnap.sys Volume Shadow Copy driver (Microsoft)
  5627. volume.sys Volume driver (Microsoft)
  5628. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  5629. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  5630. watchdog.sys Watchdog driver (Microsoft)
  5631. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  5632. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  5633. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  5634. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  5635. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  5636. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  5637. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  5638. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  5639. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  5640. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  5641. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  5642. winquic.sys QUIC Transport Protocol driver (Microsoft)
  5643. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  5644. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  5645. Wof.sys Windows Overlay Filter (Microsoft)
  5646. WppRecorder.sys WPP Trace Recorder (Microsoft)
  5647. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  5648.  
  5649. ====================== Dump #9: UNLOADED MODULES =======================
  5650.  
  5651. fffff804`7e440000 fffff804`7e461000 raspptp.sys
  5652. fffff804`7e410000 fffff804`7e433000 rasl2tp.sys
  5653. fffff804`7daf0000 fffff804`7dafc000 umpass.sys
  5654. fffff804`7dad0000 fffff804`7dade000 WSDPrint.sys
  5655. fffff804`881a0000 fffff804`881d5000 aswStm.sys
  5656. fffff804`7e510000 fffff804`7e550000 mbamswissarm
  5657. fffff804`7e550000 fffff804`7e573000 mwac.sys
  5658. fffff804`7e580000 fffff804`7e5b4000 farflt.sys
  5659. fffff804`7e5c0000 fffff804`7e5d4000 mbam.sys
  5660. fffff804`87a40000 fffff804`87a67000 mbae64.sys
  5661. fffff804`7de00000 fffff804`7e3d5000 iqvw64e.sys
  5662. fffff804`879e0000 fffff804`879f2000 kbdhid.sys
  5663. fffff804`7dae0000 fffff804`7daee000 WSDScan.sys
  5664. fffff804`86960000 fffff804`8696f000 dump_storpor
  5665. fffff804`869a0000 fffff804`869cf000 dump_storahc
  5666. fffff804`86800000 fffff804`8681e000 dump_dumpfve
  5667. fffff804`895b0000 fffff804`89601000 WUDFRd.sys
  5668. fffff804`87aa0000 fffff804`87abe000 dam.sys
  5669. fffff804`85220000 fffff804`85229000 MbamElam.sys
  5670. fffff804`86220000 fffff804`86231000 hwpolicy.sys
  5671.  
  5672. ====================== Dump #9: BIOS INFORMATION =======================
  5673.  
  5674. [SMBIOS Data Tables v2.8]
  5675. [DMI Version - 0]
  5676. [2.0 Calling Convention - No]
  5677. [Table Size - 3167 bytes]
  5678. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
  5679. Vendor American Megatrends Inc.
  5680. BIOS Version 1304
  5681. BIOS Starting Address Segment f000
  5682. BIOS Release Date 07/11/2014
  5683. BIOS ROM Size 800000
  5684. BIOS Characteristics
  5685. 07: - PCI Supported
  5686. 10: - APM Supported
  5687. 11: - Upgradeable FLASH BIOS
  5688. 12: - BIOS Shadowing Supported
  5689. 15: - CD-Boot Supported
  5690. 16: - Selectable Boot Supported
  5691. 17: - BIOS ROM Socketed
  5692. 19: - EDD Supported
  5693. 23: - 1.2MB Floppy Supported
  5694. 24: - 720KB Floppy Supported
  5695. 25: - 2.88MB Floppy Supported
  5696. 26: - Print Screen Device Supported
  5697. 27: - Keyboard Services Supported
  5698. 28: - Serial Services Supported
  5699. 29: - Printer Services Supported
  5700. 32: - BIOS Vendor Reserved
  5701. BIOS Characteristic Extensions
  5702. 00: - ACPI Supported
  5703. 01: - USB Legacy Supported
  5704. 08: - BIOS Boot Specification Supported
  5705. 10: - Specification Reserved
  5706. 11: - Specification Reserved
  5707. BIOS Major Revision 4
  5708. BIOS Minor Revision 6
  5709. EC Firmware Major Revision 255
  5710. EC Firmware Minor Revision 255
  5711. [System Information (Type 1) - Length 27 - Handle 0001h]
  5712. Manufacturer ASUS
  5713. Product Name All Series
  5714. Version System Version
  5715. UUID 00000000-0000-0000-0000-000000000000
  5716. Wakeup Type Power Switch
  5717. SKUNumber All
  5718. Family ASUS MB
  5719. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  5720. Manufacturer ASUSTeK COMPUTER INC.
  5721. Product Z97-A
  5722. Version Rev 1.xx
  5723. Feature Flags 09h
  5724. 1830401760: - 1830401808: - «Q¦ý
  5725. Chassis Handle 0003h
  5726. Board Type 0ah - Processor/Memory Module
  5727. Number of Child Handles 0
  5728. [System Enclosure (Type 3) - Length 25 - Handle 0003h]
  5729. Chassis Type Desktop
  5730. Bootup State Safe
  5731. Power Supply State Safe
  5732. Thermal State Safe
  5733. Security Status None
  5734. OEM Defined 0
  5735. Height 0U
  5736. Number of Power Cords 1
  5737. Number of Contained Elements 1
  5738. Contained Element Size 3
  5739. [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
  5740. Number of Devices 2
  5741. 01: Type Video [enabled]
  5742. 02: Type Ethernet [enabled]
  5743. [OEM Strings (Type 11) - Length 5 - Handle 0029h]
  5744. Number of Strings 4
  5745. 3 Ferrari
  5746. [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
  5747. [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
  5748. Location 03h - SystemBoard/Motherboard
  5749. Use 03h - System Memory
  5750. Memory Error Correction 03h - None
  5751. Maximum Capacity 33554432KB
  5752. Number of Memory Devices 4
  5753. [Memory Device (Type 17) - Length 40 - Handle 0047h]
  5754. Physical Memory Array Handle 0046h
  5755. Total Width 0 bits
  5756. Data Width 0 bits
  5757. Form Factor 09h - DIMM
  5758. Device Locator DIMM_A1
  5759. Bank Locator BANK 0
  5760. Memory Type 02h - Unknown
  5761. Type Detail 0000h -
  5762. Speed 0MHz
  5763. [Memory Device (Type 17) - Length 40 - Handle 0048h]
  5764. Physical Memory Array Handle 0046h
  5765. Total Width 64 bits
  5766. Data Width 64 bits
  5767. Size 8192MB
  5768. Form Factor 09h - DIMM
  5769. Device Locator DIMM_A2
  5770. Bank Locator BANK 1
  5771. Memory Type 18h - Specification Reserved
  5772. Type Detail 0080h - Synchronous
  5773. Speed 1600MHz
  5774. Manufacturer 0215
  5775. Part Number CMY16GX3M2A1600C9
  5776. [Memory Device (Type 17) - Length 40 - Handle 0049h]
  5777. Physical Memory Array Handle 0046h
  5778. Total Width 64 bits
  5779. Data Width 64 bits
  5780. Size 8192MB
  5781. Form Factor 09h - DIMM
  5782. Device Locator DIMM_B1
  5783. Bank Locator BANK 2
  5784. Memory Type 18h - Specification Reserved
  5785. Type Detail 0080h - Synchronous
  5786. Speed 1600MHz
  5787. Manufacturer 0215
  5788. Part Number CMY16GX3M2A1600C9
  5789. [Memory Device (Type 17) - Length 40 - Handle 004ah]
  5790. Physical Memory Array Handle 0046h
  5791. Total Width 0 bits
  5792. Data Width 0 bits
  5793. Form Factor 09h - DIMM
  5794. Device Locator DIMM_B2
  5795. Bank Locator BANK 3
  5796. Memory Type 02h - Unknown
  5797. Type Detail 0000h -
  5798. Speed 0MHz
  5799. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
  5800. Starting Address 00000000h
  5801. Ending Address 00ffffffh
  5802. Memory Array Handle 0046h
  5803. Partition Width 04
  5804. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
  5805. Starting Address 00800000h
  5806. Ending Address 00ffffffh
  5807. Memory Device Handle 004ah
  5808. Mem Array Mapped Adr Handle 004bh
  5809. Interleave Position 01
  5810. Interleave Data Depth 02
  5811. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
  5812. Starting Address 00000000h
  5813. Ending Address 007fffffh
  5814. Memory Device Handle 004ah
  5815. Mem Array Mapped Adr Handle 004bh
  5816. Interleave Position 02
  5817. Interleave Data Depth 02
  5818. [Processor Information (Type 4) - Length 42 - Handle 005dh]
  5819. Socket Designation SOCKET 1150
  5820. Processor Type Central Processor
  5821. Processor Family 01h - Other
  5822. Processor Manufacturer Intel
  5823. Processor ID c3060300fffbebbf
  5824. Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
  5825. Processor Voltage 8ch - 1.2V
  5826. External Clock 100MHz
  5827. Max Speed 3800MHz
  5828. Current Speed 4000MHz
  5829. Status Enabled Populated
  5830. Processor Upgrade Specification Reserved
  5831. L1 Cache Handle 005eh
  5832. L2 Cache Handle 005fh
  5833. L3 Cache Handle 0060h
  5834. [Cache Information (Type 7) - Length 19 - Handle 005eh]
  5835. Socket Designation CPU Internal L1
  5836. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
  5837. Maximum Cache Size 0100h - 256K
  5838. Installed Size 0100h - 256K
  5839. Supported SRAM Type 0020h - Synchronous
  5840. Current SRAM Type 0020h - Synchronous
  5841. Cache Speed 0ns
  5842. Error Correction Type ParitySingle-Bit ECC
  5843. System Cache Type Other
  5844. Associativity 8-way Set-Associative
  5845. [Cache Information (Type 7) - Length 19 - Handle 005fh]
  5846. Socket Designation CPU Internal L2
  5847. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
  5848. Maximum Cache Size 0400h - 1024K
  5849. Installed Size 0400h - 1024K
  5850. Supported SRAM Type 0020h - Synchronous
  5851. Current SRAM Type 0020h - Synchronous
  5852. Cache Speed 0ns
  5853. Error Correction Type Multi-Bit ECC
  5854. System Cache Type Unified
  5855. Associativity 8-way Set-Associative
  5856. [Cache Information (Type 7) - Length 19 - Handle 0060h]
  5857. Socket Designation CPU Internal L3
  5858. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
  5859. Maximum Cache Size 2000h - 8192K
  5860. Installed Size 2000h - 8192K
  5861. Supported SRAM Type 0020h - Synchronous
  5862. Current SRAM Type 0020h - Synchronous
  5863. Cache Speed 0ns
  5864. Error Correction Type Specification Reserved
  5865. System Cache Type Unified
  5866. Associativity 16-way Set-Associative
  5867.  
  5868. ========================== Dump #9: Extra #1 ===========================
  5869.  
  5870. 6: kd> !verifier
  5871. Verify Flags Level 0x00000000
  5872. STANDARD FLAGS:
  5873. [X] (0x00000000) Automatic Checks
  5874. [ ] (0x00000001) Special pool
  5875. [ ] (0x00000002) Force IRQL checking
  5876. [ ] (0x00000008) Pool tracking
  5877. [ ] (0x00000010) I/O verification
  5878. [ ] (0x00000020) Deadlock detection
  5879. [ ] (0x00000080) DMA checking
  5880. [ ] (0x00000100) Security checks
  5881. [ ] (0x00000800) Miscellaneous checks
  5882. [ ] (0x00020000) DDI compliance checking
  5883. ADDITIONAL FLAGS:
  5884. [ ] (0x00000004) Randomized low resources simulation
  5885. [ ] (0x00000200) Force pending I/O requests
  5886. [ ] (0x00000400) IRP logging
  5887. [ ] (0x00002000) Invariant MDL checking for stack
  5888. [ ] (0x00004000) Invariant MDL checking for driver
  5889. [ ] (0x00008000) Power framework delay fuzzing
  5890. [ ] (0x00010000) Port/miniport interface checking
  5891. [ ] (0x00040000) Systematic low resources simulation
  5892. [ ] (0x00080000) DDI compliance checking (additional)
  5893. [ ] (0x00200000) NDIS/WIFI verification
  5894. [ ] (0x00800000) Kernel synchronization delay fuzzing
  5895. [ ] (0x01000000) VM switch verification
  5896. [ ] (0x02000000) Code integrity checks
  5897. [X] Indicates flag is enabled
  5898. Summary of All Verifier Statistics
  5899. RaiseIrqls 0x0
  5900. AcquireSpinLocks 0x0
  5901. Synch Executions 0x0
  5902. Trims 0x0
  5903. Pool Allocations Attempted 0x0
  5904. Pool Allocations Succeeded 0x0
  5905. Pool Allocations Succeeded SpecialPool 0x0
  5906. Pool Allocations With NO TAG 0x0
  5907. Pool Allocations Failed 0x0
  5908. Current paged pool allocations 0x0 for 00000000 bytes
  5909. Peak paged pool allocations 0x0 for 00000000 bytes
  5910. Current nonpaged pool allocations 0x0 for 00000000 bytes
  5911. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  5912.  
  5913. ========================== Dump #9: Extra #2 ===========================
  5914.  
  5915. 6: kd> !thread
  5916. THREAD ffff810fe89e7040 Cid 0004.32ec Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
  5917. ffff810fe119d5b0 NotificationEvent
  5918. Not impersonating
  5919. GetUlongFromAddress: unable to read from fffff8048082ca14
  5920. Owning Process ffff810fdc87c040 Image: System
  5921. Attached Process N/A Image: N/A
  5922. fffff78000000000: Unable to get shared data
  5923. Wait Start TickCount 106707
  5924. Context Switch Count 104389 IdealProcessor: 7 NoStackSwap
  5925. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  5926. UserTime 00:00:00.000
  5927. KernelTime 00:00:00.000
  5928. Win32 Start Address nt!ExpWorkerThread (0xfffff80480483860)
  5929. Stack Init fffff48db905ec90 Current fffff48db905def0
  5930. Base fffff48db905f000 Limit fffff48db9059000 Call 0000000000000000
  5931. Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
  5932. Child-SP RetAddr : Args to Child : Call Site
  5933. fffff48d`b905df30 fffff804`804a46ad : ffffb381`ec9d2180 00100033`fffffffe ffffb381`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
  5934. fffff48d`b905e070 fffff804`804a3534 : ffff810f`e89e7040 00000000`00000000 ffff810f`00000000 ffffc486`00000000 : nt!KiSwapThread+0xbfd
  5935. fffff48d`b905e110 fffff804`804a2cd5 : 00000000`00000001 fffff804`00000000 ffff810f`e12e6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
  5936. fffff48d`b905e1b0 fffff804`85bb9920 : ffff810f`e119d5b0 fffff804`00000000 ffff810f`e119c100 fffff804`00000000 : nt!KeWaitForSingleObject+0x255
  5937. fffff48d`b905e290 fffff804`85bacb89 : 00000000`00000008 fffff48d`b905e330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  5938. fffff48d`b905e2d0 fffff804`85babefd : ffffc486`46951e60 fffff804`85babee0 ffffc486`46cfcf38 fffff804`85b6c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  5939. fffff48d`b905e320 fffff804`85ba7933 : ffffc486`46951ea0 fffff804`85babee0 ffffc486`46cfcf38 ffff810f`e119c1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
  5940. fffff48d`b905e350 fffff804`85ba7879 : 00000000`00000000 fffff804`85b6c6d8 00000000`00000000 ffffc486`46cfcf30 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
  5941. fffff48d`b905e3a0 fffff804`85ba768b : 00000000`00000000 ffff810f`e64e4628 00000000`00000010 fffff804`85abb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
  5942. fffff48d`b905e3d0 fffff804`85bd9934 : ffff810f`e64e42b0 fffff48d`b905e4e8 fffff48d`b905e4e8 ffff810f`e64e42f8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
  5943. fffff48d`b905e420 fffff804`85b327c6 : ffff810f`e64e42b0 fffff804`85b85050 fffff804`85b85050 fffff804`85b6d790 : ndis!NdisDeregisterProtocol+0xd4
  5944. fffff48d`b905e490 fffff804`7e48111a : fffff804`7e489000 fffff804`00000000 ffff810f`e7a77a60 fffff48d`b905e570 : ndis!NdisDeregisterProtocolDriver+0x66
  5945. fffff48d`b905e4e0 fffff804`7e48c484 : 00000000`000000e7 fffff48d`b905e568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
  5946. fffff48d`b905e510 fffff804`85bb7d73 : ffff810f`e7a77a60 ffff810f`e7a77a60 fffff804`85b85050 ffff810f`e7864e30 : raspppoe!MpUnload+0x44
  5947. fffff48d`b905e540 fffff804`85b3cdd4 : ffff810f`e7864e30 00000000`00000000 ffff810f`e7864e30 ffff810f`e7864e30 : ndis!ndisMInvokeDriverUnload+0x67
  5948. fffff48d`b905e580 fffff804`80b662d7 : ffff810f`e7864e30 00000000`00000000 fffff48d`b905e740 ffffc486`57a258d0 : ndis!ndisMUnloadEx+0x94
  5949. fffff48d`b905e5e0 fffff804`80b319ce : ffff810f`e7864f80 00000000`00000000 fffff804`80b8cb01 ffff810f`e7864e30 : nt!IopUnloadDriver+0x20f
  5950. fffff48d`b905e710 fffff804`80572004 : ffff810f`e7ac2cb0 00004376`8e49a090 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
  5951. fffff48d`b905e760 fffff804`80b315cf : ffff810f`e7ac2cb0 fffff804`00000018 00000000`00000000 fffff804`80862940 : nt!PnpRemoveLockedDeviceNode+0x240
  5952. fffff48d`b905e7c0 fffff804`80b3126a : ffff810f`e7ac2cb0 fffff48d`b905e840 00000000`00000018 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
  5953. fffff48d`b905e800 fffff804`80b32b51 : ffff810f`e524be00 00000000`00000002 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
  5954. fffff48d`b905e880 fffff804`80b30994 : 00000000`00000000 fffff48d`b905e900 ffff810f`e524be00 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
  5955. fffff48d`b905e8d0 fffff804`80b30371 : ffff810f`ec4a5690 00000000`00000001 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDelayedRemoveWorker+0x114
  5956. fffff48d`b905e910 fffff804`80571a54 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff810f`e7ac2cb0 : nt!PnpChainDereferenceComplete+0xfd
  5957. fffff48d`b905e940 fffff804`80b2fb1a : 00000000`00000001 fffff48d`b905ea49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
  5958. fffff48d`b905e9c0 fffff804`80b0924e : fffff48d`b905eb10 ffff810f`e7ac2c00 fffff48d`b905eb00 ffffc486`00000001 : nt!PnpProcessQueryRemoveAndEject+0x2a2
  5959. fffff48d`b905eab0 fffff804`809c96d8 : ffffc486`7d102ae0 ffffc486`7b4a7b40 ffffc486`7b4a7b40 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
  5960. fffff48d`b905eae0 fffff804`80483965 : ffff810f`dc946c50 ffff810f`e89e7040 ffff810f`dc946c50 ffff810f`dc946c50 : nt!PnpDeviceEventWorker+0x2d8
  5961. fffff48d`b905eb70 fffff804`8051e155 : ffff810f`e89e7040 00000000`00000080 ffff810f`dc87c040 00002425`bd9bbfff : nt!ExpWorkerThread+0x105
  5962. fffff48d`b905ec10 fffff804`805c99c8 : ffffb381`ec8c6180 ffff810f`e89e7040 fffff804`8051e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
  5963. fffff48d`b905ec60 00000000`00000000 : fffff48d`b905f000 fffff48d`b9059000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  5964.  
  5965.  
  5966. ========================================================================
  5967. ====================== Dump #10: ANALYZE VERBOSE =======================
  5968. ====================== File: 080720-129515-01.dmp ======================
  5969. ========================================================================
  5970.  
  5971. Mini Kernel Dump File: Only registers and stack trace are available
  5972. Windows 10 Kernel Version 18362 MP (8 procs) Free x64
  5973. Kernel base = 0xfffff805`45400000 PsLoadedModuleList = 0xfffff805`45848190
  5974. Debug session time: Fri Aug 7 04:39:04.145 2020 (UTC - 4:00)
  5975. System Uptime: 0 days 2:46:28.773
  5976.  
  5977. BugCheck 9F, {3, ffffd38f9a2e8d80, ffffa584e446f8b0, ffffd38fafcf6010}
  5978. Implicit thread is now ffffd38f`a6bf8040
  5979. *** WARNING: Unable to verify timestamp for win32k.sys
  5980. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
  5981. Probably caused by : memory_corruption
  5982. Followup: memory_corruption
  5983.  
  5984. DRIVER_POWER_STATE_FAILURE (9f)
  5985. A driver has failed to complete a power IRP within a specific time.
  5986.  
  5987. Arguments:
  5988. Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
  5989. Arg2: ffffd38f9a2e8d80, Physical Device Object of the stack
  5990. Arg3: ffffa584e446f8b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
  5991. Arg4: ffffd38fafcf6010, The blocked IRP
  5992.  
  5993. Debugging Details:
  5994. Implicit thread is now ffffd38f`a6bf8040
  5995. DUMP_CLASS: 1
  5996. DUMP_QUALIFIER: 400
  5997. DUMP_TYPE: 2
  5998. DRVPOWERSTATE_SUBCODE: 3
  5999. FAULTING_THREAD: a6bf8040
  6000. CUSTOMER_CRASH_COUNT: 1
  6001. DEFAULT_BUCKET_ID: CODE_CORRUPTION
  6002. BUGCHECK_STR: 0x9F
  6003.  
  6004. PROCESS_NAME: System
  6005.  
  6006. CURRENT_IRQL: 2
  6007. LAST_CONTROL_TRANSFER: from fffff805454a46ad to fffff805455c9106
  6008. STACK_TEXT:
  6009. ffffa584`e89fa4f0 fffff805`454a46ad : ffffaa00`00000001 00000000`0000000d ffffaa00`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
  6010. ffffa584`e89fa630 fffff805`454a3534 : ffffd38f`a6bf8040 00000000`00000000 ffffe481`9f657960 fffff805`00000000 : nt!KiSwapThread+0xbfd
  6011. ffffa584`e89fa6d0 fffff805`454a2cd5 : ffff9e0d`aeeeb960 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
  6012. ffffa584`e89fa770 fffff805`4a1b9920 : ffffd38f`9cd515b0 fffff805`00000000 ffffd38f`9cd51500 fffff805`00000000 : nt!KeWaitForSingleObject+0x255
  6013. ffffa584`e89fa850 fffff805`4a1acb89 : 00000000`00000020 00000000`00000005 ffffd38f`9cd51590 fffff805`4a19c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
  6014. ffffa584`e89fa890 fffff805`4a0f4728 : ffffd38f`9cd501a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
  6015. ffffa584`e89fa8e0 fffff805`4a0b280d : ffffd38f`9cd501a0 00000000`00000000 ffffd38f`9cd50d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
  6016. ffffa584`e89fa9d0 fffff805`4a0b3246 : ffffd38f`9cd501a0 00000000`00000000 ffffd38f`afcf6010 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
  6017. ffffa584`e89faa20 fffff805`4a0b3931 : 00000000`00000000 ffffd38f`00000004 ffffd38f`afcf6010 ffffd38f`9cd501a0 : ndis!ndisSetSystemPower+0x19e
  6018. ffffa584`e89faaa0 fffff805`4a0b9e84 : ffffd38f`afcf6010 ffffd38f`9a2e8d80 ffffd38f`afcf6128 ffffd38f`9cd501a0 : ndis!ndisSetPower+0x109
  6019. ffffa584`e89fab00 fffff805`4557a08f : ffffd38f`9cd50050 ffffa584`e89fabe0 00000000`00000000 ffffd38f`afcf6010 : ndis!ndisPowerDispatch+0x114
  6020. ffffa584`e89fab60 fffff805`4551e155 : ffffffff`fa0a1f00 ffffd38f`a6bf8040 fffff805`45579eb0 00000000`00000001 : nt!PopIrpWorker+0x1df
  6021. ffffa584`e89fac10 fffff805`455c99c8 : ffffaa00`619e2180 ffffd38f`a6bf8040 fffff805`4551e100 00000000`00000246 : nt!PspSystemThreadStartup+0x55
  6022. ffffa584`e89fac60 00000000`00000000 : ffffa584`e89fb000 ffffa584`e89f5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
  6023. STACK_COMMAND: .thread 0xffffd38fa6bf8040 ; kb
  6024. CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
  6025. fffff80545375b4a-fffff80545375b4b 2 bytes - hal!HalpApic1EndOfInterrupt+1a
  6026. [ 84 00:4c 87 ]
  6027. fffff80545375b4d-fffff80545375b4f 3 bytes - hal!HalpApic1EndOfInterrupt+1d (+0x03)
  6028. [ 00 00 00:98 c3 90 ]
  6029. fffff80545375b6a-fffff80545375b6b 2 bytes - hal!HalpApicX2EndOfInterrupt+1a (+0x1d)
  6030. [ 84 00:4c 87 ]
  6031. fffff80545375b6d-fffff80545375b6f 3 bytes - hal!HalpApicX2EndOfInterrupt+1d (+0x03)
  6032. [ 00 00 00:98 c3 90 ]
  6033. fffff80545375b8a-fffff80545375b8b 2 bytes - hal!HalpPciReadMmConfigUchar+1a (+0x1d)
  6034. [ 84 00:4c 87 ]
  6035. fffff80545375b8d-fffff80545375b8f 3 bytes - hal!HalpPciReadMmConfigUchar+1d (+0x03)
  6036. [ 00 00 00:98 c3 90 ]
  6037. fffff80545375baa-fffff80545375bab 2 bytes - hal!HalpPciReadMmConfigUshort+1a (+0x1d)
  6038. [ 84 00:4c 87 ]
  6039. fffff80545375bad-fffff80545375baf 3 bytes - hal!HalpPciReadMmConfigUshort+1d (+0x03)
  6040. [ 00 00 00:98 c3 90 ]
  6041. fffff80545375bca-fffff80545375bcb 2 bytes - hal!HalpPciReadMmConfigUlong+1a (+0x1d)
  6042. [ 84 00:4c 87 ]
  6043. fffff80545375bcd-fffff80545375bcf 3 bytes - hal!HalpPciReadMmConfigUlong+1d (+0x03)
  6044. [ 00 00 00:98 c3 90 ]
  6045. fffff80545375bea-fffff80545375beb 2 bytes - hal!HalpPciWriteMmConfigUchar+1a (+0x1d)
  6046. [ 84 00:4c 87 ]
  6047. fffff80545375bed-fffff80545375bef 3 bytes - hal!HalpPciWriteMmConfigUchar+1d (+0x03)
  6048. [ 00 00 00:98 c3 90 ]
  6049. fffff80545375c0a-fffff80545375c0b 2 bytes - hal!HalpPciWriteMmConfigUshort+1a (+0x1d)
  6050. [ 84 00:4c 87 ]
  6051. fffff80545375c0d-fffff80545375c0f 3 bytes - hal!HalpPciWriteMmConfigUshort+1d (+0x03)
  6052. [ 00 00 00:98 c3 90 ]
  6053. fffff80545375c2a-fffff80545375c2b 2 bytes - hal!HalpPciWriteMmConfigUlong+1a (+0x1d)
  6054. [ 84 00:4c 87 ]
  6055. fffff80545375c2d-fffff80545375c2f 3 bytes - hal!HalpPciWriteMmConfigUlong+1d (+0x03)
  6056. [ 00 00 00:98 c3 90 ]
  6057. 40 errors : !hal (fffff80545375b4a-fffff80545375c2f)
  6058. MODULE_NAME: memory_corruption
  6059.  
  6060. IMAGE_NAME: memory_corruption
  6061.  
  6062. FOLLOWUP_NAME: memory_corruption
  6063. DEBUG_FLR_IMAGE_TIMESTAMP: 0
  6064. MEMORY_CORRUPTOR: LARGE
  6065. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
  6066. BUCKET_ID: MEMORY_CORRUPTION_LARGE
  6067. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
  6068. TARGET_TIME: 2020-08-07T08:39:04.000Z
  6069. SUITE_MASK: 272
  6070. PRODUCT_TYPE: 1
  6071. USER_LCID: 0
  6072. FAILURE_ID_HASH_STRING: km:memory_corruption_large
  6073. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
  6074. Followup: memory_corruption
  6075.  
  6076. ===================== Dump #10: 3RD PARTY DRIVERS ======================
  6077.  
  6078. Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  6079. Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
  6080. Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  6081. Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
  6082. Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  6083. Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
  6084. Mar 22 2012 - AiCharger.sys - Asus Charger driver
  6085. May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  6086. Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
  6087. Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  6088. Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
  6089. Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
  6090. Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  6091. Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
  6092. Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  6093. Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  6094. Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
  6095. Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
  6096. Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  6097. Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
  6098. Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
  6099. Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
  6100. Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  6101. Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
  6102. Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  6103. Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  6104. Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
  6105. Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
  6106. Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
  6107. Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
  6108. Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
  6109. Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
  6110. Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
  6111. Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
  6112. Jun 23 2020 - aswNetHub.sys - Avast driver
  6113. Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
  6114. Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
  6115. Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
  6116. Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
  6117. Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
  6118. Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
  6119. Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
  6120. Jul 17 2020 - aswElam.sys - Avast ELAM driver
  6121. Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  6122.  
  6123. ================== Dump #10: 3RD PARTY DRIVERS (FULL) ==================
  6124.  
  6125. Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
  6126. Image name: LGBusEnum.sys
  6127. Search : https://www.google.com/search?q=LGBusEnum.sys
  6128. ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
  6129. Timestamp : Mon Nov 23 2009
  6130.  
  6131. Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
  6132. Image name: sadp_npf64.sys
  6133. Search : https://www.google.com/search?q=sadp_npf64.sys
  6134. ADA Info : WinPcap driver (CACE Technologies, Inc.)
  6135. Timestamp : Fri Jun 25 2010
  6136.  
  6137. Image path: \SystemRoot\system32\drivers\NPF.sys
  6138. Image name: NPF.sys
  6139. Search : https://www.google.com/search?q=NPF.sys
  6140. ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
  6141. Timestamp : Fri Jun 25 2010
  6142.  
  6143. Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
  6144. Image name: AsUpIO.sys
  6145. Search : https://www.google.com/search?q=AsUpIO.sys
  6146. ADA Info : ASUS Update Input Output driver http://www.asus.com/
  6147. Timestamp : Mon Aug 2 2010
  6148.  
  6149. Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
  6150. Image name: BazisVirtualCDBus.sys
  6151. Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
  6152. ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
  6153. Timestamp : Mon Aug 8 2011
  6154.  
  6155. Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
  6156. Image name: PxHlpa64.sys
  6157. Search : https://www.google.com/search?q=PxHlpa64.sys
  6158. ADA Info : Sonic CD/DVD driver
  6159. Timestamp : Mon Oct 17 2011
  6160.  
  6161. Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
  6162. Image name: AiCharger.sys
  6163. Search : https://www.google.com/search?q=AiCharger.sys
  6164. ADA Info : Asus Charger driver
  6165. Timestamp : Thu Mar 22 2012
  6166.  
  6167. Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  6168. Image name: GEARAspiWDM.sys
  6169. Search : https://www.google.com/search?q=GEARAspiWDM.sys
  6170. ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
  6171. Timestamp : Thu May 3 2012
  6172.  
  6173. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
  6174. Image name: AsIO.sys
  6175. Search : https://www.google.com/search?q=AsIO.sys
  6176. ADA Info : ASUS Input Output driver http://www.asus.com/
  6177. Timestamp : Wed Aug 22 2012
  6178.  
  6179. Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
  6180. Image name: IOMap64.sys
  6181. Search : https://www.google.com/search?q=IOMap64.sys
  6182. ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
  6183. Timestamp : Tue Jul 2 2013
  6184.  
  6185. Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
  6186. Image name: rzpmgrk.sys
  6187. Search : https://www.google.com/search?q=rzpmgrk.sys
  6188. ADA Info : Razer Overlay Support https://www.razer.com/
  6189. Timestamp : Thu Apr 17 2014
  6190.  
  6191. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
  6192. Image name: RTKVHD64.sys
  6193. Search : https://www.google.com/search?q=RTKVHD64.sys
  6194. ADA Info : Realtek Audio System driver https://www.realtek.com/en/
  6195. Timestamp : Thu Apr 24 2014
  6196.  
  6197. Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
  6198. Image name: TeeDriverx64.sys
  6199. Search : https://www.google.com/search?q=TeeDriverx64.sys
  6200. ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
  6201. Timestamp : Tue Sep 23 2014
  6202.  
  6203. Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
  6204. Image name: rzpnk.sys
  6205. Search : https://www.google.com/search?q=rzpnk.sys
  6206. ADA Info : Razer Overlay Support https://www.razer.com/
  6207. Timestamp : Fri Oct 17 2014
  6208.  
  6209. Image path: \SystemRoot\System32\drivers\tap0901.sys
  6210. Image name: tap0901.sys
  6211. Search : https://www.google.com/search?q=tap0901.sys
  6212. ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
  6213. Timestamp : Thu Apr 21 2016
  6214.  
  6215. Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
  6216. Image name: tapwindscribe0901.sys
  6217. Search : https://www.google.com/search?q=tapwindscribe0901.sys
  6218. ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
  6219. Timestamp : Thu Mar 16 2017
  6220.  
  6221. Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
  6222. Image name: YSDrv.sys
  6223. Search : https://www.google.com/search?q=YSDrv.sys
  6224. ADA Info : VirtualBox Support driver
  6225. Timestamp : Wed Oct 11 2017
  6226.  
  6227. Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
  6228. Image name: IntelHaxm.sys
  6229. Search : https://www.google.com/search?q=IntelHaxm.sys
  6230. ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
  6231. Timestamp : Tue Sep 18 2018
  6232.  
  6233. Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
  6234. Image name: e1d65x64.sys
  6235. Search : https://www.google.com/search?q=e1d65x64.sys
  6236. ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
  6237. Timestamp : Thu Jan 24 2019
  6238.  
  6239. Image path: \SystemRoot\system32\drivers\nvvad64v.sys
  6240. Image name: nvvad64v.sys
  6241. Search : https://www.google.com/search?q=nvvad64v.sys
  6242. ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
  6243. Timestamp : Thu Mar 14 2019
  6244.  
  6245. Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
  6246. Image name: mbae64.sys
  6247. Search : https://www.google.com/search?q=mbae64.sys
  6248. ADA Info : Malwarebytes driver https://www.malwarebytes.com/
  6249. Timestamp : Thu Apr 25 2019
  6250.  
  6251. Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
  6252. Image name: nvlddmkm.sys
  6253. Search : https://www.google.com/search?q=nvlddmkm.sys
  6254. ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
  6255. Timestamp : Wed Oct 2 2019
  6256.  
  6257. Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
  6258. Image name: mbamswissarmy.sys
  6259. Search : https://www.google.com/search?q=mbamswissarmy.sys
  6260. ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
  6261. Timestamp : Wed Nov 20 2019
  6262.  
  6263. Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
  6264. Image name: NvModuleTracker.sys
  6265. Search : https://www.google.com/search?q=NvModuleTracker.sys
  6266. ADA Info : NVIDIA Module Tracker driver
  6267. Timestamp : Fri Nov 29 2019
  6268.  
  6269. Image path: \SystemRoot\System32\drivers\nvvhci.sys
  6270. Image name: nvvhci.sys
  6271. Search : https://www.google.com/search?q=nvvhci.sys
  6272. ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
  6273. Timestamp : Fri Jan 10 2020
  6274.  
  6275. Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
  6276. Image name: MbamChameleon.sys
  6277. Search : https://www.google.com/search?q=MbamChameleon.sys
  6278. ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
  6279. Timestamp : Thu Jun 4 2020
  6280.  
  6281. Image path: \SystemRoot\system32\drivers\nvhda64v.sys
  6282. Image name: nvhda64v.sys
  6283. Search : https://www.google.com/search?q=nvhda64v.sys
  6284. ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
  6285. Timestamp : Tue Jun 9 2020
  6286.  
  6287. Image path: \SystemRoot\system32\DRIVERS\mwac.sys
  6288. Image name: mwac.sys
  6289. Search : https://www.google.com/search?q=mwac.sys
  6290. ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
  6291. Timestamp : Mon Jun 22 2020
  6292.  
  6293. Image path: \SystemRoot\system32\drivers\aswArPot.sys
  6294. Image name: aswArPot.sys
  6295. Search : https://www.google.com/search?q=aswArPot.sys
  6296. ADA Info : Avast Antivirus http://www.avast.com/
  6297. Timestamp : Tue Jun 23 2020
  6298.  
  6299. Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
  6300. Image name: aswbidsdriver.sys
  6301. Search : https://www.google.com/search?q=aswbidsdriver.sys
  6302. ADA Info : Avast Antivirus http://www.avast.com/
  6303. Timestamp : Tue Jun 23 2020
  6304.  
  6305. Image path: \SystemRoot\system32\drivers\aswbidsh.sys
  6306. Image name: aswbidsh.sys
  6307. Search : https://www.google.com/search?q=aswbidsh.sys
  6308. ADA Info : Avast Antivirus http://www.avast.com/
  6309. Timestamp : Tue Jun 23 2020
  6310.  
  6311. Image path: \SystemRoot\system32\drivers\aswbuniv.sys
  6312. Image name: aswbuniv.sys
  6313. Search : https://www.google.com/search?q=aswbuniv.sys
  6314. ADA Info : Avast Antivirus http://www.avast.com/
  6315. Timestamp : Tue Jun 23 2020
  6316.  
  6317. Image path: \SystemRoot\system32\drivers\aswKbd.sys
  6318. Image name: aswKbd.sys
  6319. Search : https://www.google.com/search?q=aswKbd.sys
  6320. ADA Info : Avast Keyboard Filter driver http://www.avast.com/
  6321. Timestamp : Tue Jun 23 2020
  6322.  
  6323. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
  6324. Image name: aswMonFlt.sys
  6325. Search : https://www.google.com/search?q=aswMonFlt.sys
  6326. ADA Info : Avast Antivirus http://www.avast.com/
  6327. Timestamp : Tue Jun 23 2020
  6328.  
  6329. Image path: \SystemRoot\system32\drivers\aswNetHub.sys
  6330. Image name: aswNetHub.sys
  6331. Search : https://www.google.com/search?q=aswNetHub.sys
  6332. ADA Info : Avast driver
  6333. Timestamp : Tue Jun 23 2020
  6334.  
  6335. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
  6336. Image name: aswRdr2.sys
  6337. Search : https://www.google.com/search?q=aswRdr2.sys
  6338. ADA Info : Avast Antivirus http://www.avast.com/
  6339. Timestamp : Tue Jun 23 2020
  6340.  
  6341. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
  6342. Image name: aswRvrt.sys
  6343. Search : https://www.google.com/search?q=aswRvrt.sys
  6344. ADA Info : Avast Antivirus http://www.avast.com/
  6345. Timestamp : Tue Jun 23 2020
  6346.  
  6347. Image path: \SystemRoot\system32\drivers\aswSnx.sys
  6348. Image name: aswSnx.sys
  6349. Search : https://www.google.com/search?q=aswSnx.sys
  6350. ADA Info : Avast Antivirus http://www.avast.com/
  6351. Timestamp : Tue Jun 23 2020
  6352.  
  6353. Image path: \SystemRoot\system32\drivers\aswSP.sys
  6354. Image name: aswSP.sys
  6355. Search : https://www.google.com/search?q=aswSP.sys
  6356. ADA Info : Avast Antivirus http://www.avast.com/
  6357. Timestamp : Tue Jun 23 2020
  6358.  
  6359. Image path: \SystemRoot\system32\drivers\aswStm.sys
  6360. Image name: aswStm.sys
  6361. Search : https://www.google.com/search?q=aswStm.sys
  6362. ADA Info : Avast Antivirus http://www.avast.com/
  6363. Timestamp : Tue Jun 23 2020
  6364.  
  6365. Image path: \SystemRoot\system32\drivers\aswVmm.sys
  6366. Image name: aswVmm.sys
  6367. Search : https://www.google.com/search?q=aswVmm.sys
  6368. ADA Info : Avast Antivirus http://www.avast.com/
  6369. Timestamp : Tue Jun 23 2020
  6370.  
  6371. Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
  6372. Image name: mbam.sys
  6373. Search : https://www.google.com/search?q=mbam.sys
  6374. ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
  6375. Timestamp : Tue Jul 7 2020
  6376.  
  6377. Image path: \SystemRoot\system32\drivers\aswElam.sys
  6378. Image name: aswElam.sys
  6379. Search : https://www.google.com/search?q=aswElam.sys
  6380. ADA Info : Avast ELAM driver
  6381. Timestamp : Fri Jul 17 2020
  6382.  
  6383. Image path: \SystemRoot\system32\DRIVERS\farflt.sys
  6384. Image name: farflt.sys
  6385. Search : https://www.google.com/search?q=farflt.sys
  6386. ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
  6387. Timestamp : Fri Jul 17 2020
  6388.  
  6389. ===================== Dump #10: MICROSOFT DRIVERS ======================
  6390.  
  6391. ACPI.sys ACPI Driver for NT (Microsoft)
  6392. acpiex.sys ACPIEx Driver (Microsoft)
  6393. acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
  6394. afd.sys Ancillary Function Driver for WinSock (Microsoft)
  6395. afunix.sys AF_UNIX Socket Provider driver (Microsoft)
  6396. AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
  6397. ahcache.sys Application Compatibility Cache (Microsoft)
  6398. bam.sys BAM Kernal driver (Microsoft)
  6399. BasicDisplay.sys Basic Display driver (Microsoft)
  6400. BasicRender.sys Basic Render driver (Microsoft)
  6401. Beep.SYS BEEP driver (Microsoft)
  6402. bindflt.sys Windows Bind Filter driver (Microsoft)
  6403. BOOTVID.dll VGA Boot Driver (Microsoft)
  6404. bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
  6405. cdd.dll Canonical Display Driver (Microsoft)
  6406. cdrom.sys SCSI CD-ROM Driver (Microsoft)
  6407. CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
  6408. CI.dll Code Integrity Module (Microsoft)
  6409. CLASSPNP.SYS SCSI Class System Dll (Microsoft)
  6410. cldflt.sys Cloud Files Mini Filter driver (Microsoft)
  6411. CLFS.SYS Common Log File System Driver (Microsoft)
  6412. clipsp.sys CLIP Service (Microsoft)
  6413. cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
  6414. cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
  6415. CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
  6416. condrv.sys Console Driver (Microsoft)
  6417. crashdmp.sys Crash Dump driver (Microsoft)
  6418. csc.sys Windows Client Side Caching driver (Microsoft)
  6419. dfsc.sys DFS Namespace Client Driver (Microsoft)
  6420. disk.sys PnP Disk Driver (Microsoft)
  6421. drmk.sys Digital Rights Management (DRM) driver (Microsoft)
  6422. dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  6423. dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  6424. dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
  6425. dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
  6426. dxgmms2.sys DirectX Graphics MMS
  6427. EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
  6428. filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
  6429. fileinfo.sys FileInfo Filter Driver (Microsoft)
  6430. FLTMGR.SYS Filesystem Filter Manager (Microsoft)
  6431. Fs_Rec.sys File System Recognizer Driver (Microsoft)
  6432. fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
  6433. fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
  6434. gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
  6435. hal.dll Hardware Abstraction Layer DLL (Microsoft)
  6436. HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
  6437. hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  6438. hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  6439. hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
  6440. HIDCLASS.SYS Hid Class Library (Microsoft)
  6441. HIDPARSE.SYS Hid Parsing Library (Microsoft)
  6442. hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
  6443. HTTP.sys HTTP Protocol Stack (Microsoft)
  6444. intelpep.sys Intel Power Engine Plugin (Microsoft)
  6445. intelppm.sys Processor Device Driver (Microsoft)
  6446. iorate.sys I/O rate control Filter (Microsoft)
  6447. kbdclass.sys Keyboard Class Driver (Microsoft)
  6448. kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
  6449. kd.dll Local Kernal Debugger (Microsoft)
  6450. kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
  6451. ks.sys Kernal CSA Library (Microsoft)
  6452. ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
  6453. ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
  6454. ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
  6455. lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
  6456. luafv.sys LUA File Virtualization Filter Driver (Microsoft)
  6457. mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
  6458. mmcss.sys MMCSS Driver (Microsoft)
  6459. monitor.sys Monitor Driver (Microsoft)
  6460. mouclass.sys Mouse Class Driver (Microsoft)
  6461. mouhid.sys HID Mouse Filter Driver (Microsoft)
  6462. mountmgr.sys Mount Point Manager (Microsoft)
  6463. mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
  6464. mqac.sys Message Queuing Device driver (Microsoft)
  6465. mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
  6466. mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
  6467. Msfs.SYS Mailslot driver (Microsoft)
  6468. msisadrv.sys ISA Driver (Microsoft)
  6469. mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
  6470. msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
  6471. mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
  6472. mssmbios.sys System Management BIOS driver (Microsoft)
  6473. mup.sys Multiple UNC Provider driver (Microsoft)
  6474. ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
  6475. ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
  6476. ndisuio.sys NDIS User mode I/O driver (Microsoft)
  6477. NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
  6478. ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
  6479. NDProxy.sys NDIS Proxy driver (Microsoft)
  6480. Ndu.sys Network Data Usage Monitoring driver (Microsoft)
  6481. netbios.sys NetBIOS Interface driver (Microsoft)
  6482. netbt.sys MBT Transport driver (Microsoft)
  6483. NETIO.SYS Network I/O Subsystem (Microsoft)
  6484. Npfs.SYS NPFS driver (Microsoft)
  6485. npsvctrig.sys Named pipe service triggers (Microsoft)
  6486. nsiproxy.sys NSI Proxy driver (Microsoft)
  6487. Ntfs.sys NT File System Driver (Microsoft)
  6488. ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
  6489. ntosext.sys NTOS Extension Host driver (Microsoft)
  6490. Null.SYS NULL Driver (Microsoft)
  6491. nwifi.sys NativeWiFi Miniport Driver (Microsoft)
  6492. pacer.sys QoS Packet Scheduler (Microsoft)
  6493. partmgr.sys Partition driver (Microsoft)
  6494. pci.sys NT Plug and Play PCI Enumerator (Microsoft)
  6495. pcw.sys Performance Counter Driver (Microsoft)
  6496. pdc.sys Power Dependency Coordinator Driver (Microsoft)
  6497. peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
  6498. portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
  6499. PSHED.dll Platform Specific Hardware Error driver (Microsoft)
  6500. rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
  6501. raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
  6502. raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
  6503. rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
  6504. rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
  6505. rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
  6506. rdyboost.sys ReadyBoost Driver (Microsoft)
  6507. rspndr.sys Link-Layer Topology Responder driver (Microsoft)
  6508. serenum.sys Serial Port Enumerator (Microsoft)
  6509. serial.sys Serial Device Driver
  6510. serscan.sys Serial Imaging Device Driver (Microsoft)
  6511. SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
  6512. SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
  6513. spaceport.sys Storage Spaces driver (Microsoft)
  6514. srv.sys Server driver (Microsoft)
  6515. srv2.sys Smb 2.0 Server driver (Microsoft)
  6516. srvnet.sys Server Network driver (Microsoft)
  6517. storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
  6518. storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
  6519. storqosflt.sys Storage QoS Filter driver (Microsoft)
  6520. swenum.sys Plug and Play Software Device Enumerator (Microsoft)
  6521. tbs.sys Export driver for kernel mode TPM API (Microsoft)
  6522. tcpip.sys TCP/IP Protocol driver (Microsoft)
  6523. tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
  6524. TDI.SYS TDI Wrapper driver (Microsoft)
  6525. tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
  6526. tm.sys Kernel Transaction Manager driver (Microsoft)
  6527. ucx01000.sys USB Controller Extension (Microsoft)
  6528. umbus.sys User-Mode Bus Enumerator (Microsoft)
  6529. umpass.sys Generic pass-through driver (Microsoft)
  6530. usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
  6531. USBD.SYS Universal Serial Bus Driver (Microsoft)
  6532. usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
  6533. usbhub.sys Default Hub Driver for USB (Microsoft)
  6534. UsbHub3.sys USB3 HUB driver (Microsoft)
  6535. USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
  6536. USBXHCI.SYS USB XHCI driver (Microsoft)
  6537. vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
  6538. Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
  6539. volmgr.sys Volume Manager Driver (Microsoft)
  6540. volmgrx.sys Volume Manager Extension Driver (Microsoft)
  6541. volsnap.sys Volume Shadow Copy driver (Microsoft)
  6542. volume.sys Volume driver (Microsoft)
  6543. vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
  6544. wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
  6545. watchdog.sys Watchdog driver (Microsoft)
  6546. wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
  6547. Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
  6548. WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
  6549. werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
  6550. wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
  6551. win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
  6552. win32kbase.sys Base Win32k Kernel Driver (Microsoft)
  6553. win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
  6554. WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
  6555. WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
  6556. winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
  6557. winquic.sys QUIC Transport Protocol driver (Microsoft)
  6558. wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
  6559. WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
  6560. Wof.sys Windows Overlay Filter (Microsoft)
  6561. WppRecorder.sys WPP Trace Recorder (Microsoft)
  6562. WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
  6563.  
  6564. ====================== Dump #10: UNLOADED MODULES ======================
  6565.  
  6566. fffff805`43640000 fffff805`43c15000 iqvw64e.sys
  6567. fffff805`4e4d0000 fffff805`4e4de000 WSDPrint.sys
  6568. fffff805`4e720000 fffff805`4e72e000 WSDScan.sys
  6569. fffff805`4bbd0000 fffff805`4bbdf000 dump_storpor
  6570. fffff805`4ae30000 fffff805`4ae5f000 dump_storahc
  6571. fffff805`4ae80000 fffff805`4ae9e000 dump_dumpfve
  6572. fffff805`4da90000 fffff805`4dae1000 WUDFRd.sys
  6573. fffff805`4ba00000 fffff805`4ba1e000 dam.sys
  6574. fffff805`49820000 fffff805`49829000 MbamElam.sys
  6575. fffff805`4a820000 fffff805`4a831000 hwpolicy.sys
  6576.  
  6577. ====================== Dump #10: BIOS INFORMATION ======================
  6578.  
  6579. sysinfo: could not find necessary interfaces.
  6580. sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
  6581.  
  6582. ========================== Dump #10: Extra #1 ==========================
  6583.  
  6584. 6: kd> !verifier
  6585. Verify Flags Level 0x00000000
  6586. STANDARD FLAGS:
  6587. [X] (0x00000000) Automatic Checks
  6588. [ ] (0x00000001) Special pool
  6589. [ ] (0x00000002) Force IRQL checking
  6590. [ ] (0x00000008) Pool tracking
  6591. [ ] (0x00000010) I/O verification
  6592. [ ] (0x00000020) Deadlock detection
  6593. [ ] (0x00000080) DMA checking
  6594. [ ] (0x00000100) Security checks
  6595. [ ] (0x00000800) Miscellaneous checks
  6596. [ ] (0x00020000) DDI compliance checking
  6597. ADDITIONAL FLAGS:
  6598. [ ] (0x00000004) Randomized low resources simulation
  6599. [ ] (0x00000200) Force pending I/O requests
  6600. [ ] (0x00000400) IRP logging
  6601. [ ] (0x00002000) Invariant MDL checking for stack
  6602. [ ] (0x00004000) Invariant MDL checking for driver
  6603. [ ] (0x00008000) Power framework delay fuzzing
  6604. [ ] (0x00010000) Port/miniport interface checking
  6605. [ ] (0x00040000) Systematic low resources simulation
  6606. [ ] (0x00080000) DDI compliance checking (additional)
  6607. [ ] (0x00200000) NDIS/WIFI verification
  6608. [ ] (0x00800000) Kernel synchronization delay fuzzing
  6609. [ ] (0x01000000) VM switch verification
  6610. [ ] (0x02000000) Code integrity checks
  6611. [X] Indicates flag is enabled
  6612. Summary of All Verifier Statistics
  6613. RaiseIrqls 0x0
  6614. AcquireSpinLocks 0x0
  6615. Synch Executions 0x0
  6616. Trims 0x0
  6617. Pool Allocations Attempted 0x0
  6618. Pool Allocations Succeeded 0x0
  6619. Pool Allocations Succeeded SpecialPool 0x0
  6620. Pool Allocations With NO TAG 0x0
  6621. Pool Allocations Failed 0x0
  6622. Current paged pool allocations 0x0 for 00000000 bytes
  6623. Peak paged pool allocations 0x0 for 00000000 bytes
  6624. Current nonpaged pool allocations 0x0 for 00000000 bytes
  6625. Peak nonpaged pool allocations 0x0 for 00000000 bytes
  6626.  
  6627. ========================== Dump #10: Extra #2 ==========================
  6628.  
  6629. 6: kd> !thread
  6630. THREAD ffffaa0061d8a240 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 6
  6631. Not impersonating
  6632. GetUlongFromAddress: unable to read from fffff8054582ca14
  6633. Owning Process fffff8054598e9c0 Image: System Process
  6634. Attached Process ffffd38f9a26b040 Image: System
  6635. fffff78000000000: Unable to get shared data
  6636. Wait Start TickCount 639279
  6637. Context Switch Count 26796338 IdealProcessor: 6
  6638. ReadMemory error: Cannot get nt!KeMaximumIncrement value.
  6639. UserTime 00:00:00.000
  6640. KernelTime 00:00:00.000
  6641. Win32 Start Address nt!KiIdleLoop (0xfffff805455c5e70)
  6642. Stack Init ffffa584e446fc90 Current ffffa584e446fc20
  6643. Base ffffa584e4470000 Limit ffffa584e446a000 Call 0000000000000000
  6644. Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
  6645. Child-SP RetAddr : Args to Child : Call Site
  6646. ffffa584`e446f878 fffff805`456ee7f7 : 00000000`0000009f 00000000`00000003 ffffd38f`9a2e8d80 ffffa584`e446f8b0 : nt!KeBugCheckEx
  6647. ffffa584`e446f880 fffff805`456ee701 : ffffd38f`a6aa2270 ffffd38f`a48861f0 ffffaa00`61d79100 ffffaa00`61d79180 : nt!PopIrpWatchdogBugcheck+0xef
  6648. ffffa584`e446f8f0 fffff805`454512f9 : ffffd38f`a6aa22a8 00000000`00000080 00000000`00000003 ffffd38f`00000002 : nt!PopIrpWatchdog+0x31
  6649. ffffa584`e446f940 fffff805`45450059 : 00000000`0000001e 00000000`00989680 00000000`0005d071 00000000`00000089 : nt!KiProcessExpiredTimerList+0x169
  6650. ffffa584`e446fa30 fffff805`455c5eee : 00000000`00000000 ffffaa00`61d79180 ffffaa00`61d8a240 ffffd38f`a6a6b080 : nt!KiRetireDpcList+0x4e9
  6651. ffffa584`e446fc60 00000000`00000000 : ffffa584`e4470000 ffffa584`e446a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!