Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ========================== AUTO DUMP ANALYZER ==========================
- Auto Dump Analyzer
- Version: 0.91
- Time to analyze file(s): 00 hours and 08 minutes and 20 seconds
- ================================ SYSTEM ================================
- MANUFACTURER: ASUS
- PRODUCT_NAME: All Series
- SKU: [Removed]
- ================================= BIOS =================================
- VENDOR: American Megatrends Inc.
- VERSION: 1304
- DATE: 07/11/2014
- ============================= MOTHERBOARD ==============================
- MANUFACTURER: ASUSTeK COMPUTER INC.
- PRODUCT: Z97-A
- VERSION: Rev 1.xx
- ================================= RAM ==================================
- Size Speed Manufacturer Part No.
- -------------- -------------- ------------------- ----------------------
- 0MHz
- 8192MB 1600MHz 0215 CMY16GX3M2A1600C9
- 0MHz
- 8192MB 1600MHz 0215 CMY16GX3M2A1600C9
- ================================= CPU ==================================
- Processor Version: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
- COUNT: 8
- MHZ: 4007
- VENDOR: GenuineIntel
- FAMILY: 6
- MODEL: 3c
- STEPPING: 3
- MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 27'00000000 (cache) 27'00000000 (init)
- MHZ: 3998
- ================================== OS ==================================
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 18362.1.amd64fre.19h1_release.190318-1202
- BUILD_VERSION: 10.0.18362.959 (WinBuild.160101.0800)
- BUILD: 18362
- SERVICEPACK: 959
- PLATFORM_TYPE: x64
- NAME: Windows 10
- EDITION: Windows 10 WinNt TerminalServer SingleUserTS
- BUILD_TIMESTAMP: unknown_date
- BUILDDATESTAMP: 160101.0800
- BUILDLAB: WinBuild
- BUILDOSVER: 10.0.18362.959
- SERVICEPACK: 0
- =============================== DEBUGGER ===============================
- Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- =============================== COMMENTS ===============================
- * Information gathered from different dump files may be different. If
- Windows updates between two dump files, two or more OS versions may
- be shown above.
- * If the user updates the BIOS between dump files, two or more versions
- and dates may be shown above.
- * More RAM information can be found below in a full BIOS section.
- ========================================================================
- ======================= Dump #1: ANALYZE VERBOSE =======================
- ====================== File: 080920-76765-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff804`75600000 PsLoadedModuleList = 0xfffff804`75a48190
- Debug session time: Sun Aug 9 14:41:03.760 2020 (UTC - 4:00)
- System Uptime: 0 days 0:00:12.393
- BugCheck 124, {0, ffff800500b8a028, be000000, 800400}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- WHEA_UNCORRECTABLE_ERROR (124)
- A fatal hardware error has occurred. Parameter 1 identifies the type of error
- source that reported the error. Parameter 2 holds the address of the
- WHEA_ERROR_RECORD structure that describes the error conditon.
- Arguments:
- Arg1: 0000000000000000, Machine Check Exception
- Arg2: ffff800500b8a028, Address of the WHEA_ERROR_RECORD structure.
- Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
- Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: 0x124_GenuineIntel
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: svchost.exe
- CURRENT_IRQL: f
- STACK_TEXT:
- ffffd880`975eeb58 fffff804`760ff188 : 00000000`00000124 00000000`00000000 ffff8005`00b8a028 00000000`be000000 : nt!KeBugCheckEx
- ffffd880`975eeb60 fffff804`797f1920 : ffff8004`fe3f7bd0 00000000`00000000 ffff8005`00b8a028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- ffffd880`975eeba0 fffff804`75941092 : ffff8004`fe3f7bd0 ffffd880`975eec29 00000000`00000000 ffff8005`00b8a028 : PSHED!PshedBugCheckSystem+0x10
- ffffd880`975eebd0 fffff804`76100ae6 : ffffd880`975eecf0 00000000`00000004 ffff8004`fe3f7c20 ffff8004`fe3f7bd0 : nt!WheaReportHwError+0x382
- ffffd880`975eec90 fffff804`76100f7a : 00000000`00000010 ffff8004`fe3f7c20 ffffd880`975eee48 ffffd880`975ef090 : hal!HalpMcaReportError+0x72
- ffffd880`975eedf0 fffff804`76100e54 : ffff8004`fe2a9e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- ffffd880`975eee40 fffff804`761010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- ffffd880`975eee80 fffff804`76100168 : 00000000`00000000 ffffd880`975ef110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- ffffd880`975eeeb0 fffff804`76101347 : ffff8004`fe2a9e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- ffffd880`975eeee0 fffff804`758a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- ffffd880`975eef10 fffff804`757d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- ffffd880`975eef40 fffff804`757d106f : ffffd880`00000000 fffff804`757d0fac 00000000`00696976 00000000`00000000 : nt!KxMcheckAbort+0x7a
- ffffd880`975ef080 fffff804`75616768 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff9182`b44d8f30 : nt!KiMcheckAbort+0x26f
- ffffa682`35cb35e0 fffff804`756165b0 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KxFlushNonGlobalTb+0xd8
- ffffa682`35cb36f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeFlushTb+0x230
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
- ffffd6a271247809-ffffd6a27124780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
- [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
- ffffd6a271247879-ffffd6a27124787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
- [ 48 ff:4c 8b ]
- ffffd6a271247880-ffffd6a271247883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
- [ 0f 1f 44 00:e8 9b eb 20 ]
- ffffd6a271248985-ffffd6a271248986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
- [ 48 ff:4c 8b ]
- ffffd6a27124898c-ffffd6a27124898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
- [ 0f 1f 44 00:e8 8f da 20 ]
- ffffd6a271248995-ffffd6a271248996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
- [ 48 ff:4c 8b ]
- ffffd6a27124899c-ffffd6a27124899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
- [ 0f 1f 44 00:e8 7f da 20 ]
- 24 errors : !win32kbase (ffffd6a271247809-ffffd6a27124899f)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-09T18:41:03.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #1: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #1: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
- Image name: mbae64.sys
- Search : https://www.google.com/search?q=mbae64.sys
- ADA Info : Malwarebytes driver https://www.malwarebytes.com/
- Timestamp : Thu Apr 25 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #1: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WSDPrint.sys Web Services Print Device driver (Microsoft)
- WSDScan.sys Web Service Based Scan Device driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #1: UNLOADED MODULES =======================
- fffff804`7bbc0000 fffff804`7bbcf000 dump_storpor
- fffff804`7b400000 fffff804`7b42f000 dump_storahc
- fffff804`7b450000 fffff804`7b46e000 dump_dumpfve
- fffff804`7deb0000 fffff804`7df01000 WUDFRd.sys
- fffff804`7bec0000 fffff804`7bede000 dam.sys
- fffff804`79e20000 fffff804`79e29000 MbamElam.sys
- fffff804`7ae20000 fffff804`7ae31000 hwpolicy.sys
- ====================== Dump #1: BIOS INFORMATION =======================
- [SMBIOS Data Tables v2.8]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 3167 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 1304
- BIOS Starting Address Segment f000
- BIOS Release Date 07/11/2014
- BIOS ROM Size 800000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 4
- BIOS Minor Revision 6
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer ASUS
- Product Name All Series
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber All
- Family ASUS MB
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product Z97-A
- Version Rev 1.xx
- Feature Flags 09h
- 1830401760: - 1830401808: - «Q¦ý
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 25 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 1
- Contained Element Size 3
- [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
- Number of Devices 2
- 01: Type Video [enabled]
- 02: Type Ethernet [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0029h]
- Number of Strings 4
- 3 Ferrari
- [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
- [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 33554432KB
- Number of Memory Devices 4
- [Memory Device (Type 17) - Length 40 - Handle 0047h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_A1
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0048h]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM_A2
- Bank Locator BANK 1
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMY16GX3M2A1600C9
- [Memory Device (Type 17) - Length 40 - Handle 0049h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_B1
- Bank Locator BANK 2
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 004ah]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM_B2
- Bank Locator BANK 3
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMY16GX3M2A1600C9
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 0046h
- Partition Width 04
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 01
- Interleave Data Depth 02
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
- Starting Address 00800000h
- Ending Address 00ffffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 02
- Interleave Data Depth 02
- [Processor Information (Type 4) - Length 42 - Handle 0053h]
- Socket Designation SOCKET 1150
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer Intel
- Processor ID c3060300fffbebbf
- Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
- Processor Voltage 8ch - 1.2V
- External Clock 100MHz
- Max Speed 3800MHz
- Current Speed 4000MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 0054h
- L2 Cache Handle 0055h
- L3 Cache Handle 0056h
- [Cache Information (Type 7) - Length 19 - Handle 0054h]
- Socket Designation CPU Internal L1
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type ParitySingle-Bit ECC
- System Cache Type Other
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0055h]
- Socket Designation CPU Internal L2
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0056h]
- Socket Designation CPU Internal L3
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 2000h - 8192K
- Installed Size 2000h - 8192K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- ========================== Dump #1: Extra #1 ===========================
- 4: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #1: Extra #2 ===========================
- 4: kd> !thread
- THREAD ffff8005074c7080 Cid 1394.139c Teb: 000000ac2026a000 Win32Thread: ffff8005001758d0 RUNNING on processor 4
- IRP List:
- Unable to read nt!_IRP @ ffff800507091bf0
- Not impersonating
- GetUlongFromAddress: unable to read from fffff80475a2ca14
- Owning Process ffff8005074c0080 Image: svchost.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 791
- Context Switch Count 182 IdealProcessor: 4
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ffbd51d2dc0
- Stack Init ffffa68235cb4c90 Current ffffa68235cb31a0
- Base ffffa68235cb5000 Limit ffffa68235caf000 Call 0000000000000000
- Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffd880`975eeb58 fffff804`760ff188 : 00000000`00000124 00000000`00000000 ffff8005`00b8a028 00000000`be000000 : nt!KeBugCheckEx
- ffffd880`975eeb60 fffff804`797f1920 : ffff8004`fe3f7bd0 00000000`00000000 ffff8005`00b8a028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- ffffd880`975eeba0 fffff804`75941092 : ffff8004`fe3f7bd0 ffffd880`975eec29 00000000`00000000 ffff8005`00b8a028 : PSHED!PshedBugCheckSystem+0x10
- ffffd880`975eebd0 fffff804`76100ae6 : ffffd880`975eecf0 00000000`00000004 ffff8004`fe3f7c20 ffff8004`fe3f7bd0 : nt!WheaReportHwError+0x382
- ffffd880`975eec90 fffff804`76100f7a : 00000000`00000010 ffff8004`fe3f7c20 ffffd880`975eee48 ffffd880`975ef090 : hal!HalpMcaReportError+0x72
- ffffd880`975eedf0 fffff804`76100e54 : ffff8004`fe2a9e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- ffffd880`975eee40 fffff804`761010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- ffffd880`975eee80 fffff804`76100168 : 00000000`00000000 ffffd880`975ef110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- ffffd880`975eeeb0 fffff804`76101347 : ffff8004`fe2a9e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- ffffd880`975eeee0 fffff804`758a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- ffffd880`975eef10 fffff804`757d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- ffffd880`975eef40 fffff804`757d106f : ffffd880`00000000 fffff804`757d0fac 00000000`00696976 00000000`00000000 : nt!KxMcheckAbort+0x7a
- ffffd880`975ef080 fffff804`75616768 : 00000000`00000000 00000000`00000000 00000000`00000000 ffff9182`b44d8f30 : nt!KiMcheckAbort+0x26f (TrapFrame @ ffffd880`975ef090)
- ffffa682`35cb35e0 fffff804`756165b0 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : nt!KxFlushNonGlobalTb+0xd8
- ffffa682`35cb36f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeFlushTb+0x230
- ========================================================================
- ======================= Dump #2: ANALYZE VERBOSE =======================
- ======================= File: 080920-7609-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff804`24a00000 PsLoadedModuleList = 0xfffff804`24e48190
- Debug session time: Sun Aug 9 16:25:28.977 2020 (UTC - 4:00)
- System Uptime: 0 days 0:00:26.613
- BugCheck 124, {0, ffffb70801314028, be000000, 800400}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- WHEA_UNCORRECTABLE_ERROR (124)
- A fatal hardware error has occurred. Parameter 1 identifies the type of error
- source that reported the error. Parameter 2 holds the address of the
- WHEA_ERROR_RECORD structure that describes the error conditon.
- Arguments:
- Arg1: 0000000000000000, Machine Check Exception
- Arg2: ffffb70801314028, Address of the WHEA_ERROR_RECORD structure.
- Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
- Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: 0x124_GenuineIntel
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: svchost.exe
- CURRENT_IRQL: f
- STACK_TEXT:
- ffffc701`1fa0cb58 fffff804`249a4188 : 00000000`00000124 00000000`00000000 ffffb708`01314028 00000000`be000000 : nt!KeBugCheckEx
- ffffc701`1fa0cb60 fffff804`28001920 : ffffb707`fcaf1bd0 00000000`00000000 ffffb708`01314028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- ffffc701`1fa0cba0 fffff804`24d41092 : ffffb707`fcaf1bd0 ffffc701`1fa0cc29 00000000`00000000 ffffb708`01314028 : PSHED!PshedBugCheckSystem+0x10
- ffffc701`1fa0cbd0 fffff804`249a5ae6 : ffffc701`1fa0ccf0 00000000`00000004 ffffb707`fcaf1c20 ffffb707`fcaf1bd0 : nt!WheaReportHwError+0x382
- ffffc701`1fa0cc90 fffff804`249a5f7a : 00000000`00000010 ffffb707`fcaf1c20 ffffc701`1fa0ce48 ffffc701`1fa0d090 : hal!HalpMcaReportError+0x72
- ffffc701`1fa0cdf0 fffff804`249a5e54 : ffffb707`fc6a7e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- ffffc701`1fa0ce40 fffff804`249a60c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- ffffc701`1fa0ce80 fffff804`249a5168 : 00000000`00000000 ffffc701`1fa0d110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- ffffc701`1fa0ceb0 fffff804`249a6347 : ffffb707`fc6a7e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- ffffc701`1fa0cee0 fffff804`24ca4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- ffffc701`1fa0cf10 fffff804`24bd13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- ffffc701`1fa0cf40 fffff804`24bd106f : ffffff47`00000000 fffff804`24bd0fac fffff285`b1e13f40 00000000`00000000 : nt!KxMcheckAbort+0x7a
- ffffc701`1fa0d080 fffff804`24a447ef : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f
- fffff285`b1e13f00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeYieldProcessorEx+0x1f
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
- ffff885d18c97809-ffff885d18c9780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
- [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
- ffff885d18c97879-ffff885d18c9787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
- [ 48 ff:4c 8b ]
- ffff885d18c97880-ffff885d18c97883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
- [ 0f 1f 44 00:e8 9b eb 20 ]
- ffff885d18c98985-ffff885d18c98986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
- [ 48 ff:4c 8b ]
- ffff885d18c9898c-ffff885d18c9898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
- [ 0f 1f 44 00:e8 8f da 20 ]
- ffff885d18c98995-ffff885d18c98996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
- [ 48 ff:4c 8b ]
- ffff885d18c9899c-ffff885d18c9899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
- [ 0f 1f 44 00:e8 7f da 20 ]
- 24 errors : !win32kbase (ffff885d18c97809-ffff885d18c9899f)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-09T20:25:28.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #2: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #2: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #2: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WSDPrint.sys Web Services Print Device driver (Microsoft)
- WSDScan.sys Web Service Based Scan Device driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #2: UNLOADED MODULES =======================
- fffff804`2c7f0000 fffff804`2c85f000 HdAudio.sys
- fffff804`2b7a0000 fffff804`2b7f1000 WUDFRd.sys
- fffff804`2a5a0000 fffff804`2a5be000 dam.sys
- fffff804`29610000 fffff804`29621000 hwpolicy.sys
- ====================== Dump #2: BIOS INFORMATION =======================
- [SMBIOS Data Tables v2.8]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 3121 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 1304
- BIOS Starting Address Segment f000
- BIOS Release Date 07/11/2014
- BIOS ROM Size 800000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 4
- BIOS Minor Revision 6
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer ASUS
- Product Name All Series
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber All
- Family ASUS MB
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product Z97-A
- Version Rev 1.xx
- Feature Flags 09h
- 1830401760: - 1830401808: - «Q¦ý
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 25 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 1
- Contained Element Size 3
- [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
- Number of Devices 2
- 01: Type Video [enabled]
- 02: Type Ethernet [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0029h]
- Number of Strings 4
- 3 Ferrari
- [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
- [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 33554432KB
- Number of Memory Devices 4
- [Memory Device (Type 17) - Length 40 - Handle 0047h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_A1
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0048h]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM_A2
- Bank Locator BANK 1
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMY16GX3M2A1600C9
- [Memory Device (Type 17) - Length 40 - Handle 0049h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_B1
- Bank Locator BANK 2
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 004ah]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_B2
- Bank Locator BANK 3
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Array Handle 0046h
- Partition Width 04
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 01
- Interleave Data Depth 02
- [Processor Information (Type 4) - Length 42 - Handle 005ch]
- Socket Designation SOCKET 1150
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer Intel
- Processor ID c3060300fffbebbf
- Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
- Processor Voltage 8ch - 1.2V
- External Clock 100MHz
- Max Speed 3800MHz
- Current Speed 4000MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 005dh
- L2 Cache Handle 005eh
- L3 Cache Handle 005fh
- [Cache Information (Type 7) - Length 19 - Handle 005dh]
- Socket Designation CPU Internal L1
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type ParitySingle-Bit ECC
- System Cache Type Other
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 005eh]
- Socket Designation CPU Internal L2
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 005fh]
- Socket Designation CPU Internal L3
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 2000h - 8192K
- Installed Size 2000h - 8192K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- ========================== Dump #2: Extra #1 ===========================
- 4: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #2: Extra #2 ===========================
- 4: kd> !thread
- THREAD ffffb70803a86040 Cid 052c.05b8 Teb: 000000b81eedd000 Win32Thread: 0000000000000000 RUNNING on processor 4
- Not impersonating
- GetUlongFromAddress: unable to read from fffff80424e2ca14
- Owning Process ffffb7080397e080 Image: svchost.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 1681
- Context Switch Count 156 IdealProcessor: 1
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ff840113ce0
- Stack Init fffff285b1e14c90 Current fffff285b1e13ad0
- Base fffff285b1e15000 Limit fffff285b1e0f000 Call 0000000000000000
- Priority 9 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffc701`1fa0cb58 fffff804`249a4188 : 00000000`00000124 00000000`00000000 ffffb708`01314028 00000000`be000000 : nt!KeBugCheckEx
- ffffc701`1fa0cb60 fffff804`28001920 : ffffb707`fcaf1bd0 00000000`00000000 ffffb708`01314028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- ffffc701`1fa0cba0 fffff804`24d41092 : ffffb707`fcaf1bd0 ffffc701`1fa0cc29 00000000`00000000 ffffb708`01314028 : PSHED!PshedBugCheckSystem+0x10
- ffffc701`1fa0cbd0 fffff804`249a5ae6 : ffffc701`1fa0ccf0 00000000`00000004 ffffb707`fcaf1c20 ffffb707`fcaf1bd0 : nt!WheaReportHwError+0x382
- ffffc701`1fa0cc90 fffff804`249a5f7a : 00000000`00000010 ffffb707`fcaf1c20 ffffc701`1fa0ce48 ffffc701`1fa0d090 : hal!HalpMcaReportError+0x72
- ffffc701`1fa0cdf0 fffff804`249a5e54 : ffffb707`fc6a7e40 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- ffffc701`1fa0ce40 fffff804`249a60c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- ffffc701`1fa0ce80 fffff804`249a5168 : 00000000`00000000 ffffc701`1fa0d110 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- ffffc701`1fa0ceb0 fffff804`249a6347 : ffffb707`fc6a7e40 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- ffffc701`1fa0cee0 fffff804`24ca4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- ffffc701`1fa0cf10 fffff804`24bd13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- ffffc701`1fa0cf40 fffff804`24bd106f : ffffff47`00000000 fffff804`24bd0fac fffff285`b1e13f40 00000000`00000000 : nt!KxMcheckAbort+0x7a
- ffffc701`1fa0d080 fffff804`24a447ef : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f (TrapFrame @ ffffc701`1fa0d090)
- fffff285`b1e13f00 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeYieldProcessorEx+0x1f
- ========================================================================
- ======================= Dump #3: ANALYZE VERBOSE =======================
- ====================== File: 080920-25968-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff807`4b200000 PsLoadedModuleList = 0xfffff807`4b648190
- Debug session time: Sun Aug 9 14:58:46.298 2020 (UTC - 4:00)
- System Uptime: 0 days 0:00:41.933
- BugCheck 124, {0, ffffc80ccd0b7028, be000000, 800400}
- Probably caused by : memory_corruption
- Followup: memory_corruption
- WHEA_UNCORRECTABLE_ERROR (124)
- A fatal hardware error has occurred. Parameter 1 identifies the type of error
- source that reported the error. Parameter 2 holds the address of the
- WHEA_ERROR_RECORD structure that describes the error conditon.
- Arguments:
- Arg1: 0000000000000000, Machine Check Exception
- Arg2: ffffc80ccd0b7028, Address of the WHEA_ERROR_RECORD structure.
- Arg3: 00000000be000000, High order 32-bits of the MCi_STATUS value.
- Arg4: 0000000000800400, Low order 32-bits of the MCi_STATUS value.
- Debugging Details:
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: 0x124_GenuineIntel
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- PROCESS_NAME: nvcontainer.exe
- CURRENT_IRQL: f
- STACK_TEXT:
- fffff807`4ea82918 fffff807`4bcff188 : 00000000`00000124 00000000`00000000 ffffc80c`cd0b7028 00000000`be000000 : nt!KeBugCheckEx
- fffff807`4ea82920 fffff807`4d1f1920 : ffffc80c`cbffe430 00000000`00000000 ffffc80c`cd0b7028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- fffff807`4ea82960 fffff807`4b541092 : ffffc80c`cbffe430 fffff807`4ea829e9 00000000`00000000 ffffc80c`cd0b7028 : PSHED!PshedBugCheckSystem+0x10
- fffff807`4ea82990 fffff807`4bd00ae6 : fffff807`4ea82ab0 00000000`00000000 ffffc80c`cbffe480 ffffc80c`cbffe430 : nt!WheaReportHwError+0x382
- fffff807`4ea82a50 fffff807`4bd00f7a : 00000000`00000010 ffffc80c`cbffe480 fffff807`4ea82c08 fffff807`4ea82e50 : hal!HalpMcaReportError+0x72
- fffff807`4ea82bb0 fffff807`4bd00e54 : ffffc80c`cb2a7b80 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- fffff807`4ea82c00 fffff807`4bd010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- fffff807`4ea82c40 fffff807`4bd00168 : 00000000`00000000 fffff807`4ea82ed0 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- fffff807`4ea82c70 fffff807`4bd01347 : ffffc80c`cb2a7b80 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- fffff807`4ea82ca0 fffff807`4b4a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- fffff807`4ea82cd0 fffff807`4b3d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- fffff807`4ea82d00 fffff807`4b3d106f : 00000000`00000000 00000000`00000000 00000000`4c28ae45 00000000`00000000 : nt!KxMcheckAbort+0x7a
- fffff807`4ea82e40 00007ffb`77c186c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f
- 00000087`e0efc3c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`77c186c8
- STACK_COMMAND: kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !win32kbase
- fffff267216b7809-fffff267216b780e 6 bytes - win32kbase!DirectComposition::CAnimationMarshaler::SetReferenceProperty+49
- [ ff 15 a1 ef 19 00:e8 92 ea 20 00 90 ]
- fffff267216b7879-fffff267216b787a 2 bytes - win32kbase!SfmSignalTokenEvent+19 (+0x70)
- [ 48 ff:4c 8b ]
- fffff267216b7880-fffff267216b7883 4 bytes - win32kbase!SfmSignalTokenEvent+20 (+0x07)
- [ 0f 1f 44 00:e8 9b eb 20 ]
- fffff267216b8985-fffff267216b8986 2 bytes - win32kbase!GreSfmDwmShutdown+35 (+0x1105)
- [ 48 ff:4c 8b ]
- fffff267216b898c-fffff267216b898f 4 bytes - win32kbase!GreSfmDwmShutdown+3c (+0x07)
- [ 0f 1f 44 00:e8 8f da 20 ]
- fffff267216b8995-fffff267216b8996 2 bytes - win32kbase!GreSfmDwmShutdown+45 (+0x09)
- [ 48 ff:4c 8b ]
- fffff267216b899c-fffff267216b899f 4 bytes - win32kbase!GreSfmDwmShutdown+4c (+0x07)
- [ 0f 1f 44 00:e8 7f da 20 ]
- 24 errors : !win32kbase (fffff267216b7809-fffff267216b899f)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-09T18:58:46.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #3: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #3: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #3: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WSDPrint.sys Web Services Print Device driver (Microsoft)
- WSDScan.sys Web Service Based Scan Device driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #3: UNLOADED MODULES =======================
- fffff807`4f710000 fffff807`4f71f000 dump_storpor
- fffff807`4f750000 fffff807`4f77f000 dump_storahc
- fffff807`4f7a0000 fffff807`4f7be000 dump_dumpfve
- fffff807`52280000 fffff807`522d1000 WUDFRd.sys
- fffff807`508f0000 fffff807`5090e000 dam.sys
- fffff807`4e810000 fffff807`4e821000 hwpolicy.sys
- ====================== Dump #3: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #3: Extra #1 ===========================
- 0: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #3: Extra #2 ===========================
- 0: kd> !thread
- THREAD ffffc80cd476c080 Cid 0714.16c4 Teb: 00000087e0dba000 Win32Thread: ffffc80cd3c14bf0 RUNNING on processor 0
- IRP List:
- Unable to read nt!_IRP @ ffffc80cd35e8a70
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8074b62ca14
- Owning Process ffffc80cd4bea080 Image: nvcontainer.exe
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 2683
- Context Switch Count 413 IdealProcessor: 2
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address 0x00007ff6737145a0
- Stack Init ffffeb0ffca74c90 Current ffffeb0ffca74970
- Base ffffeb0ffca75000 Limit ffffeb0ffca6f000 Call 0000000000000000
- Priority 8 BasePriority 8 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- fffff807`4ea82918 fffff807`4bcff188 : 00000000`00000124 00000000`00000000 ffffc80c`cd0b7028 00000000`be000000 : nt!KeBugCheckEx
- fffff807`4ea82920 fffff807`4d1f1920 : ffffc80c`cbffe430 00000000`00000000 ffffc80c`cd0b7028 00000000`00000000 : hal!HalBugCheckSystem+0xd8
- fffff807`4ea82960 fffff807`4b541092 : ffffc80c`cbffe430 fffff807`4ea829e9 00000000`00000000 ffffc80c`cd0b7028 : PSHED!PshedBugCheckSystem+0x10
- fffff807`4ea82990 fffff807`4bd00ae6 : fffff807`4ea82ab0 00000000`00000000 ffffc80c`cbffe480 ffffc80c`cbffe430 : nt!WheaReportHwError+0x382
- fffff807`4ea82a50 fffff807`4bd00f7a : 00000000`00000010 ffffc80c`cbffe480 fffff807`4ea82c08 fffff807`4ea82e50 : hal!HalpMcaReportError+0x72
- fffff807`4ea82bb0 fffff807`4bd00e54 : ffffc80c`cb2a7b80 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerCore+0xf2
- fffff807`4ea82c00 fffff807`4bd010c0 : 00000000`00000008 00000000`00000001 00000000`00000000 00000000`00000000 : hal!HalpMceHandler+0xe0
- fffff807`4ea82c40 fffff807`4bd00168 : 00000000`00000000 fffff807`4ea82ed0 00000000`00000000 00000000`00000000 : hal!HalpMceHandlerWithRendezvous+0xd4
- fffff807`4ea82c70 fffff807`4bd01347 : ffffc80c`cb2a7b80 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalpHandleMachineCheck+0x5c
- fffff807`4ea82ca0 fffff807`4b4a4e30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : hal!HalHandleMcheck+0x37
- fffff807`4ea82cd0 fffff807`4b3d13ba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiHandleMcheck+0x10
- fffff807`4ea82d00 fffff807`4b3d106f : 00000000`00000000 00000000`00000000 00000000`4c28ae45 00000000`00000000 : nt!KxMcheckAbort+0x7a
- fffff807`4ea82e40 00007ffb`77c186c8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiMcheckAbort+0x26f (TrapFrame @ fffff807`4ea82e50)
- 00000087`e0efc3c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`77c186c8
- ========================================================================
- ======================= Dump #4: ANALYZE VERBOSE =======================
- ====================== File: 080920-13265-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Mini Kernel Dump does not have process information
- Unable to load image Unknown_Module_00000000`00410000, Win32 error 0n2
- *** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00410000
- *** ERROR: Module load completed but symbols could not be loaded for Unknown_Module_00000000`00410000
- Debugger can not determine kernel base address
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff802`60800000 PsLoadedModuleList = 0xfffff802`60c48190
- Debug session time: Sun Aug 9 15:25:06.799 2020 (UTC - 4:00)
- System Uptime: 0 days 0:00:17.427
- Unable to load image Unknown_Module_00000000`00410000, Win32 error 0n2
- *** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00410000
- *** ERROR: Module load completed but symbols could not be loaded for Unknown_Module_00000000`00410000
- Debugger can not determine kernel base address
- BugCheck 101, {18, 0, ffffad819afe0180, 2}
- ***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.
- Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )
- Followup: MachineOwner
- CLOCK_WATCHDOG_TIMEOUT (101)
- An expected clock interrupt was not received on a secondary processor in an
- MP system within the allocated interval. This indicates that the specified
- processor is hung and not processing interrupts.
- Arguments:
- Arg1: 0000000000000018, Clock interrupt time out interval in nominal clock ticks.
- Arg2: 0000000000000000, 0.
- Arg3: ffffad819afe0180, The PRCB address of the hung processor.
- Arg4: 0000000000000002, The index of the hung processor.
- Debugging Details:
- ***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- BUGCHECK_STR: CLOCK_WATCHDOG_TIMEOUT_8_PROC
- CUSTOMER_CRASH_COUNT: 1
- CURRENT_IRQL: 0
- STACK_TEXT:
- fffff802`66275b08 fffff802`609fca42 : 00000000`00000101 00000000`00000018 00000000`00000000 ffffad81`9afe0180 : 0xfffff802`609c23c0
- fffff802`66275b10 00000000`00000101 : 00000000`00000018 00000000`00000000 ffffad81`9afe0180 00000000`00000002 : 0xfffff802`609fca42
- fffff802`66275b18 00000000`00000018 : 00000000`00000000 ffffad81`9afe0180 00000000`00000002 00000000`00000000 : 0x101
- fffff802`66275b20 00000000`00000000 : ffffad81`9afe0180 00000000`00000002 00000000`00000000 00000000`00000000 : 0x18
- STACK_COMMAND: kb
- SYMBOL_NAME: ANALYSIS_INCONCLUSIVE
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: Unknown_Module
- IMAGE_NAME: Unknown_Image
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
- DEFAULT_BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
- PRIMARY_PROBLEM_CLASS: CORRUPT_MODULELIST
- FAILURE_BUCKET_ID: CORRUPT_MODULELIST_CLOCK_WATCHDOG_TIMEOUT_8_PROC
- TARGET_TIME: 2020-08-09T19:25:06.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:corrupt_modulelist_clock_watchdog_timeout_8_proc
- FAILURE_ID_HASH: {e4bedac2-0af7-9aeb-9262-0bdc5e5aa891}
- Followup: MachineOwner
- ====================== Dump #4: 3RD PARTY DRIVERS ======================
- unavailable - Unknown_Module_00000000`00410000 -
- ================== Dump #4: 3RD PARTY DRIVERS (FULL) ===================
- Image name: Unknown_Module_00000000`00410000
- Search : https://www.google.com/search?q=Unknown_Module_00000000`00410000
- Timestamp : unavailable (00000000)
- ====================== Dump #4: MICROSOFT DRIVERS ======================
- ====================== Dump #4: UNLOADED MODULES =======================
- ====================== Dump #4: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #4: Extra #1 ===========================
- 0: kd> !verifier
- 00000000: Unable to get verifier list.
- ========================== Dump #4: Extra #2 ===========================
- 0: kd> !thread
- GetPointerFromAddress: unable to read from fffff80260b82678
- ffff9a09f995b080: Unable to get thread contents
- ========================================================================
- ======================= Dump #5: ANALYZE VERBOSE =======================
- ====================== File: 080620-72296-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff805`14600000 PsLoadedModuleList = 0xfffff805`14a48190
- Debug session time: Thu Aug 6 16:57:34.687 2020 (UTC - 4:00)
- System Uptime: 0 days 0:37:14.314
- BugCheck 9F, {3, ffff950a3fc6cda0, ffffb1884646f8b0, ffff950a58fb5a30}
- Implicit thread is now ffff950a`59da8040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
- Arg2: ffff950a3fc6cda0, Physical Device Object of the stack
- Arg3: ffffb1884646f8b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
- Arg4: ffff950a58fb5a30, The blocked IRP
- Debugging Details:
- Implicit thread is now ffff950a`59da8040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 3
- FAULTING_THREAD: 59da8040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LAST_CONTROL_TRANSFER: from fffff805146a46ad to fffff805147c9106
- STACK_TEXT:
- ffffb188`4b8bc4f0 fffff805`146a46ad : ffffd900`00000001 00000000`00000008 ffffd900`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
- ffffb188`4b8bc630 fffff805`146a3534 : ffff950a`59da8040 00000000`00000000 ffffb308`2a6f92c0 fffff805`00000000 : nt!KiSwapThread+0xbfd
- ffffb188`4b8bc6d0 fffff805`146a2cd5 : ffffd714`21c5fda4 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffb188`4b8bc770 fffff805`187b9920 : ffff950a`447875b0 fffff805`00000000 ffff950a`44787500 fffff805`00000000 : nt!KeWaitForSingleObject+0x255
- ffffb188`4b8bc850 fffff805`187acb89 : 00000000`00000020 00000000`00000005 ffff950a`44787590 fffff805`1879c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffb188`4b8bc890 fffff805`186f4728 : ffff950a`447861a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffb188`4b8bc8e0 fffff805`186b280d : ffff950a`447861a0 00000000`00000000 ffff950a`44786d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
- ffffb188`4b8bc9d0 fffff805`186b3246 : ffff950a`447861a0 00000000`00000000 ffff950a`58fb5a30 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
- ffffb188`4b8bca20 fffff805`186b3931 : 00000000`00000000 ffff950a`00000004 ffff950a`58fb5a30 ffff950a`447861a0 : ndis!ndisSetSystemPower+0x19e
- ffffb188`4b8bcaa0 fffff805`186b9e84 : ffff950a`58fb5a30 ffff950a`3fc6cda0 ffff950a`58fb5b48 ffff950a`447861a0 : ndis!ndisSetPower+0x109
- ffffb188`4b8bcb00 fffff805`1477a08f : ffff950a`44786050 ffffb188`4b8bcbe0 00000000`00000000 ffff950a`58fb5a30 : ndis!ndisPowerDispatch+0x114
- ffffb188`4b8bcb60 fffff805`1471e155 : ffffffff`fa0a1f00 ffff950a`59da8040 fffff805`14779eb0 005f0031`00000001 : nt!PopIrpWorker+0x1df
- ffffb188`4b8bcc10 fffff805`147c99c8 : ffffd900`989e2180 ffff950a`59da8040 fffff805`1471e100 004f0056`005c0000 : nt!PspSystemThreadStartup+0x55
- ffffb188`4b8bcc60 00000000`00000000 : ffffb188`4b8bd000 ffffb188`4b8b7000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffff950a59da8040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !kbdclass
- fffff80510dd5c1d-fffff80510dd5c1e 2 bytes - kbdclass!KeyboardClassWaitWakeComplete+1d
- [ 48 ff:4c 8b ]
- fffff80510dd5c24-fffff80510dd5c28 5 bytes - kbdclass!KeyboardClassWaitWakeComplete+24 (+0x07)
- [ 0f 1f 44 00 00:e8 47 a9 85 03 ]
- fffff80510dd5c7d-fffff80510dd5c7e 2 bytes - kbdclass!KeyboardClassWaitWakeComplete+7d (+0x59)
- [ 48 ff:4c 8b ]
- fffff80510dd5c84-fffff80510dd5c88 5 bytes - kbdclass!KeyboardClassWaitWakeComplete+84 (+0x07)
- [ 0f 1f 44 00 00:e8 77 a6 85 03 ]
- 14 errors : !kbdclass (fffff80510dd5c1d-fffff80510dd5c88)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-06T20:57:34.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #5: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- ================== Dump #5: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
- Image name: mbae64.sys
- Search : https://www.google.com/search?q=mbae64.sys
- ADA Info : Malwarebytes driver https://www.malwarebytes.com/
- Timestamp : Thu Apr 25 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\DRIVERS\mwac.sys
- Image name: mwac.sys
- Search : https://www.google.com/search?q=mwac.sys
- ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
- Timestamp : Mon Jun 22 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
- Image name: mbam.sys
- Search : https://www.google.com/search?q=mbam.sys
- ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Timestamp : Tue Jul 7 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- Image path: \SystemRoot\system32\DRIVERS\farflt.sys
- Image name: farflt.sys
- Search : https://www.google.com/search?q=farflt.sys
- ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- Timestamp : Fri Jul 17 2020
- ====================== Dump #5: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #5: UNLOADED MODULES =======================
- fffff805`10bd0000 fffff805`10bde000 WSDPrint.sys
- fffff805`10570000 fffff805`10b45000 iqvw64e.sys
- fffff805`10be0000 fffff805`10bee000 WSDScan.sys
- fffff805`19450000 fffff805`1945f000 dump_storpor
- fffff805`19490000 fffff805`194bf000 dump_storahc
- fffff805`194e0000 fffff805`194fe000 dump_dumpfve
- fffff805`1bd80000 fffff805`1bdd1000 WUDFRd.sys
- fffff805`19ef0000 fffff805`19f0e000 dam.sys
- fffff805`17e20000 fffff805`17e29000 MbamElam.sys
- fffff805`18e20000 fffff805`18e31000 hwpolicy.sys
- ====================== Dump #5: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #5: Extra #1 ===========================
- 6: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #5: Extra #2 ===========================
- 6: kd> !thread
- THREAD ffffd90098d8a240 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 6
- Not impersonating
- GetUlongFromAddress: unable to read from fffff80514a2ca14
- Owning Process fffff80514b8e9c0 Image: System Process
- Attached Process ffff950a3fc6b040 Image: System
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 142991
- Context Switch Count 2312886 IdealProcessor: 6
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!KiIdleLoop (0xfffff805147c5e70)
- Stack Init ffffb1884646fc90 Current ffffb1884646fc20
- Base ffffb18846470000 Limit ffffb1884646a000 Call 0000000000000000
- Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
- Child-SP RetAddr : Args to Child : Call Site
- ffffb188`4646f878 fffff805`148ee7f7 : 00000000`0000009f 00000000`00000003 ffff950a`3fc6cda0 ffffb188`4646f8b0 : nt!KeBugCheckEx
- ffffb188`4646f880 fffff805`148ee701 : ffff950a`559fe780 00000000`00000008 ffffd900`98d79100 ffffd900`98d79180 : nt!PopIrpWatchdogBugcheck+0xef
- ffffb188`4646f8f0 fffff805`146512f9 : ffff950a`559fe7b8 00000000`00000002 00000000`00000080 ffff950a`44cce050 : nt!PopIrpWatchdog+0x31
- ffffb188`4646f940 fffff805`14650059 : 00000000`00000010 00000000`00989680 00000000`00014cf0 00000000`00000008 : nt!KiProcessExpiredTimerList+0x169
- ffffb188`4646fa30 fffff805`147c5eee : 00000000`00000000 ffffd900`98d79180 ffffd900`98d8a240 ffff950a`4e7ef080 : nt!KiRetireDpcList+0x4e9
- ffffb188`4646fc60 00000000`00000000 : ffffb188`46470000 ffffb188`4646a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
- ========================================================================
- ======================= Dump #6: ANALYZE VERBOSE =======================
- ====================== File: 080620-38093-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff806`4e200000 PsLoadedModuleList = 0xfffff806`4e648190
- Debug session time: Wed Aug 5 03:47:25.130 2020 (UTC - 4:00)
- System Uptime: 0 days 1:43:40.758
- BugCheck 9F, {3, ffffab0512cc9d80, fffff80653c678b0, ffffab051f3db760}
- Implicit thread is now ffffab05`1ed65040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
- Arg2: ffffab0512cc9d80, Physical Device Object of the stack
- Arg3: fffff80653c678b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
- Arg4: ffffab051f3db760, The blocked IRP
- Debugging Details:
- Implicit thread is now ffffab05`1ed65040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 3
- FAULTING_THREAD: 1ed65040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LAST_CONTROL_TRANSFER: from fffff8064e2a46ad to fffff8064e3c9106
- STACK_TEXT:
- ffff830e`279e94f0 fffff806`4e2a46ad : ffff8780`00000001 00000000`0000000d ffff8780`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
- ffff830e`279e9630 fffff806`4e2a3534 : ffffab05`1ed65040 00000000`00000000 ffffc209`781f9e60 fffff806`00000000 : nt!KiSwapThread+0xbfd
- ffff830e`279e96d0 fffff806`4e2a2cd5 : ffffb137`7e55db97 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffff830e`279e9770 fffff806`533b9920 : ffffab05`177a15b0 fffff806`00000000 ffffab05`177a1500 fffff806`00000000 : nt!KeWaitForSingleObject+0x255
- ffff830e`279e9850 fffff806`533acb89 : 00000000`00000020 00000000`00000005 ffffab05`177a1590 fffff806`5339c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffff830e`279e9890 fffff806`532f4728 : ffffab05`177a01a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffff830e`279e98e0 fffff806`532b280d : ffffab05`177a01a0 00000000`00000000 ffffab05`177a0d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
- ffff830e`279e99d0 fffff806`532b3246 : ffffab05`177a01a0 00000000`00000000 ffffab05`1f3db760 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
- ffff830e`279e9a20 fffff806`532b3931 : 00000000`00000000 ffffab05`00000004 ffffab05`1f3db760 ffffab05`177a01a0 : ndis!ndisSetSystemPower+0x19e
- ffff830e`279e9aa0 fffff806`532b9e84 : ffffab05`1f3db760 ffffab05`12cc9d80 ffffab05`1f3db878 ffffab05`177a01a0 : ndis!ndisSetPower+0x109
- ffff830e`279e9b00 fffff806`4e37a08f : ffffab05`177a0050 ffff830e`279e9be0 fffff806`4e379e00 ffffab05`1f3db760 : ndis!ndisPowerDispatch+0x114
- ffff830e`279e9b60 fffff806`4e31e155 : ffffffff`fa0a1f00 ffffab05`1ed65040 fffff806`4e379eb0 00430020`00000001 : nt!PopIrpWorker+0x1df
- ffff830e`279e9c10 fffff806`4e3c99c8 : ffff8780`b4d79180 ffffab05`1ed65040 fffff806`4e31e100 006e0065`0069006c : nt!PspSystemThreadStartup+0x55
- ffff830e`279e9c60 00000000`00000000 : ffff830e`279ea000 ffff830e`279e4000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffffab051ed65040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff8064e2d3d52-fffff8064e2d3d57 6 bytes - nt!PspReaper+a2
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e312b5a-fffff8064e312b5f 6 bytes - nt!IopInvalidDeviceRequest+2a (+0x3ee08)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e312b6a-fffff8064e312b6f 6 bytes - nt!KiFlushProcessTbWorker+a (+0x10)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e312b8e-fffff8064e312b93 6 bytes - nt!MiGetNextPageTableTail+1e (+0x24)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e312bde-fffff8064e312be3 6 bytes - nt!MiAdjustFaultList+4a (+0x50)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e312c16-fffff8064e312c1b 6 bytes - nt!SeSetTokenTrustLink+32 (+0x38)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e31e182-fffff8064e31e187 6 bytes - nt!PspSystemThreadStartup+82 (+0xb56c)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e36483e-fffff8064e364843 6 bytes - nt!KiTimerExpirationDpc+de (+0x466bc)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e36fcda-fffff8064e36fcdf 6 bytes - nt!ExpTimeZoneDpcRoutine+fa (+0xb49c)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e37605a-fffff8064e37605f 6 bytes - nt!EmpCheckErrataList+a (+0x6380)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e376096-fffff8064e37609b 6 bytes - nt!IoAllocateErrorLogEntry+36 (+0x3c)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e3c239a-fffff8064e3c239b 2 bytes - nt!ZwLoadKey3+2a (+0x4c304)
- [ 84 00:4c 87 ]
- fffff8064e3c239d-fffff8064e3c239f 3 bytes - nt!ZwLoadKey3+2d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c23ba-fffff8064e3c23bb 2 bytes - nt!KiBugCheckReturn+16 (+0x1d)
- [ 84 00:4c 87 ]
- fffff8064e3c23bd-fffff8064e3c23bf 3 bytes - nt!KiBugCheckReturn+19 (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c24ea-fffff8064e3c24eb 2 bytes - nt!KeBugCheckEx+12a (+0x12d)
- [ 84 00:4c 87 ]
- fffff8064e3c24ed-fffff8064e3c24ef 3 bytes - nt!KeBugCheckEx+12d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c25ea-fffff8064e3c25eb 2 bytes - nt!KeContextToKframes+fa (+0xfd)
- [ 84 00:4c 87 ]
- fffff8064e3c25ed-fffff8064e3c25ef 3 bytes - nt!KeContextToKframes+fd (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c263a-fffff8064e3c263b 2 bytes - nt!KiSaveInitialProcessorControlState+4a (+0x4d)
- [ 84 00:4c 87 ]
- fffff8064e3c263d-fffff8064e3c263f 3 bytes - nt!KiSaveInitialProcessorControlState+4d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c270a-fffff8064e3c270f 6 bytes - nt!KiRestoreProcessorControlState+ca (+0xcd)
- [ 66 0f 1f 44 00 00:4c 87 00 98 c3 90 ]
- fffff8064e3c288a-fffff8064e3c288b 2 bytes - nt!KiSaveProcessorControlState+17a (+0x180)
- [ 84 00:4c 87 ]
- fffff8064e3c288d-fffff8064e3c288f 3 bytes - nt!KiSaveProcessorControlState+17d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c290a-fffff8064e3c290f 6 bytes - nt!KiRestoreDebugRegisterState+7a (+0x7d)
- [ cc 0f 1f 44 00 00:4c 87 00 98 c3 90 ]
- fffff8064e3c2a9a-fffff8064e3c2a9b 2 bytes - nt!KiSaveDebugRegisterState+18a (+0x190)
- [ 84 00:4c 87 ]
- fffff8064e3c2a9d-fffff8064e3c2a9f 3 bytes - nt!KiSaveDebugRegisterState+18d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c2aaa-fffff8064e3c2aaf 6 bytes - nt!KeGetCurrentStackPointer+a (+0x0d)
- [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
- fffff8064e3c2aba-fffff8064e3c2abb 2 bytes - nt!KeResetLegacyFloatingPointState+a (+0x10)
- [ 1f 80:4c 87 ]
- fffff8064e3c2abd-fffff8064e3c2abf 3 bytes - nt!KeResetLegacyFloatingPointState+d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c2aca-fffff8064e3c2acf 6 bytes - nt!KeSaveLegacyFloatingPointControlWord+a (+0x0d)
- [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
- fffff8064e3c2aea-fffff8064e3c2aeb 2 bytes - nt!KeRestoreLegacyFloatingPointControlWord+1a (+0x20)
- [ 84 00:4c 87 ]
- fffff8064e3c2aed-fffff8064e3c2aef 3 bytes - nt!KeRestoreLegacyFloatingPointControlWord+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff8064e3c2daa-fffff8064e3c2daf 6 bytes - nt!NtContinue+2ba (+0x2bd)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e3c916a-fffff8064e3c916f 6 bytes - nt!KiSwapContext+da (+0x63c0)
- [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
- fffff8064e3c91fa-fffff8064e3c91ff 6 bytes - nt!KiDispatchInterruptContinue+4a (+0x90)
- [ cc cc cc 0f 1f 00:4c 87 00 98 c3 90 ]
- fffff8064e3c99da-fffff8064e3c99df 6 bytes - nt!KiStartSystemThread+3a (+0x7e0)
- [ cc cc 0f 1f 40 00:4c 87 00 98 c3 90 ]
- fffff8064e4b333a-fffff8064e4b333f 6 bytes - nt!KiForceIdleStopDpcRoutine+ea (+0xe9960)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e4ee702-fffff8064e4ee707 6 bytes - nt!PopIrpWatchdog+32 (+0x3b3c8)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e4ee7fa-fffff8064e4ee7ff 6 bytes - nt!PopIrpWatchdogBugcheck+f2 (+0xf8)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064e4ee8ee-fffff8064e4ee8f3 6 bytes - nt!PopReadShutdownPolicy+ee (+0xf4)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064eacbc4a-fffff8064eacbc4f 6 bytes - nt!PspProcessRundownWorker+aa
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- fffff8064eacbcb2-fffff8064eacbcb7 6 bytes - nt!PspProcessRundownWorkerSingle+62 (+0x68)
- [ cc cc cc cc cc cc:4c 87 00 98 c3 90 ]
- 195 errors : !nt (fffff8064e2d3d52-fffff8064eacbcb7)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-05T07:47:25.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #6: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- ================== Dump #6: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
- Image name: mbae64.sys
- Search : https://www.google.com/search?q=mbae64.sys
- ADA Info : Malwarebytes driver https://www.malwarebytes.com/
- Timestamp : Thu Apr 25 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\DRIVERS\mwac.sys
- Image name: mwac.sys
- Search : https://www.google.com/search?q=mwac.sys
- ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
- Timestamp : Mon Jun 22 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
- Image name: mbam.sys
- Search : https://www.google.com/search?q=mbam.sys
- ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Timestamp : Tue Jul 7 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- Image path: \SystemRoot\system32\DRIVERS\farflt.sys
- Image name: farflt.sys
- Search : https://www.google.com/search?q=farflt.sys
- ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- Timestamp : Fri Jul 17 2020
- ====================== Dump #6: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WSDPrint.sys Web Services Print Device driver (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #6: UNLOADED MODULES =======================
- fffff806`4cbd0000 fffff806`4cbe4000 mbam.sys
- fffff806`556b0000 fffff806`556e4000 farflt.sys
- fffff806`4cba0000 fffff806`4cbc3000 mwac.sys
- fffff806`4c480000 fffff806`4ca55000 iqvw64e.sys
- fffff806`4b0e0000 fffff806`4b0ee000 WSDScan.sys
- fffff806`54120000 fffff806`5412f000 dump_storpor
- fffff806`54160000 fffff806`5418f000 dump_storahc
- fffff806`541b0000 fffff806`541ce000 dump_dumpfve
- fffff806`569b0000 fffff806`56a01000 WUDFRd.sys
- fffff806`54af0000 fffff806`54b0e000 dam.sys
- fffff806`52a20000 fffff806`52a29000 MbamElam.sys
- fffff806`53a20000 fffff806`53a31000 hwpolicy.sys
- ====================== Dump #6: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #6: Extra #1 ===========================
- 0: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #6: Extra #2 ===========================
- 0: kd> !thread
- THREAD fffff8064e791400 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 0
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8064e62ca14
- Owning Process fffff8064e78e9c0 Image: System Process
- Attached Process ffffab0512c84040 Image: System
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 398124
- Context Switch Count 13875424 IdealProcessor: 0
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!KiIdleLoop (0xfffff8064e3c5e70)
- Stack Init fffff80653c67c90 Current fffff80653c67c20
- Base fffff80653c68000 Limit fffff80653c62000 Call 0000000000000000
- Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- fffff806`53c67878 fffff806`4e4ee7f7 : 00000000`0000009f 00000000`00000003 ffffab05`12cc9d80 fffff806`53c678b0 : nt!KeBugCheckEx
- fffff806`53c67880 fffff806`4e4ee701 : ffffab05`1e737390 00000000`00000001 fffff806`4d07e100 fffff806`4d07e180 : nt!PopIrpWatchdogBugcheck+0xef
- fffff806`53c678f0 fffff806`4e2512f9 : ffffab05`1e7373c8 0000000e`7bdc3fc8 00000001`00000002 ffffab05`17cbe050 : nt!PopIrpWatchdog+0x31
- fffff806`53c67940 fffff806`4e250059 : 00000000`0000001e 00000000`00989680 00000000`00039ef7 00000000`0000000f : nt!KiProcessExpiredTimerList+0x169
- fffff806`53c67a30 fffff806`4e3c5eee : 00000000`00000000 fffff806`4d07e180 fffff806`4e791400 ffffab05`1fe31080 : nt!KiRetireDpcList+0x4e9
- fffff806`53c67c60 00000000`00000000 : fffff806`53c68000 fffff806`53c62000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
- ========================================================================
- ======================= Dump #7: ANALYZE VERBOSE =======================
- ====================== File: 080320-34765-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff801`10200000 PsLoadedModuleList = 0xfffff801`10648190
- Debug session time: Tue Aug 4 04:52:30.273 2020 (UTC - 4:00)
- System Uptime: 0 days 1:11:35.901
- BugCheck 1000009F, {4, 12c, ffffb20a31446040, ffffe58e2b8538e0}
- Implicit thread is now ffffb20a`31446040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
- subsystem.
- Arg2: 000000000000012c, Timeout in seconds.
- Arg3: ffffb20a31446040, The thread currently holding on to the Pnp lock.
- Arg4: ffffe58e2b8538e0, nt!TRIAGE_9F_PNP on Win7 and higher
- Debugging Details:
- Implicit thread is now ffffb20a`31446040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 4
- FAULTING_THREAD: 31446040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LOCK_ADDRESS: fffff801106629e0 -- (!locks fffff801106629e0)
- Resource @ nt!PiEngineLock (0xfffff801106629e0) Exclusively owned
- Contention Count = 27
- NumberOfExclusiveWaiters = 3
- Threads: ffffb20a31446040-01<*> << Too many exclusive waiters to list>>
- 1 total locks, 1 locks currently held
- PNP_TRIAGE:
- Lock address : 0xfffff801106629e0
- Thread Count : 1
- Thread address: 0xffffb20a31446040
- Thread wait : 0x3e6f9
- LAST_CONTROL_TRANSFER: from fffff801102a46ad to fffff801103c9106
- STACK_TEXT:
- ffffe58e`345a9f30 fffff801`102a46ad : ffffa081`f77d2180 8000007f`fffffffe ffffa081`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- ffffe58e`345aa070 fffff801`102a3534 : ffffb20a`31446040 00000000`00000000 ffffb20a`00000000 ffff8280`00000000 : nt!KiSwapThread+0xbfd
- ffffe58e`345aa110 fffff801`102a2cd5 : 00000000`00000001 fffff801`00000000 ffffb20a`224a6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffe58e`345aa1b0 fffff801`143b9920 : ffffb20a`2229c5b0 fffff801`00000000 ffffb20a`2229b100 fffff801`00000000 : nt!KeWaitForSingleObject+0x255
- ffffe58e`345aa290 fffff801`143acb89 : 00000000`00000008 ffffe58e`345aa330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffe58e`345aa2d0 fffff801`143abefd : ffff8280`e5df2680 fffff801`143abee0 ffff8280`e56449d8 fffff801`1436c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffe58e`345aa320 fffff801`143a7933 : ffff8280`e5df26c0 fffff801`143abee0 ffff8280`e56449d8 ffffb20a`2229b1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- ffffe58e`345aa350 fffff801`143a7879 : 00000000`00000000 fffff801`1436c6d8 00000000`00000000 ffff8280`e56449d0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- ffffe58e`345aa3a0 fffff801`143a768b : 00000000`00000000 ffffb20a`2936cd18 00000000`00000010 fffff801`142bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- ffffe58e`345aa3d0 fffff801`143d9934 : ffffb20a`2936c9a0 ffffe58e`345aa4e8 ffffe58e`345aa4e8 ffffb20a`2936c9e8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- ffffe58e`345aa420 fffff801`143327c6 : ffffb20a`2936c9a0 fffff801`14385050 fffff801`14385050 fffff801`1436d790 : ndis!NdisDeregisterProtocol+0xd4
- ffffe58e`345aa490 fffff801`0c39111a : fffff801`0c399000 fffff801`00000000 ffffb20a`2936b9b0 ffffe58e`345aa570 : ndis!NdisDeregisterProtocolDriver+0x66
- ffffe58e`345aa4e0 fffff801`0c39c484 : 00000000`000000e7 ffffe58e`345aa568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- ffffe58e`345aa510 fffff801`143b7d73 : ffffb20a`2936b9b0 ffffb20a`2936b9b0 fffff801`14385050 ffffb20a`293cae30 : raspppoe!MpUnload+0x44
- ffffe58e`345aa540 fffff801`1433cdd4 : ffffb20a`293cae30 00000000`00000000 ffffb20a`293cae30 ffffb20a`293cae30 : ndis!ndisMInvokeDriverUnload+0x67
- ffffe58e`345aa580 fffff801`109662d7 : ffffb20a`293cae30 00000000`00000000 ffffe58e`345aa740 ffff8280`f3048050 : ndis!ndisMUnloadEx+0x94
- ffffe58e`345aa5e0 fffff801`109319ce : ffffb20a`293caf80 00000000`00000000 fffff801`1098cb01 ffffb20a`293cae30 : nt!IopUnloadDriver+0x20f
- ffffe58e`345aa710 fffff801`10372004 : ffffb20a`2938ba20 ffffd076`db786c10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- ffffe58e`345aa760 fffff801`109315cf : ffffb20a`2938ba20 fffff801`00000000 00000000`00000000 fffff801`10662940 : nt!PnpRemoveLockedDeviceNode+0x240
- ffffe58e`345aa7c0 fffff801`1093126a : ffffb20a`2938ba20 ffffe58e`345aa840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- ffffe58e`345aa800 fffff801`10932b51 : ffffb20a`2887dde0 00000000`00000002 ffffb20a`28564290 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- ffffe58e`345aa880 fffff801`10930994 : 00000000`00000000 ffffe58e`345aa900 ffffb20a`2887dde0 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- ffffe58e`345aa8d0 fffff801`10930371 : ffffb20a`28564290 00000000`00000001 ffffb20a`28564290 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
- ffffe58e`345aa910 fffff801`10371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffb20a`27b9c9a0 : nt!PnpChainDereferenceComplete+0xfd
- ffffe58e`345aa940 fffff801`1092fb1a : 00000000`00000008 ffffe58e`345aaa49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- ffffe58e`345aa9c0 fffff801`1090924e : ffffe58e`345aab10 ffffb20a`27b9c900 ffffe58e`345aab00 ffff8281`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- ffffe58e`345aaab0 fffff801`107c96d8 : ffff8281`13943140 ffff8281`18616b10 ffff8281`18616b10 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- ffffe58e`345aaae0 fffff801`10283965 : ffffb20a`1d924c50 ffffb20a`31446040 ffffb20a`1d924c50 ffffb20a`2e470e08 : nt!PnpDeviceEventWorker+0x2d8
- ffffe58e`345aab70 fffff801`1031e155 : ffffb20a`31446040 00000000`00000080 ffffb20a`1d862040 00000000`00000001 : nt!ExpWorkerThread+0x105
- ffffe58e`345aac10 fffff801`103c99c8 : ffffa081`f76c6180 ffffb20a`31446040 fffff801`1031e100 000001d9`66b3fd70 : nt!PspSystemThreadStartup+0x55
- ffffe58e`345aac60 00000000`00000000 : ffffe58e`345ab000 ffffe58e`345a5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffffb20a31446040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !ndis
- fffff801142a26ec-fffff801142a26ed 2 bytes - ndis!ndisMTimerDpcX+3c
- [ 48 ff:4c 8b ]
- fffff801142a26f3-fffff801142a26f7 5 bytes - ndis!ndisMTimerDpcX+43 (+0x07)
- [ 0f 1f 44 00 00:e8 78 de f8 fb ]
- fffff801142a2732-fffff801142a2733 2 bytes - ndis!ndisMTimerDpcX+82 (+0x3f)
- [ 48 ff:4c 8b ]
- fffff801142a2739-fffff801142a273d 5 bytes - ndis!ndisMTimerDpcX+89 (+0x07)
- [ 0f 1f 44 00 00:e8 c2 db f8 fb ]
- fffff801142a278b-fffff801142a2790 6 bytes - ndis!ndisMTimerDpcX+db (+0x52)
- [ ff 15 17 24 0f 00:e8 10 fb 16 00 90 ]
- fffff801142a279d-fffff801142a279e 2 bytes - ndis!ndisMTimerDpcX+ed (+0x12)
- [ 48 ff:4c 8b ]
- fffff801142a27a4-fffff801142a27a8 5 bytes - ndis!ndisMTimerDpcX+f4 (+0x07)
- [ 0f 1f 44 00 00:e8 c7 dd f8 fb ]
- 27 errors : !ndis (fffff801142a26ec-fffff801142a27a8)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-04T08:52:30.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #7: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #7: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #7: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #7: UNLOADED MODULES =======================
- fffff801`0c360000 fffff801`0c381000 raspptp.sys
- fffff801`0c330000 fffff801`0c353000 rasl2tp.sys
- fffff801`0bfc0000 fffff801`0bfcc000 umpass.sys
- fffff801`0bfa0000 fffff801`0bfae000 WSDPrint.sys
- fffff801`15f50000 fffff801`15f85000 aswStm.sys
- fffff801`0c9e0000 fffff801`0ca20000 mbamswissarm
- fffff801`0ca20000 fffff801`0ca43000 mwac.sys
- fffff801`0ca90000 fffff801`0caa4000 mbam.sys
- fffff801`0ca50000 fffff801`0ca84000 farflt.sys
- fffff801`15a40000 fffff801`15a67000 mbae64.sys
- fffff801`0c3c0000 fffff801`0c995000 iqvw64e.sys
- fffff801`0bfb0000 fffff801`0bfbe000 WSDScan.sys
- fffff801`16040000 fffff801`1604f000 dump_storpor
- fffff801`16080000 fffff801`160af000 dump_storahc
- fffff801`160d0000 fffff801`160ee000 dump_dumpfve
- fffff801`17d30000 fffff801`17d81000 WUDFRd.sys
- fffff801`15aa0000 fffff801`15abe000 dam.sys
- fffff801`13a20000 fffff801`13a29000 MbamElam.sys
- fffff801`14a20000 fffff801`14a31000 hwpolicy.sys
- ====================== Dump #7: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #7: Extra #1 ===========================
- 4: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #7: Extra #2 ===========================
- 4: kd> !thread
- THREAD ffffb20a31446040 Cid 0004.5778 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
- ffffb20a2229c5b0 NotificationEvent
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8011062ca14
- Owning Process ffffb20a1d862040 Image: System
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 255737
- Context Switch Count 7728 IdealProcessor: 5 NoStackSwap
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!ExpWorkerThread (0xfffff80110283860)
- Stack Init ffffe58e345aac90 Current ffffe58e345a9ef0
- Base ffffe58e345ab000 Limit ffffe58e345a5000 Call 0000000000000000
- Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffe58e`345a9f30 fffff801`102a46ad : ffffa081`f77d2180 8000007f`fffffffe ffffa081`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- ffffe58e`345aa070 fffff801`102a3534 : ffffb20a`31446040 00000000`00000000 ffffb20a`00000000 ffff8280`00000000 : nt!KiSwapThread+0xbfd
- ffffe58e`345aa110 fffff801`102a2cd5 : 00000000`00000001 fffff801`00000000 ffffb20a`224a6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffe58e`345aa1b0 fffff801`143b9920 : ffffb20a`2229c5b0 fffff801`00000000 ffffb20a`2229b100 fffff801`00000000 : nt!KeWaitForSingleObject+0x255
- ffffe58e`345aa290 fffff801`143acb89 : 00000000`00000008 ffffe58e`345aa330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffe58e`345aa2d0 fffff801`143abefd : ffff8280`e5df2680 fffff801`143abee0 ffff8280`e56449d8 fffff801`1436c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffe58e`345aa320 fffff801`143a7933 : ffff8280`e5df26c0 fffff801`143abee0 ffff8280`e56449d8 ffffb20a`2229b1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- ffffe58e`345aa350 fffff801`143a7879 : 00000000`00000000 fffff801`1436c6d8 00000000`00000000 ffff8280`e56449d0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- ffffe58e`345aa3a0 fffff801`143a768b : 00000000`00000000 ffffb20a`2936cd18 00000000`00000010 fffff801`142bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- ffffe58e`345aa3d0 fffff801`143d9934 : ffffb20a`2936c9a0 ffffe58e`345aa4e8 ffffe58e`345aa4e8 ffffb20a`2936c9e8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- ffffe58e`345aa420 fffff801`143327c6 : ffffb20a`2936c9a0 fffff801`14385050 fffff801`14385050 fffff801`1436d790 : ndis!NdisDeregisterProtocol+0xd4
- ffffe58e`345aa490 fffff801`0c39111a : fffff801`0c399000 fffff801`00000000 ffffb20a`2936b9b0 ffffe58e`345aa570 : ndis!NdisDeregisterProtocolDriver+0x66
- ffffe58e`345aa4e0 fffff801`0c39c484 : 00000000`000000e7 ffffe58e`345aa568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- ffffe58e`345aa510 fffff801`143b7d73 : ffffb20a`2936b9b0 ffffb20a`2936b9b0 fffff801`14385050 ffffb20a`293cae30 : raspppoe!MpUnload+0x44
- ffffe58e`345aa540 fffff801`1433cdd4 : ffffb20a`293cae30 00000000`00000000 ffffb20a`293cae30 ffffb20a`293cae30 : ndis!ndisMInvokeDriverUnload+0x67
- ffffe58e`345aa580 fffff801`109662d7 : ffffb20a`293cae30 00000000`00000000 ffffe58e`345aa740 ffff8280`f3048050 : ndis!ndisMUnloadEx+0x94
- ffffe58e`345aa5e0 fffff801`109319ce : ffffb20a`293caf80 00000000`00000000 fffff801`1098cb01 ffffb20a`293cae30 : nt!IopUnloadDriver+0x20f
- ffffe58e`345aa710 fffff801`10372004 : ffffb20a`2938ba20 ffffd076`db786c10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- ffffe58e`345aa760 fffff801`109315cf : ffffb20a`2938ba20 fffff801`00000000 00000000`00000000 fffff801`10662940 : nt!PnpRemoveLockedDeviceNode+0x240
- ffffe58e`345aa7c0 fffff801`1093126a : ffffb20a`2938ba20 ffffe58e`345aa840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- ffffe58e`345aa800 fffff801`10932b51 : ffffb20a`2887dde0 00000000`00000002 ffffb20a`28564290 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- ffffe58e`345aa880 fffff801`10930994 : 00000000`00000000 ffffe58e`345aa900 ffffb20a`2887dde0 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- ffffe58e`345aa8d0 fffff801`10930371 : ffffb20a`28564290 00000000`00000001 ffffb20a`28564290 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
- ffffe58e`345aa910 fffff801`10371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffb20a`27b9c9a0 : nt!PnpChainDereferenceComplete+0xfd
- ffffe58e`345aa940 fffff801`1092fb1a : 00000000`00000008 ffffe58e`345aaa49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- ffffe58e`345aa9c0 fffff801`1090924e : ffffe58e`345aab10 ffffb20a`27b9c900 ffffe58e`345aab00 ffff8281`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- ffffe58e`345aaab0 fffff801`107c96d8 : ffff8281`13943140 ffff8281`18616b10 ffff8281`18616b10 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- ffffe58e`345aaae0 fffff801`10283965 : ffffb20a`1d924c50 ffffb20a`31446040 ffffb20a`1d924c50 ffffb20a`2e470e08 : nt!PnpDeviceEventWorker+0x2d8
- ffffe58e`345aab70 fffff801`1031e155 : ffffb20a`31446040 00000000`00000080 ffffb20a`1d862040 00000000`00000001 : nt!ExpWorkerThread+0x105
- ffffe58e`345aac10 fffff801`103c99c8 : ffffa081`f76c6180 ffffb20a`31446040 fffff801`1031e100 000001d9`66b3fd70 : nt!PspSystemThreadStartup+0x55
- ffffe58e`345aac60 00000000`00000000 : ffffe58e`345ab000 ffffe58e`345a5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- ========================================================================
- ======================= Dump #8: ANALYZE VERBOSE =======================
- ====================== File: 073020-33734-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff807`41200000 PsLoadedModuleList = 0xfffff807`41648190
- Debug session time: Fri Jul 31 05:14:42.167 2020 (UTC - 4:00)
- System Uptime: 0 days 1:38:07.804
- BugCheck 1000009F, {4, 12c, ffffaf0895252040, fffff80745c678e0}
- Implicit thread is now ffffaf08`95252040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
- subsystem.
- Arg2: 000000000000012c, Timeout in seconds.
- Arg3: ffffaf0895252040, The thread currently holding on to the Pnp lock.
- Arg4: fffff80745c678e0, nt!TRIAGE_9F_PNP on Win7 and higher
- Debugging Details:
- Implicit thread is now ffffaf08`95252040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 4
- FAULTING_THREAD: 95252040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LOCK_ADDRESS: fffff807416629e0 -- (!locks fffff807416629e0)
- Resource @ nt!PiEngineLock (0xfffff807416629e0) Exclusively owned
- Contention Count = 29
- NumberOfExclusiveWaiters = 3
- Threads: ffffaf0895252040-01<*> << Too many exclusive waiters to list>>
- 1 total locks, 1 locks currently held
- PNP_TRIAGE:
- Lock address : 0xfffff807416629e0
- Thread Count : 1
- Thread address: 0xffffaf0895252040
- Thread wait : 0x574f3
- LAST_CONTROL_TRANSFER: from fffff807412a46ad to fffff807413c9106
- STACK_TEXT:
- ffffed89`fd056f30 fffff807`412a46ad : ffffd380`5acc6180 0000007d`fffffffe ffffd380`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- ffffed89`fd057070 fffff807`412a3534 : ffffaf08`95252040 00000000`00000000 ffffaf08`00000000 ffffc002`00000000 : nt!KiSwapThread+0xbfd
- ffffed89`fd057110 fffff807`412a2cd5 : 00000000`00000001 fffff807`00000000 ffffaf08`89ef0500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffed89`fd0571b0 fffff807`453b9920 : ffffaf08`89eeb5b0 fffff807`00000000 ffffaf08`89eea100 fffff807`00000000 : nt!KeWaitForSingleObject+0x255
- ffffed89`fd057290 fffff807`453acb89 : 00000000`00000008 ffffed89`fd057330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffed89`fd0572d0 fffff807`453abefd : ffffc002`b6df5790 fffff807`453abee0 ffffc002`b6894dc8 fffff807`4536c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffed89`fd057320 fffff807`453a7933 : ffffc002`b6df57d0 fffff807`453abee0 ffffc002`b6894dc8 ffffaf08`89eea1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- ffffed89`fd057350 fffff807`453a7879 : 00000000`00000000 fffff807`4536c6d8 00000000`00000000 ffffc002`b6894dc0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- ffffed89`fd0573a0 fffff807`453a768b : 00000000`00000000 ffffaf08`91ccd8d8 00000000`00000010 fffff807`452bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- ffffed89`fd0573d0 fffff807`453d9934 : ffffaf08`91ccd560 ffffed89`fd0574e8 ffffed89`fd0574e8 ffffaf08`91ccd5a8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- ffffed89`fd057420 fffff807`453327c6 : ffffaf08`91ccd560 fffff807`45385050 fffff807`45385050 fffff807`4536d790 : ndis!NdisDeregisterProtocol+0xd4
- ffffed89`fd057490 fffff807`3db6111a : fffff807`3db69000 fffff807`00000000 ffffaf08`91ccd020 ffffed89`fd057570 : ndis!NdisDeregisterProtocolDriver+0x66
- ffffed89`fd0574e0 fffff807`3db6c484 : 00000000`000000e7 ffffed89`fd057568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- ffffed89`fd057510 fffff807`453b7d73 : ffffaf08`91ccd020 ffffaf08`91ccd020 fffff807`45385050 ffffaf08`915a0e40 : raspppoe!MpUnload+0x44
- ffffed89`fd057540 fffff807`4533cdd4 : ffffaf08`915a0e40 00000000`00000000 ffffaf08`915a0e40 ffffaf08`915a0e40 : ndis!ndisMInvokeDriverUnload+0x67
- ffffed89`fd057580 fffff807`419662d7 : ffffaf08`915a0e40 00000000`00000000 ffffed89`fd057740 ffffc002`dd8e6c90 : ndis!ndisMUnloadEx+0x94
- ffffed89`fd0575e0 fffff807`419319ce : ffffaf08`915a0f90 00000000`00000000 fffff807`4198cb01 ffffaf08`915a0e40 : nt!IopUnloadDriver+0x20f
- ffffed89`fd057710 fffff807`41372004 : ffffaf08`90f68b20 000010fa`4cc2cf10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- ffffed89`fd057760 fffff807`419315cf : ffffaf08`90f68b20 fffff807`00000000 00000000`00000000 fffff807`41662940 : nt!PnpRemoveLockedDeviceNode+0x240
- ffffed89`fd0577c0 fffff807`4193126a : ffffaf08`90f68b20 ffffed89`fd057840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- ffffed89`fd057800 fffff807`41932b51 : ffffaf08`90039960 00000000`00000002 ffffaf08`93949b90 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- ffffed89`fd057880 fffff807`41930994 : 00000000`00000000 ffffed89`fd057900 ffffaf08`90039960 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- ffffed89`fd0578d0 fffff807`41930371 : ffffaf08`93949b90 00000000`00000001 ffffaf08`93949b90 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
- ffffed89`fd057910 fffff807`41371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffaf08`90c2c9a0 : nt!PnpChainDereferenceComplete+0xfd
- ffffed89`fd057940 fffff807`4192fb1a : 00000000`00000008 ffffed89`fd057a49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- ffffed89`fd0579c0 fffff807`4190924e : ffffed89`fd057b10 ffffaf08`90c2c900 ffffed89`fd057b00 ffffc002`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- ffffed89`fd057ab0 fffff807`417c96d8 : ffffc002`da2242a0 ffffc002`def47210 ffffc002`def47210 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- ffffed89`fd057ae0 fffff807`41283965 : ffffaf08`874d0c50 ffffaf08`95252040 ffffaf08`874d0c50 ffffaf08`874d0c50 : nt!PnpDeviceEventWorker+0x2d8
- ffffed89`fd057b70 fffff807`4131e155 : ffffaf08`95252040 00000000`00000080 ffffaf08`87462040 ffffed89`00000001 : nt!ExpWorkerThread+0x105
- ffffed89`fd057c10 fffff807`413c99c8 : ffffd380`5a9e2180 ffffaf08`95252040 fffff807`4131e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
- ffffed89`fd057c60 00000000`00000000 : ffffed89`fd058000 ffffed89`fd052000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffffaf0895252040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
- fffff8074125878b-fffff8074125878f 5 bytes - nt!MmAccessFault+37b
- [ df be 7d fb f6:bf 7e fd fa f5 ]
- fffff807412587b8-fffff807412587bc 5 bytes - nt!MmAccessFault+3a8 (+0x2d)
- [ d7 be 7d fb f6:b7 7e fd fa f5 ]
- 10 errors : !nt (fffff8074125878b-fffff807412587bc)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-31T09:14:42.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #8: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Sep 19 2019 - RTCore64.sys - !!! Overclocking Software - RivaTuner - MSI Afterburner http://www.msi.com/ or EVGA Precision X http://www.evga.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #8: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
- Image name: RTCore64.sys
- Search : https://www.google.com/search?q=RTCore64.sys
- ADA Info : !!! Overclocking Software - RivaTuner - MSI Afterburner http://www.msi.com/ or EVGA Precision X http://www.evga.com/
- Timestamp : Thu Sep 19 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #8: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #8: UNLOADED MODULES =======================
- fffff807`3db30000 fffff807`3db51000 raspptp.sys
- fffff807`3db00000 fffff807`3db23000 rasl2tp.sys
- fffff807`3ddc0000 fffff807`3ddcc000 umpass.sys
- fffff807`3dda0000 fffff807`3ddae000 WSDPrint.sys
- fffff807`49560000 fffff807`49595000 aswStm.sys
- fffff807`3dbd0000 fffff807`3dc10000 mbamswissarm
- fffff807`3dc10000 fffff807`3dc33000 mwac.sys
- fffff807`3dc80000 fffff807`3dc94000 mbam.sys
- fffff807`3dc40000 fffff807`3dc74000 farflt.sys
- fffff807`46ce0000 fffff807`46d07000 mbae64.sys
- fffff807`3d4f0000 fffff807`3dac5000 iqvw64e.sys
- fffff807`3ddb0000 fffff807`3ddbe000 WSDScan.sys
- fffff807`468e0000 fffff807`468ef000 dump_storpor
- fffff807`46920000 fffff807`4694f000 dump_storahc
- fffff807`46970000 fffff807`4698e000 dump_dumpfve
- fffff807`48c00000 fffff807`48c51000 WUDFRd.sys
- fffff807`46d40000 fffff807`46d5e000 dam.sys
- fffff807`44a20000 fffff807`44a29000 MbamElam.sys
- fffff807`45a20000 fffff807`45a31000 hwpolicy.sys
- ====================== Dump #8: BIOS INFORMATION =======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #8: Extra #1 ===========================
- 0: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #8: Extra #2 ===========================
- 0: kd> !thread
- THREAD ffffaf0895252040 Cid 0004.1e38 Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
- ffffaf0889eeb5b0 NotificationEvent
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8074162ca14
- Owning Process ffffaf0887462040 Image: System
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 357619
- Context Switch Count 1528 IdealProcessor: 5 NoStackSwap
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!ExpWorkerThread (0xfffff80741283860)
- Stack Init ffffed89fd057c90 Current ffffed89fd056ef0
- Base ffffed89fd058000 Limit ffffed89fd052000 Call 0000000000000000
- Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- ffffed89`fd056f30 fffff807`412a46ad : ffffd380`5acc6180 0000007d`fffffffe ffffd380`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- ffffed89`fd057070 fffff807`412a3534 : ffffaf08`95252040 00000000`00000000 ffffaf08`00000000 ffffc002`00000000 : nt!KiSwapThread+0xbfd
- ffffed89`fd057110 fffff807`412a2cd5 : 00000000`00000001 fffff807`00000000 ffffaf08`89ef0500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffed89`fd0571b0 fffff807`453b9920 : ffffaf08`89eeb5b0 fffff807`00000000 ffffaf08`89eea100 fffff807`00000000 : nt!KeWaitForSingleObject+0x255
- ffffed89`fd057290 fffff807`453acb89 : 00000000`00000008 ffffed89`fd057330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffed89`fd0572d0 fffff807`453abefd : ffffc002`b6df5790 fffff807`453abee0 ffffc002`b6894dc8 fffff807`4536c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffed89`fd057320 fffff807`453a7933 : ffffc002`b6df57d0 fffff807`453abee0 ffffc002`b6894dc8 ffffaf08`89eea1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- ffffed89`fd057350 fffff807`453a7879 : 00000000`00000000 fffff807`4536c6d8 00000000`00000000 ffffc002`b6894dc0 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- ffffed89`fd0573a0 fffff807`453a768b : 00000000`00000000 ffffaf08`91ccd8d8 00000000`00000010 fffff807`452bb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- ffffed89`fd0573d0 fffff807`453d9934 : ffffaf08`91ccd560 ffffed89`fd0574e8 ffffed89`fd0574e8 ffffaf08`91ccd5a8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- ffffed89`fd057420 fffff807`453327c6 : ffffaf08`91ccd560 fffff807`45385050 fffff807`45385050 fffff807`4536d790 : ndis!NdisDeregisterProtocol+0xd4
- ffffed89`fd057490 fffff807`3db6111a : fffff807`3db69000 fffff807`00000000 ffffaf08`91ccd020 ffffed89`fd057570 : ndis!NdisDeregisterProtocolDriver+0x66
- ffffed89`fd0574e0 fffff807`3db6c484 : 00000000`000000e7 ffffed89`fd057568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- ffffed89`fd057510 fffff807`453b7d73 : ffffaf08`91ccd020 ffffaf08`91ccd020 fffff807`45385050 ffffaf08`915a0e40 : raspppoe!MpUnload+0x44
- ffffed89`fd057540 fffff807`4533cdd4 : ffffaf08`915a0e40 00000000`00000000 ffffaf08`915a0e40 ffffaf08`915a0e40 : ndis!ndisMInvokeDriverUnload+0x67
- ffffed89`fd057580 fffff807`419662d7 : ffffaf08`915a0e40 00000000`00000000 ffffed89`fd057740 ffffc002`dd8e6c90 : ndis!ndisMUnloadEx+0x94
- ffffed89`fd0575e0 fffff807`419319ce : ffffaf08`915a0f90 00000000`00000000 fffff807`4198cb01 ffffaf08`915a0e40 : nt!IopUnloadDriver+0x20f
- ffffed89`fd057710 fffff807`41372004 : ffffaf08`90f68b20 000010fa`4cc2cf10 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- ffffed89`fd057760 fffff807`419315cf : ffffaf08`90f68b20 fffff807`00000000 00000000`00000000 fffff807`41662940 : nt!PnpRemoveLockedDeviceNode+0x240
- ffffed89`fd0577c0 fffff807`4193126a : ffffaf08`90f68b20 ffffed89`fd057840 00000000`00000000 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- ffffed89`fd057800 fffff807`41932b51 : ffffaf08`90039960 00000000`00000002 ffffaf08`93949b90 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- ffffed89`fd057880 fffff807`41930994 : 00000000`00000000 ffffed89`fd057900 ffffaf08`90039960 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- ffffed89`fd0578d0 fffff807`41930371 : ffffaf08`93949b90 00000000`00000001 ffffaf08`93949b90 00000000`00000007 : nt!PnpDelayedRemoveWorker+0x114
- ffffed89`fd057910 fffff807`41371a54 : 00000000`00000007 00000000`00000001 00000000`00000000 ffffaf08`90c2c9a0 : nt!PnpChainDereferenceComplete+0xfd
- ffffed89`fd057940 fffff807`4192fb1a : 00000000`00000008 ffffed89`fd057a49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- ffffed89`fd0579c0 fffff807`4190924e : ffffed89`fd057b10 ffffaf08`90c2c900 ffffed89`fd057b00 ffffc002`00000008 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- ffffed89`fd057ab0 fffff807`417c96d8 : ffffc002`da2242a0 ffffc002`def47210 ffffc002`def47210 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- ffffed89`fd057ae0 fffff807`41283965 : ffffaf08`874d0c50 ffffaf08`95252040 ffffaf08`874d0c50 ffffaf08`874d0c50 : nt!PnpDeviceEventWorker+0x2d8
- ffffed89`fd057b70 fffff807`4131e155 : ffffaf08`95252040 00000000`00000080 ffffaf08`87462040 ffffed89`00000001 : nt!ExpWorkerThread+0x105
- ffffed89`fd057c10 fffff807`413c99c8 : ffffd380`5a9e2180 ffffaf08`95252040 fffff807`4131e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
- ffffed89`fd057c60 00000000`00000000 : ffffed89`fd058000 ffffed89`fd052000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- ========================================================================
- ======================= Dump #9: ANALYZE VERBOSE =======================
- ====================== File: 072920-90593-01.dmp =======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff804`80400000 PsLoadedModuleList = 0xfffff804`80848190
- Debug session time: Wed Jul 29 20:08:41.677 2020 (UTC - 4:00)
- System Uptime: 0 days 0:32:47.304
- BugCheck 1000009F, {4, 12c, ffff810fe89e7040, fffff48db2c6f8e0}
- Implicit thread is now ffff810f`e89e7040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
- subsystem.
- Arg2: 000000000000012c, Timeout in seconds.
- Arg3: ffff810fe89e7040, The thread currently holding on to the Pnp lock.
- Arg4: fffff48db2c6f8e0, nt!TRIAGE_9F_PNP on Win7 and higher
- Debugging Details:
- Implicit thread is now ffff810f`e89e7040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 4
- FAULTING_THREAD: e89e7040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LOCK_ADDRESS: fffff804808629e0 -- (!locks fffff804808629e0)
- Resource @ nt!PiEngineLock (0xfffff804808629e0) Exclusively owned
- Contention Count = 32
- NumberOfExclusiveWaiters = 1
- Threads: ffff810fe89e7040-01<*> << Too many exclusive waiters to list>>
- 1 total locks, 1 locks currently held
- PNP_TRIAGE:
- Lock address : 0xfffff804808629e0
- Thread Count : 1
- Thread address: 0xffff810fe89e7040
- Thread wait : 0x1a0d3
- LAST_CONTROL_TRANSFER: from fffff804804a46ad to fffff804805c9106
- STACK_TEXT:
- fffff48d`b905df30 fffff804`804a46ad : ffffb381`ec9d2180 00100033`fffffffe ffffb381`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- fffff48d`b905e070 fffff804`804a3534 : ffff810f`e89e7040 00000000`00000000 ffff810f`00000000 ffffc486`00000000 : nt!KiSwapThread+0xbfd
- fffff48d`b905e110 fffff804`804a2cd5 : 00000000`00000001 fffff804`00000000 ffff810f`e12e6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- fffff48d`b905e1b0 fffff804`85bb9920 : ffff810f`e119d5b0 fffff804`00000000 ffff810f`e119c100 fffff804`00000000 : nt!KeWaitForSingleObject+0x255
- fffff48d`b905e290 fffff804`85bacb89 : 00000000`00000008 fffff48d`b905e330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- fffff48d`b905e2d0 fffff804`85babefd : ffffc486`46951e60 fffff804`85babee0 ffffc486`46cfcf38 fffff804`85b6c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- fffff48d`b905e320 fffff804`85ba7933 : ffffc486`46951ea0 fffff804`85babee0 ffffc486`46cfcf38 ffff810f`e119c1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- fffff48d`b905e350 fffff804`85ba7879 : 00000000`00000000 fffff804`85b6c6d8 00000000`00000000 ffffc486`46cfcf30 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- fffff48d`b905e3a0 fffff804`85ba768b : 00000000`00000000 ffff810f`e64e4628 00000000`00000010 fffff804`85abb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- fffff48d`b905e3d0 fffff804`85bd9934 : ffff810f`e64e42b0 fffff48d`b905e4e8 fffff48d`b905e4e8 ffff810f`e64e42f8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- fffff48d`b905e420 fffff804`85b327c6 : ffff810f`e64e42b0 fffff804`85b85050 fffff804`85b85050 fffff804`85b6d790 : ndis!NdisDeregisterProtocol+0xd4
- fffff48d`b905e490 fffff804`7e48111a : fffff804`7e489000 fffff804`00000000 ffff810f`e7a77a60 fffff48d`b905e570 : ndis!NdisDeregisterProtocolDriver+0x66
- fffff48d`b905e4e0 fffff804`7e48c484 : 00000000`000000e7 fffff48d`b905e568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- fffff48d`b905e510 fffff804`85bb7d73 : ffff810f`e7a77a60 ffff810f`e7a77a60 fffff804`85b85050 ffff810f`e7864e30 : raspppoe!MpUnload+0x44
- fffff48d`b905e540 fffff804`85b3cdd4 : ffff810f`e7864e30 00000000`00000000 ffff810f`e7864e30 ffff810f`e7864e30 : ndis!ndisMInvokeDriverUnload+0x67
- fffff48d`b905e580 fffff804`80b662d7 : ffff810f`e7864e30 00000000`00000000 fffff48d`b905e740 ffffc486`57a258d0 : ndis!ndisMUnloadEx+0x94
- fffff48d`b905e5e0 fffff804`80b319ce : ffff810f`e7864f80 00000000`00000000 fffff804`80b8cb01 ffff810f`e7864e30 : nt!IopUnloadDriver+0x20f
- fffff48d`b905e710 fffff804`80572004 : ffff810f`e7ac2cb0 00004376`8e49a090 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- fffff48d`b905e760 fffff804`80b315cf : ffff810f`e7ac2cb0 fffff804`00000018 00000000`00000000 fffff804`80862940 : nt!PnpRemoveLockedDeviceNode+0x240
- fffff48d`b905e7c0 fffff804`80b3126a : ffff810f`e7ac2cb0 fffff48d`b905e840 00000000`00000018 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- fffff48d`b905e800 fffff804`80b32b51 : ffff810f`e524be00 00000000`00000002 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- fffff48d`b905e880 fffff804`80b30994 : 00000000`00000000 fffff48d`b905e900 ffff810f`e524be00 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- fffff48d`b905e8d0 fffff804`80b30371 : ffff810f`ec4a5690 00000000`00000001 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDelayedRemoveWorker+0x114
- fffff48d`b905e910 fffff804`80571a54 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff810f`e7ac2cb0 : nt!PnpChainDereferenceComplete+0xfd
- fffff48d`b905e940 fffff804`80b2fb1a : 00000000`00000001 fffff48d`b905ea49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- fffff48d`b905e9c0 fffff804`80b0924e : fffff48d`b905eb10 ffff810f`e7ac2c00 fffff48d`b905eb00 ffffc486`00000001 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- fffff48d`b905eab0 fffff804`809c96d8 : ffffc486`7d102ae0 ffffc486`7b4a7b40 ffffc486`7b4a7b40 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- fffff48d`b905eae0 fffff804`80483965 : ffff810f`dc946c50 ffff810f`e89e7040 ffff810f`dc946c50 ffff810f`dc946c50 : nt!PnpDeviceEventWorker+0x2d8
- fffff48d`b905eb70 fffff804`8051e155 : ffff810f`e89e7040 00000000`00000080 ffff810f`dc87c040 00002425`bd9bbfff : nt!ExpWorkerThread+0x105
- fffff48d`b905ec10 fffff804`805c99c8 : ffffb381`ec8c6180 ffff810f`e89e7040 fffff804`8051e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
- fffff48d`b905ec60 00000000`00000000 : fffff48d`b905f000 fffff48d`b9059000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffff810fe89e7040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !fvevol
- fffff80486055dd9-fffff80486055dda 2 bytes - fvevol!FveFreeCallback+9
- [ 48 ff:4c 8b ]
- fffff80486055de0-fffff80486055de4 5 bytes - fvevol!FveFreeCallback+10 (+0x07)
- [ 0f 1f 44 00 00:e8 bb 92 71 fa ]
- fffff804860b8f1e-fffff804860b8f1f 2 bytes - fvevol!FveFileSetSize+5e
- [ 48 ff:4c 8b ]
- fffff804860b8f25-fffff804860b8f29 5 bytes - fvevol!FveFileSetSize+65 (+0x07)
- [ 0f 1f 44 00 00:e8 26 5f 50 fa ]
- fffff804860b8fb6-fffff804860b8fb7 2 bytes - fvevol!FveFileFillZeros+5a (+0x91)
- [ 48 ff:4c 8b ]
- fffff804860b8fbd-fffff804860b8fbf 3 bytes - fvevol!FveFileFillZeros+61 (+0x07)
- [ 0f 1f 44:e8 4e 60 ]
- fffff804860b946a-fffff804860b946b 2 bytes - fvevol!FveFileMoveClusters+aa (+0x4ad)
- [ 48 ff:4c 8b ]
- fffff804860b9471-fffff804860b9475 5 bytes - fvevol!FveFileMoveClusters+b1 (+0x07)
- [ 0f 1f 44 00 00:e8 1a 5c 50 fa ]
- fffff804860b9506-fffff804860b9507 2 bytes - fvevol!FveVolumeQueryBitmap+46 (+0x95)
- [ 48 ff:4c 8b ]
- fffff804860b950d-fffff804860b9511 5 bytes - fvevol!FveVolumeQueryBitmap+4d (+0x07)
- [ 0f 1f 44 00 00:e8 7e 5b 50 fa ]
- fffff804860bb1c9-fffff804860bb1ca 2 bytes - fvevol!FveVolumeInitInfo+f9 (+0x1cbc)
- [ 48 ff:4c 8b ]
- fffff804860c4a47-fffff804860c4a48 2 bytes - fvevol!FvePagedAllocCallback+17 (+0x987e)
- [ 48 ff:4c 8b ]
- fffff804860c4a4e-fffff804860c4a52 5 bytes - fvevol!FvePagedAllocCallback+1e (+0x07)
- [ 0f 1f 44 00 00:e8 bd a5 6a fa ]
- fffff804860c4ad6-fffff804860c4ad7 2 bytes - fvevol!PdcPortOpenCommon+66 (+0x88)
- [ 48 ff:4c 8b ]
- fffff804860c4add-fffff804860c4ae1 5 bytes - fvevol!PdcPortOpenCommon+6d (+0x07)
- [ 0f 1f 44 00 00:e8 2e a5 6a fa ]
- fffff804860c4b20-fffff804860c4b21 2 bytes - fvevol!PdcPortOpenCommon+b0 (+0x43)
- [ 48 ff:4c 8b ]
- fffff804860c4b27-fffff804860c4b2b 5 bytes - fvevol!PdcPortOpenCommon+b7 (+0x07)
- [ 0f 1f 44 00 00:e8 b4 c0 3f fa ]
- fffff804860c5c75-fffff804860c5c76 2 bytes - fvevol!FveVolumeCleanupInfo+95 (+0x114e)
- [ 48 ff:4c 8b ]
- fffff804860c5c7c-fffff804860c5c80 5 bytes - fvevol!FveVolumeCleanupInfo+9c (+0x07)
- [ 0f 1f 44 00 00:e8 cf 8e 4f fa ]
- fffff804860e7995-fffff804860e7996 2 bytes - fvevol!FveFileQueryExtentsBuffer+45 (+0x21d19)
- [ 48 ff:4c 8b ]
- fffff804860e799c-fffff804860e79a0 5 bytes - fvevol!FveFileQueryExtentsBuffer+4c (+0x07)
- [ 0f 1f 44 00 00:e8 ef 76 4d fa ]
- 70 errors : !fvevol (fffff80486055dd9-fffff804860e79a0)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-07-30T00:08:41.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ====================== Dump #9: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 05 2020 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- ================== Dump #9: 3RD PARTY DRIVERS (FULL) ===================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Sun Jul 5 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- ====================== Dump #9: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #9: UNLOADED MODULES =======================
- fffff804`7e440000 fffff804`7e461000 raspptp.sys
- fffff804`7e410000 fffff804`7e433000 rasl2tp.sys
- fffff804`7daf0000 fffff804`7dafc000 umpass.sys
- fffff804`7dad0000 fffff804`7dade000 WSDPrint.sys
- fffff804`881a0000 fffff804`881d5000 aswStm.sys
- fffff804`7e510000 fffff804`7e550000 mbamswissarm
- fffff804`7e550000 fffff804`7e573000 mwac.sys
- fffff804`7e580000 fffff804`7e5b4000 farflt.sys
- fffff804`7e5c0000 fffff804`7e5d4000 mbam.sys
- fffff804`87a40000 fffff804`87a67000 mbae64.sys
- fffff804`7de00000 fffff804`7e3d5000 iqvw64e.sys
- fffff804`879e0000 fffff804`879f2000 kbdhid.sys
- fffff804`7dae0000 fffff804`7daee000 WSDScan.sys
- fffff804`86960000 fffff804`8696f000 dump_storpor
- fffff804`869a0000 fffff804`869cf000 dump_storahc
- fffff804`86800000 fffff804`8681e000 dump_dumpfve
- fffff804`895b0000 fffff804`89601000 WUDFRd.sys
- fffff804`87aa0000 fffff804`87abe000 dam.sys
- fffff804`85220000 fffff804`85229000 MbamElam.sys
- fffff804`86220000 fffff804`86231000 hwpolicy.sys
- ====================== Dump #9: BIOS INFORMATION =======================
- [SMBIOS Data Tables v2.8]
- [DMI Version - 0]
- [2.0 Calling Convention - No]
- [Table Size - 3167 bytes]
- [BIOS Information (Type 0) - Length 24 - Handle 0000h]
- Vendor American Megatrends Inc.
- BIOS Version 1304
- BIOS Starting Address Segment f000
- BIOS Release Date 07/11/2014
- BIOS ROM Size 800000
- BIOS Characteristics
- 07: - PCI Supported
- 10: - APM Supported
- 11: - Upgradeable FLASH BIOS
- 12: - BIOS Shadowing Supported
- 15: - CD-Boot Supported
- 16: - Selectable Boot Supported
- 17: - BIOS ROM Socketed
- 19: - EDD Supported
- 23: - 1.2MB Floppy Supported
- 24: - 720KB Floppy Supported
- 25: - 2.88MB Floppy Supported
- 26: - Print Screen Device Supported
- 27: - Keyboard Services Supported
- 28: - Serial Services Supported
- 29: - Printer Services Supported
- 32: - BIOS Vendor Reserved
- BIOS Characteristic Extensions
- 00: - ACPI Supported
- 01: - USB Legacy Supported
- 08: - BIOS Boot Specification Supported
- 10: - Specification Reserved
- 11: - Specification Reserved
- BIOS Major Revision 4
- BIOS Minor Revision 6
- EC Firmware Major Revision 255
- EC Firmware Minor Revision 255
- [System Information (Type 1) - Length 27 - Handle 0001h]
- Manufacturer ASUS
- Product Name All Series
- Version System Version
- UUID 00000000-0000-0000-0000-000000000000
- Wakeup Type Power Switch
- SKUNumber All
- Family ASUS MB
- [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
- Manufacturer ASUSTeK COMPUTER INC.
- Product Z97-A
- Version Rev 1.xx
- Feature Flags 09h
- 1830401760: - 1830401808: - «Q¦ý
- Chassis Handle 0003h
- Board Type 0ah - Processor/Memory Module
- Number of Child Handles 0
- [System Enclosure (Type 3) - Length 25 - Handle 0003h]
- Chassis Type Desktop
- Bootup State Safe
- Power Supply State Safe
- Thermal State Safe
- Security Status None
- OEM Defined 0
- Height 0U
- Number of Power Cords 1
- Number of Contained Elements 1
- Contained Element Size 3
- [Onboard Devices Information (Type 10) - Length 8 - Handle 0028h]
- Number of Devices 2
- 01: Type Video [enabled]
- 02: Type Ethernet [enabled]
- [OEM Strings (Type 11) - Length 5 - Handle 0029h]
- Number of Strings 4
- 3 Ferrari
- [System Configuration Options (Type 12) - Length 5 - Handle 002ah]
- [Physical Memory Array (Type 16) - Length 23 - Handle 0046h]
- Location 03h - SystemBoard/Motherboard
- Use 03h - System Memory
- Memory Error Correction 03h - None
- Maximum Capacity 33554432KB
- Number of Memory Devices 4
- [Memory Device (Type 17) - Length 40 - Handle 0047h]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_A1
- Bank Locator BANK 0
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Device (Type 17) - Length 40 - Handle 0048h]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM_A2
- Bank Locator BANK 1
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMY16GX3M2A1600C9
- [Memory Device (Type 17) - Length 40 - Handle 0049h]
- Physical Memory Array Handle 0046h
- Total Width 64 bits
- Data Width 64 bits
- Size 8192MB
- Form Factor 09h - DIMM
- Device Locator DIMM_B1
- Bank Locator BANK 2
- Memory Type 18h - Specification Reserved
- Type Detail 0080h - Synchronous
- Speed 1600MHz
- Manufacturer 0215
- Part Number CMY16GX3M2A1600C9
- [Memory Device (Type 17) - Length 40 - Handle 004ah]
- Physical Memory Array Handle 0046h
- Total Width 0 bits
- Data Width 0 bits
- Form Factor 09h - DIMM
- Device Locator DIMM_B2
- Bank Locator BANK 3
- Memory Type 02h - Unknown
- Type Detail 0000h -
- Speed 0MHz
- [Memory Array Mapped Address (Type 19) - Length 31 - Handle 004bh]
- Starting Address 00000000h
- Ending Address 00ffffffh
- Memory Array Handle 0046h
- Partition Width 04
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004ch]
- Starting Address 00800000h
- Ending Address 00ffffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 01
- Interleave Data Depth 02
- [Memory Device Mapped Address (Type 20) - Length 35 - Handle 004dh]
- Starting Address 00000000h
- Ending Address 007fffffh
- Memory Device Handle 004ah
- Mem Array Mapped Adr Handle 004bh
- Interleave Position 02
- Interleave Data Depth 02
- [Processor Information (Type 4) - Length 42 - Handle 005dh]
- Socket Designation SOCKET 1150
- Processor Type Central Processor
- Processor Family 01h - Other
- Processor Manufacturer Intel
- Processor ID c3060300fffbebbf
- Processor Version Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
- Processor Voltage 8ch - 1.2V
- External Clock 100MHz
- Max Speed 3800MHz
- Current Speed 4000MHz
- Status Enabled Populated
- Processor Upgrade Specification Reserved
- L1 Cache Handle 005eh
- L2 Cache Handle 005fh
- L3 Cache Handle 0060h
- [Cache Information (Type 7) - Length 19 - Handle 005eh]
- Socket Designation CPU Internal L1
- Cache Configuration 0180h - WB Enabled Int NonSocketed L1
- Maximum Cache Size 0100h - 256K
- Installed Size 0100h - 256K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type ParitySingle-Bit ECC
- System Cache Type Other
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 005fh]
- Socket Designation CPU Internal L2
- Cache Configuration 0181h - WB Enabled Int NonSocketed L2
- Maximum Cache Size 0400h - 1024K
- Installed Size 0400h - 1024K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Multi-Bit ECC
- System Cache Type Unified
- Associativity 8-way Set-Associative
- [Cache Information (Type 7) - Length 19 - Handle 0060h]
- Socket Designation CPU Internal L3
- Cache Configuration 0182h - WB Enabled Int NonSocketed L3
- Maximum Cache Size 2000h - 8192K
- Installed Size 2000h - 8192K
- Supported SRAM Type 0020h - Synchronous
- Current SRAM Type 0020h - Synchronous
- Cache Speed 0ns
- Error Correction Type Specification Reserved
- System Cache Type Unified
- Associativity 16-way Set-Associative
- ========================== Dump #9: Extra #1 ===========================
- 6: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #9: Extra #2 ===========================
- 6: kd> !thread
- THREAD ffff810fe89e7040 Cid 0004.32ec Teb: 0000000000000000 Win32Thread: 0000000000000000 WAIT: (Executive) KernelMode Non-Alertable
- ffff810fe119d5b0 NotificationEvent
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8048082ca14
- Owning Process ffff810fdc87c040 Image: System
- Attached Process N/A Image: N/A
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 106707
- Context Switch Count 104389 IdealProcessor: 7 NoStackSwap
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!ExpWorkerThread (0xfffff80480483860)
- Stack Init fffff48db905ec90 Current fffff48db905def0
- Base fffff48db905f000 Limit fffff48db9059000 Call 0000000000000000
- Priority 15 BasePriority 12 PriorityDecrement 0 IoPriority 2 PagePriority 5
- Child-SP RetAddr : Args to Child : Call Site
- fffff48d`b905df30 fffff804`804a46ad : ffffb381`ec9d2180 00100033`fffffffe ffffb381`ffffffff 00000000`00000001 : nt!KiSwapContext+0x76
- fffff48d`b905e070 fffff804`804a3534 : ffff810f`e89e7040 00000000`00000000 ffff810f`00000000 ffffc486`00000000 : nt!KiSwapThread+0xbfd
- fffff48d`b905e110 fffff804`804a2cd5 : 00000000`00000001 fffff804`00000000 ffff810f`e12e6500 00000000`00000000 : nt!KiCommitThreadWait+0x144
- fffff48d`b905e1b0 fffff804`85bb9920 : ffff810f`e119d5b0 fffff804`00000000 ffff810f`e119c100 fffff804`00000000 : nt!KeWaitForSingleObject+0x255
- fffff48d`b905e290 fffff804`85bacb89 : 00000000`00000008 fffff48d`b905e330 00000000`00000004 00000000`00000000 : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- fffff48d`b905e2d0 fffff804`85babefd : ffffc486`46951e60 fffff804`85babee0 ffffc486`46cfcf38 fffff804`85b6c6d8 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- fffff48d`b905e320 fffff804`85ba7933 : ffffc486`46951ea0 fffff804`85babee0 ffffc486`46cfcf38 ffff810f`e119c1a0 : ndis!<lambda_adb42f86cf839cbbe3c588eaa9665cd9>::<lambda_invoker_cdecl>+0x1d
- fffff48d`b905e350 fffff804`85ba7879 : 00000000`00000000 fffff804`85b6c6d8 00000000`00000000 ffffc486`46cfcf30 : ndis!NDIS_BIND_DRIVER_BASE::ForEachLink+0xa3
- fffff48d`b905e3a0 fffff804`85ba768b : 00000000`00000000 ffff810f`e64e4628 00000000`00000010 fffff804`85abb7b5 : ndis!NDIS_BIND_DRIVER_BASE::SetRunningDriverIsReady+0x41
- fffff48d`b905e3d0 fffff804`85bd9934 : ffff810f`e64e42b0 fffff48d`b905e4e8 fffff48d`b905e4e8 ffff810f`e64e42f8 : ndis!NDIS_BIND_PROTOCOL_DRIVER::SetRunningDriver+0x63
- fffff48d`b905e420 fffff804`85b327c6 : ffff810f`e64e42b0 fffff804`85b85050 fffff804`85b85050 fffff804`85b6d790 : ndis!NdisDeregisterProtocol+0xd4
- fffff48d`b905e490 fffff804`7e48111a : fffff804`7e489000 fffff804`00000000 ffff810f`e7a77a60 fffff48d`b905e570 : ndis!NdisDeregisterProtocolDriver+0x66
- fffff48d`b905e4e0 fffff804`7e48c484 : 00000000`000000e7 fffff48d`b905e568 00000000`00000008 00000000`00000000 : raspppoe!RasPppoeCleanup+0x66
- fffff48d`b905e510 fffff804`85bb7d73 : ffff810f`e7a77a60 ffff810f`e7a77a60 fffff804`85b85050 ffff810f`e7864e30 : raspppoe!MpUnload+0x44
- fffff48d`b905e540 fffff804`85b3cdd4 : ffff810f`e7864e30 00000000`00000000 ffff810f`e7864e30 ffff810f`e7864e30 : ndis!ndisMInvokeDriverUnload+0x67
- fffff48d`b905e580 fffff804`80b662d7 : ffff810f`e7864e30 00000000`00000000 fffff48d`b905e740 ffffc486`57a258d0 : ndis!ndisMUnloadEx+0x94
- fffff48d`b905e5e0 fffff804`80b319ce : ffff810f`e7864f80 00000000`00000000 fffff804`80b8cb01 ffff810f`e7864e30 : nt!IopUnloadDriver+0x20f
- fffff48d`b905e710 fffff804`80572004 : ffff810f`e7ac2cb0 00004376`8e49a090 00000000`0000000a 00000000`00000000 : nt!PnpUnloadAttachedDriver+0xa6
- fffff48d`b905e760 fffff804`80b315cf : ffff810f`e7ac2cb0 fffff804`00000018 00000000`00000000 fffff804`80862940 : nt!PnpRemoveLockedDeviceNode+0x240
- fffff48d`b905e7c0 fffff804`80b3126a : ffff810f`e7ac2cb0 fffff48d`b905e840 00000000`00000018 00000000`00000000 : nt!PnpDeleteLockedDeviceNode+0x8b
- fffff48d`b905e800 fffff804`80b32b51 : ffff810f`e524be00 00000000`00000002 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDeleteLockedDeviceNodes+0x76
- fffff48d`b905e880 fffff804`80b30994 : 00000000`00000000 fffff48d`b905e900 ffff810f`e524be00 00000000`00000000 : nt!PipRemoveDevicesInRelationList+0x8d
- fffff48d`b905e8d0 fffff804`80b30371 : ffff810f`ec4a5690 00000000`00000001 ffff810f`ec4a5690 00000000`00000000 : nt!PnpDelayedRemoveWorker+0x114
- fffff48d`b905e910 fffff804`80571a54 : 00000000`00000000 00000000`00000001 00000000`00000000 ffff810f`e7ac2cb0 : nt!PnpChainDereferenceComplete+0xfd
- fffff48d`b905e940 fffff804`80b2fb1a : 00000000`00000001 fffff48d`b905ea49 00000000`00000003 00000000`00000001 : nt!PnpIsChainDereferenced+0xac
- fffff48d`b905e9c0 fffff804`80b0924e : fffff48d`b905eb10 ffff810f`e7ac2c00 fffff48d`b905eb00 ffffc486`00000001 : nt!PnpProcessQueryRemoveAndEject+0x2a2
- fffff48d`b905eab0 fffff804`809c96d8 : ffffc486`7d102ae0 ffffc486`7b4a7b40 ffffc486`7b4a7b40 00000000`00000000 : nt!PnpProcessTargetDeviceEvent+0xea
- fffff48d`b905eae0 fffff804`80483965 : ffff810f`dc946c50 ffff810f`e89e7040 ffff810f`dc946c50 ffff810f`dc946c50 : nt!PnpDeviceEventWorker+0x2d8
- fffff48d`b905eb70 fffff804`8051e155 : ffff810f`e89e7040 00000000`00000080 ffff810f`dc87c040 00002425`bd9bbfff : nt!ExpWorkerThread+0x105
- fffff48d`b905ec10 fffff804`805c99c8 : ffffb381`ec8c6180 ffff810f`e89e7040 fffff804`8051e100 00000000`00000000 : nt!PspSystemThreadStartup+0x55
- fffff48d`b905ec60 00000000`00000000 : fffff48d`b905f000 fffff48d`b9059000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- ========================================================================
- ====================== Dump #10: ANALYZE VERBOSE =======================
- ====================== File: 080720-129515-01.dmp ======================
- ========================================================================
- Mini Kernel Dump File: Only registers and stack trace are available
- Windows 10 Kernel Version 18362 MP (8 procs) Free x64
- Kernel base = 0xfffff805`45400000 PsLoadedModuleList = 0xfffff805`45848190
- Debug session time: Fri Aug 7 04:39:04.145 2020 (UTC - 4:00)
- System Uptime: 0 days 2:46:28.773
- BugCheck 9F, {3, ffffd38f9a2e8d80, ffffa584e446f8b0, ffffd38fafcf6010}
- Implicit thread is now ffffd38f`a6bf8040
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- Probably caused by : memory_corruption
- Followup: memory_corruption
- DRIVER_POWER_STATE_FAILURE (9f)
- A driver has failed to complete a power IRP within a specific time.
- Arguments:
- Arg1: 0000000000000003, A device object has been blocking an Irp for too long a time
- Arg2: ffffd38f9a2e8d80, Physical Device Object of the stack
- Arg3: ffffa584e446f8b0, nt!TRIAGE_9F_POWER on Win7 and higher, otherwise the Functional Device Object of the stack
- Arg4: ffffd38fafcf6010, The blocked IRP
- Debugging Details:
- Implicit thread is now ffffd38f`a6bf8040
- DUMP_CLASS: 1
- DUMP_QUALIFIER: 400
- DUMP_TYPE: 2
- DRVPOWERSTATE_SUBCODE: 3
- FAULTING_THREAD: a6bf8040
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: CODE_CORRUPTION
- BUGCHECK_STR: 0x9F
- PROCESS_NAME: System
- CURRENT_IRQL: 2
- LAST_CONTROL_TRANSFER: from fffff805454a46ad to fffff805455c9106
- STACK_TEXT:
- ffffa584`e89fa4f0 fffff805`454a46ad : ffffaa00`00000001 00000000`0000000d ffffaa00`ffffffff 00000000`00000002 : nt!KiSwapContext+0x76
- ffffa584`e89fa630 fffff805`454a3534 : ffffd38f`a6bf8040 00000000`00000000 ffffe481`9f657960 fffff805`00000000 : nt!KiSwapThread+0xbfd
- ffffa584`e89fa6d0 fffff805`454a2cd5 : ffff9e0d`aeeeb960 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiCommitThreadWait+0x144
- ffffa584`e89fa770 fffff805`4a1b9920 : ffffd38f`9cd515b0 fffff805`00000000 ffffd38f`9cd51500 fffff805`00000000 : nt!KeWaitForSingleObject+0x255
- ffffa584`e89fa850 fffff805`4a1acb89 : 00000000`00000020 00000000`00000005 ffffd38f`9cd51590 fffff805`4a19c8eb : ndis!KWaitEventBase<wistd::integral_constant<enum _EVENT_TYPE,0> >::Wait+0x28
- ffffa584`e89fa890 fffff805`4a0f4728 : ffffd38f`9cd501a0 00000000`00000005 00000000`00000020 00000000`00000000 : ndis!Ndis::BindEngine::ApplyBindChanges+0x10915
- ffffa584`e89fa8e0 fffff805`4a0b280d : ffffd38f`9cd501a0 00000000`00000000 ffffd38f`9cd50d48 00000000`00000000 : ndis!ndisPrepForLowPowerCommon+0x41eec
- ffffa584`e89fa9d0 fffff805`4a0b3246 : ffffd38f`9cd501a0 00000000`00000000 ffffd38f`afcf6010 00000000`00000000 : ndis!ndisPrepForLowPower+0x1d
- ffffa584`e89faa20 fffff805`4a0b3931 : 00000000`00000000 ffffd38f`00000004 ffffd38f`afcf6010 ffffd38f`9cd501a0 : ndis!ndisSetSystemPower+0x19e
- ffffa584`e89faaa0 fffff805`4a0b9e84 : ffffd38f`afcf6010 ffffd38f`9a2e8d80 ffffd38f`afcf6128 ffffd38f`9cd501a0 : ndis!ndisSetPower+0x109
- ffffa584`e89fab00 fffff805`4557a08f : ffffd38f`9cd50050 ffffa584`e89fabe0 00000000`00000000 ffffd38f`afcf6010 : ndis!ndisPowerDispatch+0x114
- ffffa584`e89fab60 fffff805`4551e155 : ffffffff`fa0a1f00 ffffd38f`a6bf8040 fffff805`45579eb0 00000000`00000001 : nt!PopIrpWorker+0x1df
- ffffa584`e89fac10 fffff805`455c99c8 : ffffaa00`619e2180 ffffd38f`a6bf8040 fffff805`4551e100 00000000`00000246 : nt!PspSystemThreadStartup+0x55
- ffffa584`e89fac60 00000000`00000000 : ffffa584`e89fb000 ffffa584`e89f5000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28
- STACK_COMMAND: .thread 0xffffd38fa6bf8040 ; kb
- CHKIMG_EXTENSION: !chkimg -lo 50 -d !hal
- fffff80545375b4a-fffff80545375b4b 2 bytes - hal!HalpApic1EndOfInterrupt+1a
- [ 84 00:4c 87 ]
- fffff80545375b4d-fffff80545375b4f 3 bytes - hal!HalpApic1EndOfInterrupt+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375b6a-fffff80545375b6b 2 bytes - hal!HalpApicX2EndOfInterrupt+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375b6d-fffff80545375b6f 3 bytes - hal!HalpApicX2EndOfInterrupt+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375b8a-fffff80545375b8b 2 bytes - hal!HalpPciReadMmConfigUchar+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375b8d-fffff80545375b8f 3 bytes - hal!HalpPciReadMmConfigUchar+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375baa-fffff80545375bab 2 bytes - hal!HalpPciReadMmConfigUshort+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375bad-fffff80545375baf 3 bytes - hal!HalpPciReadMmConfigUshort+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375bca-fffff80545375bcb 2 bytes - hal!HalpPciReadMmConfigUlong+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375bcd-fffff80545375bcf 3 bytes - hal!HalpPciReadMmConfigUlong+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375bea-fffff80545375beb 2 bytes - hal!HalpPciWriteMmConfigUchar+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375bed-fffff80545375bef 3 bytes - hal!HalpPciWriteMmConfigUchar+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375c0a-fffff80545375c0b 2 bytes - hal!HalpPciWriteMmConfigUshort+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375c0d-fffff80545375c0f 3 bytes - hal!HalpPciWriteMmConfigUshort+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- fffff80545375c2a-fffff80545375c2b 2 bytes - hal!HalpPciWriteMmConfigUlong+1a (+0x1d)
- [ 84 00:4c 87 ]
- fffff80545375c2d-fffff80545375c2f 3 bytes - hal!HalpPciWriteMmConfigUlong+1d (+0x03)
- [ 00 00 00:98 c3 90 ]
- 40 errors : !hal (fffff80545375b4a-fffff80545375c2f)
- MODULE_NAME: memory_corruption
- IMAGE_NAME: memory_corruption
- FOLLOWUP_NAME: memory_corruption
- DEBUG_FLR_IMAGE_TIMESTAMP: 0
- MEMORY_CORRUPTOR: LARGE
- FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
- BUCKET_ID: MEMORY_CORRUPTION_LARGE
- PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
- TARGET_TIME: 2020-08-07T08:39:04.000Z
- SUITE_MASK: 272
- PRODUCT_TYPE: 1
- USER_LCID: 0
- FAILURE_ID_HASH_STRING: km:memory_corruption_large
- FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
- Followup: memory_corruption
- ===================== Dump #10: 3RD PARTY DRIVERS ======================
- Nov 23 2009 - LGBusEnum.sys - Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Jun 25 2010 - sadp_npf64.sys - WinPcap driver (CACE Technologies, Inc.)
- Jun 25 2010 - NPF.sys - NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Aug 02 2010 - AsUpIO.sys - ASUS Update Input Output driver http://www.asus.com/
- Aug 08 2011 - BazisVirtualCDBus.sys - WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Oct 17 2011 - PxHlpa64.sys - Sonic CD/DVD driver
- Mar 22 2012 - AiCharger.sys - Asus Charger driver
- May 03 2012 - GEARAspiWDM.sys - Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Aug 22 2012 - AsIO.sys - ASUS Input Output driver http://www.asus.com/
- Jul 02 2013 - IOMap64.sys - !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Apr 17 2014 - rzpmgrk.sys - Razer Overlay Support https://www.razer.com/
- Apr 24 2014 - RTKVHD64.sys - Realtek Audio System driver https://www.realtek.com/en/
- Sep 23 2014 - TeeDriverx64.sys - Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Oct 17 2014 - rzpnk.sys - Razer Overlay Support https://www.razer.com/
- Apr 21 2016 - tap0901.sys - TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Mar 16 2017 - tapwindscribe0901.sys - TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Oct 11 2017 - YSDrv.sys - VirtualBox Support driver
- Sep 18 2018 - IntelHaxm.sys - Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Jan 24 2019 - e1d65x64.sys - Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Mar 14 2019 - nvvad64v.sys - Nvidia Virtual Audio driver http://www.nvidia.com/
- Apr 25 2019 - mbae64.sys - Malwarebytes driver https://www.malwarebytes.com/
- Oct 02 2019 - nvlddmkm.sys - Nvidia Graphics Card driver http://www.nvidia.com/
- Nov 20 2019 - mbamswissarmy.sys - MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Nov 29 2019 - NvModuleTracker.sys - NVIDIA Module Tracker driver
- Jan 10 2020 - nvvhci.sys - Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Jun 04 2020 - MbamChameleon.sys - Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Jun 09 2020 - nvhda64v.sys - Nvidia HDMI Audio Device http://www.nvidia.com/
- Jun 22 2020 - mwac.sys - Malwarebytes Web Access Control http://www.malwarebytes.org/
- Jun 23 2020 - aswArPot.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsdriver.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbidsh.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswbuniv.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswKbd.sys - Avast Keyboard Filter driver http://www.avast.com/
- Jun 23 2020 - aswMonFlt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswNetHub.sys - Avast driver
- Jun 23 2020 - aswRdr2.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswRvrt.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSnx.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswSP.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswStm.sys - Avast Antivirus http://www.avast.com/
- Jun 23 2020 - aswVmm.sys - Avast Antivirus http://www.avast.com/
- Jul 07 2020 - mbam.sys - Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Jul 17 2020 - aswElam.sys - Avast ELAM driver
- Jul 17 2020 - farflt.sys - Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- ================== Dump #10: 3RD PARTY DRIVERS (FULL) ==================
- Image path: \SystemRoot\system32\drivers\LGBusEnum.sys
- Image name: LGBusEnum.sys
- Search : https://www.google.com/search?q=LGBusEnum.sys
- ADA Info : Logitech GamePanel Virtual Bus Enumerator driver http://support.logitech.com/
- Timestamp : Mon Nov 23 2009
- Image path: \??\C:\Windows\SysWOW64\drivers\sadp_npf64.sys
- Image name: sadp_npf64.sys
- Search : https://www.google.com/search?q=sadp_npf64.sys
- ADA Info : WinPcap driver (CACE Technologies, Inc.)
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\system32\drivers\NPF.sys
- Image name: NPF.sys
- Search : https://www.google.com/search?q=NPF.sys
- ADA Info : NetGroup Packet Filter driver, a component of WinPCap by Riverbed
- Timestamp : Fri Jun 25 2010
- Image path: \SystemRoot\SysWow64\drivers\AsUpIO.sys
- Image name: AsUpIO.sys
- Search : https://www.google.com/search?q=AsUpIO.sys
- ADA Info : ASUS Update Input Output driver http://www.asus.com/
- Timestamp : Mon Aug 2 2010
- Image path: \SystemRoot\System32\drivers\BazisVirtualCDBus.sys
- Image name: BazisVirtualCDBus.sys
- Search : https://www.google.com/search?q=BazisVirtualCDBus.sys
- ADA Info : WinCDEmu Virtual CD-ROM driver (Bazis Inc) http://wincdemu.sysprogs.org/
- Timestamp : Mon Aug 8 2011
- Image path: \SystemRoot\System32\Drivers\PxHlpa64.sys
- Image name: PxHlpa64.sys
- Search : https://www.google.com/search?q=PxHlpa64.sys
- ADA Info : Sonic CD/DVD driver
- Timestamp : Mon Oct 17 2011
- Image path: \SystemRoot\SysWow64\drivers\AiCharger.sys
- Image name: AiCharger.sys
- Search : https://www.google.com/search?q=AiCharger.sys
- ADA Info : Asus Charger driver
- Timestamp : Thu Mar 22 2012
- Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
- Image name: GEARAspiWDM.sys
- Search : https://www.google.com/search?q=GEARAspiWDM.sys
- ADA Info : Gear Software Advanced SCSI Programming Interface Windows Driver Model http://www.gearsoftware.com/
- Timestamp : Thu May 3 2012
- Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
- Image name: AsIO.sys
- Search : https://www.google.com/search?q=AsIO.sys
- ADA Info : ASUS Input Output driver http://www.asus.com/
- Timestamp : Wed Aug 22 2012
- Image path: \??\C:\WINDOWS\system32\drivers\IOMap64.sys
- Image name: IOMap64.sys
- Search : https://www.google.com/search?q=IOMap64.sys
- ADA Info : !!! ASUS 64-bit Input Output Map driver (GPU Tweaking driver)
- Timestamp : Tue Jul 2 2013
- Image path: \??\C:\Windows\system32\drivers\rzpmgrk.sys
- Image name: rzpmgrk.sys
- Search : https://www.google.com/search?q=rzpmgrk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Thu Apr 17 2014
- Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
- Image name: RTKVHD64.sys
- Search : https://www.google.com/search?q=RTKVHD64.sys
- ADA Info : Realtek Audio System driver https://www.realtek.com/en/
- Timestamp : Thu Apr 24 2014
- Image path: \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
- Image name: TeeDriverx64.sys
- Search : https://www.google.com/search?q=TeeDriverx64.sys
- ADA Info : Intel Management Engine Interface (MEI) driver https://downloadcenter.intel.com/
- Timestamp : Tue Sep 23 2014
- Image path: \??\C:\Windows\system32\drivers\rzpnk.sys
- Image name: rzpnk.sys
- Search : https://www.google.com/search?q=rzpnk.sys
- ADA Info : Razer Overlay Support https://www.razer.com/
- Timestamp : Fri Oct 17 2014
- Image path: \SystemRoot\System32\drivers\tap0901.sys
- Image name: tap0901.sys
- Search : https://www.google.com/search?q=tap0901.sys
- ADA Info : TAP-Win32 Virtual Private Network Driver 0901 (OpenVPN by OpenVPN Technologies) https://openvpn.net/
- Timestamp : Thu Apr 21 2016
- Image path: \SystemRoot\System32\drivers\tapwindscribe0901.sys
- Image name: tapwindscribe0901.sys
- Search : https://www.google.com/search?q=tapwindscribe0901.sys
- ADA Info : TAP-Windows Virtual Network driver (The OpenVPN Project) https://openvpn.net/
- Timestamp : Thu Mar 16 2017
- Image path: \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
- Image name: YSDrv.sys
- Search : https://www.google.com/search?q=YSDrv.sys
- ADA Info : VirtualBox Support driver
- Timestamp : Wed Oct 11 2017
- Image path: \SystemRoot\system32\DRIVERS\IntelHaxm.sys
- Image name: IntelHaxm.sys
- Search : https://www.google.com/search?q=IntelHaxm.sys
- ADA Info : Intel Corporation SSG Hardware Accelerated Execution Manager driver
- Timestamp : Tue Sep 18 2018
- Image path: \SystemRoot\system32\DRIVERS\e1d65x64.sys
- Image name: e1d65x64.sys
- Search : https://www.google.com/search?q=e1d65x64.sys
- ADA Info : Intel(R) Gigabit Adapter NDIS 6.x driver https://downloadcenter.intel.com/
- Timestamp : Thu Jan 24 2019
- Image path: \SystemRoot\system32\drivers\nvvad64v.sys
- Image name: nvvad64v.sys
- Search : https://www.google.com/search?q=nvvad64v.sys
- ADA Info : Nvidia Virtual Audio driver http://www.nvidia.com/
- Timestamp : Thu Mar 14 2019
- Image path: \??\C:\WINDOWS\system32\drivers\mbae64.sys
- Image name: mbae64.sys
- Search : https://www.google.com/search?q=mbae64.sys
- ADA Info : Malwarebytes driver https://www.malwarebytes.com/
- Timestamp : Thu Apr 25 2019
- Image path: \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvlddmkm.sys
- Image name: nvlddmkm.sys
- Search : https://www.google.com/search?q=nvlddmkm.sys
- ADA Info : Nvidia Graphics Card driver http://www.nvidia.com/
- Timestamp : Wed Oct 2 2019
- Image path: \SystemRoot\System32\Drivers\mbamswissarmy.sys
- Image name: mbamswissarmy.sys
- Search : https://www.google.com/search?q=mbamswissarmy.sys
- ADA Info : MalwareBytes Anti-Malware system driver https://www.malwarebytes.com/
- Timestamp : Wed Nov 20 2019
- Image path: \SystemRoot\System32\drivers\NvModuleTracker.sys
- Image name: NvModuleTracker.sys
- Search : https://www.google.com/search?q=NvModuleTracker.sys
- ADA Info : NVIDIA Module Tracker driver
- Timestamp : Fri Nov 29 2019
- Image path: \SystemRoot\System32\drivers\nvvhci.sys
- Image name: nvvhci.sys
- Search : https://www.google.com/search?q=nvvhci.sys
- ADA Info : Nvidia Virtual USB Host Controller driver http://www.nvidia.com/
- Timestamp : Fri Jan 10 2020
- Image path: \SystemRoot\System32\Drivers\MbamChameleon.sys
- Image name: MbamChameleon.sys
- Search : https://www.google.com/search?q=MbamChameleon.sys
- ADA Info : Malwarebytes Anti-Malware Chameleon driver https://www.malwarebytes.com/
- Timestamp : Thu Jun 4 2020
- Image path: \SystemRoot\system32\drivers\nvhda64v.sys
- Image name: nvhda64v.sys
- Search : https://www.google.com/search?q=nvhda64v.sys
- ADA Info : Nvidia HDMI Audio Device http://www.nvidia.com/
- Timestamp : Tue Jun 9 2020
- Image path: \SystemRoot\system32\DRIVERS\mwac.sys
- Image name: mwac.sys
- Search : https://www.google.com/search?q=mwac.sys
- ADA Info : Malwarebytes Web Access Control http://www.malwarebytes.org/
- Timestamp : Mon Jun 22 2020
- Image path: \SystemRoot\system32\drivers\aswArPot.sys
- Image name: aswArPot.sys
- Search : https://www.google.com/search?q=aswArPot.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsdriver.sys
- Image name: aswbidsdriver.sys
- Search : https://www.google.com/search?q=aswbidsdriver.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbidsh.sys
- Image name: aswbidsh.sys
- Search : https://www.google.com/search?q=aswbidsh.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswbuniv.sys
- Image name: aswbuniv.sys
- Search : https://www.google.com/search?q=aswbuniv.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswKbd.sys
- Image name: aswKbd.sys
- Search : https://www.google.com/search?q=aswKbd.sys
- ADA Info : Avast Keyboard Filter driver http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
- Image name: aswMonFlt.sys
- Search : https://www.google.com/search?q=aswMonFlt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswNetHub.sys
- Image name: aswNetHub.sys
- Search : https://www.google.com/search?q=aswNetHub.sys
- ADA Info : Avast driver
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRdr2.sys
- Image name: aswRdr2.sys
- Search : https://www.google.com/search?q=aswRdr2.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswRvrt.sys
- Image name: aswRvrt.sys
- Search : https://www.google.com/search?q=aswRvrt.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSnx.sys
- Image name: aswSnx.sys
- Search : https://www.google.com/search?q=aswSnx.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswSP.sys
- Image name: aswSP.sys
- Search : https://www.google.com/search?q=aswSP.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswStm.sys
- Image name: aswStm.sys
- Search : https://www.google.com/search?q=aswStm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \SystemRoot\system32\drivers\aswVmm.sys
- Image name: aswVmm.sys
- Search : https://www.google.com/search?q=aswVmm.sys
- ADA Info : Avast Antivirus http://www.avast.com/
- Timestamp : Tue Jun 23 2020
- Image path: \??\C:\WINDOWS\system32\DRIVERS\mbam.sys
- Image name: mbam.sys
- Search : https://www.google.com/search?q=mbam.sys
- ADA Info : Malwarebytes Anti-Malware https://www.malwarebytes.com/
- Timestamp : Tue Jul 7 2020
- Image path: \SystemRoot\system32\drivers\aswElam.sys
- Image name: aswElam.sys
- Search : https://www.google.com/search?q=aswElam.sys
- ADA Info : Avast ELAM driver
- Timestamp : Fri Jul 17 2020
- Image path: \SystemRoot\system32\DRIVERS\farflt.sys
- Image name: farflt.sys
- Search : https://www.google.com/search?q=farflt.sys
- ADA Info : Malwarebytes Anti-RansomWare SDK http://www.malwarebytes.org/
- Timestamp : Fri Jul 17 2020
- ===================== Dump #10: MICROSOFT DRIVERS ======================
- ACPI.sys ACPI Driver for NT (Microsoft)
- acpiex.sys ACPIEx Driver (Microsoft)
- acpipagr.sys ACPI Processor Aggregator Device driver (Microsoft)
- afd.sys Ancillary Function Driver for WinSock (Microsoft)
- afunix.sys AF_UNIX Socket Provider driver (Microsoft)
- AgileVpn.sys RAS Agil VPN Miniport Call Manager driver (Microsoft)
- ahcache.sys Application Compatibility Cache (Microsoft)
- bam.sys BAM Kernal driver (Microsoft)
- BasicDisplay.sys Basic Display driver (Microsoft)
- BasicRender.sys Basic Render driver (Microsoft)
- Beep.SYS BEEP driver (Microsoft)
- bindflt.sys Windows Bind Filter driver (Microsoft)
- BOOTVID.dll VGA Boot Driver (Microsoft)
- bowser.sys NT Lan Manager Datagram Receiver Driver (Microsoft)
- cdd.dll Canonical Display Driver (Microsoft)
- cdrom.sys SCSI CD-ROM Driver (Microsoft)
- CEA.sys Event Aggregation Kernal Mode Library (Microsoft)
- CI.dll Code Integrity Module (Microsoft)
- CLASSPNP.SYS SCSI Class System Dll (Microsoft)
- cldflt.sys Cloud Files Mini Filter driver (Microsoft)
- CLFS.SYS Common Log File System Driver (Microsoft)
- clipsp.sys CLIP Service (Microsoft)
- cmimcext.sys Kernal Configuration Manager Initial Con. Driver (Microsoft)
- cng.sys Kernal Cryptography, Next Generation Driver (Microsoft)
- CompositeBus.sys Multi-Transport Composite Bus Enumerator (Microsoft)
- condrv.sys Console Driver (Microsoft)
- crashdmp.sys Crash Dump driver (Microsoft)
- csc.sys Windows Client Side Caching driver (Microsoft)
- dfsc.sys DFS Namespace Client Driver (Microsoft)
- disk.sys PnP Disk Driver (Microsoft)
- drmk.sys Digital Rights Management (DRM) driver (Microsoft)
- dump_diskdump.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_dumpfve.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dump_storahci.sys (Generic Description) dump_*.sys drivers usually provide disk access during a crash to write dump files.
- dxgkrnl.sys DirectX Graphics Kernal (Microsoft)
- dxgmms2.sys DirectX Graphics MMS
- EhStorClass.sys Enhanced Storage Class driver for IEEE... (Microsoft)
- filecrypt.sys Windows sandboxing and encryption filter (Microsoft)
- fileinfo.sys FileInfo Filter Driver (Microsoft)
- FLTMGR.SYS Filesystem Filter Manager (Microsoft)
- Fs_Rec.sys File System Recognizer Driver (Microsoft)
- fvevol.sys BitLocker Driver Encryption Driver (Microsoft)
- fwpkclnt.sys FWP/IPsec Kernal-Mode API (Microsoft)
- gpuenergydrv.sys GPU Energy Kernal Driver (Microsoft)
- hal.dll Hardware Abstraction Layer DLL (Microsoft)
- HDAudBus.sys High Definition Audio Bus Driver (Microsoft)
- hiber_diskdump.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_dumpfve.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- hiber_storahci.sys (Generic Description) hiber_*.sys drivers provide disk access to store the system state while hibernating
- HIDCLASS.SYS Hid Class Library (Microsoft)
- HIDPARSE.SYS Hid Parsing Library (Microsoft)
- hidusb.sys USB Miniport Driver for Input Devices (Microsoft)
- HTTP.sys HTTP Protocol Stack (Microsoft)
- intelpep.sys Intel Power Engine Plugin (Microsoft)
- intelppm.sys Processor Device Driver (Microsoft)
- iorate.sys I/O rate control Filter (Microsoft)
- kbdclass.sys Keyboard Class Driver (Microsoft)
- kbdhid.sys HID Mouse Filter Driver or HID Keyboard Filter Driver (Microsoft)
- kd.dll Local Kernal Debugger (Microsoft)
- kdnic.sys Microsoft Kernel Debugger Network Miniport (Microsoft)
- ks.sys Kernal CSA Library (Microsoft)
- ksecdd.sys Kernel Security Support Provider Interface (Microsoft)
- ksecpkg.sys Kernel Security Support Provider Interface Packages (Microsoft)
- ksthunk.sys Kernal Streaming WOW Thunk Service (Microsoft)
- lltdio.sys Link-Layer Topology Mapper I/O Driver (Microsoft)
- luafv.sys LUA File Virtualization Filter Driver (Microsoft)
- mcupdate_GenuineIntel.dll Intel Microcode Update Library (Microsoft)
- mmcss.sys MMCSS Driver (Microsoft)
- monitor.sys Monitor Driver (Microsoft)
- mouclass.sys Mouse Class Driver (Microsoft)
- mouhid.sys HID Mouse Filter Driver (Microsoft)
- mountmgr.sys Mount Point Manager (Microsoft)
- mpsdrv.sys Microsoft Protection Service Driver (Microsoft)
- mqac.sys Message Queuing Device driver (Microsoft)
- mrxsmb.sys SMB MiniRedirector Wrapper and Engine (Microsoft)
- mrxsmb20.sys Longhorn SMB 2.0 Redirector (Microsoft)
- Msfs.SYS Mailslot driver (Microsoft)
- msisadrv.sys ISA Driver (Microsoft)
- mslldp.sys Microsoft Link-Layer Discovery Protocol... (Microsoft)
- msrpc.sys Kernel Remote Procedure Call Provider (Microsoft)
- mssecflt.sys Microsoft Security Events Component file system filter driver (Microsoft)
- mssmbios.sys System Management BIOS driver (Microsoft)
- mup.sys Multiple UNC Provider driver (Microsoft)
- ndis.sys Network Driver Interface Specification (NDIS) driver (Microsoft)
- ndistapi.sys NDIS 3.0 Connection Wrapper driver (Microsoft)
- ndisuio.sys NDIS User mode I/O driver (Microsoft)
- NdisVirtualBus.sys Virtual Network Adapter Enumerator (Microsoft)
- ndiswan.sys MS PPP Framing Driver (Strong Encryption) Microsoft)
- NDProxy.sys NDIS Proxy driver (Microsoft)
- Ndu.sys Network Data Usage Monitoring driver (Microsoft)
- netbios.sys NetBIOS Interface driver (Microsoft)
- netbt.sys MBT Transport driver (Microsoft)
- NETIO.SYS Network I/O Subsystem (Microsoft)
- Npfs.SYS NPFS driver (Microsoft)
- npsvctrig.sys Named pipe service triggers (Microsoft)
- nsiproxy.sys NSI Proxy driver (Microsoft)
- Ntfs.sys NT File System Driver (Microsoft)
- ntkrnlmp.exe Windows NT operating system kernel (Microsoft)
- ntosext.sys NTOS Extension Host driver (Microsoft)
- Null.SYS NULL Driver (Microsoft)
- nwifi.sys NativeWiFi Miniport Driver (Microsoft)
- pacer.sys QoS Packet Scheduler (Microsoft)
- partmgr.sys Partition driver (Microsoft)
- pci.sys NT Plug and Play PCI Enumerator (Microsoft)
- pcw.sys Performance Counter Driver (Microsoft)
- pdc.sys Power Dependency Coordinator Driver (Microsoft)
- peauth.sys Protected Environment Authentication and Authorization Export Driver (Microsoft)
- portcls.sys Class Driver for Port/Miniport Devices system driver (Microsoft)
- PSHED.dll Platform Specific Hardware Error driver (Microsoft)
- rasl2tp.sys RAS L2TP Mini-port/Call-manager driver (Microsoft)
- raspppoe.sys RAS PPPoE Mini-port/Call manager driver (Microsoft)
- raspptp.sys Peer-to-Peer Tunneling Protocol (Microsoft)
- rassstp.sys RAS SSTP Miniport Call Manager driver (Microsoft)
- rdbss.sys Redirected Drive Buffering SubSystem driver (Microsoft)
- rdpbus.sys Microsoft RDP Bus Device driver (Microsoft)
- rdyboost.sys ReadyBoost Driver (Microsoft)
- rspndr.sys Link-Layer Topology Responder driver (Microsoft)
- serenum.sys Serial Port Enumerator (Microsoft)
- serial.sys Serial Device Driver
- serscan.sys Serial Imaging Device Driver (Microsoft)
- SgrmAgent.sys System Guard Runtime Monitor Agent driver (Microsoft)
- SleepStudyHelper.sys Sleep Study Helper driver (Microsoft)
- spaceport.sys Storage Spaces driver (Microsoft)
- srv.sys Server driver (Microsoft)
- srv2.sys Smb 2.0 Server driver (Microsoft)
- srvnet.sys Server Network driver (Microsoft)
- storahci.sys MS AHCI Storport Miniport Driver (Microsoft)
- storport.sys Storage port driver for use with high-performance buses such as fibre channel buses and RAID adapters. (Microsoft)
- storqosflt.sys Storage QoS Filter driver (Microsoft)
- swenum.sys Plug and Play Software Device Enumerator (Microsoft)
- tbs.sys Export driver for kernel mode TPM API (Microsoft)
- tcpip.sys TCP/IP Protocol driver (Microsoft)
- tcpipreg.sys Microsoft Windows TCP/IP Registry Compatibility driver (Microsoft)
- TDI.SYS TDI Wrapper driver (Microsoft)
- tdx.sys NetIO Legacy TDI x-bit Support Driver (Microsoft)
- tm.sys Kernel Transaction Manager driver (Microsoft)
- ucx01000.sys USB Controller Extension (Microsoft)
- umbus.sys User-Mode Bus Enumerator (Microsoft)
- umpass.sys Generic pass-through driver (Microsoft)
- usbccgp.sys USB Common Class Generic Parent Driver (Microsoft)
- USBD.SYS Universal Serial Bus Driver (Microsoft)
- usbehci.sys EHCI eUSB Miniport Driver (Microsoft)
- usbhub.sys Default Hub Driver for USB (Microsoft)
- UsbHub3.sys USB3 HUB driver (Microsoft)
- USBPORT.SYS USB 1.1 & 2.0 Port Driver (Microsoft)
- USBXHCI.SYS USB XHCI driver (Microsoft)
- vdrvroot.sys Virtual Drive Root Enumerator (Microsoft)
- Vid.sys Microsoft Hyper-V Virtualization Infrastructure Driver
- volmgr.sys Volume Manager Driver (Microsoft)
- volmgrx.sys Volume Manager Extension Driver (Microsoft)
- volsnap.sys Volume Shadow Copy driver (Microsoft)
- volume.sys Volume driver (Microsoft)
- vwififlt.sys Virtual WiFi Filter Driver (Microsoft)
- wanarp.sys MS Remote Access and Routing ARP driver (Microsoft)
- watchdog.sys Watchdog driver (Microsoft)
- wcifs.sys Windows Container Isolation FS Filter driver (Microsoft)
- Wdf01000.sys Kernel Mode Driver Framework Runtime (Microsoft)
- WDFLDR.SYS Kernel Mode Driver Framework Loader (Microsoft)
- werkernel.sys Windows Error Reporting Kernel driver (Microsoft)
- wfplwfs.sys WPF NDIS Lightweight Filter driver (Microsoft)
- win32k.sys Full/Desktop Multi-User Win32 driver (Microsoft)
- win32kbase.sys Base Win32k Kernel Driver (Microsoft)
- win32kfull.sys Full/Desktop Win32k Kernel Driver (Microsoft)
- WindowsTrustedRT.sys Windows Trusted Runtime Interface driver (Microsoft)
- WindowsTrustedRTProxy.sys Windows Trusted Runtime Service Proxy driver (Microsoft)
- winhvr.sys Windows Hypervisor Root Interface driver (Microsoft)
- winquic.sys QUIC Transport Protocol driver (Microsoft)
- wmiacpi.sys Windows Management Interface for ACPI (Microsoft)
- WMILIB.SYS WMILIB WMI support library DLL (Microsoft)
- Wof.sys Windows Overlay Filter (Microsoft)
- WppRecorder.sys WPP Trace Recorder (Microsoft)
- WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector driver (Microsoft)
- ====================== Dump #10: UNLOADED MODULES ======================
- fffff805`43640000 fffff805`43c15000 iqvw64e.sys
- fffff805`4e4d0000 fffff805`4e4de000 WSDPrint.sys
- fffff805`4e720000 fffff805`4e72e000 WSDScan.sys
- fffff805`4bbd0000 fffff805`4bbdf000 dump_storpor
- fffff805`4ae30000 fffff805`4ae5f000 dump_storahc
- fffff805`4ae80000 fffff805`4ae9e000 dump_dumpfve
- fffff805`4da90000 fffff805`4dae1000 WUDFRd.sys
- fffff805`4ba00000 fffff805`4ba1e000 dam.sys
- fffff805`49820000 fffff805`49829000 MbamElam.sys
- fffff805`4a820000 fffff805`4a831000 hwpolicy.sys
- ====================== Dump #10: BIOS INFORMATION ======================
- sysinfo: could not find necessary interfaces.
- sysinfo: note that mssmbios.sys must be loaded (XPSP2+).
- ========================== Dump #10: Extra #1 ==========================
- 6: kd> !verifier
- Verify Flags Level 0x00000000
- STANDARD FLAGS:
- [X] (0x00000000) Automatic Checks
- [ ] (0x00000001) Special pool
- [ ] (0x00000002) Force IRQL checking
- [ ] (0x00000008) Pool tracking
- [ ] (0x00000010) I/O verification
- [ ] (0x00000020) Deadlock detection
- [ ] (0x00000080) DMA checking
- [ ] (0x00000100) Security checks
- [ ] (0x00000800) Miscellaneous checks
- [ ] (0x00020000) DDI compliance checking
- ADDITIONAL FLAGS:
- [ ] (0x00000004) Randomized low resources simulation
- [ ] (0x00000200) Force pending I/O requests
- [ ] (0x00000400) IRP logging
- [ ] (0x00002000) Invariant MDL checking for stack
- [ ] (0x00004000) Invariant MDL checking for driver
- [ ] (0x00008000) Power framework delay fuzzing
- [ ] (0x00010000) Port/miniport interface checking
- [ ] (0x00040000) Systematic low resources simulation
- [ ] (0x00080000) DDI compliance checking (additional)
- [ ] (0x00200000) NDIS/WIFI verification
- [ ] (0x00800000) Kernel synchronization delay fuzzing
- [ ] (0x01000000) VM switch verification
- [ ] (0x02000000) Code integrity checks
- [X] Indicates flag is enabled
- Summary of All Verifier Statistics
- RaiseIrqls 0x0
- AcquireSpinLocks 0x0
- Synch Executions 0x0
- Trims 0x0
- Pool Allocations Attempted 0x0
- Pool Allocations Succeeded 0x0
- Pool Allocations Succeeded SpecialPool 0x0
- Pool Allocations With NO TAG 0x0
- Pool Allocations Failed 0x0
- Current paged pool allocations 0x0 for 00000000 bytes
- Peak paged pool allocations 0x0 for 00000000 bytes
- Current nonpaged pool allocations 0x0 for 00000000 bytes
- Peak nonpaged pool allocations 0x0 for 00000000 bytes
- ========================== Dump #10: Extra #2 ==========================
- 6: kd> !thread
- THREAD ffffaa0061d8a240 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 6
- Not impersonating
- GetUlongFromAddress: unable to read from fffff8054582ca14
- Owning Process fffff8054598e9c0 Image: System Process
- Attached Process ffffd38f9a26b040 Image: System
- fffff78000000000: Unable to get shared data
- Wait Start TickCount 639279
- Context Switch Count 26796338 IdealProcessor: 6
- ReadMemory error: Cannot get nt!KeMaximumIncrement value.
- UserTime 00:00:00.000
- KernelTime 00:00:00.000
- Win32 Start Address nt!KiIdleLoop (0xfffff805455c5e70)
- Stack Init ffffa584e446fc90 Current ffffa584e446fc20
- Base ffffa584e4470000 Limit ffffa584e446a000 Call 0000000000000000
- Priority 0 BasePriority 0 PriorityDecrement 0 IoPriority 0 PagePriority 0
- Child-SP RetAddr : Args to Child : Call Site
- ffffa584`e446f878 fffff805`456ee7f7 : 00000000`0000009f 00000000`00000003 ffffd38f`9a2e8d80 ffffa584`e446f8b0 : nt!KeBugCheckEx
- ffffa584`e446f880 fffff805`456ee701 : ffffd38f`a6aa2270 ffffd38f`a48861f0 ffffaa00`61d79100 ffffaa00`61d79180 : nt!PopIrpWatchdogBugcheck+0xef
- ffffa584`e446f8f0 fffff805`454512f9 : ffffd38f`a6aa22a8 00000000`00000080 00000000`00000003 ffffd38f`00000002 : nt!PopIrpWatchdog+0x31
- ffffa584`e446f940 fffff805`45450059 : 00000000`0000001e 00000000`00989680 00000000`0005d071 00000000`00000089 : nt!KiProcessExpiredTimerList+0x169
- ffffa584`e446fa30 fffff805`455c5eee : 00000000`00000000 ffffaa00`61d79180 ffffaa00`61d8a240 ffffd38f`a6a6b080 : nt!KiRetireDpcList+0x4e9
- ffffa584`e446fc60 00000000`00000000 : ffffa584`e4470000 ffffa584`e446a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x7e
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement