Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64Copyright (c) Micr

1. Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
2. Copyright (c) Microsoft Corporation. All rights reserved.
3.  
4. ========================================================================
5. =================== Dump File: 071717-27828-01.dmp ===================
6. ========================================================================
7. Mini Kernel Dump File: Only registers and stack trace are available
8. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
9. Product: WinNt, suite: TerminalServer SingleUserTS
10. Built by: 15063.0.amd64fre.rs2_release.170317-1834
11. Kernel base = 0xfffff803`2ce0d000 PsLoadedModuleList = 0xfffff803`2d1595e0
12. Debug session time: Mon Jul 17 04:50:33.602 2017 (UTC - 4:00)
13. System Uptime: 0 days 3:28:10.237
14.  
15. BugCheck 1A, {61948, 1fac62, 1, 1fac62}
16. *** WARNING: Unable to verify timestamp for aswStm.sys
17. *** ERROR: Module load completed but symbols could not be loaded for aswStm.sys
18. Probably caused by : memory_corruption
19. Followup: memory_corruption
20. 1: kd> !analyze -v
21.  
22. MEMORY_MANAGEMENT (1a)
23. # Any other values for parameter 1 must be individually examined.
24.  
25. Arguments:
26. Arg1: 0000000000061948, The subtype of the bugcheck.
27. Arg2: 00000000001fac62
28. Arg3: 0000000000000001
29. Arg4: 00000000001fac62
30.  
31. Debugging Details:
32. DUMP_CLASS: 1
33. DUMP_QUALIFIER: 400
34. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
35. SYSTEM_MANUFACTURER: ASUS
36. SYSTEM_PRODUCT_NAME: All Series
37. SYSTEM_SKU: All
38. SYSTEM_VERSION: System Version
39. BIOS_VENDOR: American Megatrends Inc.
40. BIOS_VERSION: 2201
41. BIOS_DATE: 06/25/2015
42. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
43. BASEBOARD_PRODUCT: B85M-G R2.0
44. BASEBOARD_VERSION: Rev X.0x
45. DUMP_TYPE: 2
46. BUGCHECK_STR: 0x1a_61948
47. CPU_COUNT: 4
48. CPU_MHZ: c80
49. CPU_VENDOR: GenuineIntel
50. CPU_FAMILY: 6
51. CPU_MODEL: 3c
52. CPU_STEPPING: 3
53. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
54. CUSTOMER_CRASH_COUNT: 1
55. DEFAULT_BUCKET_ID: CODE_CORRUPTION
56.  
57. PROCESS_NAME: AvastSvc.exe
58.  
59. CURRENT_IRQL: 2
60. ANALYSIS_SESSION_HOST: USERNAME-PC
61. ANALYSIS_SESSION_TIME: 07-17-2017 17:10:11.0064
62. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
63. LAST_CONTROL_TRANSFER: from fffff8032cfc66de to fffff8032cf794c0
64. STACK_TEXT:
65. ffff8401`592afec8 fffff803`2cfc66de : 00000000`0000001a 00000000`00061948 00000000`001fac62 00000000`00000001 : nt!KeBugCheckEx
66. ffff8401`592afed0 fffff803`2cf9c57b : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000001 : nt!MiDereferenceIoPages+0xd578a
67. ffff8401`592aff80 fffff803`2ce797b8 : 00000000`00000001 ffffc30d`661dd680 ffff8401`592b0160 00000000`00400201 : nt!MmUnlockPages+0x14c5fb
68. ffff8401`592b0060 fffff801`219fa0c2 : 00000000`00000000 ffffc30d`661dd602 00000000`00000000 ffffc30d`641d4020 : nt!IopfCompleteRequest+0x7c8
69. ffff8401`592b0190 fffff801`219f695b : 00000000`00000001 00000000`00000000 00000000`00000f4b fffff801`23106f68 : Wdf01000!FxRequest::CompleteInternal+0x242
70. ffff8401`592b0250 fffff801`2310c6d4 : ffffc30d`65ac7890 ffffc30d`65ee7390 ffff8401`592b03f0 ffffc30d`63ad0d80 : Wdf01000!imp_WdfRequestCompleteWithInformation+0x9b
71. ffff8401`592b02c0 ffffc30d`65ac7890 : ffffc30d`65ee7390 ffff8401`592b03f0 ffffc30d`63ad0d80 00000000`00000000 : aswStm+0x1c6d4
72. ffff8401`592b02c8 ffffc30d`65ee7390 : ffff8401`592b03f0 ffffc30d`63ad0d80 00000000`00000000 fffff801`231071f0 : 0xffffc30d`65ac7890
73. ffff8401`592b02d0 ffff8401`592b03f0 : ffffc30d`63ad0d80 00000000`00000000 fffff801`231071f0 ffffc30d`65ac7890 : 0xffffc30d`65ee7390
74. ffff8401`592b02d8 ffffc30d`63ad0d80 : 00000000`00000000 fffff801`231071f0 ffffc30d`65ac7890 ffffc30d`00000000 : 0xffff8401`592b03f0
75. ffff8401`592b02e0 00000000`00000000 : fffff801`231071f0 ffffc30d`65ac7890 ffffc30d`00000000 ffffc30d`6448d780 : 0xffffc30d`63ad0d80
76. STACK_COMMAND: kb
77. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
78. fffff8032ce49cb2 - nt!MmIsSpecialPoolAddress+e
79. [ f6:b0 ]
80. fffff8032ce49cc4 - nt!MmIsSpecialPoolAddress+20 (+0x12)
81. [ f6:b0 ]
82. fffff8032cf0c7c8 - nt!MiPteNeedsCommitCharge+48 (+0xc2b04)
83. [ f6:b0 ]
84. fffff8032cf13389-fffff8032cf1338a 2 bytes - nt!MiModifiedWriterNoReservationSort+9 (+0x6bc1)
85. [ 80 fa:00 e6 ]
86. fffff8032cf9c646 - nt!MiReleasePtes+14bc46 (+0x892bd)
87. [ f6:b0 ]
88. 6 errors : !nt (fffff8032ce49cb2-fffff8032cf9c646)
89. MODULE_NAME: memory_corruption
90.  
91. IMAGE_NAME: memory_corruption
92.  
93. FOLLOWUP_NAME: memory_corruption
94. DEBUG_FLR_IMAGE_TIMESTAMP: 0
95. MEMORY_CORRUPTOR: LARGE
96. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
97. BUCKET_ID: MEMORY_CORRUPTION_LARGE
98. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
99. TARGET_TIME: 2017-07-17T08:50:33.000Z
100. OSBUILD: 15063
101. OSSERVICEPACK: 483
102. SERVICEPACK_NUMBER: 0
103. OS_REVISION: 0
104. SUITE_MASK: 272
105. PRODUCT_TYPE: 1
106. OSPLATFORM_TYPE: x64
107. OSNAME: Windows 10
108. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
109. USER_LCID: 0
110. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
111. BUILDDATESTAMP_STR: 160101.0800
112. BUILDLAB_STR: WinBuild
113. BUILDOSVER_STR: 10.0.15063.483
114. ANALYSIS_SESSION_ELAPSED_TIME: bedc
115. ANALYSIS_SOURCE: KM
116. FAILURE_ID_HASH_STRING: km:memory_corruption_large
117. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
118. Followup: memory_corruption
119. 1: kd> q
120. quit:
121.  
122. ========================================================================
123. =================== Dump File: 071717-31687-01.dmp ===================
124. ========================================================================
125. Mini Kernel Dump File: Only registers and stack trace are available
126. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
127. Product: WinNt, suite: TerminalServer SingleUserTS
128. Built by: 15063.0.amd64fre.rs2_release.170317-1834
129. Kernel base = 0xfffff801`a0a9b000 PsLoadedModuleList = 0xfffff801`a0de75e0
130. Debug session time: Sun Jul 16 23:17:51.467 2017 (UTC - 4:00)
131. System Uptime: 0 days 0:24:59.103
132.  
133. BugCheck A, {ffffd605a5f027a0, ff, 0, fffff801a0afca26}
134. *** WARNING: Unable to verify timestamp for aswbidsdrivera.sys
135. *** ERROR: Module load completed but symbols could not be loaded for aswbidsdrivera.sys
136. Probably caused by : aswbidsdrivera.sys ( aswbidsdrivera+14145 )
137. Followup: MachineOwner
138. 1: kd> !analyze -v
139.  
140. IRQL_NOT_LESS_OR_EQUAL (a)
141. An attempt was made to access a pageable (or completely invalid) address at an
142. interrupt request level (IRQL) that is too high. This is usually
143. caused by drivers using improper addresses.
144. If a kernel debugger is available get the stack backtrace.
145.  
146. Arguments:
147. Arg1: ffffd605a5f027a0, memory referenced
148. Arg2: 00000000000000ff, IRQL
149. Arg3: 0000000000000000, bitfield :
150. bit 0 : value 0 = read operation, 1 = write operation
151. bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
152. Arg4: fffff801a0afca26, address which referenced memory
153.  
154. Debugging Details:
155. DUMP_CLASS: 1
156. DUMP_QUALIFIER: 400
157. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
158. SYSTEM_MANUFACTURER: ASUS
159. SYSTEM_PRODUCT_NAME: All Series
160. SYSTEM_SKU: All
161. SYSTEM_VERSION: System Version
162. BIOS_VENDOR: American Megatrends Inc.
163. BIOS_VERSION: 2201
164. BIOS_DATE: 06/25/2015
165. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
166. BASEBOARD_PRODUCT: B85M-G R2.0
167. BASEBOARD_VERSION: Rev X.0x
168. DUMP_TYPE: 2
169. READ_ADDRESS: fffff801a0e7c358: Unable to get MiVisibleState
170. ffffd605a5f027a0
171. CURRENT_IRQL: 0
172. FAULTING_IP:
173. nt!ExpAcquireResourceSharedLite+c6
174. fffff801`a0afca26 894338 mov dword ptr [rbx+38h],eax
175. CPU_COUNT: 4
176. CPU_MHZ: c80
177. CPU_VENDOR: GenuineIntel
178. CPU_FAMILY: 6
179. CPU_MODEL: 3c
180. CPU_STEPPING: 3
181. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
182. CUSTOMER_CRASH_COUNT: 1
183. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
184. BUGCHECK_STR: AV
185.  
186. PROCESS_NAME: AvastSvc.exe
187.  
188. ANALYSIS_SESSION_HOST: USERNAME-PC
189. ANALYSIS_SESSION_TIME: 07-17-2017 17:17:05.0384
190. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
191. TRAP_FRAME: ffff9e01c2deabf0 -- (.trap 0xffff9e01c2deabf0)
192. NOTE: The trap frame does not contain all registers.
193. Some register values may be zeroed or incorrect.
194. rax=0000000000000008 rbx=0000000000000000 rcx=0000000000000000
195. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
196. rip=fffff801a0afca26 rsp=ffff9e01c2dead80 rbp=ffff9e01c2deadf0
197. r8=0000000000000002 r9=000000007f4401fe r10=fffff8016ae00000
198. r11=0000000000000001 r12=0000000000000000 r13=0000000000000000
199. r14=0000000000000000 r15=0000000000000000
200. iopl=0 nv up di pl nz na pe nc
201. nt!ExpAcquireResourceSharedLite+0xc6:
202. fffff801`a0afca26 894338 mov dword ptr [rbx+38h],eax ds:00000000`00000038=????????
203. Resetting default scope
204. LAST_CONTROL_TRANSFER: from fffff801a0c128a9 to fffff801a0c074c0
205. STACK_TEXT:
206. ffff9e01`c2deaaa8 fffff801`a0c128a9 : 00000000`0000000a ffffd605`a5f027a0 00000000`000000ff 00000000`00000000 : nt!KeBugCheckEx
207. ffff9e01`c2deaab0 fffff801`a0c10e7d : fffff801`00000000 fffff801`00000001 ffffd605`a6124040 00000000`00000000 : nt!KiBugCheckDispatch+0x69
208. ffff9e01`c2deabf0 fffff801`a0afca26 : ffffd605`b4f2cb18 fffff801`a0b07fe9 ffffd605`b4f2cb18 ffffd605`b275b1b0 : nt!KiPageFault+0x23d
209. ffff9e01`c2dead80 fffff801`6bbc4145 : 00000001`00000002 ffffd605`a5f02768 00000000`000008d8 00000000`00000000 : nt!ExpAcquireResourceSharedLite+0xc6
210. ffff9e01`c2deae20 00000001`00000002 : ffffd605`a5f02768 00000000`000008d8 00000000`00000000 00000000`00000000 : aswbidsdrivera+0x14145
211. ffff9e01`c2deae28 ffffd605`a5f02768 : 00000000`000008d8 00000000`00000000 00000000`00000000 fffff801`a0b07107 : 0x00000001`00000002
212. ffff9e01`c2deae30 00000000`000008d8 : 00000000`00000000 00000000`00000000 fffff801`a0b07107 00000000`00001001 : 0xffffd605`a5f02768
213. ffff9e01`c2deae38 00000000`00000000 : 00000000`00000000 fffff801`a0b07107 00000000`00001001 00000000`00000006 : 0x8d8
214. STACK_COMMAND: kb
215. THREAD_SHA1_HASH_MOD_FUNC: 6d8f6bb7949b2fc75392bdf042183d1b7890f6f8
216. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 23eaa1a738c949cbf2b3971d2934492e80cfef3d
217. THREAD_SHA1_HASH_MOD: 52ed1883575d1d4850f196f6a85e3eaca7e0a68e
218. FOLLOWUP_IP:
219. aswbidsdrivera+14145
220. fffff801`6bbc4145 0fb6d8 movzx ebx,al
221. FAULT_INSTR_CODE: 84d8b60f
222. SYMBOL_STACK_INDEX: 4
223. SYMBOL_NAME: aswbidsdrivera+14145
224. FOLLOWUP_NAME: MachineOwner
225. MODULE_NAME: aswbidsdrivera
226.  
227. IMAGE_NAME: aswbidsdrivera.sys
228.  
229. DEBUG_FLR_IMAGE_TIMESTAMP: 5936d4e0
230. BUCKET_ID_FUNC_OFFSET: 14145
231. FAILURE_BUCKET_ID: AV_aswbidsdrivera!unknown_function
232. BUCKET_ID: AV_aswbidsdrivera!unknown_function
233. PRIMARY_PROBLEM_CLASS: AV_aswbidsdrivera!unknown_function
234. TARGET_TIME: 2017-07-17T03:17:51.000Z
235. OSBUILD: 15063
236. OSSERVICEPACK: 483
237. SERVICEPACK_NUMBER: 0
238. OS_REVISION: 0
239. SUITE_MASK: 272
240. PRODUCT_TYPE: 1
241. OSPLATFORM_TYPE: x64
242. OSNAME: Windows 10
243. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
244. USER_LCID: 0
245. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
246. BUILDDATESTAMP_STR: 160101.0800
247. BUILDLAB_STR: WinBuild
248. BUILDOSVER_STR: 10.0.15063.483
249. ANALYSIS_SESSION_ELAPSED_TIME: 72e9
250. ANALYSIS_SOURCE: KM
251. FAILURE_ID_HASH_STRING: km:av_aswbidsdrivera!unknown_function
252. FAILURE_ID_HASH: {de6ddb71-c05a-3939-35d5-62ca51e18f25}
253. Followup: MachineOwner
254. 1: kd> q
255. quit:
256.  
257. ========================================================================
258. =================== Dump File: 071717-30171-01.dmp ===================
259. ========================================================================
260. Mini Kernel Dump File: Only registers and stack trace are available
261. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
262. Product: WinNt, suite: TerminalServer SingleUserTS
263. Built by: 15063.0.amd64fre.rs2_release.170317-1834
264. Kernel base = 0xfffff801`3320e000 PsLoadedModuleList = 0xfffff801`3355a5e0
265. Debug session time: Mon Jul 17 01:21:42.007 2017 (UTC - 4:00)
266. System Uptime: 0 days 2:03:10.642
267.  
268. BugCheck 3B, {c0000005, fffff80133218e58, ffffbc006c0dea20, 0}
269. Probably caused by : memory_corruption
270. Followup: memory_corruption
271. 1: kd> !analyze -v
272.  
273. SYSTEM_SERVICE_EXCEPTION (3b)
274. An exception happened while executing a system service routine.
275.  
276. Arguments:
277. Arg1: 00000000c0000005, Exception code that caused the bugcheck
278. Arg2: fffff80133218e58, Address of the instruction which caused the bugcheck
279. Arg3: ffffbc006c0dea20, Address of the context record for the exception that caused the bugcheck
280. Arg4: 0000000000000000, zero.
281.  
282. Debugging Details:
283. DUMP_CLASS: 1
284. DUMP_QUALIFIER: 400
285. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
286. SYSTEM_MANUFACTURER: ASUS
287. SYSTEM_PRODUCT_NAME: All Series
288. SYSTEM_SKU: All
289. SYSTEM_VERSION: System Version
290. BIOS_VENDOR: American Megatrends Inc.
291. BIOS_VERSION: 2201
292. BIOS_DATE: 06/25/2015
293. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
294. BASEBOARD_PRODUCT: B85M-G R2.0
295. BASEBOARD_VERSION: Rev X.0x
296. DUMP_TYPE: 2
297. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
298. FAULTING_IP:
299. nt!MiDecrementCombinedPte+20
300. fffff801`33218e58 488b4810 mov rcx,qword ptr [rax+10h]
301. CONTEXT: ffffbc006c0dea20 -- (.cxr 0xffffbc006c0dea20)
302. rax=7ffffffffffff000 rbx=0000000000000004 rcx=8000000000000000
303. rdx=ffffffffffffffff rsi=8000000000000000 rdi=0000000000000000
304. rip=fffff80133218e58 rsp=ffffbc006c0df410 rbp=ffffbc006c0df540
305. r8=3fffffffffffffff r9=0000000000000003 r10=00000000001fdb2b
306. r11=0000007ffffffff8 r12=8000000000000000 r13=0000000000000000
307. r14=0000000000000000 r15=fffffc000252b940
308. iopl=0 nv up ei ng nz na po nc
309. cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010286
310. nt!MiDecrementCombinedPte+0x20:
311. fffff801`33218e58 488b4810 mov rcx,qword ptr [rax+10h] ds:002b:7fffffff`fffff010=????????????????
312. Resetting default scope
313. CPU_COUNT: 4
314. CPU_MHZ: c80
315. CPU_VENDOR: GenuineIntel
316. CPU_FAMILY: 6
317. CPU_MODEL: 3c
318. CPU_STEPPING: 3
319. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
320. CUSTOMER_CRASH_COUNT: 1
321. DEFAULT_BUCKET_ID: CODE_CORRUPTION
322. BUGCHECK_STR: 0x3B
323.  
324. PROCESS_NAME: Battle.net.exe
325.  
326. CURRENT_IRQL: 2
327. ANALYSIS_SESSION_HOST: USERNAME-PC
328. ANALYSIS_SESSION_TIME: 07-17-2017 17:15:09.0963
329. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
330. LAST_CONTROL_TRANSFER: from fffff801332a3319 to fffff80133218e58
331. STACK_TEXT:
332. ffffbc00`6c0df410 fffff801`332a3319 : ffffaa8c`00000000 00000000`00000004 ffffcd00`0005c2b0 ffffcd00`0005c2b0 : nt!MiDecrementCombinedPte+0x20
333. ffffbc00`6c0df440 fffff801`33292cc2 : ffffcd00`0005c3f0 ffffcd00`0005c280 00000000`0000009f 00000000`0000000f : nt!MiDeletePteRun+0x5d9
334. ffffbc00`6c0df5b0 fffff801`3328d5bd : ffffaa8c`73d8fd88 ffffaa8c`731977c0 ffffaa8c`73d8fd88 ffffaa8c`73d8f7c0 : nt!MiDeleteVirtualAddresses+0x972
335. ffffbc00`6c0df860 fffff801`336c289c : 00000000`0b850000 ffffaa8c`7fbe4010 00000000`6ff04230 00000000`00000000 : nt!MiDeleteVad+0x3ad
336. ffffbc00`6c0df9e0 fffff801`337389c6 : ffffaa8c`73d8f7c0 00000000`00000008 ffffaa8c`7281ec40 00000000`0b850000 : nt!MiUnmapViewOfSection+0xec
337. ffffbc00`6c0dfab0 fffff801`33385413 : ffffaa8c`731977c0 00000000`00000000 00000000`00000000 ffffaa8c`73d8f7c0 : nt!NtUnmapViewOfSectionEx+0x86
338. ffffbc00`6c0dfb00 00007ff9`87ee8b54 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
339. 00000000`08ade5b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`87ee8b54
340. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
341. fffff801332180f6-fffff801332180f7 2 bytes - nt!MiGetWorkingSetInfoList+4a6
342. [ 80 f6:00 cd ]
343. fffff80133218157-fffff80133218158 2 bytes - nt!MiGetWorkingSetInfoList+507 (+0x61)
344. [ 80 f6:00 cd ]
345. fffff801332182f9-fffff801332182fb 3 bytes - nt!MiGetWorkingSetInfoList+6a9 (+0x1a2)
346. [ 40 fb f6:80 66 cd ]
347. fffff801332183f4-fffff801332183f5 2 bytes - nt!MiGetWorkingSetInfoList+7a4 (+0xfb)
348. [ 80 fa:00 fc ]
349. fffff801332184be-fffff801332184bf 2 bytes - nt!MiGetWorkingSetInfoList+86e (+0xca)
350. [ 80 fa:00 fc ]
351. fffff80133218817-fffff80133218818 2 bytes - nt!MiRevokeExecutePte+27 (+0x359)
352. [ 80 f6:00 cd ]
353. fffff80133218869-fffff8013321886a 2 bytes - nt!MiRevokeExecutePte+79 (+0x52)
354. [ 80 fa:00 fc ]
355. fffff801332188be-fffff801332188bf 2 bytes - nt!MiQueryLeafPte+1e (+0x55)
356. [ 80 f6:00 cd ]
357. fffff8013321890e-fffff8013321890f 2 bytes - nt!MiQueryLeafPte+6e (+0x50)
358. [ 80 fa:00 fc ]
359. fffff80133218a1d-fffff80133218a1e 2 bytes - nt!MiQueryLeafPte+17d (+0x10f)
360. [ ff f6:7f cd ]
361. fffff80133218b0b-fffff80133218b0c 2 bytes - nt!MiLockProtoPage+4f (+0xee)
362. [ 80 f6:00 cd ]
363. fffff80133218b32-fffff80133218b33 2 bytes - nt!MiLockProtoPage+76 (+0x27)
364. [ 80 fa:00 fc ]
365. fffff80133218bd1-fffff80133218bd2 2 bytes - nt!MiQueryPfn+15 (+0x9f)
366. [ 80 fa:00 fc ]
367. fffff80133218c6e-fffff80133218c6f 2 bytes - nt!MiMakeProtoAddressValid+3a (+0x9d)
368. [ 80 f6:00 cd ]
369. fffff80133218cc4-fffff80133218cc5 2 bytes - nt!MiMakeProtoAddressValid+90 (+0x56)
370. [ 80 fa:00 fc ]
371. fffff80133292cef-fffff80133292cf0 2 bytes - nt!MiDeleteVirtualAddresses+99f (+0x7a02b)
372. [ 80 f6:00 cd ]
373. fffff8013329f07a-fffff8013329f07b 2 bytes - nt!MiResolvePrivateZeroFault+27a (+0xc38b)
374. [ 80 f6:00 cd ]
375. fffff8013329f0b0-fffff8013329f0b2 3 bytes - nt!MiResolvePrivateZeroFault+2b0 (+0x36)
376. [ 40 fb f6:80 66 cd ]
377. fffff8013329f0d8-fffff8013329f0d9 2 bytes - nt!MiResolvePrivateZeroFault+2d8 (+0x28)
378. [ 80 fa:00 fc ]
379. fffff8013329fb53-fffff8013329fb54 2 bytes - nt!MiGetPage+a3 (+0xa7b)
380. [ 80 fa:00 fc ]
381. fffff8013329fcc2-fffff8013329fcc3 2 bytes - nt!MiGetFreeOrZeroPage+72 (+0x16f)
382. [ 80 fa:00 fc ]
383. fffff801332a3410-fffff801332a3411 2 bytes - nt!MiDeletePteRun+6d0 (+0x374e)
384. [ 80 f6:00 cd ]
385. fffff801332a3a80-fffff801332a3a81 2 bytes - nt!MiInsertPageInFreeOrZeroedList+20 (+0x670)
386. [ 80 fa:00 fc ]
387. 48 errors : !nt (fffff801332180f6-fffff801332a3a81)
388. MODULE_NAME: memory_corruption
389.  
390. IMAGE_NAME: memory_corruption
391.  
392. FOLLOWUP_NAME: memory_corruption
393. DEBUG_FLR_IMAGE_TIMESTAMP: 0
394. MEMORY_CORRUPTOR: LARGE
395. STACK_COMMAND: .cxr 0xffffbc006c0dea20 ; kb
396. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
397. BUCKET_ID: MEMORY_CORRUPTION_LARGE
398. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
399. TARGET_TIME: 2017-07-17T05:21:42.000Z
400. OSBUILD: 15063
401. OSSERVICEPACK: 483
402. SERVICEPACK_NUMBER: 0
403. OS_REVISION: 0
404. SUITE_MASK: 272
405. PRODUCT_TYPE: 1
406. OSPLATFORM_TYPE: x64
407. OSNAME: Windows 10
408. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
409. USER_LCID: 0
410. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
411. BUILDDATESTAMP_STR: 160101.0800
412. BUILDLAB_STR: WinBuild
413. BUILDOSVER_STR: 10.0.15063.483
414. ANALYSIS_SESSION_ELAPSED_TIME: 1ab3
415. ANALYSIS_SOURCE: KM
416. FAILURE_ID_HASH_STRING: km:memory_corruption_large
417. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
418. Followup: memory_corruption
419. 1: kd> q
420. quit:
421.  
422. ========================================================================
423. =================== Dump File: 071717-29500-01.dmp ===================
424. ========================================================================
425. Mini Kernel Dump File: Only registers and stack trace are available
426. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
427. Product: WinNt, suite: TerminalServer SingleUserTS
428. Built by: 15063.0.amd64fre.rs2_release.170317-1834
429. Kernel base = 0xfffff803`5e60a000 PsLoadedModuleList = 0xfffff803`5e9565e0
430. Debug session time: Mon Jul 17 15:18:02.922 2017 (UTC - 4:00)
431. System Uptime: 0 days 1:47:15.558
432.  
433. BugCheck 1A, {41201, ffff8d3ffbf86398, 1fc454025, ffff908e7176fd90}
434. Probably caused by : memory_corruption ( nt!MiGetPageProtection+1183bf )
435. Followup: MachineOwner
436. 1: kd> !analyze -v
437.  
438. MEMORY_MANAGEMENT (1a)
439. # Any other values for parameter 1 must be individually examined.
440.  
441. Arguments:
442. Arg1: 0000000000041201, The subtype of the bugcheck.
443. Arg2: ffff8d3ffbf86398
444. Arg3: 00000001fc454025
445. Arg4: ffff908e7176fd90
446.  
447. Debugging Details:
448. DUMP_CLASS: 1
449. DUMP_QUALIFIER: 400
450. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
451. SYSTEM_MANUFACTURER: ASUS
452. SYSTEM_PRODUCT_NAME: All Series
453. SYSTEM_SKU: All
454. SYSTEM_VERSION: System Version
455. BIOS_VENDOR: American Megatrends Inc.
456. BIOS_VERSION: 2201
457. BIOS_DATE: 06/25/2015
458. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
459. BASEBOARD_PRODUCT: B85M-G R2.0
460. BASEBOARD_VERSION: Rev X.0x
461. DUMP_TYPE: 2
462. BUGCHECK_STR: 0x1a_41201
463. CPU_COUNT: 4
464. CPU_MHZ: c80
465. CPU_VENDOR: GenuineIntel
466. CPU_FAMILY: 6
467. CPU_MODEL: 3c
468. CPU_STEPPING: 3
469. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
470. CUSTOMER_CRASH_COUNT: 1
471. DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
472.  
473. PROCESS_NAME: sppsvc.exe
474.  
475. CURRENT_IRQL: 2
476. ANALYSIS_SESSION_HOST: USERNAME-PC
477. ANALYSIS_SESSION_TIME: 07-17-2017 17:13:43.0877
478. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
479. LAST_CONTROL_TRANSFER: from fffff8035e7aa64f to fffff8035e7764c0
480. STACK_TEXT:
481. ffffbc80`c3bf4b58 fffff803`5e7aa64f : 00000000`0000001a 00000000`00041201 ffff8d3f`fbf86398 00000001`fc454025 : nt!KeBugCheckEx
482. ffffbc80`c3bf4b60 fffff803`5e691ae3 : ffff8d3f`fbf86398 00000000`00001000 00000001`fc454025 00000000`00000000 : nt!MiGetPageProtection+0x1183bf
483. ffffbc80`c3bf4bb0 fffff803`5e69163e : 00007ff7`00000000 ffffa707`fa519900 ffffbc80`00000000 ffff908e`652efcc0 : nt!MiQueryAddressState+0x2b3
484. ffffbc80`c3bf4c40 fffff803`5ea9701f : 00000000`00000003 00000000`00000001 00000000`00000003 00007ff7`f0c73000 : nt!MiQueryAddressSpan+0x12e
485. ffffbc80`c3bf4cf0 fffff803`5ea968c1 : 00000000`00000000 00000000`00000201 00000000`00000000 00000000`00000000 : nt!MmQueryVirtualMemory+0x74f
486. ffffbc80`c3bf4e50 fffff803`5e781413 : 00000000`00000000 00000000`00000008 ffffbc80`c5abe820 00000000`00000001 : nt!NtQueryVirtualMemory+0x25
487. ffffbc80`c3bf4ea0 fffff803`5e7796a0 : fffff803`5ead1ecb ffff085c`a2af8e91 000000aa`0000000a ffffbc80`c5abe820 : nt!KiSystemServiceCopyEnd+0x13
488. ffffbc80`c3bf50a8 fffff803`5ead1ecb : ffff085c`a2af8e91 000000aa`0000000a ffffbc80`c5abe820 00007ff7`f0c33820 : nt!KiServiceLinkage
489. ffffbc80`c3bf50b0 fffff803`5ead41a5 : ffffa707`fa3847f0 ffffa707`fa3847f0 ffffa707`fb37d0f4 00007ff7`f0c33820 : nt!WbCreateHeapExecutedBlock+0x37b
490. ffffbc80`c3bf5120 fffff803`5ead4343 : ffffa707`fa3847f0 00000000`00000000 ffffbc80`c3bf5b80 00000000`00000000 : nt!WbMakeUserDataPagesKernelWritable+0x209
491. ffffbc80`c3bf51b0 fffff803`5eb44606 : ffffffff`ffffffff ffff908e`64658ae0 00000000`00000000 ffffa707`00000000 : nt!WbMakeUserDataPagesKernelWritable+0x3a7
492. ffffbc80`c3bf51e0 fffff803`5ead20e9 : 00000000`00000001 00000025`3d37d7d0 00000000`00000000 ffffa707`fa3847f0 : nt!WbDecryptEncryptionSegment+0x7a
493. ffffbc80`c3bf5210 fffff803`5eab5b9f : ffffa707`f3446790 ffffbc80`c3bf54e0 ffffa707`f5ae3a80 00000000`00000000 : nt!WbDispatchOperation+0x1d9
494. ffffbc80`c3bf5280 fffff803`5eab57fb : 00000025`3d37f701 ffff908e`65324100 00007ff9`dfc39c20 00000025`3d37e260 : nt!ExpQuerySystemInformation+0x27f
495. ffffbc80`c3bf5ac0 fffff803`5e781413 : ffff908e`646587c0 00000000`00000000 00000000`00000000 00007ff9`dfc34c20 : nt!NtQuerySystemInformation+0x2b
496. ffffbc80`c3bf5b00 00007ff9`f0545a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
497. 00000025`3d37d7a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`f0545a64
498. STACK_COMMAND: kb
499. THREAD_SHA1_HASH_MOD_FUNC: 95cf5ae0ca1e8a6c94eeccc5f29c74d552895889
500. THREAD_SHA1_HASH_MOD_FUNC_OFFSET: d382c80ea6fa0a1e714435cd189513fc9d00bded
501. THREAD_SHA1_HASH_MOD: 9eef8c7ca0ce66f8b8b34848179f303828cff762
502. FOLLOWUP_IP:
503. nt!MiGetPageProtection+1183bf
504. fffff803`5e7aa64f cc int 3
505. FAULT_INSTR_CODE: a88d49cc
506. SYMBOL_STACK_INDEX: 1
507. SYMBOL_NAME: nt!MiGetPageProtection+1183bf
508. FOLLOWUP_NAME: MachineOwner
509. MODULE_NAME: nt
510. DEBUG_FLR_IMAGE_TIMESTAMP: 595f24eb
511. IMAGE_VERSION: 10.0.15063.483
512.  
513. IMAGE_NAME: memory_corruption
514.  
515. BUCKET_ID_FUNC_OFFSET: 1183bf
516. FAILURE_BUCKET_ID: 0x1a_41201_nt!MiGetPageProtection
517. BUCKET_ID: 0x1a_41201_nt!MiGetPageProtection
518. PRIMARY_PROBLEM_CLASS: 0x1a_41201_nt!MiGetPageProtection
519. TARGET_TIME: 2017-07-17T19:18:02.000Z
520. OSBUILD: 15063
521. OSSERVICEPACK: 483
522. SERVICEPACK_NUMBER: 0
523. OS_REVISION: 0
524. SUITE_MASK: 272
525. PRODUCT_TYPE: 1
526. OSPLATFORM_TYPE: x64
527. OSNAME: Windows 10
528. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
529. USER_LCID: 0
530. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
531. BUILDDATESTAMP_STR: 160101.0800
532. BUILDLAB_STR: WinBuild
533. BUILDOSVER_STR: 10.0.15063.483
534. ANALYSIS_SESSION_ELAPSED_TIME: 1f8e
535. ANALYSIS_SOURCE: KM
536. FAILURE_ID_HASH_STRING: km:0x1a_41201_nt!migetpageprotection
537. FAILURE_ID_HASH: {c1fe3b27-3ba8-d99e-656f-85f3d58dc669}
538. Followup: MachineOwner
539. 1: kd> q
540. quit:
541.  
542. ========================================================================
543. =================== Dump File: 071717-28296-01.dmp ===================
544. ========================================================================
545. Mini Kernel Dump File: Only registers and stack trace are available
546. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
547. Product: WinNt, suite: TerminalServer SingleUserTS
548. Built by: 15063.0.amd64fre.rs2_release.170317-1834
549. Kernel base = 0xfffff801`87a12000 PsLoadedModuleList = 0xfffff801`87d5e5e0
550. Debug session time: Mon Jul 17 13:29:48.569 2017 (UTC - 4:00)
551. System Uptime: 0 days 8:34:30.204
552.  
553. BugCheck 4E, {99, 1fbb51, 0, 0}
554. *** WARNING: Unable to verify timestamp for win32k.sys
555. *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
556. Probably caused by : memory_corruption
557. Followup: memory_corruption
558. 1: kd> !analyze -v
559.  
560. PFN_LIST_CORRUPT (4e)
561. Typically caused by drivers passing bad memory descriptor lists (ie: calling
562. MmUnlockPages twice with the same list, etc). If a kernel debugger is
563. available get the stack trace.
564.  
565. Arguments:
566. Arg1: 0000000000000099, A PTE or PFN is corrupt
567. Arg2: 00000000001fbb51, page frame number
568. Arg3: 0000000000000000, current page state
569. Arg4: 0000000000000000, 0
570.  
571. Debugging Details:
572. DUMP_CLASS: 1
573. DUMP_QUALIFIER: 400
574. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
575. SYSTEM_MANUFACTURER: ASUS
576. SYSTEM_PRODUCT_NAME: All Series
577. SYSTEM_SKU: All
578. SYSTEM_VERSION: System Version
579. BIOS_VENDOR: American Megatrends Inc.
580. BIOS_VERSION: 2201
581. BIOS_DATE: 06/25/2015
582. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
583. BASEBOARD_PRODUCT: B85M-G R2.0
584. BASEBOARD_VERSION: Rev X.0x
585. DUMP_TYPE: 2
586. BUGCHECK_STR: 0x4E_99
587. CPU_COUNT: 4
588. CPU_MHZ: c80
589. CPU_VENDOR: GenuineIntel
590. CPU_FAMILY: 6
591. CPU_MODEL: 3c
592. CPU_STEPPING: 3
593. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
594. CUSTOMER_CRASH_COUNT: 1
595. DEFAULT_BUCKET_ID: CODE_CORRUPTION
596.  
597. PROCESS_NAME: chrome.exe
598.  
599. CURRENT_IRQL: 2
600. ANALYSIS_SESSION_HOST: USERNAME-PC
601. ANALYSIS_SESSION_TIME: 07-17-2017 17:12:28.0860
602. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
603. LAST_CONTROL_TRANSFER: from fffff80187ba2960 to fffff80187b7e4c0
604. STACK_TEXT:
605. ffffce80`91e91fe8 fffff801`87ba2960 : 00000000`0000004e 00000000`00000099 00000000`001fbb51 00000000`00000000 : nt!KeBugCheckEx
606. ffffce80`91e91ff0 fffff801`87a61dae : 00000000`00000000 ffffce80`91e920d0 ffffccd3`0000001f ffffb70a`ded10811 : nt!MiDecrementShareCount+0x145090
607. ffffce80`91e92030 fffff801`87e9c1b1 : ffffb70a`da055080 ffffb70a`ddb3dc18 00000000`00b00000 00000000`00000000 : nt!MmUnmapViewInSystemCache+0x6ee
608. ffffce80`91e92320 fffff801`87a63026 : 00000000`00b00000 ffffb70a`ca1f1f10 00000000`01280000 00000000`00000001 : nt!CcUnmapVacb+0x9d
609. ffffce80`91e92360 fffff801`87a56ce0 : 00000000`00000001 00000000`00400000 00000000`00000001 00000000`00040000 : nt!CcUnmapVacbArray+0x156
610. ffffce80`91e923d0 fffff801`87e9b3b9 : 00000000`00000000 00000000`00000000 ffffce80`91e92500 ffffce80`91e92510 : nt!CcGetVirtualAddress+0x2f0
611. ffffce80`91e92460 fffff801`87a563cb : 00000000`00000000 00000000`00c00000 00000000`00000e00 fffff804`0c88ad01 : nt!CcMapAndCopyFromCache+0x79
612. ffffce80`91e92500 fffff804`0c94d135 : ffffce80`91e92610 ffffce80`00000000 ffffb70a`00001000 ffffe202`e5d0d150 : nt!CcCopyReadEx+0x12b
613. ffffce80`91e92590 fffff804`0bf85e3e : 00000000`00000190 00000000`00000000 ffffb70a`cb936950 0000021d`388f2d10 : NTFS!NtfsCopyReadA+0x235
614. ffffce80`91e92830 fffff804`0bf8331d : ffffce80`91e92920 ffffb70a`cb936900 ffffb70a`ca99cb78 ffffb70a`ca99ca80 : FLTMGR!FltpPerformFastIoCall+0x13e
615. ffffce80`91e92890 fffff804`0bfb5da9 : 00000000`00000001 00000000`00000001 00000000`00000000 00000000`00000006 : FLTMGR!FltpPassThroughFastIo+0xbd
616. ffffce80`91e928f0 fffff801`87ea71fd : ffffb70a`cb936950 00000000`00000001 00000000`00000000 ffffb70a`cb936950 : FLTMGR!FltpFastIoRead+0x159
617. ffffce80`91e92990 fffff801`87b89413 : ffffcce6`40874ec8 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x43d
618. ffffce80`91e92a90 00007ffa`f2055464 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
619. 000000ab`877fe578 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`f2055464
620. STACK_COMMAND: kb
621. CHKIMG_EXTENSION: !chkimg -lo 50 -db !nt
622. 2 errors : !nt (fffff80187ba2979-fffff80187ba29b1)
623. fffff80187ba2970 24 70 49 b9 00 00 00 00 80 *cc ff ff e9 c3 b0 eb $pI.............
624. fffff80187ba29b0 80 *cc ff ff e9 ab b0 eb ff cc 4c 8b c3 48 89 44 ..........L..H.D
625. MODULE_NAME: memory_corruption
626.  
627. IMAGE_NAME: memory_corruption
628.  
629. FOLLOWUP_NAME: memory_corruption
630. DEBUG_FLR_IMAGE_TIMESTAMP: 0
631. MEMORY_CORRUPTOR: STRIDE
632. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_STRIDE
633. BUCKET_ID: MEMORY_CORRUPTION_STRIDE
634. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_STRIDE
635. TARGET_TIME: 2017-07-17T17:29:48.000Z
636. OSBUILD: 15063
637. OSSERVICEPACK: 483
638. SERVICEPACK_NUMBER: 0
639. OS_REVISION: 0
640. SUITE_MASK: 272
641. PRODUCT_TYPE: 1
642. OSPLATFORM_TYPE: x64
643. OSNAME: Windows 10
644. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
645. USER_LCID: 0
646. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
647. BUILDDATESTAMP_STR: 160101.0800
648. BUILDLAB_STR: WinBuild
649. BUILDOSVER_STR: 10.0.15063.483
650. ANALYSIS_SESSION_ELAPSED_TIME: 1a86
651. ANALYSIS_SOURCE: KM
652. FAILURE_ID_HASH_STRING: km:memory_corruption_stride
653. FAILURE_ID_HASH: {574dbc1b-92cb-fb09-cb7a-cacc1bb2c511}
654. Followup: memory_corruption
655. 1: kd> q
656. quit:
657.  
658. ========================================================================
659. =================== Dump File: 071617-33296-01.dmp ===================
660. ========================================================================
661. Mini Kernel Dump File: Only registers and stack trace are available
662. Windows 10 Kernel Version 15063 MP (4 procs) Free x64
663. Product: WinNt, suite: TerminalServer SingleUserTS
664. Built by: 15063.0.amd64fre.rs2_release.170317-1834
665. Kernel base = 0xfffff803`3cc1b000 PsLoadedModuleList = 0xfffff803`3cf675e0
666. Debug session time: Sun Jul 16 22:52:06.408 2017 (UTC - 4:00)
667. System Uptime: 0 days 3:47:19.054
668.  
669. BugCheck 1A, {41201, ffff83bffb6c7b68, 1fc90d025, ffffad0a53e7b540}
670. Probably caused by : memory_corruption
671. Followup: memory_corruption
672. 1: kd> !analyze -v
673.  
674. MEMORY_MANAGEMENT (1a)
675. # Any other values for parameter 1 must be individually examined.
676.  
677. Arguments:
678. Arg1: 0000000000041201, The subtype of the bugcheck.
679. Arg2: ffff83bffb6c7b68
680. Arg3: 00000001fc90d025
681. Arg4: ffffad0a53e7b540
682.  
683. Debugging Details:
684. DUMP_CLASS: 1
685. DUMP_QUALIFIER: 400
686. BUILD_VERSION_STRING: 10.0.15063.483 (WinBuild.160101.0800)
687. SYSTEM_MANUFACTURER: ASUS
688. SYSTEM_PRODUCT_NAME: All Series
689. SYSTEM_SKU: All
690. SYSTEM_VERSION: System Version
691. BIOS_VENDOR: American Megatrends Inc.
692. BIOS_VERSION: 2201
693. BIOS_DATE: 06/25/2015
694. BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
695. BASEBOARD_PRODUCT: B85M-G R2.0
696. BASEBOARD_VERSION: Rev X.0x
697. DUMP_TYPE: 2
698. BUGCHECK_STR: 0x1a_41201
699. CPU_COUNT: 4
700. CPU_MHZ: c80
701. CPU_VENDOR: GenuineIntel
702. CPU_FAMILY: 6
703. CPU_MODEL: 3c
704. CPU_STEPPING: 3
705. CPU_MICROCODE: 6,3c,3,0 (F,M,S,R) SIG: 1E'00000000 (cache) 1E'00000000 (init)
706. CUSTOMER_CRASH_COUNT: 1
707. DEFAULT_BUCKET_ID: CODE_CORRUPTION
708.  
709. PROCESS_NAME: SppExtComObj.Exe
710.  
711. CURRENT_IRQL: 2
712. ANALYSIS_SESSION_HOST: USERNAME-PC
713. ANALYSIS_SESSION_TIME: 07-17-2017 17:08:05.0455
714. ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
715. LAST_CONTROL_TRANSFER: from fffff8033cdbb64f to fffff8033cd874c0
716. STACK_TEXT:
717. ffffdb00`29a64b68 fffff803`3cdbb64f : 00000000`0000001a 00000000`00041201 ffff83bf`fb6c7b68 00000001`fc90d025 : nt!KeBugCheckEx
718. ffffdb00`29a64b70 fffff803`3cca2ae3 : ffff83bf`fb6c7b68 00000000`00001000 00000001`fc90d025 fffff803`3ccdad73 : nt!MiGetPageProtection+0x1183bf
719. ffffdb00`29a64bc0 fffff803`3cca263e : 00000000`00000000 ffffdb00`29a65000 00000000`00000000 ffffad0a`55738a00 : nt!MiQueryAddressState+0x2b3
720. ffffdb00`29a64c50 fffff803`3d0a801f : 00000000`00000003 00000000`00000001 00000000`00000003 00007ff6`d8f6d000 : nt!MiQueryAddressSpan+0x12e
721. ffffdb00`29a64d00 fffff803`3d0a78c1 : 0000007f`0000000d 00000027`0000003f 00000053`0000000a 00000094`00000063 : nt!MmQueryVirtualMemory+0x74f
722. ffffdb00`29a64e60 fffff803`3cd92413 : 00000000`00000000 00000000`00000008 00000000`0fffffff 00000000`00000001 : nt!NtQueryVirtualMemory+0x25
723. ffffdb00`29a64eb0 fffff803`3cd8a6a0 : fffff803`3d0e2ecb ffff5883`831d5986 00000030`00000005 00000000`0fffffff : nt!KiSystemServiceCopyEnd+0x13
724. ffffdb00`29a650b8 fffff803`3d0e2ecb : ffff5883`831d5986 00000030`00000005 00000000`0fffffff 00000000`00000030 : nt!KiServiceLinkage
725. ffffdb00`29a650c0 fffff803`3d0e4e84 : ffff9780`91720954 00007ff6`d8f467d0 00000000`00000000 00000000`00000030 : nt!WbCreateHeapExecutedBlock+0x37b
726. ffffdb00`29a65130 fffff803`3d0e5125 : 00000000`000000c3 00000000`00000000 00000000`00000000 0000002f`22f9d7a0 : nt!PspApplyJobLimitsToProcess+0x158
727. ffffdb00`29a651b0 fffff803`3d1556ce : ffffffff`ffffffff ffffdb00`29a65b80 00000000`00000000 ffff9780`00000000 : nt!WbMakeUserDataPagesKernelWritable+0x189
728. ffffdb00`29a651e0 fffff803`3d0e30cf : 00000000`00000001 0000002f`22f9d7a0 00000000`00000000 ffff9780`81f89230 : nt!WbReEncryptEncryptionSegment+0x7a
729. ffffdb00`29a65210 fffff803`3d0c6b9f : ffff9780`92f21c50 00000000`00000000 ffff9780`864f4a40 00000000`00000000 : nt!WbDispatchOperation+0x1bf
730. ffffdb00`29a65280 fffff803`3d0c67fb : 00000000`5d46b711 00007ff6`d8f78a80 00000000`00000000 fedbc51e`e5bf6b35 : nt!ExpQuerySystemInformation+0x27f
731. ffffdb00`29a65ac0 fffff803`3cd92413 : ffffad0a`53f72040 00000000`00000000 00000000`00000000 00007ebf`97807864 : nt!NtQuerySystemInformation+0x2b
732. ffffdb00`29a65b00 00007ffc`363b5a64 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
733. 0000002f`22f9d778 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`363b5a64
734. STACK_COMMAND: kb
735. CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
736. fffff8033ce9b383-fffff8033ce9b385 3 bytes - nt!ExFreePoolWithTag+363
737. [ 40 fb f6:c0 c1 83 ]
738. 3 errors : !nt (fffff8033ce9b383-fffff8033ce9b385)
739. MODULE_NAME: memory_corruption
740.  
741. IMAGE_NAME: memory_corruption
742.  
743. FOLLOWUP_NAME: memory_corruption
744. DEBUG_FLR_IMAGE_TIMESTAMP: 0
745. MEMORY_CORRUPTOR: LARGE
746. FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
747. BUCKET_ID: MEMORY_CORRUPTION_LARGE
748. PRIMARY_PROBLEM_CLASS: MEMORY_CORRUPTION_LARGE
749. TARGET_TIME: 2017-07-17T02:52:06.000Z
750. OSBUILD: 15063
751. OSSERVICEPACK: 483
752. SERVICEPACK_NUMBER: 0
753. OS_REVISION: 0
754. SUITE_MASK: 272
755. PRODUCT_TYPE: 1
756. OSPLATFORM_TYPE: x64
757. OSNAME: Windows 10
758. OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
759. USER_LCID: 0
760. OSBUILD_TIMESTAMP: 2017-07-07 02:06:35
761. BUILDDATESTAMP_STR: 160101.0800
762. BUILDLAB_STR: WinBuild
763. BUILDOSVER_STR: 10.0.15063.483
764. ANALYSIS_SESSION_ELAPSED_TIME: 1b29
765. ANALYSIS_SOURCE: KM
766. FAILURE_ID_HASH_STRING: km:memory_corruption_large
767. FAILURE_ID_HASH: {e29154ac-69a4-0eb8-172a-a860f73c0a3c}
768. Followup: memory_corruption
769. 1: kd> lmv
770. start end module name
771. fffff2a5`29800000 fffff2a5`29b93000 win32kfull (deferred)
772. Mapped memory image file: C:\ProgramData\dbg\sym\win32kfull.sys\41105314393000\win32kfull.sys
773. Image path: \SystemRoot\System32\win32kfull.sys
774. Image name: win32kfull.sys
775. Timestamp: Tue Aug 3 23:08:04 2004 (41105314)
776. CheckSum: 003844BB
777. ImageSize: 00393000
778. File version: 10.0.15063.478
779. Product version: 10.0.15063.478
780. File flags: 0 (Mask 3F)
781. File OS: 40004 NT Win32
782. File type: 3.7 Driver
783. File date: 00000000.00000000
784. Translations: 0409.04b0
785. CompanyName: Microsoft Corporation
786. ProductName: Microsoft® Windows® Operating System
787. InternalName: win32kfull.sys
788. OriginalFilename: win32kfull.sys
789. ProductVersion: 10.0.15063.478
790. FileVersion: 10.0.15063.478 (WinBuild.160101.0800)
791. FileDescription: Full/Desktop Win32k Kernel Driver
792. LegalCopyright: © Microsoft Corporation. All rights reserved.
793. fffff2a5`29ba0000 fffff2a5`29da6000 win32kbase (deferred)
794. Mapped memory image file: C:\ProgramData\dbg\sym\win32kbase.sys\2CDDD6B0206000\win32kbase.sys
795. Image path: \SystemRoot\System32\win32kbase.sys
796. Image name: win32kbase.sys
797. Timestamp: Mon Nov 8 00:18:40 1993 (2CDDD6B0)
798. CheckSum: 001F783B
799. ImageSize: 00206000
800. File version: 10.0.15063.477
801. Product version: 10.0.15063.477
802. File flags: 0 (Mask 3F)
803. File OS: 40004 NT Win32
804. File type: 3.7 Driver
805. File date: 00000000.00000000
806. Translations: 0409.04b0
807. CompanyName: Microsoft Corporation
808. ProductName: Microsoft® Windows® Operating System
809. InternalName: win32kbase.sys
810. OriginalFilename: win32kbase.sys
811. ProductVersion: 10.0.15063.477
812. FileVersion: 10.0.15063.477 (WinBuild.160101.0800)
813. FileDescription: Base Win32k Kernel Driver
814. LegalCopyright: © Microsoft Corporation. All rights reserved.
815. fffff2a5`29dc0000 fffff2a5`29dca000 TSDDD (deferred)
816. Mapped memory image file: C:\ProgramData\dbg\sym\TSDDD.dll\F622DB7Ea000\TSDDD.dll
817. Image path: \SystemRoot\System32\TSDDD.dll
818. Image name: TSDDD.dll
819. Timestamp: ***** Invalid (F622DB7E)
820. CheckSum: 000074F8
821. ImageSize: 0000A000
822. File version: 10.0.15004.1000
823. Product version: 10.0.15004.1000
824. File flags: 0 (Mask 3F)
825. File OS: 40004 NT Win32
826. File type: 3.4 Driver
827. File date: 00000000.00000000
828. Translations: 0000.04b0
829. CompanyName: Microsoft Corporation
830. ProductName: Microsoft® Windows® Operating System
831. InternalName: framebuf.dll
832. OriginalFilename: framebuf.dll
833. ProductVersion: 10.0.15004.1000
834. FileVersion: 10.0.15004.1000 (WinBuild.160101.0800)
835. FileDescription: Framebuffer Display Driver
836. LegalCopyright: © Microsoft Corporation. All rights reserved.
837. fffff2a5`29dd0000 fffff2a5`29e11000 cdd (deferred)
838. Image path: \SystemRoot\System32\cdd.dll
839. Image name: cdd.dll
840. Timestamp: unavailable (00000000)
841. CheckSum: 00000000
842. ImageSize: 00041000
843. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
844. fffff2a5`2a330000 fffff2a5`2a3a4000 win32k # (pdb symbols) C:\ProgramData\dbg\sym\win32k.pdb\99C346F25FA5B47CA32FBFB1F94AE5911\win32k.pdb
845. Loaded symbol image file: win32k.sys
846. Mapped memory image file: C:\ProgramData\dbg\sym\win32k.sys\46FD924F74000\win32k.sys
847. Image path: \SystemRoot\System32\win32k.sys
848. Image name: win32k.sys
849. Timestamp: Fri Sep 28 19:46:23 2007 (46FD924F)
850. CheckSum: 0007C4FE
851. ImageSize: 00074000
852. File version: 10.0.15052.0
853. Product version: 10.0.15052.0
854. File flags: 0 (Mask 3F)
855. File OS: 40004 NT Win32
856. File type: 3.7 Driver
857. File date: 00000000.00000000
858. Translations: 0409.04b0
859. CompanyName: Microsoft Corporation
860. ProductName: Microsoft® Windows® Operating System
861. InternalName: win32k.sys
862. OriginalFilename: win32k.sys
863. ProductVersion: 10.0.15052.0
864. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
865. FileDescription: Full/Desktop Multi-User Win32 Driver
866. LegalCopyright: © Microsoft Corporation. All rights reserved.
867. fffff803`3ba00000 fffff803`3ba0f000 serenum (deferred)
868. Mapped memory image file: C:\ProgramData\dbg\sym\serenum.sys\EB7AAB2Ef000\serenum.sys
869. Image path: \SystemRoot\System32\drivers\serenum.sys
870. Image name: serenum.sys
871. Timestamp: ***** Invalid (EB7AAB2E)
872. CheckSum: 000129C5
873. ImageSize: 0000F000
874. File version: 10.0.15046.0
875. Product version: 10.0.15046.0
876. File flags: 0 (Mask 3F)
877. File OS: 40004 NT Win32
878. File type: 2.0 Dll
879. File date: 00000000.00000000
880. Translations: 0409.04b0
881. CompanyName: Microsoft Corporation
882. ProductName: Microsoft® Windows® Operating System
883. InternalName: serenum.sys
884. OriginalFilename: serenum.sys
885. ProductVersion: 10.0.15046.0
886. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
887. FileDescription: Serial Port Enumerator
888. LegalCopyright: © Microsoft Corporation. All rights reserved.
889. fffff803`3ba10000 fffff803`3ba21000 monitor (deferred)
890. Mapped memory image file: C:\ProgramData\dbg\sym\monitor.sys\546AA4AB11000\monitor.sys
891. Image path: \SystemRoot\System32\drivers\monitor.sys
892. Image name: monitor.sys
893. Timestamp: Mon Nov 17 20:45:15 2014 (546AA4AB)
894. CheckSum: 0000E236
895. ImageSize: 00011000
896. File version: 10.0.15058.0
897. Product version: 10.0.15058.0
898. File flags: 0 (Mask 3F)
899. File OS: 40004 NT Win32
900. File type: 3.7 Driver
901. File date: 00000000.00000000
902. Translations: 0409.04b0
903. CompanyName: Microsoft Corporation
904. ProductName: Microsoft® Windows® Operating System
905. InternalName: monitor.sys
906. OriginalFilename: monitor.sys
907. ProductVersion: 10.0.15058.0
908. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
909. FileDescription: Monitor Driver
910. LegalCopyright: © Microsoft Corporation. All rights reserved.
911. fffff803`3ba30000 fffff803`3ba4e000 WudfPf (deferred)
912. Mapped memory image file: C:\ProgramData\dbg\sym\WudfPf.sys\1EF783571e000\WudfPf.sys
913. Image path: \SystemRoot\system32\drivers\WudfPf.sys
914. Image name: WudfPf.sys
915. Timestamp: Wed Jun 18 23:58:15 1986 (1EF78357)
916. CheckSum: 0001EDC7
917. ImageSize: 0001E000
918. File version: 10.0.15046.0
919. Product version: 10.0.15046.0
920. File flags: 0 (Mask 3F)
921. File OS: 40004 NT Win32
922. File type: 3.7 Driver
923. File date: 00000000.00000000
924. Translations: 0000.04b0
925. CompanyName: Microsoft Corporation
926. ProductName: Microsoft® Windows® Operating System
927. InternalName: WUDFPf.sys
928. OriginalFilename: WUDFPf.sys
929. ProductVersion: 10.0.15046.0
930. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
931. FileDescription: Windows Driver Foundation - User-mode Driver Framework Platform Driver
932. LegalCopyright: © Microsoft Corporation. All rights reserved.
933. fffff803`3ba50000 fffff803`3ba88000 intelppm (deferred)
934. Mapped memory image file: C:\ProgramData\dbg\sym\intelppm.sys\CDD5C2DE38000\intelppm.sys
935. Image path: \SystemRoot\System32\drivers\intelppm.sys
936. Image name: intelppm.sys
937. Timestamp: ***** Invalid (CDD5C2DE)
938. CheckSum: 0003AB14
939. ImageSize: 00038000
940. File version: 10.0.15058.0
941. Product version: 10.0.15058.0
942. File flags: 0 (Mask 3F)
943. File OS: 40004 NT Win32
944. File type: 3.7 Driver
945. File date: 00000000.00000000
946. Translations: 0409.04b0
947. CompanyName: Microsoft Corporation
948. ProductName: Microsoft® Windows® Operating System
949. InternalName: intelppm.sys
950. OriginalFilename: intelppm.sys
951. ProductVersion: 10.0.15058.0
952. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
953. FileDescription: Processor Device Driver
954. LegalCopyright: © Microsoft Corporation. All rights reserved.
955. fffff803`3ba90000 fffff803`3ba9c000 wmiacpi (deferred)
956. Mapped memory image file: C:\ProgramData\dbg\sym\wmiacpi.sys\15BDC190c000\wmiacpi.sys
957. Image path: \SystemRoot\System32\drivers\wmiacpi.sys
958. Image name: wmiacpi.sys
959. Timestamp: Thu Jul 23 13:29:52 1981 (15BDC190)
960. CheckSum: 00012E7A
961. ImageSize: 0000C000
962. File version: 10.0.15046.0
963. Product version: 10.0.15046.0
964. File flags: 0 (Mask 3F)
965. File OS: 40004 NT Win32
966. File type: 3.7 Driver
967. File date: 00000000.00000000
968. Translations: 0409.04b0
969. CompanyName: Microsoft Corporation
970. ProductName: Microsoft® Windows® Operating System
971. InternalName: wmiacpi.sys
972. OriginalFilename: wmiacpi.sys
973. ProductVersion: 10.0.15046.0
974. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
975. FileDescription: Windows Management Interface for ACPI
976. LegalCopyright: © Microsoft Corporation. All rights reserved.
977. fffff803`3baa0000 fffff803`3baad000 NdisVirtualBus (deferred)
978. Mapped memory image file: C:\ProgramData\dbg\sym\NdisVirtualBus.sys\B2B82E4Cd000\NdisVirtualBus.sys
979. Image path: \SystemRoot\System32\drivers\NdisVirtualBus.sys
980. Image name: NdisVirtualBus.sys
981. Timestamp: ***** Invalid (B2B82E4C)
982. CheckSum: 0000767E
983. ImageSize: 0000D000
984. File version: 10.0.15046.0
985. Product version: 10.0.15046.0
986. File flags: 0 (Mask 3F)
987. File OS: 40004 NT Win32
988. File type: 3.6 Driver
989. File date: 00000000.00000000
990. Translations: 0409.04b0
991. CompanyName: Microsoft Corporation
992. ProductName: Microsoft® Windows® Operating System
993. InternalName: NdisVirtualBus.sys
994. OriginalFilename: NdisVirtualBus.sys
995. ProductVersion: 10.0.15046.0
996. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
997. FileDescription: Microsoft Virtual Network Adapter Enumerator
998. LegalCopyright: © Microsoft Corporation. All rights reserved.
999. fffff803`3bab0000 fffff803`3babc000 swenum (deferred)
1000. Mapped memory image file: C:\ProgramData\dbg\sym\swenum.sys\B9D78944c000\swenum.sys
1001. Image path: \SystemRoot\System32\drivers\swenum.sys
1002. Image name: swenum.sys
1003. Timestamp: ***** Invalid (B9D78944)
1004. CheckSum: 00010256
1005. ImageSize: 0000C000
1006. File version: 10.0.15004.1000
1007. Product version: 10.0.15004.1000
1008. File flags: 0 (Mask 3F)
1009. File OS: 40004 NT Win32
1010. File type: 3.0 Driver
1011. File date: 00000000.00000000
1012. Translations: 0000.04b0
1013. CompanyName: Microsoft Corporation
1014. ProductName: Microsoft® Windows® Operating System
1015. InternalName: swenum.sys
1016. OriginalFilename: swenum.sys
1017. ProductVersion: 10.0.15004.1000
1018. FileVersion: 10.0.15004.1000 (WinBuild.160101.0800)
1019. FileDescription: Plug and Play Software Device Enumerator
1020. LegalCopyright: © Microsoft Corporation. All rights reserved.
1021. fffff803`3bac0000 fffff803`3bacd000 rdpbus (deferred)
1022. Mapped memory image file: C:\ProgramData\dbg\sym\rdpbus.sys\401D6CEAd000\rdpbus.sys
1023. Image path: \SystemRoot\System32\drivers\rdpbus.sys
1024. Image name: rdpbus.sys
1025. Timestamp: Sun Feb 1 16:17:30 2004 (401D6CEA)
1026. CheckSum: 0000F0A9
1027. ImageSize: 0000D000
1028. File version: 10.0.15046.0
1029. Product version: 10.0.15046.0
1030. File flags: 0 (Mask 3F)
1031. File OS: 40004 NT Win32
1032. File type: 3.0 Driver
1033. File date: 00000000.00000000
1034. Translations: 0409.04b0
1035. CompanyName: Microsoft Corporation
1036. ProductName: Microsoft® Windows® Operating System
1037. InternalName: RDPBUS.SYS
1038. OriginalFilename: RDPBUS.SYS
1039. ProductVersion: 10.0.15046.0
1040. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1041. FileDescription: Microsoft RDP Bus Device driver
1042. LegalCopyright: © Microsoft Corporation. All rights reserved.
1043. fffff803`3bad0000 fffff803`3bb52000 usbhub (deferred)
1044. Mapped memory image file: C:\ProgramData\dbg\sym\usbhub.sys\12EAB7AA82000\usbhub.sys
1045. Image path: \SystemRoot\System32\drivers\usbhub.sys
1046. Image name: usbhub.sys
1047. Timestamp: Tue Jan 22 01:58:50 1980 (12EAB7AA)
1048. CheckSum: 0007D922
1049. ImageSize: 00082000
1050. File version: 10.0.15058.0
1051. Product version: 10.0.15058.0
1052. File flags: 0 (Mask 3F)
1053. File OS: 40004 NT Win32
1054. File type: 2.0 Dll
1055. File date: 00000000.00000000
1056. Translations: 0409.04b0
1057. CompanyName: Microsoft Corporation
1058. ProductName: Microsoft® Windows® Operating System
1059. InternalName: usbhub.sys
1060. OriginalFilename: usbhub.sys
1061. ProductVersion: 10.0.15058.0
1062. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1063. FileDescription: Default Hub Driver for USB
1064. LegalCopyright: © Microsoft Corporation. All rights reserved.
1065. fffff803`3bb60000 fffff803`3bb6e000 USBD (deferred)
1066. Mapped memory image file: C:\ProgramData\dbg\sym\USBD.SYS\02B9A964e000\USBD.SYS
1067. Image path: \SystemRoot\System32\drivers\USBD.SYS
1068. Image name: USBD.SYS
1069. Timestamp: Mon Jun 14 00:32:36 1971 (02B9A964)
1070. CheckSum: 00013619
1071. ImageSize: 0000E000
1072. File version: 10.0.15052.0
1073. Product version: 10.0.15052.0
1074. File flags: 0 (Mask 3F)
1075. File OS: 40004 NT Win32
1076. File type: 2.0 Dll
1077. File date: 00000000.00000000
1078. Translations: 0000.04b0
1079. CompanyName: Microsoft Corporation
1080. ProductName: Microsoft® Windows® Operating System
1081. InternalName: usbd.sys
1082. OriginalFilename: usbd.sys
1083. ProductVersion: 10.0.15052.0
1084. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
1085. FileDescription: Universal Serial Bus Driver
1086. LegalCopyright: © Microsoft Corporation. All rights reserved.
1087. fffff803`3bb70000 fffff803`3bb8e000 AtihdWT6 (deferred)
1088. Image path: \SystemRoot\system32\drivers\AtihdWT6.sys
1089. Image name: AtihdWT6.sys
1090. Timestamp: Sat Mar 25 17:04:05 2017 (58D6DB45)
1091. CheckSum: 00027D44
1092. ImageSize: 0001E000
1093. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1094. fffff803`3bb90000 fffff803`3bb9e000 ksthunk (deferred)
1095. Mapped memory image file: C:\ProgramData\dbg\sym\ksthunk.sys\A98424C7e000\ksthunk.sys
1096. Image path: \SystemRoot\system32\drivers\ksthunk.sys
1097. Image name: ksthunk.sys
1098. Timestamp: ***** Invalid (A98424C7)
1099. CheckSum: 0000EC18
1100. ImageSize: 0000E000
1101. File version: 10.0.15063.312
1102. Product version: 10.0.15063.312
1103. File flags: 0 (Mask 3F)
1104. File OS: 40004 NT Win32
1105. File type: 3.0 Driver
1106. File date: 00000000.00000000
1107. Translations: 0409.04b0
1108. CompanyName: Microsoft Corporation
1109. ProductName: Microsoft® Windows® Operating System
1110. InternalName: ksthunk.sys
1111. OriginalFilename: ksthunk.sys
1112. ProductVersion: 10.0.15063.312
1113. FileVersion: 10.0.15063.312 (WinBuild.160101.0800)
1114. FileDescription: Kernel Streaming WOW Thunk Service
1115. LegalCopyright: © Microsoft Corporation. All rights reserved.
1116. fffff803`3bba0000 fffff803`3bc2c000 UsbHub3 (deferred)
1117. Mapped memory image file: C:\ProgramData\dbg\sym\UsbHub3.sys\20EB40398c000\UsbHub3.sys
1118. Image path: \SystemRoot\System32\drivers\UsbHub3.sys
1119. Image name: UsbHub3.sys
1120. Timestamp: Fri Jul 3 01:25:13 1987 (20EB4039)
1121. CheckSum: 00089ACF
1122. ImageSize: 0008C000
1123. File version: 10.0.15063.470
1124. Product version: 10.0.15063.470
1125. File flags: 0 (Mask 3F)
1126. File OS: 40004 NT Win32
1127. File type: 3.7 Driver
1128. File date: 00000000.00000000
1129. Translations: 0409.04b0
1130. CompanyName: Microsoft Corporation
1131. ProductName: Microsoft® Windows® Operating System
1132. InternalName: usbhub3.sys
1133. OriginalFilename: usbhub3.sys
1134. ProductVersion: 10.0.15063.470
1135. FileVersion: 10.0.15063.470 (WinBuild.160101.0800)
1136. FileDescription: USB3 HUB Driver
1137. LegalCopyright: © Microsoft Corporation. All rights reserved.
1138. fffff803`3bc30000 fffff803`3c1fb000 RTKVHD64 (deferred)
1139. Image path: \SystemRoot\system32\drivers\RTKVHD64.sys
1140. Image name: RTKVHD64.sys
1141. Timestamp: Tue Jul 4 08:21:17 2017 (595B883D)
1142. CheckSum: 005A1D00
1143. ImageSize: 005CB000
1144. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1145. fffff803`3c200000 fffff803`3c212000 HIDPARSE (deferred)
1146. Mapped memory image file: C:\ProgramData\dbg\sym\HIDPARSE.SYS\CCA5718512000\HIDPARSE.SYS
1147. Image path: \SystemRoot\System32\drivers\HIDPARSE.SYS
1148. Image name: HIDPARSE.SYS
1149. Timestamp: ***** Invalid (CCA57185)
1150. CheckSum: 0001506A
1151. ImageSize: 00012000
1152. File version: 10.0.15046.0
1153. Product version: 10.0.15046.0
1154. File flags: 0 (Mask 3F)
1155. File OS: 40004 NT Win32
1156. File type: 2.0 Dll
1157. File date: 00000000.00000000
1158. Translations: 0409.04b0
1159. CompanyName: Microsoft Corporation
1160. ProductName: Microsoft® Windows® Operating System
1161. InternalName: hidparse.sys
1162. OriginalFilename: hidparse.sys
1163. ProductVersion: 10.0.15046.0
1164. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1165. FileDescription: Hid Parsing Library
1166. LegalCopyright: © Microsoft Corporation. All rights reserved.
1167. fffff803`3c370000 fffff803`3c38d000 dump_dumpfve (deferred)
1168. Mapped memory image file: C:\ProgramData\dbg\sym\dumpfve.sys\B65817D61d000\dumpfve.sys
1169. Image path: \SystemRoot\System32\Drivers\dump_dumpfve.sys
1170. Image name: dump_dumpfve.sys
1171. Timestamp: ***** Invalid (B65817D6)
1172. CheckSum: 0001EA4A
1173. ImageSize: 0001D000
1174. File version: 10.0.15046.0
1175. Product version: 10.0.15046.0
1176. File flags: 0 (Mask 3F)
1177. File OS: 40004 NT Win32
1178. File type: 3.7 Driver
1179. File date: 00000000.00000000
1180. Translations: 0000.04b0
1181. CompanyName: Microsoft Corporation
1182. ProductName: Microsoft® Windows® Operating System
1183. InternalName: dumpfve.sys
1184. OriginalFilename: dumpfve.sys
1185. ProductVersion: 10.0.15046.0
1186. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1187. FileDescription: Bitlocker Drive Encryption Crashdump Filter
1188. LegalCopyright: © Microsoft Corporation. All rights reserved.
1189. fffff803`3c390000 fffff803`3c3c1000 usbccgp (deferred)
1190. Mapped memory image file: C:\ProgramData\dbg\sym\usbccgp.sys\5B5307EA31000\usbccgp.sys
1191. Image path: \SystemRoot\System32\drivers\usbccgp.sys
1192. Image name: usbccgp.sys
1193. Timestamp: Sat Jul 21 06:16:10 2018 (5B5307EA)
1194. CheckSum: 0002DC32
1195. ImageSize: 00031000
1196. File version: 10.0.15046.0
1197. Product version: 10.0.15046.0
1198. File flags: 0 (Mask 3F)
1199. File OS: 40004 NT Win32
1200. File type: 2.0 Dll
1201. File date: 00000000.00000000
1202. Translations: 0409.04b0
1203. CompanyName: Microsoft Corporation
1204. ProductName: Microsoft® Windows® Operating System
1205. InternalName: USBCCGP.SYS
1206. OriginalFilename: USBCCGP.SYS
1207. ProductVersion: 10.0.15046.0
1208. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1209. FileDescription: USB Common Class Generic Parent Driver
1210. LegalCopyright: © Microsoft Corporation. All rights reserved.
1211. fffff803`3c3d0000 fffff803`3c3e2000 hidusb (deferred)
1212. Mapped memory image file: C:\ProgramData\dbg\sym\hidusb.sys\572851EF12000\hidusb.sys
1213. Image path: \SystemRoot\System32\drivers\hidusb.sys
1214. Image name: hidusb.sys
1215. Timestamp: Tue May 3 03:23:27 2016 (572851EF)
1216. CheckSum: 00016E3E
1217. ImageSize: 00012000
1218. File version: 10.0.15046.0
1219. Product version: 10.0.15046.0
1220. File flags: 0 (Mask 3F)
1221. File OS: 40004 NT Win32
1222. File type: 2.0 Dll
1223. File date: 00000000.00000000
1224. Translations: 0409.04b0
1225. CompanyName: Microsoft Corporation
1226. ProductName: Microsoft® Windows® Operating System
1227. InternalName: HIDUSB.SYS
1228. OriginalFilename: HIDUSB.SYS
1229. ProductVersion: 10.0.15046.0
1230. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1231. FileDescription: USB Miniport Driver for Input Devices
1232. LegalCopyright: © Microsoft Corporation. All rights reserved.
1233. fffff803`3c3f0000 fffff803`3c423000 HIDCLASS (deferred)
1234. Mapped memory image file: C:\ProgramData\dbg\sym\HIDCLASS.SYS\28A8EF3D33000\HIDCLASS.SYS
1235. Image path: \SystemRoot\System32\drivers\HIDCLASS.SYS
1236. Image name: HIDCLASS.SYS
1237. Timestamp: Wed Aug 14 04:52:13 1991 (28A8EF3D)
1238. CheckSum: 000367E8
1239. ImageSize: 00033000
1240. File version: 10.0.15058.0
1241. Product version: 10.0.15058.0
1242. File flags: 0 (Mask 3F)
1243. File OS: 40004 NT Win32
1244. File type: 2.0 Dll
1245. File date: 00000000.00000000
1246. Translations: 0409.04b0
1247. CompanyName: Microsoft Corporation
1248. ProductName: Microsoft® Windows® Operating System
1249. InternalName: hidclass.sys
1250. OriginalFilename: hidclass.sys
1251. ProductVersion: 10.0.15058.0
1252. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1253. FileDescription: Hid Class Library
1254. LegalCopyright: © Microsoft Corporation. All rights reserved.
1255. fffff803`3c440000 fffff803`3c44f000 dump_diskdump (deferred)
1256. Mapped memory image file: C:\ProgramData\dbg\sym\diskdump.sys\521DF4ECf000\diskdump.sys
1257. Image path: \SystemRoot\System32\Drivers\dump_diskdump.sys
1258. Image name: dump_diskdump.sys
1259. Timestamp: Wed Aug 28 09:02:36 2013 (521DF4EC)
1260. CheckSum: 00015D88
1261. ImageSize: 0000F000
1262. File version: 10.0.15046.0
1263. Product version: 10.0.15046.0
1264. File flags: 0 (Mask 3F)
1265. File OS: 40004 NT Win32
1266. File type: 3.7 Driver
1267. File date: 00000000.00000000
1268. Translations: 0409.04b0
1269. CompanyName: Microsoft Corporation
1270. ProductName: Microsoft® Windows® Operating System
1271. InternalName: diskdump.sys
1272. OriginalFilename: diskdump.sys
1273. ProductVersion: 10.0.15046.0
1274. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1275. FileDescription: Crash Dump Disk Driver
1276. LegalCopyright: © Microsoft Corporation. All rights reserved.
1277. fffff803`3c450000 fffff803`3c460000 kbdhid (deferred)
1278. Mapped memory image file: C:\ProgramData\dbg\sym\kbdhid.sys\6264CDC410000\kbdhid.sys
1279. Image path: \SystemRoot\System32\drivers\kbdhid.sys
1280. Image name: kbdhid.sys
1281. Timestamp: Sun Apr 24 00:10:44 2022 (6264CDC4)
1282. CheckSum: 00010564
1283. ImageSize: 00010000
1284. File version: 10.0.15052.0
1285. Product version: 10.0.15052.0
1286. File flags: 0 (Mask 3F)
1287. File OS: 40004 NT Win32
1288. File type: 2.0 Dll
1289. File date: 00000000.00000000
1290. Translations: 0409.04b0
1291. CompanyName: Microsoft Corporation
1292. ProductName: Microsoft® Windows® Operating System
1293. InternalName: kbdhid.sys
1294. OriginalFilename: kbdhid.sys
1295. ProductVersion: 10.0.15052.0
1296. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
1297. FileDescription: HID Keyboard Filter Driver
1298. LegalCopyright: © Microsoft Corporation. All rights reserved.
1299. fffff803`3c460000 fffff803`3c473000 kbdclass (deferred)
1300. Mapped memory image file: C:\ProgramData\dbg\sym\kbdclass.sys\D67B605D13000\kbdclass.sys
1301. Image path: \SystemRoot\System32\drivers\kbdclass.sys
1302. Image name: kbdclass.sys
1303. Timestamp: ***** Invalid (D67B605D)
1304. CheckSum: 00019BCB
1305. ImageSize: 00013000
1306. File version: 10.0.15046.0
1307. Product version: 10.0.15046.0
1308. File flags: 0 (Mask 3F)
1309. File OS: 40004 NT Win32
1310. File type: 3.7 Driver
1311. File date: 00000000.00000000
1312. Translations: 0409.04b0
1313. CompanyName: Microsoft Corporation
1314. ProductName: Microsoft® Windows® Operating System
1315. InternalName: kbdclass.sys
1316. OriginalFilename: kbdclass.sys
1317. ProductVersion: 10.0.15046.0
1318. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1319. FileDescription: Keyboard Class Driver
1320. LegalCopyright: © Microsoft Corporation. All rights reserved.
1321. fffff803`3c480000 fffff803`3c48f000 mouhid (deferred)
1322. Mapped memory image file: C:\ProgramData\dbg\sym\mouhid.sys\E277736Ff000\mouhid.sys
1323. Image path: \SystemRoot\System32\drivers\mouhid.sys
1324. Image name: mouhid.sys
1325. Timestamp: ***** Invalid (E277736F)
1326. CheckSum: 000145D4
1327. ImageSize: 0000F000
1328. File version: 10.0.15046.0
1329. Product version: 10.0.15046.0
1330. File flags: 0 (Mask 3F)
1331. File OS: 40004 NT Win32
1332. File type: 2.0 Dll
1333. File date: 00000000.00000000
1334. Translations: 0409.04b0
1335. CompanyName: Microsoft Corporation
1336. ProductName: Microsoft® Windows® Operating System
1337. InternalName: mouhid.sys
1338. OriginalFilename: mouhid.sys
1339. ProductVersion: 10.0.15046.0
1340. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1341. FileDescription: HID Mouse Filter Driver
1342. LegalCopyright: © Microsoft Corporation. All rights reserved.
1343. fffff803`3c490000 fffff803`3c4a3000 mouclass (deferred)
1344. Mapped memory image file: C:\ProgramData\dbg\sym\mouclass.sys\7BC8E3F513000\mouclass.sys
1345. Image path: \SystemRoot\System32\drivers\mouclass.sys
1346. Image name: mouclass.sys
1347. Timestamp: Tue Oct 23 10:38:45 2035 (7BC8E3F5)
1348. CheckSum: 000154AD
1349. ImageSize: 00013000
1350. File version: 10.0.15058.0
1351. Product version: 10.0.15058.0
1352. File flags: 0 (Mask 3F)
1353. File OS: 40004 NT Win32
1354. File type: 3.7 Driver
1355. File date: 00000000.00000000
1356. Translations: 0409.04b0
1357. CompanyName: Microsoft Corporation
1358. ProductName: Microsoft® Windows® Operating System
1359. InternalName: mouclass.sys
1360. OriginalFilename: mouclass.sys
1361. ProductVersion: 10.0.15058.0
1362. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1363. FileDescription: Mouse Class Driver
1364. LegalCopyright: © Microsoft Corporation. All rights reserved.
1365. fffff803`3c4b0000 fffff803`3c5a2000 rt640x64 (deferred)
1366. Image path: \SystemRoot\System32\drivers\rt640x64.sys
1367. Image name: rt640x64.sys
1368. Timestamp: Fri May 26 03:02:29 2017 (5927D305)
1369. CheckSum: 000F7B4F
1370. ImageSize: 000F2000
1371. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1372. fffff803`3c5b0000 fffff803`3c5bb000 ICCWDT (deferred)
1373. Image path: \SystemRoot\System32\drivers\ICCWDT.sys
1374. Image name: ICCWDT.sys
1375. Timestamp: Sun Sep 20 03:59:19 2015 (55FE6757)
1376. CheckSum: 000149FA
1377. ImageSize: 0000B000
1378. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1379. fffff803`3c5c0000 fffff803`3c5de000 parport (deferred)
1380. Mapped memory image file: C:\ProgramData\dbg\sym\parport.sys\A81208301e000\parport.sys
1381. Image path: \SystemRoot\System32\drivers\parport.sys
1382. Image name: parport.sys
1383. Timestamp: ***** Invalid (A8120830)
1384. CheckSum: 000217F8
1385. ImageSize: 0001E000
1386. File version: 10.0.15046.0
1387. Product version: 10.0.15046.0
1388. File flags: 0 (Mask 3F)
1389. File OS: 40004 NT Win32
1390. File type: 3.7 Driver
1391. File date: 00000000.00000000
1392. Translations: 0409.04b0
1393. CompanyName: Microsoft Corporation
1394. ProductName: Microsoft® Windows® Operating System
1395. InternalName: parport.sys
1396. OriginalFilename: parport.sys
1397. ProductVersion: 10.0.15046.0
1398. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1399. FileDescription: Parallel Port Driver
1400. LegalCopyright: © Microsoft Corporation. All rights reserved.
1401. fffff803`3c5e0000 fffff803`3c5fc000 serial (deferred)
1402. Mapped memory image file: C:\ProgramData\dbg\sym\serial.sys\64C1C1E01c000\serial.sys
1403. Image path: \SystemRoot\System32\drivers\serial.sys
1404. Image name: serial.sys
1405. Timestamp: Wed Jul 26 21:01:20 2023 (64C1C1E0)
1406. CheckSum: 0001C398
1407. ImageSize: 0001C000
1408. File version: 10.0.15046.0
1409. Product version: 10.0.15046.0
1410. File flags: 0 (Mask 3F)
1411. File OS: 40004 NT Win32
1412. File type: 3.7 Driver
1413. File date: 00000000.00000000
1414. Translations: 0409.04b0
1415. CompanyName: Microsoft Corporation
1416. ProductName: Microsoft® Windows® Operating System
1417. InternalName: serial.sys
1418. OriginalFilename: serial.sys
1419. ProductVersion: 10.0.15046.0
1420. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1421. FileDescription: Serial Device Driver
1422. LegalCopyright: © Microsoft Corporation. All rights reserved.
1423. fffff803`3cc1b000 fffff803`3d4a4000 nt (pdb symbols) C:\ProgramData\dbg\sym\ntkrnlmp.pdb\DDA812F4AC284269AB8073D8423801A41\ntkrnlmp.pdb
1424. Loaded symbol image file: ntkrnlmp.exe
1425. Mapped memory image file: C:\ProgramData\dbg\sym\ntoskrnl.exe\595F24EB889000\ntoskrnl.exe
1426. Image path: ntkrnlmp.exe
1427. Image name: ntkrnlmp.exe
1428. Timestamp: Fri Jul 7 02:06:35 2017 (595F24EB)
1429. CheckSum: 007FA636
1430. ImageSize: 00889000
1431. File version: 10.0.15063.483
1432. Product version: 10.0.15063.483
1433. File flags: 0 (Mask 3F)
1434. File OS: 40004 NT Win32
1435. File type: 1.0 App
1436. File date: 00000000.00000000
1437. Translations: 0409.04b0
1438. CompanyName: Microsoft Corporation
1439. ProductName: Microsoft® Windows® Operating System
1440. InternalName: ntkrnlmp.exe
1441. OriginalFilename: ntkrnlmp.exe
1442. ProductVersion: 10.0.15063.483
1443. FileVersion: 10.0.15063.483 (WinBuild.160101.0800)
1444. FileDescription: NT Kernel & System
1445. LegalCopyright: © Microsoft Corporation. All rights reserved.
1446. fffff803`3d4a4000 fffff803`3d520000 hal (deferred)
1447. Mapped memory image file: C:\ProgramData\dbg\sym\hal.dll\CEA0A6467c000\hal.dll
1448. Image path: hal.dll
1449. Image name: hal.dll
1450. Timestamp: ***** Invalid (CEA0A646)
1451. CheckSum: 000795FE
1452. ImageSize: 0007C000
1453. File version: 10.0.15058.0
1454. Product version: 10.0.15058.0
1455. File flags: 0 (Mask 3F)
1456. File OS: 40004 NT Win32
1457. File type: 2.0 Dll
1458. File date: 00000000.00000000
1459. Translations: 0409.04b0
1460. CompanyName: Microsoft Corporation
1461. ProductName: Microsoft® Windows® Operating System
1462. InternalName: hal.dll
1463. OriginalFilename: hal.dll
1464. ProductVersion: 10.0.15058.0
1465. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1466. FileDescription: Hardware Abstraction Layer DLL
1467. LegalCopyright: © Microsoft Corporation. All rights reserved.
1468. fffff803`3d600000 fffff803`3d60b000 kd (deferred)
1469. Mapped memory image file: C:\ProgramData\dbg\sym\kd.dll\91688416b000\kd.dll
1470. Image path: \SystemRoot\system32\kd.dll
1471. Image name: kd.dll
1472. Timestamp: ***** Invalid (91688416)
1473. CheckSum: 0000C219
1474. ImageSize: 0000B000
1475. File version: 10.0.15046.0
1476. Product version: 10.0.15046.0
1477. File flags: 0 (Mask 3F)
1478. File OS: 40004 NT Win32
1479. File type: 3.A Driver
1480. File date: 00000000.00000000
1481. Translations: 0409.04b0
1482. CompanyName: Microsoft Corporation
1483. ProductName: Microsoft® Windows® Operating System
1484. InternalName: kd.dll
1485. OriginalFilename: kd.dll
1486. ProductVersion: 10.0.15046.0
1487. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1488. FileDescription: Local Kernel Debugger
1489. LegalCopyright: © Microsoft Corporation. All rights reserved.
1490. fffff803`3fe00000 fffff803`3fe7b000 mrxsmb (deferred)
1491. Mapped memory image file: C:\ProgramData\dbg\sym\mrxsmb.sys\41707DB67b000\mrxsmb.sys
1492. Image path: \SystemRoot\system32\DRIVERS\mrxsmb.sys
1493. Image name: mrxsmb.sys
1494. Timestamp: Fri Oct 15 21:47:34 2004 (41707DB6)
1495. CheckSum: 000761DC
1496. ImageSize: 0007B000
1497. File version: 10.0.15058.0
1498. Product version: 10.0.15058.0
1499. File flags: 0 (Mask 3F)
1500. File OS: 40004 NT Win32
1501. File type: 3.7 Driver
1502. File date: 00000000.00000000
1503. Translations: 0409.04b0
1504. CompanyName: Microsoft Corporation
1505. ProductName: Microsoft® Windows® Operating System
1506. InternalName: MRxSmb.sys
1507. OriginalFilename: MRXSMB.Sys
1508. ProductVersion: 10.0.15058.0
1509. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1510. FileDescription: Windows NT SMB Minirdr
1511. LegalCopyright: © Microsoft Corporation. All rights reserved.
1512. fffff803`3fe80000 fffff803`3febd000 mrxsmb20 (deferred)
1513. Mapped memory image file: C:\ProgramData\dbg\sym\mrxsmb20.sys\4FC9BDCC3d000\mrxsmb20.sys
1514. Image path: \SystemRoot\system32\DRIVERS\mrxsmb20.sys
1515. Image name: mrxsmb20.sys
1516. Timestamp: Sat Jun 2 03:16:28 2012 (4FC9BDCC)
1517. CheckSum: 00041784
1518. ImageSize: 0003D000
1519. File version: 10.0.15063.468
1520. Product version: 10.0.15063.468
1521. File flags: 0 (Mask 3F)
1522. File OS: 40004 NT Win32
1523. File type: 3.7 Driver
1524. File date: 00000000.00000000
1525. Translations: 0409.04b0
1526. CompanyName: Microsoft Corporation
1527. ProductName: Microsoft® Windows® Operating System
1528. InternalName: MRxSmb20.sys
1529. OriginalFilename: MRXSMB20.Sys
1530. ProductVersion: 10.0.15063.468
1531. FileVersion: 10.0.15063.468 (WinBuild.160101.0800)
1532. FileDescription: Longhorn SMB 2.0 Redirector
1533. LegalCopyright: © Microsoft Corporation. All rights reserved.
1534. fffff803`3fec0000 fffff803`3ff06000 srvnet (deferred)
1535. Mapped memory image file: C:\ProgramData\dbg\sym\srvnet.sys\525EB0E046000\srvnet.sys
1536. Image path: \SystemRoot\System32\DRIVERS\srvnet.sys
1537. Image name: srvnet.sys
1538. Timestamp: Wed Oct 16 11:29:36 2013 (525EB0E0)
1539. CheckSum: 0004A0FD
1540. ImageSize: 00046000
1541. File version: 10.0.15058.0
1542. Product version: 10.0.15058.0
1543. File flags: 0 (Mask 3F)
1544. File OS: 40004 NT Win32
1545. File type: 3.6 Driver
1546. File date: 00000000.00000000
1547. Translations: 0409.04b0
1548. CompanyName: Microsoft Corporation
1549. ProductName: Microsoft® Windows® Operating System
1550. InternalName: SRVNET.SYS
1551. OriginalFilename: SRVNET.SYS
1552. ProductVersion: 10.0.15058.0
1553. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1554. FileDescription: Server Network driver
1555. LegalCopyright: © Microsoft Corporation. All rights reserved.
1556. fffff803`3ff10000 fffff803`3ff24000 mmcss (deferred)
1557. Mapped memory image file: C:\ProgramData\dbg\sym\mmcss.sys\95EC281D14000\mmcss.sys
1558. Image path: \SystemRoot\system32\drivers\mmcss.sys
1559. Image name: mmcss.sys
1560. Timestamp: ***** Invalid (95EC281D)
1561. CheckSum: 000165DE
1562. ImageSize: 00014000
1563. File version: 10.0.15058.0
1564. Product version: 10.0.15058.0
1565. File flags: 0 (Mask 3F)
1566. File OS: 40004 NT Win32
1567. File type: 3.7 Driver
1568. File date: 00000000.00000000
1569. Translations: 0409.04b0
1570. CompanyName: Microsoft Corporation
1571. ProductName: Microsoft® Windows® Operating System
1572. InternalName: mmcss.sys
1573. OriginalFilename: mmcss.sys
1574. ProductVersion: 10.0.15058.0
1575. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1576. FileDescription: MMCSS Driver
1577. LegalCopyright: © Microsoft Corporation. All rights reserved.
1578. fffff803`3ff30000 fffff803`3ff7e000 mrxsmb10 (deferred)
1579. Mapped memory image file: C:\ProgramData\dbg\sym\mrxsmb10.sys\D3F9A54C4e000\mrxsmb10.sys
1580. Image path: \SystemRoot\system32\DRIVERS\mrxsmb10.sys
1581. Image name: mrxsmb10.sys
1582. Timestamp: ***** Invalid (D3F9A54C)
1583. CheckSum: 0004CF74
1584. ImageSize: 0004E000
1585. File version: 10.0.15063.468
1586. Product version: 10.0.15063.468
1587. File flags: 0 (Mask 3F)
1588. File OS: 40004 NT Win32
1589. File type: 3.7 Driver
1590. File date: 00000000.00000000
1591. Translations: 0409.04b0
1592. CompanyName: Microsoft Corporation
1593. ProductName: Microsoft® Windows® Operating System
1594. InternalName: MRxSmb0.sys
1595. OriginalFilename: MRXSMB0.Sys
1596. ProductVersion: 10.0.15063.468
1597. FileVersion: 10.0.15063.468 (WinBuild.160101.0800)
1598. FileDescription: Longhorn SMB Downlevel SubRdr
1599. LegalCopyright: © Microsoft Corporation. All rights reserved.
1600. fffff803`3ff80000 fffff803`3ffa6000 Ndu (deferred)
1601. Mapped memory image file: C:\ProgramData\dbg\sym\Ndu.sys\84A4289326000\Ndu.sys
1602. Image path: \SystemRoot\system32\drivers\Ndu.sys
1603. Image name: Ndu.sys
1604. Timestamp: ***** Invalid (84A42893)
1605. CheckSum: 000290F8
1606. ImageSize: 00026000
1607. File version: 10.0.15058.0
1608. Product version: 10.0.15058.0
1609. File flags: 0 (Mask 3F)
1610. File OS: 40004 NT Win32
1611. File type: 3.6 Driver
1612. File date: 00000000.00000000
1613. Translations: 0409.04b0
1614. CompanyName: Microsoft Corporation
1615. ProductName: Microsoft® Windows® Operating System
1616. InternalName: ndu.sys
1617. OriginalFilename: ndu.sys
1618. ProductVersion: 10.0.15058.0
1619. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1620. FileDescription: Windows Network Data Usage Monitoring Driver
1621. LegalCopyright: © Microsoft Corporation. All rights reserved.
1622. fffff803`3ffb0000 fffff803`40076000 peauth (deferred)
1623. Image path: \SystemRoot\system32\drivers\peauth.sys
1624. Image name: peauth.sys
1625. Timestamp: Sat Dec 9 21:03:08 1989 (2581B95C)
1626. CheckSum: 000C12D5
1627. ImageSize: 000C6000
1628. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1629. fffff803`40080000 fffff803`40093000 tcpipreg (deferred)
1630. Mapped memory image file: C:\ProgramData\dbg\sym\tcpipreg.sys\F09C8E9F13000\tcpipreg.sys
1631. Image path: \SystemRoot\System32\drivers\tcpipreg.sys
1632. Image name: tcpipreg.sys
1633. Timestamp: ***** Invalid (F09C8E9F)
1634. CheckSum: 0001B5C9
1635. ImageSize: 00013000
1636. File version: 10.0.15058.0
1637. Product version: 10.0.15058.0
1638. File flags: 0 (Mask 3F)
1639. File OS: 40004 NT Win32
1640. File type: 1.0 App
1641. File date: 00000000.00000000
1642. Translations: 0409.04b0
1643. CompanyName: Microsoft Corporation
1644. ProductName: Microsoft® Windows® Operating System
1645. InternalName: tcpipreg.sys
1646. OriginalFilename: tcpipreg.sys
1647. ProductVersion: 10.0.15058.0
1648. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1649. FileDescription: TCP/IP Registry Compatibility Driver
1650. LegalCopyright: © Microsoft Corporation. All rights reserved.
1651. fffff803`400a0000 fffff803`40158000 srv2 (deferred)
1652. Mapped memory image file: C:\ProgramData\dbg\sym\srv2.sys\61B5FB64b8000\srv2.sys
1653. Image path: \SystemRoot\System32\DRIVERS\srv2.sys
1654. Image name: srv2.sys
1655. Timestamp: Sun Dec 12 08:38:44 2021 (61B5FB64)
1656. CheckSum: 000BB8B8
1657. ImageSize: 000B8000
1658. File version: 10.0.15063.246
1659. Product version: 10.0.15063.246
1660. File flags: 0 (Mask 3F)
1661. File OS: 40004 NT Win32
1662. File type: 3.6 Driver
1663. File date: 00000000.00000000
1664. Translations: 0409.04b0
1665. CompanyName: Microsoft Corporation
1666. ProductName: Microsoft® Windows® Operating System
1667. InternalName: SRV2.SYS
1668. OriginalFilename: SRV2.SYS
1669. ProductVersion: 10.0.15063.246
1670. FileVersion: 10.0.15063.246 (WinBuild.160101.0800)
1671. FileDescription: Smb 2.0 Server driver
1672. LegalCopyright: © Microsoft Corporation. All rights reserved.
1673. fffff803`40180000 fffff803`4020b000 nwifi (deferred)
1674. Mapped memory image file: C:\ProgramData\dbg\sym\nwifi.sys\3E4B5B018b000\nwifi.sys
1675. Image path: \SystemRoot\system32\DRIVERS\nwifi.sys
1676. Image name: nwifi.sys
1677. Timestamp: Thu Feb 13 03:44:49 2003 (3E4B5B01)
1678. CheckSum: 0008658E
1679. ImageSize: 0008B000
1680. File version: 10.0.15052.0
1681. Product version: 10.0.15052.0
1682. File flags: 0 (Mask 3F)
1683. File OS: 40004 NT Win32
1684. File type: 3.6 Driver
1685. File date: 00000000.00000000
1686. Translations: 0409.04b0
1687. CompanyName: Microsoft Corporation
1688. ProductName: Microsoft® Windows® Operating System
1689. InternalName: NWiFi.SYS
1690. OriginalFilename: NWiFi.SYS
1691. ProductVersion: 10.0.15052.0
1692. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
1693. FileDescription: NativeWiFi Miniport Driver
1694. LegalCopyright: © Microsoft Corporation. All rights reserved.
1695. fffff803`40210000 fffff803`40226000 ndisuio (deferred)
1696. Mapped memory image file: C:\ProgramData\dbg\sym\ndisuio.sys\FC45647916000\ndisuio.sys
1697. Image path: \SystemRoot\system32\drivers\ndisuio.sys
1698. Image name: ndisuio.sys
1699. Timestamp: ***** Invalid (FC456479)
1700. CheckSum: 00015844
1701. ImageSize: 00016000
1702. File version: 10.0.15046.0
1703. Product version: 10.0.15046.0
1704. File flags: 0 (Mask 3F)
1705. File OS: 40004 NT Win32
1706. File type: 3.6 Driver
1707. File date: 00000000.00000000
1708. Translations: 0409.04b0
1709. CompanyName: Microsoft Corporation
1710. ProductName: Microsoft® Windows® Operating System
1711. InternalName: NDISUIO.SYS
1712. OriginalFilename: NDISUIO.SYS
1713. ProductVersion: 10.0.15046.0
1714. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1715. FileDescription: NDIS User mode I/O driver
1716. LegalCopyright: © Microsoft Corporation. All rights reserved.
1717. fffff803`40230000 fffff803`40344000 HTTP (deferred)
1718. Mapped memory image file: C:\ProgramData\dbg\sym\HTTP.sys\CC93E16B114000\HTTP.sys
1719. Image path: \SystemRoot\system32\drivers\HTTP.sys
1720. Image name: HTTP.sys
1721. Timestamp: ***** Invalid (CC93E16B)
1722. CheckSum: 00117882
1723. ImageSize: 00114000
1724. File version: 10.0.15063.470
1725. Product version: 10.0.15063.470
1726. File flags: 0 (Mask 3F)
1727. File OS: 40004 NT Win32
1728. File type: 3.7 Driver
1729. File date: 00000000.00000000
1730. Translations: 0409.04b0
1731. CompanyName: Microsoft Corporation
1732. ProductName: Microsoft® Windows® Operating System
1733. InternalName: http.sys
1734. OriginalFilename: http.sys
1735. ProductVersion: 10.0.15063.470
1736. FileVersion: 10.0.15063.470 (WinBuild.160101.0800)
1737. FileDescription: HTTP Protocol Stack
1738. LegalCopyright: © Microsoft Corporation. All rights reserved.
1739. fffff803`40350000 fffff803`40371000 bowser (deferred)
1740. Mapped memory image file: C:\ProgramData\dbg\sym\bowser.sys\B091348621000\bowser.sys
1741. Image path: \SystemRoot\system32\DRIVERS\bowser.sys
1742. Image name: bowser.sys
1743. Timestamp: ***** Invalid (B0913486)
1744. CheckSum: 00021EC6
1745. ImageSize: 00021000
1746. File version: 10.0.15058.0
1747. Product version: 10.0.15058.0
1748. File flags: 0 (Mask 3F)
1749. File OS: 40004 NT Win32
1750. File type: 3.7 Driver
1751. File date: 00000000.00000000
1752. Translations: 0409.04b0
1753. CompanyName: Microsoft Corporation
1754. ProductName: Microsoft® Windows® Operating System
1755. InternalName: browser.sys
1756. OriginalFilename: browser.sys
1757. ProductVersion: 10.0.15058.0
1758. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1759. FileDescription: NT Lan Manager Datagram Receiver Driver
1760. LegalCopyright: © Microsoft Corporation. All rights reserved.
1761. fffff803`40380000 fffff803`4039a000 mpsdrv (deferred)
1762. Mapped memory image file: C:\ProgramData\dbg\sym\mpsdrv.sys\148326721a000\mpsdrv.sys
1763. Image path: \SystemRoot\System32\drivers\mpsdrv.sys
1764. Image name: mpsdrv.sys
1765. Timestamp: Wed Nov 26 21:16:18 1980 (14832672)
1766. CheckSum: 0001A5AB
1767. ImageSize: 0001A000
1768. File version: 10.0.15058.0
1769. Product version: 10.0.15058.0
1770. File flags: 0 (Mask 3F)
1771. File OS: 40004 NT Win32
1772. File type: 3.7 Driver
1773. File date: 00000000.00000000
1774. Translations: 0409.04b0
1775. CompanyName: Microsoft Corporation
1776. ProductName: Microsoft® Windows® Operating System
1777. InternalName: mpsdrv.sys
1778. OriginalFilename: mpsdrv.sys
1779. ProductVersion: 10.0.15058.0
1780. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1781. FileDescription: Microsoft Protection Service Driver
1782. LegalCopyright: © Microsoft Corporation. All rights reserved.
1783. fffff803`404b0000 fffff803`4055f000 BEDaisy (deferred)
1784. Image path: \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys
1785. Image name: BEDaisy.sys
1786. Timestamp: Tue Jan 10 22:01:10 2017 (58759FF6)
1787. CheckSum: 00071812
1788. ImageSize: 000AF000
1789. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1790. fffff803`40a10000 fffff803`40a9d000 srv (deferred)
1791. Mapped memory image file: C:\ProgramData\dbg\sym\srv.sys\6EE066FD8d000\srv.sys
1792. Image path: \SystemRoot\System32\DRIVERS\srv.sys
1793. Image name: srv.sys
1794. Timestamp: Mon Dec 11 21:16:29 2028 (6EE066FD)
1795. CheckSum: 0006AB08
1796. ImageSize: 0008D000
1797. File version: 10.0.15063.246
1798. Product version: 10.0.15063.246
1799. File flags: 0 (Mask 3F)
1800. File OS: 40004 NT Win32
1801. File type: 3.6 Driver
1802. File date: 00000000.00000000
1803. Translations: 0409.04b0
1804. CompanyName: Microsoft Corporation
1805. ProductName: Microsoft® Windows® Operating System
1806. InternalName: SRV.SYS
1807. OriginalFilename: SRV.SYS
1808. ProductVersion: 10.0.15063.246
1809. FileVersion: 10.0.15063.246 (WinBuild.160101.0800)
1810. FileDescription: Server driver
1811. LegalCopyright: © Microsoft Corporation. All rights reserved.
1812. fffff803`40aa0000 fffff803`40ab1000 vwifimp (deferred)
1813. Mapped memory image file: C:\ProgramData\dbg\sym\vwifimp.sys\FDE8912E11000\vwifimp.sys
1814. Image path: \SystemRoot\System32\drivers\vwifimp.sys
1815. Image name: vwifimp.sys
1816. Timestamp: ***** Invalid (FDE8912E)
1817. CheckSum: 0000E1E3
1818. ImageSize: 00011000
1819. File version: 10.0.15046.0
1820. Product version: 10.0.15046.0
1821. File flags: 0 (Mask 3F)
1822. File OS: 40004 NT Win32
1823. File type: 3.6 Driver
1824. File date: 00000000.00000000
1825. Translations: 0000.04b0
1826. CompanyName: Microsoft Corporation
1827. ProductName: Microsoft® Windows® Operating System
1828. InternalName: vwifimp.sys
1829. OriginalFilename: vwifimp.sys
1830. ProductVersion: 10.0.15046.0
1831. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1832. FileDescription: Virtual WiFi Miniport Driver
1833. LegalCopyright: © Microsoft Corporation. All rights reserved.
1834. fffff803`40ac0000 fffff803`40af0000 tunnel (deferred)
1835. Mapped memory image file: C:\ProgramData\dbg\sym\tunnel.sys\157D715030000\tunnel.sys
1836. Image path: \SystemRoot\System32\drivers\tunnel.sys
1837. Image name: tunnel.sys
1838. Timestamp: Thu Jun 4 18:42:24 1981 (157D7150)
1839. CheckSum: 000309F8
1840. ImageSize: 00030000
1841. File version: 10.0.15046.0
1842. Product version: 10.0.15046.0
1843. File flags: 0 (Mask 3F)
1844. File OS: 40004 NT Win32
1845. File type: 3.6 Driver
1846. File date: 00000000.00000000
1847. Translations: 0409.04b0
1848. CompanyName: Microsoft Corporation
1849. ProductName: Microsoft® Windows® Operating System
1850. InternalName: tunnel.sys
1851. OriginalFilename: tunnel.sys
1852. ProductVersion: 10.0.15046.0
1853. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1854. FileDescription: Microsoft Tunnel Interface Driver
1855. LegalCopyright: © Microsoft Corporation. All rights reserved.
1856. fffff803`40af0000 fffff803`40b02000 condrv (deferred)
1857. Mapped memory image file: C:\ProgramData\dbg\sym\condrv.sys\73A5288F12000\condrv.sys
1858. Image path: \SystemRoot\System32\drivers\condrv.sys
1859. Image name: condrv.sys
1860. Timestamp: Wed Jun 25 21:27:43 2031 (73A5288F)
1861. CheckSum: 00014797
1862. ImageSize: 00012000
1863. File version: 10.0.15046.0
1864. Product version: 10.0.15046.0
1865. File flags: 0 (Mask 3F)
1866. File OS: 40004 NT Win32
1867. File type: 3.7 Driver
1868. File date: 00000000.00000000
1869. Translations: 0409.04b0
1870. CompanyName: Microsoft Corporation
1871. ProductName: Microsoft® Windows® Operating System
1872. InternalName: condrv.sys
1873. OriginalFilename: condrv.sys
1874. ProductVersion: 10.0.15046.0
1875. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1876. FileDescription: Console Driver
1877. LegalCopyright: © Microsoft Corporation. All rights reserved.
1878. fffff803`41400000 fffff803`41421000 drmk (deferred)
1879. Image path: \SystemRoot\System32\drivers\drmk.sys
1880. Image name: drmk.sys
1881. Timestamp: ***** Invalid (A01C1986)
1882. CheckSum: 000244D4
1883. ImageSize: 00021000
1884. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1885. fffff803`41430000 fffff803`41494000 USBXHCI (deferred)
1886. Mapped memory image file: C:\ProgramData\dbg\sym\USBXHCI.SYS\42DB248264000\USBXHCI.SYS
1887. Image path: \SystemRoot\System32\drivers\USBXHCI.SYS
1888. Image name: USBXHCI.SYS
1889. Timestamp: Sun Jul 17 23:39:46 2005 (42DB2482)
1890. CheckSum: 00063B8A
1891. ImageSize: 00064000
1892. File version: 10.0.15063.137
1893. Product version: 10.0.15063.137
1894. File flags: 0 (Mask 3F)
1895. File OS: 40004 NT Win32
1896. File type: 3.7 Driver
1897. File date: 00000000.00000000
1898. Translations: 0409.04b0
1899. CompanyName: Microsoft Corporation
1900. ProductName: Microsoft® Windows® Operating System
1901. InternalName: usbxhci.sys
1902. OriginalFilename: usbxhci.sys
1903. ProductVersion: 10.0.15063.137
1904. FileVersion: 10.0.15063.137 (WinBuild.160101.0800)
1905. FileDescription: USB XHCI Driver
1906. LegalCopyright: © Microsoft Corporation. All rights reserved.
1907. fffff803`414a0000 fffff803`414d9000 ucx01000 (deferred)
1908. Mapped memory image file: C:\ProgramData\dbg\sym\ucx01000.sys\2D6A1C0439000\ucx01000.sys
1909. Image path: \SystemRoot\system32\drivers\ucx01000.sys
1910. Image name: ucx01000.sys
1911. Timestamp: Tue Feb 22 09:51:48 1994 (2D6A1C04)
1912. CheckSum: 0003CD1A
1913. ImageSize: 00039000
1914. File version: 10.0.15046.0
1915. Product version: 10.0.15046.0
1916. File flags: 0 (Mask 3F)
1917. File OS: 40004 NT Win32
1918. File type: 3.7 Driver
1919. File date: 00000000.00000000
1920. Translations: 0409.04b0
1921. CompanyName: Microsoft Corporation
1922. ProductName: Microsoft® Windows® Operating System
1923. InternalName: ucx01000.sys
1924. OriginalFilename: ucx01000.sys
1925. ProductVersion: 10.0.15046.0
1926. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
1927. FileDescription: USB Controller Extension
1928. LegalCopyright: © Microsoft Corporation. All rights reserved.
1929. fffff803`414e0000 fffff803`41514000 TeeDriverW8x64 (deferred)
1930. Image path: \SystemRoot\System32\drivers\TeeDriverW8x64.sys
1931. Image name: TeeDriverW8x64.sys
1932. Timestamp: Tue Apr 4 03:02:36 2017 (58E3450C)
1933. CheckSum: 0003DC8C
1934. ImageSize: 00034000
1935. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1936. fffff803`41520000 fffff803`4153c000 usbehci (deferred)
1937. Mapped memory image file: C:\ProgramData\dbg\sym\usbehci.sys\B53499C21c000\usbehci.sys
1938. Image path: \SystemRoot\System32\drivers\usbehci.sys
1939. Image name: usbehci.sys
1940. Timestamp: ***** Invalid (B53499C2)
1941. CheckSum: 0001A61F
1942. ImageSize: 0001C000
1943. File version: 10.0.15058.0
1944. Product version: 10.0.15058.0
1945. File flags: 0 (Mask 3F)
1946. File OS: 40004 NT Win32
1947. File type: 2.0 Dll
1948. File date: 00000000.00000000
1949. Translations: 0409.04b0
1950. CompanyName: Microsoft Corporation
1951. ProductName: Microsoft® Windows® Operating System
1952. InternalName: USBEHCI.sys
1953. OriginalFilename: USBEHCI.sys
1954. ProductVersion: 10.0.15058.0
1955. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1956. FileDescription: EHCI eUSB Miniport Driver
1957. LegalCopyright: © Microsoft Corporation. All rights reserved.
1958. fffff803`41540000 fffff803`415b7000 USBPORT (deferred)
1959. Mapped memory image file: C:\ProgramData\dbg\sym\USBPORT.SYS\CE98320377000\USBPORT.SYS
1960. Image path: \SystemRoot\System32\drivers\USBPORT.SYS
1961. Image name: USBPORT.SYS
1962. Timestamp: ***** Invalid (CE983203)
1963. CheckSum: 0007E3BD
1964. ImageSize: 00077000
1965. File version: 10.0.15058.0
1966. Product version: 10.0.15058.0
1967. File flags: 0 (Mask 3F)
1968. File OS: 40004 NT Win32
1969. File type: 2.0 Dll
1970. File date: 00000000.00000000
1971. Translations: 0409.04b0
1972. CompanyName: Microsoft Corporation
1973. ProductName: Microsoft® Windows® Operating System
1974. InternalName: usbport.sys
1975. OriginalFilename: usbport.sys
1976. ProductVersion: 10.0.15058.0
1977. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
1978. FileDescription: USB 1.1 & 2.0 Port Driver
1979. LegalCopyright: © Microsoft Corporation. All rights reserved.
1980. fffff803`415c0000 fffff803`415ce000 vwifibus (deferred)
1981. Mapped memory image file: C:\ProgramData\dbg\sym\vwifibus.sys\B333B2DAe000\vwifibus.sys
1982. Image path: \SystemRoot\System32\drivers\vwifibus.sys
1983. Image name: vwifibus.sys
1984. Timestamp: ***** Invalid (B333B2DA)
1985. CheckSum: 00009366
1986. ImageSize: 0000E000
1987. File version: 10.0.15046.0
1988. Product version: 10.0.15046.0
1989. File flags: 0 (Mask 3F)
1990. File OS: 40004 NT Win32
1991. File type: 3.7 Driver
1992. File date: 00000000.00000000
1993. Translations: 0409.04b0
1994. CompanyName: Microsoft Corporation
1995. ProductName: Microsoft® Windows® Operating System
1996. InternalName: VWiFiBus.sys
1997. OriginalFilename: VWiFiBus.sys
1998. ProductVersion: 10.0.15046.0
1999. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2000. FileDescription: Virtual Wireless Bus Driver
2001. LegalCopyright: © Microsoft Corporation. All rights reserved.
2002. fffff803`415d0000 fffff803`4160d000 WUDFRd (deferred)
2003. Mapped memory image file: C:\ProgramData\dbg\sym\WUDFRd.sys\8D7459263d000\WUDFRd.sys
2004. Image path: \SystemRoot\System32\drivers\WUDFRd.sys
2005. Image name: WUDFRd.sys
2006. Timestamp: ***** Invalid (8D745926)
2007. CheckSum: 000411B6
2008. ImageSize: 0003D000
2009. File version: 10.0.15046.0
2010. Product version: 10.0.15046.0
2011. File flags: 0 (Mask 3F)
2012. File OS: 40004 NT Win32
2013. File type: 3.7 Driver
2014. File date: 00000000.00000000
2015. Translations: 0409.04b0
2016. CompanyName: Microsoft Corporation
2017. ProductName: Microsoft® Windows® Operating System
2018. InternalName: WUDFRd.sys
2019. OriginalFilename: WUDFRd.sys
2020. ProductVersion: 10.0.15046.0
2021. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2022. FileDescription: Windows Driver Foundation - User-mode Driver Framework Reflector
2023. LegalCopyright: © Microsoft Corporation. All rights reserved.
2024. fffff803`41610000 fffff803`43947000 atikmdag (deferred)
2025. Image path: \SystemRoot\System32\DriverStore\FileRepository\c0315940.inf_amd64_2b462f080682210e\atikmdag.sys
2026. Image name: atikmdag.sys
2027. Timestamp: Tue Jul 4 18:11:43 2017 (595C129F)
2028. CheckSum: 022EB89D
2029. ImageSize: 02337000
2030. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
2031. fffff803`43960000 fffff803`4397d000 HDAudBus (deferred)
2032. Mapped memory image file: C:\ProgramData\dbg\sym\HDAudBus.sys\21FD85791d000\HDAudBus.sys
2033. Image path: \SystemRoot\System32\drivers\HDAudBus.sys
2034. Image name: HDAudBus.sys
2035. Timestamp: Wed Jan 27 01:21:45 1988 (21FD8579)
2036. CheckSum: 0001E51D
2037. ImageSize: 0001D000
2038. File version: 10.0.15046.0
2039. Product version: 10.0.15046.0
2040. File flags: 0 (Mask 3F)
2041. File OS: 40004 NT Win32
2042. File type: 3.9 Driver
2043. File date: 00000000.00000000
2044. Translations: 0409.04b0
2045. CompanyName: Microsoft Corporation
2046. ProductName: Microsoft® Windows® Operating System
2047. InternalName: hdaudbus.sys
2048. OriginalFilename: hdaudbus.sys
2049. ProductVersion: 10.0.15046.0
2050. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2051. FileDescription: High Definition Audio Bus Driver
2052. LegalCopyright: © Microsoft Corporation. All rights reserved.
2053. fffff803`43980000 fffff803`439e3000 portcls (deferred)
2054. Mapped memory image file: C:\ProgramData\dbg\sym\portcls.sys\ABE570C263000\portcls.sys
2055. Image path: \SystemRoot\System32\drivers\portcls.sys
2056. Image name: portcls.sys
2057. Timestamp: ***** Invalid (ABE570C2)
2058. CheckSum: 0005DD44
2059. ImageSize: 00063000
2060. File version: 10.0.15046.0
2061. Product version: 10.0.15046.0
2062. File flags: 0 (Mask 3F)
2063. File OS: 40004 NT Win32
2064. File type: 3.9 Driver
2065. File date: 00000000.00000000
2066. Translations: 0409.04b0
2067. CompanyName: Microsoft Corporation
2068. ProductName: Microsoft® Windows® Operating System
2069. InternalName: portcls.sys
2070. OriginalFilename: portcls.sys
2071. ProductVersion: 10.0.15046.0
2072. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2073. FileDescription: Port Class (Class Driver for Port/Miniport Devices)
2074. LegalCopyright: © Microsoft Corporation. All rights reserved.
2075. fffff803`439f0000 fffff803`439fb000 registry (deferred)
2076. Mapped memory image file: C:\ProgramData\dbg\sym\registry.sys\A10D8E26b000\registry.sys
2077. Image path: \SystemRoot\System32\drivers\registry.sys
2078. Image name: registry.sys
2079. Timestamp: ***** Invalid (A10D8E26)
2080. CheckSum: 000113F7
2081. ImageSize: 0000B000
2082. File version: 10.0.15004.1000
2083. Product version: 10.0.15004.1000
2084. File flags: 0 (Mask 3F)
2085. File OS: 40004 NT Win32
2086. File type: 3.7 Driver
2087. File date: 00000000.00000000
2088. Translations: 0409.04b0
2089. CompanyName: Microsoft Corporation
2090. ProductName: Microsoft® Windows® Operating System
2091. InternalName: registry.sys
2092. OriginalFilename: registry.sys
2093. ProductVersion: 10.0.15004.1000
2094. FileVersion: 10.0.15004.1000 (WinBuild.160101.0800)
2095. FileDescription: Registry Containment Driver
2096. LegalCopyright: © Microsoft Corporation. All rights reserved.
2097. fffff80a`e6000000 fffff80a`e6065000 CLFS (deferred)
2098. Mapped memory image file: C:\ProgramData\dbg\sym\CLFS.SYS\A746E82D65000\CLFS.SYS
2099. Image path: \SystemRoot\System32\drivers\CLFS.SYS
2100. Image name: CLFS.SYS
2101. Timestamp: ***** Invalid (A746E82D)
2102. CheckSum: 0006C6FD
2103. ImageSize: 00065000
2104. File version: 10.0.15063.468
2105. Product version: 10.0.15063.468
2106. File flags: 0 (Mask 3F)
2107. File OS: 40004 NT Win32
2108. File type: 3.7 Driver
2109. File date: 00000000.00000000
2110. Translations: 0000.04b0
2111. CompanyName: Microsoft Corporation
2112. ProductName: Microsoft® Windows® Operating System
2113. InternalName: clfs.sys
2114. OriginalFilename: Clfs.Sys
2115. ProductVersion: 10.0.15063.468
2116. FileVersion: 10.0.15063.468 (WinBuild.160101.0800)
2117. FileDescription: Common Log File System Driver
2118. LegalCopyright: © Microsoft Corporation. All rights reserved.
2119. fffff80a`e6070000 fffff80a`e6095000 tm (deferred)
2120. Mapped memory image file: C:\ProgramData\dbg\sym\tm.sys\69649A1925000\tm.sys
2121. Image path: \SystemRoot\System32\drivers\tm.sys
2122. Image name: tm.sys
2123. Timestamp: Mon Jan 12 01:52:09 2026 (69649A19)
2124. CheckSum: 0002374B
2125. ImageSize: 00025000
2126. File version: 10.0.15063.400
2127. Product version: 10.0.15063.400
2128. File flags: 0 (Mask 3F)
2129. File OS: 40004 NT Win32
2130. File type: 3.7 Driver
2131. File date: 00000000.00000000
2132. Translations: 0409.04b0
2133. CompanyName: Microsoft Corporation
2134. ProductName: Microsoft® Windows® Operating System
2135. InternalName: tm.sys
2136. OriginalFilename: tm.sys
2137. ProductVersion: 10.0.15063.400
2138. FileVersion: 10.0.15063.400 (WinBuild.160101.0800)
2139. FileDescription: Kernel Transaction Manager Driver
2140. LegalCopyright: © Microsoft Corporation. All rights reserved.
2141. fffff80a`e60a0000 fffff80a`e60b7000 PSHED (deferred)
2142. Mapped memory image file: C:\ProgramData\dbg\sym\PSHED.dll\6AEC44D517000\PSHED.dll
2143. Image path: \SystemRoot\system32\PSHED.dll
2144. Image name: PSHED.dll
2145. Timestamp: Thu Nov 5 03:56:53 2026 (6AEC44D5)
2146. CheckSum: 00016449
2147. ImageSize: 00017000
2148. File version: 10.0.15046.0
2149. Product version: 10.0.15046.0
2150. File flags: 0 (Mask 3F)
2151. File OS: 40004 NT Win32
2152. File type: 3.7 Driver
2153. File date: 00000000.00000000
2154. Translations: 0409.04b0
2155. CompanyName: Microsoft Corporation
2156. ProductName: Microsoft® Windows® Operating System
2157. InternalName: pshed.dll
2158. OriginalFilename: pshed.dll
2159. ProductVersion: 10.0.15046.0
2160. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2161. FileDescription: Platform Specific Hardware Error Driver
2162. LegalCopyright: © Microsoft Corporation. All rights reserved.
2163. fffff80a`e60c0000 fffff80a`e60cb000 BOOTVID (deferred)
2164. Mapped memory image file: C:\ProgramData\dbg\sym\BOOTVID.dll\9EAF733Cb000\BOOTVID.dll
2165. Image path: \SystemRoot\system32\BOOTVID.dll
2166. Image name: BOOTVID.dll
2167. Timestamp: ***** Invalid (9EAF733C)
2168. CheckSum: 00016298
2169. ImageSize: 0000B000
2170. File version: 10.0.15046.0
2171. Product version: 10.0.15046.0
2172. File flags: 0 (Mask 3F)
2173. File OS: 40004 NT Win32
2174. File type: 3.4 Driver
2175. File date: 00000000.00000000
2176. Translations: 0409.04b0
2177. CompanyName: Microsoft Corporation
2178. ProductName: Microsoft® Windows® Operating System
2179. InternalName: bootvid.dll
2180. OriginalFilename: bootvid.dll
2181. ProductVersion: 10.0.15046.0
2182. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2183. FileDescription: VGA Boot Driver
2184. LegalCopyright: © Microsoft Corporation. All rights reserved.
2185. fffff80a`e60d0000 fffff80a`e6135000 FLTMGR (deferred)
2186. Mapped memory image file: C:\ProgramData\dbg\sym\FLTMGR.SYS\90D626DF65000\FLTMGR.SYS
2187. Image path: \SystemRoot\System32\drivers\FLTMGR.SYS
2188. Image name: FLTMGR.SYS
2189. Timestamp: ***** Invalid (90D626DF)
2190. CheckSum: 000656FA
2191. ImageSize: 00065000
2192. File version: 10.0.15058.0
2193. Product version: 10.0.15058.0
2194. File flags: 0 (Mask 3F)
2195. File OS: 40004 NT Win32
2196. File type: 3.7 Driver
2197. File date: 00000000.00000000
2198. Translations: 0409.04b0
2199. CompanyName: Microsoft Corporation
2200. ProductName: Microsoft® Windows® Operating System
2201. InternalName: fltMgr.sys
2202. OriginalFilename: fltMgr.sys
2203. ProductVersion: 10.0.15058.0
2204. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2205. FileDescription: Microsoft Filesystem Filter Manager
2206. LegalCopyright: © Microsoft Corporation. All rights reserved.
2207. fffff80a`e6140000 fffff80a`e6220000 clipsp (deferred)
2208. Mapped memory image file: C:\ProgramData\dbg\sym\clipsp.sys\58CCBD75e0000\clipsp.sys
2209. Image path: \SystemRoot\System32\drivers\clipsp.sys
2210. Image name: clipsp.sys
2211. Timestamp: Sat Mar 18 00:54:13 2017 (58CCBD75)
2212. CheckSum: 000DC888
2213. ImageSize: 000E0000
2214. File version: 10.0.15063.0
2215. Product version: 10.0.15063.0
2216. File flags: 0 (Mask 3F)
2217. File OS: 40004 NT Win32
2218. File type: 3.7 Driver
2219. File date: 00000000.00000000
2220. Translations: 0409.04b0
2221. CompanyName: Microsoft Corporation
2222. ProductName: Microsoft® Windows® Operating System
2223. InternalName: clipsp.dll
2224. OriginalFilename: clipsp.dll
2225. ProductVersion: 10.0.15063.0
2226. FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
2227. FileDescription: CLIP Service
2228. LegalCopyright: © Microsoft Corporation. All rights reserved.
2229. fffff80a`e6220000 fffff80a`e622e000 cmimcext (deferred)
2230. Mapped memory image file: C:\ProgramData\dbg\sym\cmimcext.sys\FF4D5961e000\cmimcext.sys
2231. Image path: \SystemRoot\System32\drivers\cmimcext.sys
2232. Image name: cmimcext.sys
2233. Timestamp: ***** Invalid (FF4D5961)
2234. CheckSum: 00008775
2235. ImageSize: 0000E000
2236. File version: 10.0.15046.0
2237. Product version: 10.0.15046.0
2238. File flags: 0 (Mask 3F)
2239. File OS: 40004 NT Win32
2240. File type: 3.7 Driver
2241. File date: 00000000.00000000
2242. Translations: 0409.04b0
2243. CompanyName: Microsoft Corporation
2244. ProductName: Microsoft® Windows® Operating System
2245. InternalName: cmimcext.sys
2246. OriginalFilename: cmimcext.sys
2247. ProductVersion: 10.0.15046.0
2248. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2249. FileDescription: Kernel Configuration Manager Initial Configuration Extension Host Export Driver
2250. LegalCopyright: © Microsoft Corporation. All rights reserved.
2251. fffff80a`e6230000 fffff80a`e623c000 ntosext (deferred)
2252. Mapped memory image file: C:\ProgramData\dbg\sym\ntosext.sys\CC2A33ADc000\ntosext.sys
2253. Image path: \SystemRoot\System32\drivers\ntosext.sys
2254. Image name: ntosext.sys
2255. Timestamp: ***** Invalid (CC2A33AD)
2256. CheckSum: 00012746
2257. ImageSize: 0000C000
2258. File version: 10.0.15046.0
2259. Product version: 10.0.15046.0
2260. File flags: 0 (Mask 3F)
2261. File OS: 40004 NT Win32
2262. File type: 3.7 Driver
2263. File date: 00000000.00000000
2264. Translations: 0409.04b0
2265. CompanyName: Microsoft Corporation
2266. ProductName: Microsoft® Windows® Operating System
2267. InternalName: ntosext.sys
2268. OriginalFilename: ntosext.sys
2269. ProductVersion: 10.0.15046.0
2270. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2271. FileDescription: NTOS extension host driver
2272. LegalCopyright: © Microsoft Corporation. All rights reserved.
2273. fffff80a`e6240000 fffff80a`e62e8000 CI (deferred)
2274. Mapped memory image file: C:\ProgramData\dbg\sym\CI.dll\57C1E861a8000\CI.dll
2275. Image path: \SystemRoot\system32\CI.dll
2276. Image name: CI.dll
2277. Timestamp: Sat Aug 27 15:22:09 2016 (57C1E861)
2278. CheckSum: 000A5ED0
2279. ImageSize: 000A8000
2280. File version: 10.0.15063.251
2281. Product version: 10.0.15063.251
2282. File flags: 0 (Mask 3F)
2283. File OS: 40004 NT Win32
2284. File type: 3.7 Driver
2285. File date: 00000000.00000000
2286. Translations: 0409.04b0
2287. CompanyName: Microsoft Corporation
2288. ProductName: Microsoft® Windows® Operating System
2289. InternalName: ci.dll
2290. OriginalFilename: ci.dll
2291. ProductVersion: 10.0.15063.251
2292. FileVersion: 10.0.15063.251 (WinBuild.160101.0800)
2293. FileDescription: Code Integrity Module
2294. LegalCopyright: © Microsoft Corporation. All rights reserved.
2295. fffff80a`e62f0000 fffff80a`e6392000 cng (deferred)
2296. Mapped memory image file: C:\ProgramData\dbg\sym\cng.sys\F2E91F26a2000\cng.sys
2297. Image path: \SystemRoot\System32\drivers\cng.sys
2298. Image name: cng.sys
2299. Timestamp: ***** Invalid (F2E91F26)
2300. CheckSum: 000A8550
2301. ImageSize: 000A2000
2302. File version: 10.0.15063.0
2303. Product version: 10.0.15063.0
2304. File flags: 0 (Mask 3F)
2305. File OS: 40004 NT Win32
2306. File type: 3.7 Driver
2307. File date: 00000000.00000000
2308. Translations: 0409.04b0
2309. CompanyName: Microsoft Corporation
2310. ProductName: Microsoft® Windows® Operating System
2311. InternalName: cng.sys
2312. OriginalFilename: cng.sys
2313. ProductVersion: 10.0.15063.0
2314. FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
2315. FileDescription: Kernel Cryptography, Next Generation
2316. LegalCopyright: © Microsoft Corporation. All rights reserved.
2317. fffff80a`e63a0000 fffff80a`e647e000 Wdf01000 (deferred)
2318. Mapped memory image file: C:\ProgramData\dbg\sym\Wdf01000.sys\26EEE197de000\Wdf01000.sys
2319. Image path: \SystemRoot\system32\drivers\Wdf01000.sys
2320. Image name: Wdf01000.sys
2321. Timestamp: Wed Sep 12 21:32:07 1990 (26EEE197)
2322. CheckSum: 000E46B7
2323. ImageSize: 000DE000
2324. File version: 1.21.15063.0
2325. Product version: 1.21.15063.0
2326. File flags: 0 (Mask 3F)
2327. File OS: 40004 NT Win32
2328. File type: 3.7 Driver
2329. File date: 00000000.00000000
2330. Translations: 0409.04b0
2331. CompanyName: Microsoft Corporation
2332. ProductName: Microsoft® Windows® Operating System
2333. InternalName: wdf01000.sys
2334. OriginalFilename: wdf01000.sys
2335. ProductVersion: 1.21.15063.0
2336. FileVersion: 1.21.15063.0 (WinBuild.160101.0800)
2337. FileDescription: Kernel Mode Driver Framework Runtime
2338. LegalCopyright: © Microsoft Corporation. All rights reserved.
2339. fffff80a`e6480000 fffff80a`e6493000 WDFLDR (deferred)
2340. Mapped memory image file: C:\ProgramData\dbg\sym\WDFLDR.SYS\0E910A3D13000\WDFLDR.SYS
2341. Image path: \SystemRoot\system32\drivers\WDFLDR.SYS
2342. Image name: WDFLDR.SYS
2343. Timestamp: Thu Sep 29 09:06:05 1977 (0E910A3D)
2344. CheckSum: 00018953
2345. ImageSize: 00013000
2346. File version: 1.21.15058.0
2347. Product version: 1.21.15058.0
2348. File flags: 0 (Mask 3F)
2349. File OS: 40004 NT Win32
2350. File type: 3.7 Driver
2351. File date: 00000000.00000000
2352. Translations: 0000.04b0
2353. CompanyName: Microsoft Corporation
2354. ProductName: Microsoft® Windows® Operating System
2355. InternalName: wdfldr.sys
2356. OriginalFilename: wdfldr.sys
2357. ProductVersion: 1.21.15058.0
2358. FileVersion: 1.21.15058.0 (WinBuild.160101.0800)
2359. FileDescription: Kernel Mode Driver Framework Loader
2360. LegalCopyright: © Microsoft Corporation. All rights reserved.
2361. fffff80a`e64a0000 fffff80a`e64ae000 SleepStudyHelper (deferred)
2362. Mapped memory image file: C:\ProgramData\dbg\sym\SleepStudyHelper.sys\EFF776F3e000\SleepStudyHelper.sys
2363. Image path: \SystemRoot\system32\drivers\SleepStudyHelper.sys
2364. Image name: SleepStudyHelper.sys
2365. Timestamp: ***** Invalid (EFF776F3)
2366. CheckSum: 00010075
2367. ImageSize: 0000E000
2368. File version: 10.0.15052.0
2369. Product version: 10.0.15052.0
2370. File flags: 0 (Mask 3F)
2371. File OS: 40004 NT Win32
2372. File type: 3.7 Driver
2373. File date: 00000000.00000000
2374. Translations: 0000.04b0
2375. CompanyName: Microsoft Corporation
2376. ProductName: Microsoft® Windows® Operating System
2377. InternalName: SleepStudyHelper.sys
2378. OriginalFilename: SleepStudyHelper.sys
2379. ProductVersion: 10.0.15052.0
2380. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
2381. FileDescription: Sleep Study Helper
2382. LegalCopyright: © Microsoft Corporation. All rights reserved.
2383. fffff80a`e64b0000 fffff80a`e64d3000 acpiex (deferred)
2384. Mapped memory image file: C:\ProgramData\dbg\sym\acpiex.sys\DC6150EE23000\acpiex.sys
2385. Image path: \SystemRoot\System32\Drivers\acpiex.sys
2386. Image name: acpiex.sys
2387. Timestamp: ***** Invalid (DC6150EE)
2388. CheckSum: 00028B4D
2389. ImageSize: 00023000
2390. File version: 10.0.15046.0
2391. Product version: 10.0.15046.0
2392. File flags: 0 (Mask 3F)
2393. File OS: 40004 NT Win32
2394. File type: 2.0 Dll
2395. File date: 00000000.00000000
2396. Translations: 0409.04b0
2397. CompanyName: Microsoft Corporation
2398. ProductName: Microsoft® Windows® Operating System
2399. InternalName: acpiex.sys
2400. OriginalFilename: acpiex.sys
2401. ProductVersion: 10.0.15046.0
2402. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2403. FileDescription: ACPIEx Driver
2404. LegalCopyright: © Microsoft Corporation. All rights reserved.
2405. fffff80a`e64e0000 fffff80a`e64ee000 WppRecorder (deferred)
2406. Mapped memory image file: C:\ProgramData\dbg\sym\WppRecorder.sys\1E4DAB2Fe000\WppRecorder.sys
2407. Image path: \SystemRoot\System32\Drivers\WppRecorder.sys
2408. Image name: WppRecorder.sys
2409. Timestamp: Mon Feb 10 03:02:55 1986 (1E4DAB2F)
2410. CheckSum: 0000C53D
2411. ImageSize: 0000E000
2412. File version: 10.0.15046.0
2413. Product version: 10.0.15046.0
2414. File flags: 0 (Mask 3F)
2415. File OS: 40004 NT Win32
2416. File type: 3.7 Driver
2417. File date: 00000000.00000000
2418. Translations: 0000.04b0
2419. CompanyName: Microsoft Corporation
2420. ProductName: Microsoft® Windows® Operating System
2421. InternalName: WppRecorder.sys
2422. OriginalFilename: WppRecorder.sys
2423. ProductVersion: 10.0.15046.0
2424. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2425. FileDescription: WPP Trace Recorder
2426. LegalCopyright: © Microsoft Corporation. All rights reserved.
2427. fffff80a`e64f0000 fffff80a`e65a7000 ACPI (deferred)
2428. Mapped memory image file: C:\ProgramData\dbg\sym\ACPI.sys\0B2AD2B4b7000\ACPI.sys
2429. Image path: \SystemRoot\System32\drivers\ACPI.sys
2430. Image name: ACPI.sys
2431. Timestamp: Tue Dec 9 06:17:08 1975 (0B2AD2B4)
2432. CheckSum: 000B1260
2433. ImageSize: 000B7000
2434. File version: 10.0.15058.0
2435. Product version: 10.0.15058.0
2436. File flags: 0 (Mask 3F)
2437. File OS: 40004 NT Win32
2438. File type: 3.7 Driver
2439. File date: 00000000.00000000
2440. Translations: 0409.04b0
2441. CompanyName: Microsoft Corporation
2442. ProductName: Microsoft® Windows® Operating System
2443. InternalName: ACPI.sys
2444. OriginalFilename: ACPI.sys
2445. ProductVersion: 10.0.15058.0
2446. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2447. FileDescription: ACPI Driver for NT
2448. LegalCopyright: © Microsoft Corporation. All rights reserved.
2449. fffff80a`e65b0000 fffff80a`e65bc000 WMILIB (deferred)
2450. Mapped memory image file: C:\ProgramData\dbg\sym\WMILIB.SYS\5BAE5A54c000\WMILIB.SYS
2451. Image path: \SystemRoot\System32\drivers\WMILIB.SYS
2452. Image name: WMILIB.SYS
2453. Timestamp: Fri Sep 28 12:44:04 2018 (5BAE5A54)
2454. CheckSum: 0000E2FE
2455. ImageSize: 0000C000
2456. File version: 10.0.15052.0
2457. Product version: 10.0.15052.0
2458. File flags: 0 (Mask 3F)
2459. File OS: 40004 NT Win32
2460. File type: 3.7 Driver
2461. File date: 00000000.00000000
2462. Translations: 0409.04b0
2463. CompanyName: Microsoft Corporation
2464. ProductName: Microsoft® Windows® Operating System
2465. InternalName: WmiLib.sys
2466. OriginalFilename: WmiLib.sys
2467. ProductVersion: 10.0.15052.0
2468. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
2469. FileDescription: WMILIB WMI support library Dll
2470. LegalCopyright: © Microsoft Corporation. All rights reserved.
2471. fffff80a`e65c0000 fffff80a`e65d7000 intelpep (deferred)
2472. Mapped memory image file: C:\ProgramData\dbg\sym\intelpep.sys\46272DF617000\intelpep.sys
2473. Image path: \SystemRoot\System32\drivers\intelpep.sys
2474. Image name: intelpep.sys
2475. Timestamp: Thu Apr 19 04:53:10 2007 (46272DF6)
2476. CheckSum: 00022020
2477. ImageSize: 00017000
2478. File version: 10.0.15046.0
2479. Product version: 10.0.15046.0
2480. File flags: 0 (Mask 3F)
2481. File OS: 40004 NT Win32
2482. File type: 3.A Driver
2483. File date: 00000000.00000000
2484. Translations: 0409.04b0
2485. CompanyName: Microsoft Corporation
2486. ProductName: Microsoft® Windows® Operating System
2487. InternalName: intelpep.sys
2488. OriginalFilename: intelpep.sys
2489. ProductVersion: 10.0.15046.0
2490. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2491. FileDescription: Intel Power Engine Plugin
2492. LegalCopyright: © Microsoft Corporation. All rights reserved.
2493. fffff80a`e65e0000 fffff80a`e65f6000 WindowsTrustedRT (deferred)
2494. Mapped memory image file: C:\ProgramData\dbg\sym\WindowsTrustedRT.sys\E3FF4AF616000\WindowsTrustedRT.sys
2495. Image path: \SystemRoot\system32\drivers\WindowsTrustedRT.sys
2496. Image name: WindowsTrustedRT.sys
2497. Timestamp: ***** Invalid (E3FF4AF6)
2498. CheckSum: 0001FED5
2499. ImageSize: 00016000
2500. File version: 10.0.15046.0
2501. Product version: 10.0.15046.0
2502. File flags: 0 (Mask 3F)
2503. File OS: 40004 NT Win32
2504. File type: 3.7 Driver
2505. File date: 00000000.00000000
2506. Translations: 0409.04b0
2507. CompanyName: Microsoft Corporation
2508. ProductName: Microsoft® Windows® Operating System
2509. InternalName: WindowsTrustedRT.sys
2510. OriginalFilename: WindowsTrustedRT.sys
2511. ProductVersion: 10.0.15046.0
2512. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2513. FileDescription: Windows Trusted Runtime Interface Driver
2514. LegalCopyright: © Microsoft Corporation. All rights reserved.
2515. fffff80a`e6600000 fffff80a`e660b000 WindowsTrustedRTProxy (deferred)
2516. Mapped memory image file: C:\ProgramData\dbg\sym\WindowsTrustedRTProxy.sys\44CA11F8b000\WindowsTrustedRTProxy.sys
2517. Image path: \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
2518. Image name: WindowsTrustedRTProxy.sys
2519. Timestamp: Fri Jul 28 09:32:40 2006 (44CA11F8)
2520. CheckSum: 0000A552
2521. ImageSize: 0000B000
2522. File version: 10.0.15046.0
2523. Product version: 10.0.15046.0
2524. File flags: 0 (Mask 3F)
2525. File OS: 40004 NT Win32
2526. File type: 3.7 Driver
2527. File date: 00000000.00000000
2528. Translations: 0409.04b0
2529. CompanyName: Microsoft Corporation
2530. ProductName: Microsoft® Windows® Operating System
2531. InternalName: WindowsTrustedRTProxy.sys
2532. OriginalFilename: WindowsTrustedRTProxy.sys
2533. ProductVersion: 10.0.15046.0
2534. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2535. FileDescription: Windows Trusted Runtime Service Proxy Driver
2536. LegalCopyright: © Microsoft Corporation. All rights reserved.
2537. fffff80a`e6610000 fffff80a`e6623000 pcw (deferred)
2538. Mapped memory image file: C:\ProgramData\dbg\sym\pcw.sys\000CEFA513000\pcw.sys
2539. Image path: \SystemRoot\System32\drivers\pcw.sys
2540. Image name: pcw.sys
2541. Timestamp: Sat Jan 10 14:29:41 1970 (000CEFA5)
2542. CheckSum: 000188B9
2543. ImageSize: 00013000
2544. File version: 10.0.15046.0
2545. Product version: 10.0.15046.0
2546. File flags: 0 (Mask 3F)
2547. File OS: 40004 NT Win32
2548. File type: 3.8 Driver
2549. File date: 00000000.00000000
2550. Translations: 0409.04b0
2551. CompanyName: Microsoft Corporation
2552. ProductName: Microsoft® Windows® Operating System
2553. InternalName: pcw.sys
2554. OriginalFilename: pcw.sys
2555. ProductVersion: 10.0.15046.0
2556. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2557. FileDescription: Performance Counters for Windows Driver
2558. LegalCopyright: © Microsoft Corporation. All rights reserved.
2559. fffff80a`e6630000 fffff80a`e663b000 msisadrv (deferred)
2560. Mapped memory image file: C:\ProgramData\dbg\sym\msisadrv.sys\BAF553EFb000\msisadrv.sys
2561. Image path: \SystemRoot\System32\drivers\msisadrv.sys
2562. Image name: msisadrv.sys
2563. Timestamp: ***** Invalid (BAF553EF)
2564. CheckSum: 0000CAA1
2565. ImageSize: 0000B000
2566. File version: 10.0.15046.0
2567. Product version: 10.0.15046.0
2568. File flags: 0 (Mask 3F)
2569. File OS: 40004 NT Win32
2570. File type: 3.7 Driver
2571. File date: 00000000.00000000
2572. Translations: 0409.04b0
2573. CompanyName: Microsoft Corporation
2574. ProductName: Microsoft® Windows® Operating System
2575. InternalName: msisadrv.sys
2576. OriginalFilename: msisadrv.sys
2577. ProductVersion: 10.0.15046.0
2578. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2579. FileDescription: ISA Driver
2580. LegalCopyright: © Microsoft Corporation. All rights reserved.
2581. fffff80a`e6640000 fffff80a`e669b000 pci (deferred)
2582. Mapped memory image file: C:\ProgramData\dbg\sym\pci.sys\688DD7395b000\pci.sys
2583. Image path: \SystemRoot\System32\drivers\pci.sys
2584. Image name: pci.sys
2585. Timestamp: Sat Aug 2 05:15:37 2025 (688DD739)
2586. CheckSum: 00063A5B
2587. ImageSize: 0005B000
2588. File version: 10.0.15058.0
2589. Product version: 10.0.15058.0
2590. File flags: 0 (Mask 3F)
2591. File OS: 40004 NT Win32
2592. File type: 2.0 Dll
2593. File date: 00000000.00000000
2594. Translations: 0409.04b0
2595. CompanyName: Microsoft Corporation
2596. ProductName: Microsoft® Windows® Operating System
2597. InternalName: pci.sys
2598. OriginalFilename: pci.sys
2599. ProductVersion: 10.0.15058.0
2600. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2601. FileDescription: NT Plug and Play PCI Enumerator
2602. LegalCopyright: © Microsoft Corporation. All rights reserved.
2603. fffff80a`e66a0000 fffff80a`e66b2000 vdrvroot (deferred)
2604. Mapped memory image file: C:\ProgramData\dbg\sym\vdrvroot.sys\C0C6BED012000\vdrvroot.sys
2605. Image path: \SystemRoot\System32\drivers\vdrvroot.sys
2606. Image name: vdrvroot.sys
2607. Timestamp: ***** Invalid (C0C6BED0)
2608. CheckSum: 0001558D
2609. ImageSize: 00012000
2610. File version: 10.0.15052.0
2611. Product version: 10.0.15052.0
2612. File flags: 0 (Mask 3F)
2613. File OS: 40004 NT Win32
2614. File type: 2.0 Dll
2615. File date: 00000000.00000000
2616. Translations: 0409.04b0
2617. CompanyName: Microsoft Corporation
2618. ProductName: Microsoft® Windows® Operating System
2619. InternalName: vdrvroot.sys
2620. OriginalFilename: vdrvroot.sys
2621. ProductVersion: 10.0.15052.0
2622. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
2623. FileDescription: Virtual Drive Root Enumerator
2624. LegalCopyright: © Microsoft Corporation. All rights reserved.
2625. fffff80a`e66c0000 fffff80a`e66e3000 pdc (deferred)
2626. Mapped memory image file: C:\ProgramData\dbg\sym\pdc.sys\26921BAC23000\pdc.sys
2627. Image path: \SystemRoot\system32\drivers\pdc.sys
2628. Image name: pdc.sys
2629. Timestamp: Wed Jul 4 12:39:08 1990 (26921BAC)
2630. CheckSum: 0002C547
2631. ImageSize: 00023000
2632. File version: 10.0.15063.468
2633. Product version: 10.0.15063.468
2634. File flags: 0 (Mask 3F)
2635. File OS: 40004 NT Win32
2636. File type: 3.7 Driver
2637. File date: 00000000.00000000
2638. Translations: 0000.04b0
2639. CompanyName: Microsoft Corporation
2640. ProductName: Microsoft® Windows® Operating System
2641. InternalName: pdc.sys
2642. OriginalFilename: pdc.sys
2643. ProductVersion: 10.0.15063.468
2644. FileVersion: 10.0.15063.468 (WinBuild.160101.0800)
2645. FileDescription: Power Dependency Coordinator Driver
2646. LegalCopyright: © Microsoft Corporation. All rights reserved.
2647. fffff80a`e66f0000 fffff80a`e6708000 CEA (deferred)
2648. Mapped memory image file: C:\ProgramData\dbg\sym\CEA.sys\01CDB10218000\CEA.sys
2649. Image path: \SystemRoot\system32\drivers\CEA.sys
2650. Image name: CEA.sys
2651. Timestamp: Wed Dec 16 23:50:10 1970 (01CDB102)
2652. CheckSum: 0001DBD0
2653. ImageSize: 00018000
2654. File version: 10.0.15046.0
2655. Product version: 10.0.15046.0
2656. File flags: 0 (Mask 3F)
2657. File OS: 40004 NT Win32
2658. File type: 2.0 Dll
2659. File date: 00000000.00000000
2660. Translations: 0409.04b0
2661. CompanyName: Microsoft Corporation
2662. ProductName: Microsoft® Windows® Operating System
2663. InternalName: EventAggregation.sys
2664. OriginalFilename: EventAggregation.sys
2665. ProductVersion: 10.0.15046.0
2666. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2667. FileDescription: Event Aggregation Kernel Mode Library
2668. LegalCopyright: © Microsoft Corporation. All rights reserved.
2669. fffff80a`e6710000 fffff80a`e673b000 partmgr (deferred)
2670. Mapped memory image file: C:\ProgramData\dbg\sym\partmgr.sys\694A94AD2b000\partmgr.sys
2671. Image path: \SystemRoot\System32\drivers\partmgr.sys
2672. Image name: partmgr.sys
2673. Timestamp: Tue Dec 23 08:10:05 2025 (694A94AD)
2674. CheckSum: 0003332D
2675. ImageSize: 0002B000
2676. File version: 10.0.15063.0
2677. Product version: 10.0.15063.0
2678. File flags: 0 (Mask 3F)
2679. File OS: 40004 NT Win32
2680. File type: 3.7 Driver
2681. File date: 00000000.00000000
2682. Translations: 0000.04b0
2683. CompanyName: Microsoft Corporation
2684. ProductName: Microsoft® Windows® Operating System
2685. InternalName: partmgr.sys
2686. OriginalFilename: partmgr.sys
2687. ProductVersion: 10.0.15063.0
2688. FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
2689. FileDescription: Partition driver
2690. LegalCopyright: © Microsoft Corporation. All rights reserved.
2691. fffff80a`e6740000 fffff80a`e67d4000 spaceport (deferred)
2692. Mapped memory image file: C:\ProgramData\dbg\sym\spaceport.sys\7AD9C5C094000\spaceport.sys
2693. Image path: \SystemRoot\System32\drivers\spaceport.sys
2694. Image name: spaceport.sys
2695. Timestamp: Wed Apr 25 01:38:08 2035 (7AD9C5C0)
2696. CheckSum: 000914F1
2697. ImageSize: 00094000
2698. File version: 10.0.15058.0
2699. Product version: 10.0.15058.0
2700. File flags: 0 (Mask 3F)
2701. File OS: 40004 NT Win32
2702. File type: 3.7 Driver
2703. File date: 00000000.00000000
2704. Translations: 0000.04b0
2705. CompanyName: Microsoft Corporation
2706. ProductName: Microsoft® Windows® Operating System
2707. InternalName: spaceport.sys
2708. OriginalFilename: spaceport.sys
2709. ProductVersion: 10.0.15058.0
2710. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2711. FileDescription: Storage Spaces Driver
2712. LegalCopyright: © Microsoft Corporation. All rights reserved.
2713. fffff80a`e67e0000 fffff80a`e67f9000 volmgr (deferred)
2714. Mapped memory image file: C:\ProgramData\dbg\sym\volmgr.sys\D713384719000\volmgr.sys
2715. Image path: \SystemRoot\System32\drivers\volmgr.sys
2716. Image name: volmgr.sys
2717. Timestamp: ***** Invalid (D7133847)
2718. CheckSum: 00020990
2719. ImageSize: 00019000
2720. File version: 10.0.15058.0
2721. Product version: 10.0.15058.0
2722. File flags: 0 (Mask 3F)
2723. File OS: 40004 NT Win32
2724. File type: 3.7 Driver
2725. File date: 00000000.00000000
2726. Translations: 0409.04b0
2727. CompanyName: Microsoft Corporation
2728. ProductName: Microsoft® Windows® Operating System
2729. InternalName: volmgr.sys
2730. OriginalFilename: volmgr.sys
2731. ProductVersion: 10.0.15058.0
2732. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2733. FileDescription: Volume Manager Driver
2734. LegalCopyright: © Microsoft Corporation. All rights reserved.
2735. fffff80a`e6800000 fffff80a`e685e000 volmgrx (deferred)
2736. Image path: \SystemRoot\System32\drivers\volmgrx.sys
2737. Image name: volmgrx.sys
2738. Timestamp: unavailable (00000000)
2739. CheckSum: 00000000
2740. ImageSize: 0005E000
2741. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
2742. fffff80a`e6860000 fffff80a`e687e000 mountmgr (deferred)
2743. Mapped memory image file: C:\ProgramData\dbg\sym\mountmgr.sys\EA4F8C7B1e000\mountmgr.sys
2744. Image path: \SystemRoot\System32\drivers\mountmgr.sys
2745. Image name: mountmgr.sys
2746. Timestamp: ***** Invalid (EA4F8C7B)
2747. CheckSum: 00022641
2748. ImageSize: 0001E000
2749. File version: 10.0.15058.0
2750. Product version: 10.0.15058.0
2751. File flags: 0 (Mask 3F)
2752. File OS: 40004 NT Win32
2753. File type: 3.7 Driver
2754. File date: 00000000.00000000
2755. Translations: 0409.04b0
2756. CompanyName: Microsoft Corporation
2757. ProductName: Microsoft® Windows® Operating System
2758. InternalName: mountmgr.sys
2759. OriginalFilename: mountmgr.sys
2760. ProductVersion: 10.0.15058.0
2761. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2762. FileDescription: Mount Point Manager
2763. LegalCopyright: © Microsoft Corporation. All rights reserved.
2764. fffff80a`e6880000 fffff80a`e69ac000 iaStorE (deferred)
2765. Image path: \SystemRoot\System32\drivers\iaStorE.sys
2766. Image name: iaStorE.sys
2767. Timestamp: Thu Apr 20 12:13:57 2017 (58F8DE45)
2768. CheckSum: 000FF41C
2769. ImageSize: 0012C000
2770. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
2771. fffff80a`e69b0000 fffff80a`e6a3a000 storport (deferred)
2772. Mapped memory image file: C:\ProgramData\dbg\sym\storport.sys\005E8DE48a000\storport.sys
2773. Image path: \SystemRoot\System32\drivers\storport.sys
2774. Image name: storport.sys
2775. Timestamp: Fri Mar 13 13:18:28 1970 (005E8DE4)
2776. CheckSum: 0008C162
2777. ImageSize: 0008A000
2778. File version: 10.0.15063.312
2779. Product version: 10.0.15063.312
2780. File flags: 0 (Mask 3F)
2781. File OS: 40004 NT Win32
2782. File type: 3.7 Driver
2783. File date: 00000000.00000000
2784. Translations: 0000.04b0
2785. CompanyName: Microsoft Corporation
2786. ProductName: Microsoft® Windows® Operating System
2787. InternalName: storport.sys
2788. OriginalFilename: storport.sys
2789. ProductVersion: 10.0.15063.312
2790. FileVersion: 10.0.15063.312 (WinBuild.160101.0800)
2791. FileDescription: Microsoft Storage Port Driver
2792. LegalCopyright: © Microsoft Corporation. All rights reserved.
2793. fffff80a`e6a40000 fffff80a`e6a5c000 EhStorClass (deferred)
2794. Mapped memory image file: C:\ProgramData\dbg\sym\EhStorClass.sys\DDF6ADD31c000\EhStorClass.sys
2795. Image path: \SystemRoot\System32\drivers\EhStorClass.sys
2796. Image name: EhStorClass.sys
2797. Timestamp: ***** Invalid (DDF6ADD3)
2798. CheckSum: 0001B589
2799. ImageSize: 0001C000
2800. File version: 10.0.15046.0
2801. Product version: 10.0.15046.0
2802. File flags: 0 (Mask 3F)
2803. File OS: 40004 NT Win32
2804. File type: 3.7 Driver
2805. File date: 00000000.00000000
2806. Translations: 0409.04b0
2807. CompanyName: Microsoft Corporation
2808. ProductName: Microsoft® Windows® Operating System
2809. InternalName: EhStorClass.sys
2810. OriginalFilename: EhStorClass.sys
2811. ProductVersion: 10.0.15046.0
2812. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2813. FileDescription: Enhanced Storage Class driver for IEEE 1667 devices
2814. LegalCopyright: © Microsoft Corporation. All rights reserved.
2815. fffff80a`e6a60000 fffff80a`e6a7a000 fileinfo (deferred)
2816. Mapped memory image file: C:\ProgramData\dbg\sym\fileinfo.sys\885C54141a000\fileinfo.sys
2817. Image path: \SystemRoot\System32\drivers\fileinfo.sys
2818. Image name: fileinfo.sys
2819. Timestamp: ***** Invalid (885C5414)
2820. CheckSum: 000235B2
2821. ImageSize: 0001A000
2822. File version: 10.0.15058.0
2823. Product version: 10.0.15058.0
2824. File flags: 0 (Mask 3F)
2825. File OS: 40004 NT Win32
2826. File type: 3.7 Driver
2827. File date: 00000000.00000000
2828. Translations: 0409.04b0
2829. CompanyName: Microsoft Corporation
2830. ProductName: Microsoft® Windows® Operating System
2831. InternalName: FileInfo.sys
2832. OriginalFilename: FileInfo.sys
2833. ProductVersion: 10.0.15058.0
2834. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2835. FileDescription: FileInfo Filter Driver
2836. LegalCopyright: © Microsoft Corporation. All rights reserved.
2837. fffff80a`e6a80000 fffff80a`e6abb000 Wof (deferred)
2838. Mapped memory image file: C:\ProgramData\dbg\sym\Wof.sys\07E257913b000\Wof.sys
2839. Image path: \SystemRoot\System32\Drivers\Wof.sys
2840. Image name: Wof.sys
2841. Timestamp: Mon Mar 11 18:47:45 1974 (07E25791)
2842. CheckSum: 00038B80
2843. ImageSize: 0003B000
2844. File version: 10.0.15046.0
2845. Product version: 10.0.15046.0
2846. File flags: 0 (Mask 3F)
2847. File OS: 40004 NT Win32
2848. File type: 3.7 Driver
2849. File date: 00000000.00000000
2850. Translations: 0409.04b0
2851. CompanyName: Microsoft Corporation
2852. ProductName: Microsoft® Windows® Operating System
2853. InternalName: wof.sys
2854. OriginalFilename: wof.sys
2855. ProductVersion: 10.0.15046.0
2856. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2857. FileDescription: Windows Overlay Filter
2858. LegalCopyright: © Microsoft Corporation. All rights reserved.
2859. fffff80a`e6ac0000 fffff80a`e6d03000 NTFS (deferred)
2860. Mapped memory image file: C:\ProgramData\dbg\sym\NTFS.sys\26C2A6E9243000\NTFS.sys
2861. Image path: \SystemRoot\System32\Drivers\NTFS.sys
2862. Image name: NTFS.sys
2863. Timestamp: Fri Aug 10 08:22:01 1990 (26C2A6E9)
2864. CheckSum: 00244449
2865. ImageSize: 00243000
2866. File version: 10.0.15063.442
2867. Product version: 10.0.15063.442
2868. File flags: 0 (Mask 3F)
2869. File OS: 40004 NT Win32
2870. File type: 3.7 Driver
2871. File date: 00000000.00000000
2872. Translations: 0409.04b0
2873. CompanyName: Microsoft Corporation
2874. ProductName: Microsoft® Windows® Operating System
2875. InternalName: ntfs.sys
2876. OriginalFilename: ntfs.sys
2877. ProductVersion: 10.0.15063.442
2878. FileVersion: 10.0.15063.442 (WinBuild.160101.0800)
2879. FileDescription: NT File System Driver
2880. LegalCopyright: © Microsoft Corporation. All rights reserved.
2881. fffff80a`e6d10000 fffff80a`e6d1d000 Fs_Rec (deferred)
2882. Mapped memory image file: C:\ProgramData\dbg\sym\Fs_Rec.sys\9836443Cd000\Fs_Rec.sys
2883. Image path: \SystemRoot\System32\Drivers\Fs_Rec.sys
2884. Image name: Fs_Rec.sys
2885. Timestamp: ***** Invalid (9836443C)
2886. CheckSum: 00012F34
2887. ImageSize: 0000D000
2888. File version: 10.0.15052.0
2889. Product version: 10.0.15052.0
2890. File flags: 0 (Mask 3F)
2891. File OS: 40004 NT Win32
2892. File type: 3.7 Driver
2893. File date: 00000000.00000000
2894. Translations: 0409.04b0
2895. CompanyName: Microsoft Corporation
2896. ProductName: Microsoft® Windows® Operating System
2897. InternalName: fs_rec.sys
2898. OriginalFilename: fs_rec.sys
2899. ProductVersion: 10.0.15052.0
2900. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
2901. FileDescription: File System Recognizer Driver
2902. LegalCopyright: © Microsoft Corporation. All rights reserved.
2903. fffff80a`e6d20000 fffff80a`e6e56000 ndis (deferred)
2904. Mapped memory image file: C:\ProgramData\dbg\sym\ndis.sys\45396ECD136000\ndis.sys
2905. Image path: \SystemRoot\system32\drivers\ndis.sys
2906. Image name: ndis.sys
2907. Timestamp: Fri Oct 20 20:50:21 2006 (45396ECD)
2908. CheckSum: 00138177
2909. ImageSize: 00136000
2910. File version: 10.0.15063.442
2911. Product version: 10.0.15063.442
2912. File flags: 0 (Mask 3F)
2913. File OS: 40004 NT Win32
2914. File type: 3.6 Driver
2915. File date: 00000000.00000000
2916. Translations: 0409.04b0
2917. CompanyName: Microsoft Corporation
2918. ProductName: Microsoft® Windows® Operating System
2919. InternalName: NDIS.SYS
2920. OriginalFilename: NDIS.SYS
2921. ProductVersion: 10.0.15063.442
2922. FileVersion: 10.0.15063.442 (WinBuild.160101.0800)
2923. FileDescription: Network Driver Interface Specification (NDIS)
2924. LegalCopyright: © Microsoft Corporation. All rights reserved.
2925. fffff80a`e6e60000 fffff80a`e6e72000 netbios (deferred)
2926. Mapped memory image file: C:\ProgramData\dbg\sym\netbios.sys\93C21EE712000\netbios.sys
2927. Image path: \SystemRoot\system32\drivers\netbios.sys
2928. Image name: netbios.sys
2929. Timestamp: ***** Invalid (93C21EE7)
2930. CheckSum: 0001A8FF
2931. ImageSize: 00012000
2932. File version: 10.0.15046.0
2933. Product version: 10.0.15046.0
2934. File flags: 0 (Mask 3F)
2935. File OS: 40004 NT Win32
2936. File type: 3.6 Driver
2937. File date: 00000000.00000000
2938. Translations: 0409.04b0
2939. CompanyName: Microsoft Corporation
2940. ProductName: Microsoft® Windows® Operating System
2941. InternalName: NETBIOS.SYS
2942. OriginalFilename: NETBIOS.SYS
2943. ProductVersion: 10.0.15046.0
2944. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2945. FileDescription: NetBIOS interface driver
2946. LegalCopyright: © Microsoft Corporation. All rights reserved.
2947. fffff80a`e6e80000 fffff80a`e6e9a000 rspndr (deferred)
2948. Mapped memory image file: C:\ProgramData\dbg\sym\rspndr.sys\283736811a000\rspndr.sys
2949. Image path: \SystemRoot\system32\drivers\rspndr.sys
2950. Image name: rspndr.sys
2951. Timestamp: Sun May 19 22:37:53 1991 (28373681)
2952. CheckSum: 00017DD9
2953. ImageSize: 0001A000
2954. File version: 10.0.15058.0
2955. Product version: 10.0.15058.0
2956. File flags: 0 (Mask 3F)
2957. File OS: 40004 NT Win32
2958. File type: 3.6 Driver
2959. File date: 00000000.00000000
2960. Translations: 0409.04b0
2961. CompanyName: Microsoft Corporation
2962. ProductName: Microsoft® Windows® Operating System
2963. InternalName: RSPNDR.SYS
2964. OriginalFilename: RSPNDR.SYS
2965. ProductVersion: 10.0.15058.0
2966. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
2967. FileDescription: Link-Layer Topology Responder Driver for NDIS 6
2968. LegalCopyright: © Microsoft Corporation. All rights reserved.
2969. fffff80a`e6ea0000 fffff80a`e6f2e000 mcupdate_GenuineIntel (deferred)
2970. Mapped memory image file: C:\ProgramData\dbg\sym\mcupdate_GenuineIntel.dll\11F2820A8e000\mcupdate_GenuineIntel.dll
2971. Image path: \SystemRoot\system32\mcupdate_GenuineIntel.dll
2972. Image name: mcupdate_GenuineIntel.dll
2973. Timestamp: Tue Jul 17 20:27:54 1979 (11F2820A)
2974. CheckSum: 00092CCF
2975. ImageSize: 0008E000
2976. File version: 10.0.15046.0
2977. Product version: 10.0.15046.0
2978. File flags: 0 (Mask 3F)
2979. File OS: 40004 NT Win32
2980. File type: 3.A Driver
2981. File date: 00000000.00000000
2982. Translations: 0409.04b0
2983. CompanyName: Microsoft Corporation
2984. ProductName: Microsoft® Windows® Operating System
2985. InternalName: mcupdate.dll
2986. OriginalFilename: mcupdate_GenuineIntel.dll
2987. ProductVersion: 10.0.15046.0
2988. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
2989. FileDescription: Intel Microcode Update Library
2990. LegalCopyright: © Microsoft Corporation. All rights reserved.
2991. fffff80a`e6f30000 fffff80a`e6f8f000 msrpc (deferred)
2992. Mapped memory image file: C:\ProgramData\dbg\sym\msrpc.sys\16A8209D5f000\msrpc.sys
2993. Image path: \SystemRoot\System32\drivers\msrpc.sys
2994. Image name: msrpc.sys
2995. Timestamp: Sun Jan 17 07:05:49 1982 (16A8209D)
2996. CheckSum: 0006343C
2997. ImageSize: 0005F000
2998. File version: 10.0.15058.0
2999. Product version: 10.0.15058.0
3000. File flags: 0 (Mask 3F)
3001. File OS: 40004 NT Win32
3002. File type: 3.7 Driver
3003. File date: 00000000.00000000
3004. Translations: 0409.04b0
3005. CompanyName: Microsoft Corporation
3006. ProductName: Microsoft® Windows® Operating System
3007. InternalName: krpcdd.sys
3008. OriginalFilename: krpcdd.sys
3009. ProductVersion: 10.0.15058.0
3010. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3011. FileDescription: Kernel Remote Procedure Call Provider
3012. LegalCopyright: © Microsoft Corporation. All rights reserved.
3013. fffff80a`e6f90000 fffff80a`e6fb9000 ksecdd (deferred)
3014. Mapped memory image file: C:\ProgramData\dbg\sym\ksecdd.sys\85DBC70829000\ksecdd.sys
3015. Image path: \SystemRoot\System32\drivers\ksecdd.sys
3016. Image name: ksecdd.sys
3017. Timestamp: ***** Invalid (85DBC708)
3018. CheckSum: 000289CA
3019. ImageSize: 00029000
3020. File version: 10.0.15058.0
3021. Product version: 10.0.15058.0
3022. File flags: 0 (Mask 3F)
3023. File OS: 40004 NT Win32
3024. File type: 3.7 Driver
3025. File date: 00000000.00000000
3026. Translations: 0409.04b0
3027. CompanyName: Microsoft Corporation
3028. ProductName: Microsoft® Windows® Operating System
3029. InternalName: ksecdd.sys
3030. OriginalFilename: ksecdd.sys
3031. ProductVersion: 10.0.15058.0
3032. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3033. FileDescription: Kernel Security Support Provider Interface
3034. LegalCopyright: © Microsoft Corporation. All rights reserved.
3035. fffff80a`e6fc0000 fffff80a`e6fd1000 werkernel (deferred)
3036. Mapped memory image file: C:\ProgramData\dbg\sym\werkernel.sys\C3403C4211000\werkernel.sys
3037. Image path: \SystemRoot\System32\drivers\werkernel.sys
3038. Image name: werkernel.sys
3039. Timestamp: ***** Invalid (C3403C42)
3040. CheckSum: 000160E2
3041. ImageSize: 00011000
3042. File version: 10.0.15046.0
3043. Product version: 10.0.15046.0
3044. File flags: 0 (Mask 3F)
3045. File OS: 40004 NT Win32
3046. File type: 3.7 Driver
3047. File date: 00000000.00000000
3048. Translations: 0409.04b0
3049. CompanyName: Microsoft Corporation
3050. ProductName: Microsoft® Windows® Operating System
3051. InternalName: werkernel
3052. OriginalFilename: werkernel.sys
3053. ProductVersion: 10.0.15046.0
3054. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3055. FileDescription: Windows Error Reporting Kernel Driver
3056. LegalCopyright: © Microsoft Corporation. All rights reserved.
3057. fffff80a`e7000000 fffff80a`e709b000 afd (deferred)
3058. Mapped memory image file: C:\ProgramData\dbg\sym\afd.sys\ED6FDF1B9b000\afd.sys
3059. Image path: \SystemRoot\system32\drivers\afd.sys
3060. Image name: afd.sys
3061. Timestamp: ***** Invalid (ED6FDF1B)
3062. CheckSum: 0009BF2E
3063. ImageSize: 0009B000
3064. File version: 10.0.15058.0
3065. Product version: 10.0.15058.0
3066. File flags: 0 (Mask 3F)
3067. File OS: 40004 NT Win32
3068. File type: 3.7 Driver
3069. File date: 00000000.00000000
3070. Translations: 0409.04b0
3071. CompanyName: Microsoft Corporation
3072. ProductName: Microsoft® Windows® Operating System
3073. InternalName: afd.sys
3074. OriginalFilename: afd.sys
3075. ProductVersion: 10.0.15058.0
3076. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3077. FileDescription: Ancillary Function Driver for WinSock
3078. LegalCopyright: © Microsoft Corporation. All rights reserved.
3079. fffff80a`e70a0000 fffff80a`e70c9000 pacer (deferred)
3080. Mapped memory image file: C:\ProgramData\dbg\sym\pacer.sys\C07DAF1029000\pacer.sys
3081. Image path: \SystemRoot\System32\drivers\pacer.sys
3082. Image name: pacer.sys
3083. Timestamp: ***** Invalid (C07DAF10)
3084. CheckSum: 0002B1A2
3085. ImageSize: 00029000
3086. File version: 10.0.15058.0
3087. Product version: 10.0.15058.0
3088. File flags: 0 (Mask 3F)
3089. File OS: 40004 NT Win32
3090. File type: 3.6 Driver
3091. File date: 00000000.00000000
3092. Translations: 0409.04b0
3093. CompanyName: Microsoft Corporation
3094. ProductName: Microsoft® Windows® Operating System
3095. InternalName: pacer.sys
3096. OriginalFilename: pacer.sys
3097. ProductVersion: 10.0.15058.0
3098. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3099. FileDescription: QoS Packet Scheduler
3100. LegalCopyright: © Microsoft Corporation. All rights reserved.
3101. fffff80a`e70d0000 fffff80a`e7155000 NETIO (deferred)
3102. Mapped memory image file: C:\ProgramData\dbg\sym\NETIO.SYS\2F813BEF85000\NETIO.SYS
3103. Image path: \SystemRoot\system32\drivers\NETIO.SYS
3104. Image name: NETIO.SYS
3105. Timestamp: Tue Apr 4 08:30:39 1995 (2F813BEF)
3106. CheckSum: 0008E61A
3107. ImageSize: 00085000
3108. File version: 10.0.15063.468
3109. Product version: 10.0.15063.468
3110. File flags: 0 (Mask 3F)
3111. File OS: 40004 NT Win32
3112. File type: 3.6 Driver
3113. File date: 00000000.00000000
3114. Translations: 0409.04b0
3115. CompanyName: Microsoft Corporation
3116. ProductName: Microsoft® Windows® Operating System
3117. InternalName: netio.sys
3118. OriginalFilename: netio.sys
3119. ProductVersion: 10.0.15063.468
3120. FileVersion: 10.0.15063.468 (WinBuild.160101.0800)
3121. FileDescription: Network I/O Subsystem
3122. LegalCopyright: © Microsoft Corporation. All rights reserved.
3123. fffff80a`e7160000 fffff80a`e7190000 ksecpkg (deferred)
3124. Mapped memory image file: C:\ProgramData\dbg\sym\ksecpkg.sys\AC6D7E9B30000\ksecpkg.sys
3125. Image path: \SystemRoot\System32\Drivers\ksecpkg.sys
3126. Image name: ksecpkg.sys
3127. Timestamp: ***** Invalid (AC6D7E9B)
3128. CheckSum: 0002A48F
3129. ImageSize: 00030000
3130. File version: 10.0.15058.0
3131. Product version: 10.0.15058.0
3132. File flags: 0 (Mask 3F)
3133. File OS: 40004 NT Win32
3134. File type: 3.7 Driver
3135. File date: 00000000.00000000
3136. Translations: 0409.04b0
3137. CompanyName: Microsoft Corporation
3138. ProductName: Microsoft® Windows® Operating System
3139. InternalName: ksecpkg.sys
3140. OriginalFilename: ksecpkg.sys
3141. ProductVersion: 10.0.15058.0
3142. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3143. FileDescription: Kernel Security Support Provider Interface Packages
3144. LegalCopyright: © Microsoft Corporation. All rights reserved.
3145. fffff80a`e7190000 fffff80a`e71e2000 netbt (deferred)
3146. Mapped memory image file: C:\ProgramData\dbg\sym\netbt.sys\B2AD25BE52000\netbt.sys
3147. Image path: \SystemRoot\System32\DRIVERS\netbt.sys
3148. Image name: netbt.sys
3149. Timestamp: ***** Invalid (B2AD25BE)
3150. CheckSum: 00055B39
3151. ImageSize: 00052000
3152. File version: 10.0.15058.0
3153. Product version: 10.0.15058.0
3154. File flags: 0 (Mask 3F)
3155. File OS: 40004 NT Win32
3156. File type: 3.7 Driver
3157. File date: 00000000.00000000
3158. Translations: 0409.04b0
3159. CompanyName: Microsoft Corporation
3160. ProductName: Microsoft® Windows® Operating System
3161. InternalName: netbt.sys
3162. OriginalFilename: netbt.sys
3163. ProductVersion: 10.0.15058.0
3164. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3165. FileDescription: MBT Transport driver
3166. LegalCopyright: © Microsoft Corporation. All rights reserved.
3167. fffff80a`e7200000 fffff80a`e72b6000 fvevol (deferred)
3168. Mapped memory image file: C:\ProgramData\dbg\sym\fvevol.sys\36B7F511b6000\fvevol.sys
3169. Image path: \SystemRoot\System32\DRIVERS\fvevol.sys
3170. Image name: fvevol.sys
3171. Timestamp: Wed Feb 3 02:04:49 1999 (36B7F511)
3172. CheckSum: 000B8351
3173. ImageSize: 000B6000
3174. File version: 10.0.15061.0
3175. Product version: 10.0.15061.0
3176. File flags: 0 (Mask 3F)
3177. File OS: 40004 NT Win32
3178. File type: 3.7 Driver
3179. File date: 00000000.00000000
3180. Translations: 0000.04b0
3181. CompanyName: Microsoft Corporation
3182. ProductName: Microsoft® Windows® Operating System
3183. InternalName: FVEVOL.SYS
3184. OriginalFilename: FVEVOL.SYS
3185. ProductVersion: 10.0.15061.0
3186. FileVersion: 10.0.15061.0 (WinBuild.160101.0800)
3187. FileDescription: BitLocker Drive Encryption Driver
3188. LegalCopyright: © Microsoft Corporation. All rights reserved.
3189. fffff80a`e72c0000 fffff80a`e72cb000 volume (deferred)
3190. Mapped memory image file: C:\ProgramData\dbg\sym\volume.sys\9CBEE8B7b000\volume.sys
3191. Image path: \SystemRoot\System32\drivers\volume.sys
3192. Image name: volume.sys
3193. Timestamp: ***** Invalid (9CBEE8B7)
3194. CheckSum: 00012BB5
3195. ImageSize: 0000B000
3196. File version: 10.0.15046.0
3197. Product version: 10.0.15046.0
3198. File flags: 0 (Mask 3F)
3199. File OS: 40004 NT Win32
3200. File type: 3.7 Driver
3201. File date: 00000000.00000000
3202. Translations: 0000.04b0
3203. CompanyName: Microsoft Corporation
3204. ProductName: Microsoft® Windows® Operating System
3205. InternalName: volume.sys
3206. OriginalFilename: volume.sys
3207. ProductVersion: 10.0.15046.0
3208. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3209. FileDescription: Volume driver
3210. LegalCopyright: © Microsoft Corporation. All rights reserved.
3211. fffff80a`e72d0000 fffff80a`e7334000 volsnap (deferred)
3212. Mapped memory image file: C:\ProgramData\dbg\sym\volsnap.sys\DC1CFF9164000\volsnap.sys
3213. Image path: \SystemRoot\System32\drivers\volsnap.sys
3214. Image name: volsnap.sys
3215. Timestamp: ***** Invalid (DC1CFF91)
3216. CheckSum: 0006B682
3217. ImageSize: 00064000
3218. File version: 10.0.15058.0
3219. Product version: 10.0.15058.0
3220. File flags: 0 (Mask 3F)
3221. File OS: 40004 NT Win32
3222. File type: 3.7 Driver
3223. File date: 00000000.00000000
3224. Translations: 0409.04b0
3225. CompanyName: Microsoft Corporation
3226. ProductName: Microsoft® Windows® Operating System
3227. InternalName: volsnap.sys
3228. OriginalFilename: volsnap.sys
3229. ProductVersion: 10.0.15058.0
3230. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3231. FileDescription: Volume Shadow Copy driver
3232. LegalCopyright: © Microsoft Corporation. All rights reserved.
3233. fffff80a`e7340000 fffff80a`e738c000 rdyboost (deferred)
3234. Mapped memory image file: C:\ProgramData\dbg\sym\rdyboost.sys\CA830C4C4c000\rdyboost.sys
3235. Image path: \SystemRoot\System32\drivers\rdyboost.sys
3236. Image name: rdyboost.sys
3237. Timestamp: ***** Invalid (CA830C4C)
3238. CheckSum: 0004E490
3239. ImageSize: 0004C000
3240. File version: 10.0.15058.0
3241. Product version: 10.0.15058.0
3242. File flags: 0 (Mask 3F)
3243. File OS: 40004 NT Win32
3244. File type: 3.7 Driver
3245. File date: 00000000.00000000
3246. Translations: 0000.04b0
3247. CompanyName: Microsoft Corporation
3248. ProductName: Microsoft® Windows® Operating System
3249. InternalName: rdyboost.sys
3250. OriginalFilename: rdyboost.sys
3251. ProductVersion: 10.0.15058.0
3252. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3253. FileDescription: ReadyBoost Driver
3254. LegalCopyright: © Microsoft Corporation. All rights reserved.
3255. fffff80a`e7390000 fffff80a`e73b4000 mup (deferred)
3256. Mapped memory image file: C:\ProgramData\dbg\sym\mup.sys\98323F4C24000\mup.sys
3257. Image path: \SystemRoot\System32\Drivers\mup.sys
3258. Image name: mup.sys
3259. Timestamp: ***** Invalid (98323F4C)
3260. CheckSum: 0002CA2F
3261. ImageSize: 00024000
3262. File version: 10.0.15058.0
3263. Product version: 10.0.15058.0
3264. File flags: 0 (Mask 3F)
3265. File OS: 40004 NT Win32
3266. File type: 3.6 Driver
3267. File date: 00000000.00000000
3268. Translations: 0409.04b0
3269. CompanyName: Microsoft Corporation
3270. ProductName: Microsoft® Windows® Operating System
3271. InternalName: MUP.SYS
3272. OriginalFilename: MUP.SYS
3273. ProductVersion: 10.0.15058.0
3274. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3275. FileDescription: Multiple UNC Provider Driver
3276. LegalCopyright: © Microsoft Corporation. All rights reserved.
3277. fffff80a`e73c0000 fffff80a`e73d1000 iorate (deferred)
3278. Mapped memory image file: C:\ProgramData\dbg\sym\iorate.sys\510C4C9F11000\iorate.sys
3279. Image path: \SystemRoot\system32\drivers\iorate.sys
3280. Image name: iorate.sys
3281. Timestamp: Fri Feb 1 18:15:43 2013 (510C4C9F)
3282. CheckSum: 00019E81
3283. ImageSize: 00011000
3284. File version: 10.0.15046.0
3285. Product version: 10.0.15046.0
3286. File flags: 0 (Mask 3F)
3287. File OS: 40004 NT Win32
3288. File type: 3.7 Driver
3289. File date: 00000000.00000000
3290. Translations: 0409.04b0
3291. CompanyName: Microsoft Corporation
3292. ProductName: Microsoft® Windows® Operating System
3293. InternalName: iorate.sys
3294. OriginalFilename: iorate.sys
3295. ProductVersion: 10.0.15046.0
3296. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3297. FileDescription: I/O rate control Filter
3298. LegalCopyright: © Microsoft Corporation. All rights reserved.
3299. fffff80a`e73f0000 fffff80a`e740e000 disk (deferred)
3300. Mapped memory image file: C:\ProgramData\dbg\sym\disk.sys\49CE6E681e000\disk.sys
3301. Image path: \SystemRoot\System32\drivers\disk.sys
3302. Image name: disk.sys
3303. Timestamp: Sat Mar 28 14:37:28 2009 (49CE6E68)
3304. CheckSum: 0001E637
3305. ImageSize: 0001E000
3306. File version: 10.0.15058.0
3307. Product version: 10.0.15058.0
3308. File flags: 0 (Mask 3F)
3309. File OS: 40004 NT Win32
3310. File type: 3.7 Driver
3311. File date: 00000000.00000000
3312. Translations: 0000.04b0
3313. CompanyName: Microsoft Corporation
3314. ProductName: Microsoft® Windows® Operating System
3315. InternalName: disk.sys
3316. OriginalFilename: disk.sys
3317. ProductVersion: 10.0.15058.0
3318. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3319. FileDescription: PnP Disk Driver
3320. LegalCopyright: © Microsoft Corporation. All rights reserved.
3321. fffff80a`e7410000 fffff80a`e7475000 CLASSPNP (deferred)
3322. Mapped memory image file: C:\ProgramData\dbg\sym\CLASSPNP.SYS\2A05694965000\CLASSPNP.SYS
3323. Image path: \SystemRoot\System32\drivers\CLASSPNP.SYS
3324. Image name: CLASSPNP.SYS
3325. Timestamp: Mon May 4 12:41:45 1992 (2A056949)
3326. CheckSum: 0006CAEA
3327. ImageSize: 00065000
3328. File version: 10.0.15058.0
3329. Product version: 10.0.15058.0
3330. File flags: 0 (Mask 3F)
3331. File OS: 40004 NT Win32
3332. File type: 3.7 Driver
3333. File date: 00000000.00000000
3334. Translations: 0000.04b0
3335. CompanyName: Microsoft Corporation
3336. ProductName: Microsoft® Windows® Operating System
3337. InternalName: Classpnp.sys
3338. OriginalFilename: Classpnp.sys
3339. ProductVersion: 10.0.15058.0
3340. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3341. FileDescription: SCSI Class System Dll
3342. LegalCopyright: © Microsoft Corporation. All rights reserved.
3343. fffff80a`e7480000 fffff80a`e748e000 aswbuniva (deferred)
3344. Image path: \SystemRoot\system32\drivers\aswbuniva.sys
3345. Image name: aswbuniva.sys
3346. Timestamp: Tue Jun 6 12:14:23 2017 (5936D4DF)
3347. CheckSum: 0001C94C
3348. ImageSize: 0000E000
3349. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3350. fffff80a`e7490000 fffff80a`e74e0000 aswbloga (deferred)
3351. Image path: \SystemRoot\system32\drivers\aswbloga.sys
3352. Image name: aswbloga.sys
3353. Timestamp: Tue Jun 6 12:14:26 2017 (5936D4E2)
3354. CheckSum: 00058A07
3355. ImageSize: 00050000
3356. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3357. fffff80a`e74e0000 fffff80a`e750f000 aswbidsha (deferred)
3358. Image path: \SystemRoot\system32\drivers\aswbidsha.sys
3359. Image name: aswbidsha.sys
3360. Timestamp: Tue Jun 6 12:14:33 2017 (5936D4E9)
3361. CheckSum: 00036223
3362. ImageSize: 0002F000
3363. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3364. fffff80a`e7530000 fffff80a`e754b000 crashdmp (deferred)
3365. Mapped memory image file: C:\ProgramData\dbg\sym\crashdmp.sys\2C13F6811b000\crashdmp.sys
3366. Image path: \SystemRoot\System32\Drivers\crashdmp.sys
3367. Image name: crashdmp.sys
3368. Timestamp: Mon Jun 7 22:16:33 1993 (2C13F681)
3369. CheckSum: 0001EF18
3370. ImageSize: 0001B000
3371. File version: 10.0.15058.0
3372. Product version: 10.0.15058.0
3373. File flags: 0 (Mask 3F)
3374. File OS: 40004 NT Win32
3375. File type: 3.7 Driver
3376. File date: 00000000.00000000
3377. Translations: 0409.04b0
3378. CompanyName: Microsoft Corporation
3379. ProductName: Microsoft® Windows® Operating System
3380. InternalName: crashdmp.sys
3381. OriginalFilename: crashdmp.sys
3382. ProductVersion: 10.0.15058.0
3383. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3384. FileDescription: Crash Dump Driver
3385. LegalCopyright: © Microsoft Corporation. All rights reserved.
3386. fffff80a`e7550000 fffff80a`e767c000 dump_iaStorE (deferred)
3387. Image path: \SystemRoot\System32\Drivers\dump_iaStorE.sys
3388. Image name: dump_iaStorE.sys
3389. Timestamp: Thu Apr 20 12:13:57 2017 (58F8DE45)
3390. CheckSum: 000FF41C
3391. ImageSize: 0012C000
3392. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3393. fffff80a`e7680000 fffff80a`e7733000 dxgmms2 (deferred)
3394. Mapped memory image file: C:\ProgramData\dbg\sym\dxgmms2.sys\ABB616E9b3000\dxgmms2.sys
3395. Image path: \SystemRoot\System32\drivers\dxgmms2.sys
3396. Image name: dxgmms2.sys
3397. Timestamp: ***** Invalid (ABB616E9)
3398. CheckSum: 000AE8C9
3399. ImageSize: 000B3000
3400. File version: 10.0.15063.312
3401. Product version: 10.0.15063.312
3402. File flags: 0 (Mask 3F)
3403. File OS: 40004 NT Win32
3404. File type: 3.7 Driver
3405. File date: 00000000.00000000
3406. Translations: 0409.04b0
3407. CompanyName: Microsoft Corporation
3408. ProductName: Microsoft® Windows® Operating System
3409. InternalName: dxgmms2.sys
3410. OriginalFilename: dxgmms2.sys
3411. ProductVersion: 10.0.15063.312
3412. FileVersion: 10.0.15063.312 (WinBuild.160101.0800)
3413. FileDescription: DirectX Graphics MMS
3414. LegalCopyright: © Microsoft Corporation. All rights reserved.
3415. fffff80a`e7740000 fffff80a`e7767000 aswMonFlt (deferred)
3416. Image path: \SystemRoot\system32\drivers\aswMonFlt.sys
3417. Image name: aswMonFlt.sys
3418. Timestamp: Thu Jun 22 18:45:03 2017 (594C486F)
3419. CheckSum: 0002ED17
3420. ImageSize: 00027000
3421. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3422. fffff80a`e7770000 fffff80a`e77a1000 aswStm (deferred)
3423. Image path: \SystemRoot\system32\drivers\aswStm.sys
3424. Image name: aswStm.sys
3425. Timestamp: Mon Jun 19 18:56:07 2017 (59485687)
3426. CheckSum: 00030C56
3427. ImageSize: 00031000
3428. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3429. fffff80a`e77b0000 fffff80a`e77c6000 lltdio (deferred)
3430. Mapped memory image file: C:\ProgramData\dbg\sym\lltdio.sys\DD62481516000\lltdio.sys
3431. Image path: \SystemRoot\system32\drivers\lltdio.sys
3432. Image name: lltdio.sys
3433. Timestamp: ***** Invalid (DD624815)
3434. CheckSum: 000188CA
3435. ImageSize: 00016000
3436. File version: 10.0.15052.0
3437. Product version: 10.0.15052.0
3438. File flags: 0 (Mask 3F)
3439. File OS: 40004 NT Win32
3440. File type: 3.6 Driver
3441. File date: 00000000.00000000
3442. Translations: 0409.04b0
3443. CompanyName: Microsoft Corporation
3444. ProductName: Microsoft® Windows® Operating System
3445. InternalName: LLTDIO.SYS
3446. OriginalFilename: LLTDIO.SYS
3447. ProductVersion: 10.0.15052.0
3448. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
3449. FileDescription: Link-Layer Topology Mapper I/O Driver
3450. LegalCopyright: © Microsoft Corporation. All rights reserved.
3451. fffff80a`e77d0000 fffff80a`e77ea000 mslldp (deferred)
3452. Mapped memory image file: C:\ProgramData\dbg\sym\mslldp.sys\C33AB00E1a000\mslldp.sys
3453. Image path: \SystemRoot\system32\drivers\mslldp.sys
3454. Image name: mslldp.sys
3455. Timestamp: ***** Invalid (C33AB00E)
3456. CheckSum: 00016E1F
3457. ImageSize: 0001A000
3458. File version: 10.0.15058.0
3459. Product version: 10.0.15058.0
3460. File flags: 0 (Mask 3F)
3461. File OS: 40004 NT Win32
3462. File type: 3.6 Driver
3463. File date: 00000000.00000000
3464. Translations: 0409.04b0
3465. CompanyName: Microsoft Corporation
3466. ProductName: Microsoft® Windows® Operating System
3467. InternalName: MSLLDP.SYS
3468. OriginalFilename: MSLLDP.SYS
3469. ProductVersion: 10.0.15058.0
3470. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3471. FileDescription: Microsoft Link-Layer Discovery Protocol Driver
3472. LegalCopyright: © Microsoft Corporation. All rights reserved.
3473. fffff80a`e77f0000 fffff80a`e780b000 wanarp (deferred)
3474. Mapped memory image file: C:\ProgramData\dbg\sym\wanarp.sys\1754996C1b000\wanarp.sys
3475. Image path: \SystemRoot\System32\DRIVERS\wanarp.sys
3476. Image name: wanarp.sys
3477. Timestamp: Fri May 28 03:51:08 1982 (1754996C)
3478. CheckSum: 00019288
3479. ImageSize: 0001B000
3480. File version: 10.0.15046.0
3481. Product version: 10.0.15046.0
3482. File flags: 0 (Mask 3F)
3483. File OS: 40004 NT Win32
3484. File type: 3.6 Driver
3485. File date: 00000000.00000000
3486. Translations: 0409.04b0
3487. CompanyName: Microsoft Corporation
3488. ProductName: Microsoft® Windows® Operating System
3489. InternalName: WANARP.SYS
3490. OriginalFilename: WANARP.SYS
3491. ProductVersion: 10.0.15046.0
3492. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3493. FileDescription: MS Remote Access and Routing ARP Driver
3494. LegalCopyright: © Microsoft Corporation. All rights reserved.
3495. fffff80a`e7810000 fffff80a`e783e000 cdrom (deferred)
3496. Mapped memory image file: C:\ProgramData\dbg\sym\cdrom.sys\04CCA32D2e000\cdrom.sys
3497. Image path: \SystemRoot\System32\drivers\cdrom.sys
3498. Image name: cdrom.sys
3499. Timestamp: Thu Jul 20 18:39:41 1972 (04CCA32D)
3500. CheckSum: 00036ABC
3501. ImageSize: 0002E000
3502. File version: 10.0.15046.0
3503. Product version: 10.0.15046.0
3504. File flags: 0 (Mask 3F)
3505. File OS: 40004 NT Win32
3506. File type: 3.7 Driver
3507. File date: 00000000.00000000
3508. Translations: 0000.04b0
3509. CompanyName: Microsoft Corporation
3510. ProductName: Microsoft® Windows® Operating System
3511. InternalName: cdrom.sys
3512. OriginalFilename: cdrom.sys
3513. ProductVersion: 10.0.15046.0
3514. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3515. FileDescription: SCSI CD-ROM Driver
3516. LegalCopyright: © Microsoft Corporation. All rights reserved.
3517. fffff80a`e7840000 fffff80a`e78f1000 aswSP (deferred)
3518. Image path: \SystemRoot\system32\drivers\aswSP.sys
3519. Image name: aswSP.sys
3520. Timestamp: Thu Jun 22 18:45:26 2017 (594C4886)
3521. CheckSum: 00099882
3522. ImageSize: 000B1000
3523. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3524. fffff80a`e7900000 fffff80a`e79f6000 aswSnx (deferred)
3525. Image path: \SystemRoot\system32\drivers\aswSnx.sys
3526. Image name: aswSnx.sys
3527. Timestamp: Mon Jun 19 18:37:45 2017 (59485239)
3528. CheckSum: 000F9C99
3529. ImageSize: 000F6000
3530. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3531. fffff80a`e7a00000 fffff80a`e7a67000 ks (deferred)
3532. Mapped memory image file: C:\ProgramData\dbg\sym\ks.sys\12A4A31867000\ks.sys
3533. Image path: \SystemRoot\system32\drivers\ks.sys
3534. Image name: ks.sys
3535. Timestamp: Thu Nov 29 22:12:24 1979 (12A4A318)
3536. CheckSum: 00068D97
3537. ImageSize: 00067000
3538. File version: 10.0.15058.0
3539. Product version: 10.0.15058.0
3540. File flags: 0 (Mask 3F)
3541. File OS: 40004 NT Win32
3542. File type: 3.0 Driver
3543. File date: 00000000.00000000
3544. Translations: 0000.04b0
3545. CompanyName: Microsoft Corporation
3546. ProductName: Microsoft® Windows® Operating System
3547. InternalName: ks.sys
3548. OriginalFilename: ks.sys
3549. ProductVersion: 10.0.15058.0
3550. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3551. FileDescription: Kernel CSA Library
3552. LegalCopyright: © Microsoft Corporation. All rights reserved.
3553. fffff80a`e7a70000 fffff80a`e7a84000 filecrypt (deferred)
3554. Mapped memory image file: C:\ProgramData\dbg\sym\filecrypt.sys\719E181314000\filecrypt.sys
3555. Image path: \SystemRoot\system32\drivers\filecrypt.sys
3556. Image name: filecrypt.sys
3557. Timestamp: Tue May 28 04:10:59 2030 (719E1813)
3558. CheckSum: 0001B03D
3559. ImageSize: 00014000
3560. File version: 10.0.15046.0
3561. Product version: 10.0.15046.0
3562. File flags: 0 (Mask 3F)
3563. File OS: 40004 NT Win32
3564. File type: 3.7 Driver
3565. File date: 00000000.00000000
3566. Translations: 0409.04b0
3567. CompanyName: Microsoft Corporation
3568. ProductName: Microsoft® Windows® Operating System
3569. InternalName: filecrypt.sys
3570. OriginalFilename: filecrypt.sys
3571. ProductVersion: 10.0.15046.0
3572. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3573. FileDescription: Windows sandboxing and encryption filter
3574. LegalCopyright: © Microsoft Corporation. All rights reserved.
3575. fffff80a`e7a90000 fffff80a`e7a9d000 tbs (deferred)
3576. Mapped memory image file: C:\ProgramData\dbg\sym\tbs.sys\6C444C9Bd000\tbs.sys
3577. Image path: \SystemRoot\system32\drivers\tbs.sys
3578. Image name: tbs.sys
3579. Timestamp: Sat Jul 24 03:49:47 2027 (6C444C9B)
3580. CheckSum: 00007016
3581. ImageSize: 0000D000
3582. File version: 10.0.15046.0
3583. Product version: 10.0.15046.0
3584. File flags: 0 (Mask 3F)
3585. File OS: 40004 NT Win32
3586. File type: 3.7 Driver
3587. File date: 00000000.00000000
3588. Translations: 0409.04b0
3589. CompanyName: Microsoft Corporation
3590. ProductName: Microsoft® Windows® Operating System
3591. InternalName: TBS.SYS
3592. OriginalFilename: TBS.SYS
3593. ProductVersion: 10.0.15046.0
3594. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3595. FileDescription: Export driver for kernel mode TPM API
3596. LegalCopyright: © Microsoft Corporation. All rights reserved.
3597. fffff80a`e7aa0000 fffff80a`e7aaa000 Null (deferred)
3598. Image path: \SystemRoot\System32\Drivers\Null.SYS
3599. Image name: Null.SYS
3600. Timestamp: unavailable (00000000)
3601. CheckSum: 00000000
3602. ImageSize: 0000A000
3603. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3604. fffff80a`e7ab0000 fffff80a`e7aba000 Beep (deferred)
3605. Mapped memory image file: C:\ProgramData\dbg\sym\Beep.SYS\A94A035Ea000\Beep.SYS
3606. Image path: \SystemRoot\System32\Drivers\Beep.SYS
3607. Image name: Beep.SYS
3608. Timestamp: ***** Invalid (A94A035E)
3609. CheckSum: 0000B8DE
3610. ImageSize: 0000A000
3611. File version: 10.0.15046.0
3612. Product version: 10.0.15046.0
3613. File flags: 0 (Mask 3F)
3614. File OS: 40004 NT Win32
3615. File type: 3.7 Driver
3616. File date: 00000000.00000000
3617. Translations: 0409.04b0
3618. CompanyName: Microsoft Corporation
3619. ProductName: Microsoft® Windows® Operating System
3620. InternalName: beep.sys
3621. OriginalFilename: beep.sys
3622. ProductVersion: 10.0.15046.0
3623. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3624. FileDescription: BEEP Driver
3625. LegalCopyright: © Microsoft Corporation. All rights reserved.
3626. fffff80a`e7ac0000 fffff80a`e7ad5000 BasicDisplay (deferred)
3627. Mapped memory image file: C:\ProgramData\dbg\sym\BasicDisplay.sys\E7A205B415000\BasicDisplay.sys
3628. Image path: \SystemRoot\System32\drivers\BasicDisplay.sys
3629. Image name: BasicDisplay.sys
3630. Timestamp: ***** Invalid (E7A205B4)
3631. CheckSum: 000178AD
3632. ImageSize: 00015000
3633. File version: 10.0.15046.0
3634. Product version: 10.0.15046.0
3635. File flags: 0 (Mask 3F)
3636. File OS: 40004 NT Win32
3637. File type: 3.4 Driver
3638. File date: 00000000.00000000
3639. Translations: 0000.04b0
3640. CompanyName: Microsoft Corporation
3641. ProductName: Microsoft® Windows® Operating System
3642. InternalName: BasicDisplay.sys
3643. OriginalFilename: BasicDisplay.sys
3644. ProductVersion: 10.0.15046.0
3645. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3646. FileDescription: Microsoft Basic Display Driver
3647. LegalCopyright: © Microsoft Corporation. All rights reserved.
3648. fffff80a`e7ae0000 fffff80a`e7af4000 watchdog (deferred)
3649. Mapped memory image file: C:\ProgramData\dbg\sym\watchdog.sys\DFC4C1CD14000\watchdog.sys
3650. Image path: \SystemRoot\System32\drivers\watchdog.sys
3651. Image name: watchdog.sys
3652. Timestamp: ***** Invalid (DFC4C1CD)
3653. CheckSum: 0001BE1C
3654. ImageSize: 00014000
3655. File version: 10.0.15058.0
3656. Product version: 10.0.15058.0
3657. File flags: 0 (Mask 3F)
3658. File OS: 40004 NT Win32
3659. File type: 2.0 Dll
3660. File date: 00000000.00000000
3661. Translations: 0000.04b0
3662. CompanyName: Microsoft Corporation
3663. ProductName: Microsoft® Windows® Operating System
3664. InternalName: watchdog.sys
3665. OriginalFilename: watchdog.sys
3666. ProductVersion: 10.0.15058.0
3667. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3668. FileDescription: Watchdog Driver
3669. LegalCopyright: © Microsoft Corporation. All rights reserved.
3670. fffff80a`e7b00000 fffff80a`e7d5a000 dxgkrnl (deferred)
3671. Mapped memory image file: C:\ProgramData\dbg\sym\dxgkrnl.sys\DE0AC79A25a000\dxgkrnl.sys
3672. Image path: \SystemRoot\System32\drivers\dxgkrnl.sys
3673. Image name: dxgkrnl.sys
3674. Timestamp: ***** Invalid (DE0AC79A)
3675. CheckSum: 00260856
3676. ImageSize: 0025A000
3677. File version: 10.0.15063.481
3678. Product version: 10.0.15063.481
3679. File flags: 0 (Mask 3F)
3680. File OS: 40004 NT Win32
3681. File type: 3.7 Driver
3682. File date: 00000000.00000000
3683. Translations: 0409.04b0
3684. CompanyName: Microsoft Corporation
3685. ProductName: Microsoft® Windows® Operating System
3686. InternalName: dxgkrnl.sys
3687. OriginalFilename: dxgkrnl.sys
3688. ProductVersion: 10.0.15063.481
3689. FileVersion: 10.0.15063.481 (WinBuild.160101.0800)
3690. FileDescription: DirectX Graphics Kernel
3691. LegalCopyright: © Microsoft Corporation. All rights reserved.
3692. fffff80a`e7d60000 fffff80a`e7d7a000 vmbkmclr (deferred)
3693. Mapped memory image file: C:\ProgramData\dbg\sym\vmbkmclr.sys\2CD1D7AA1a000\vmbkmclr.sys
3694. Image path: \SystemRoot\System32\drivers\vmbkmclr.sys
3695. Image name: vmbkmclr.sys
3696. Timestamp: Fri Oct 29 22:55:38 1993 (2CD1D7AA)
3697. CheckSum: 0001B34D
3698. ImageSize: 0001A000
3699. File version: 10.0.15046.0
3700. Product version: 10.0.15046.0
3701. File flags: 0 (Mask 3F)
3702. File OS: 40004 NT Win32
3703. File type: 3.7 Driver
3704. File date: 00000000.00000000
3705. Translations: 0409.04b0
3706. CompanyName: Microsoft Corporation
3707. ProductName: Microsoft® Windows® Operating System
3708. InternalName: vmbkmclr.sys
3709. OriginalFilename: vmbkmclr.sys
3710. ProductVersion: 10.0.15046.0
3711. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3712. FileDescription: Hyper-V VMBus Root KMCL
3713. LegalCopyright: © Microsoft Corporation. All rights reserved.
3714. fffff80a`e7d80000 fffff80a`e7d90000 BasicRender (deferred)
3715. Mapped memory image file: C:\ProgramData\dbg\sym\BasicRender.sys\4692B90410000\BasicRender.sys
3716. Image path: \SystemRoot\System32\drivers\BasicRender.sys
3717. Image name: BasicRender.sys
3718. Timestamp: Mon Jul 9 18:39:00 2007 (4692B904)
3719. CheckSum: 000185B7
3720. ImageSize: 00010000
3721. File version: 10.0.15063.409
3722. Product version: 10.0.15063.409
3723. File flags: 0 (Mask 3F)
3724. File OS: 40004 NT Win32
3725. File type: 3.4 Driver
3726. File date: 00000000.00000000
3727. Translations: 0000.04b0
3728. CompanyName: Microsoft Corporation
3729. ProductName: Microsoft® Windows® Operating System
3730. InternalName: BasicRender.sys
3731. OriginalFilename: BasicRender.sys
3732. ProductVersion: 10.0.15063.409
3733. FileVersion: 10.0.15063.409 (WinBuild.160101.0800)
3734. FileDescription: Microsoft Basic Render Driver
3735. LegalCopyright: © Microsoft Corporation. All rights reserved.
3736. fffff80a`e7d90000 fffff80a`e7da9000 Npfs (deferred)
3737. Mapped memory image file: C:\ProgramData\dbg\sym\Npfs.SYS\71DCD8D919000\Npfs.SYS
3738. Image path: \SystemRoot\System32\Drivers\Npfs.SYS
3739. Image name: Npfs.SYS
3740. Timestamp: Sun Jul 14 18:34:01 2030 (71DCD8D9)
3741. CheckSum: 00012322
3742. ImageSize: 00019000
3743. File version: 10.0.15058.0
3744. Product version: 10.0.15058.0
3745. File flags: 0 (Mask 3F)
3746. File OS: 40004 NT Win32
3747. File type: 3.7 Driver
3748. File date: 00000000.00000000
3749. Translations: 0409.04b0
3750. CompanyName: Microsoft Corporation
3751. ProductName: Microsoft® Windows® Operating System
3752. InternalName: npfs.sys
3753. OriginalFilename: npfs.sys
3754. ProductVersion: 10.0.15058.0
3755. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3756. FileDescription: NPFS Driver
3757. LegalCopyright: © Microsoft Corporation. All rights reserved.
3758. fffff80a`e7db0000 fffff80a`e7dc0000 Msfs (deferred)
3759. Mapped memory image file: C:\ProgramData\dbg\sym\Msfs.SYS\39F56D6310000\Msfs.SYS
3760. Image path: \SystemRoot\System32\Drivers\Msfs.SYS
3761. Image name: Msfs.SYS
3762. Timestamp: Tue Oct 24 07:07:15 2000 (39F56D63)
3763. CheckSum: 0000C5C3
3764. ImageSize: 00010000
3765. File version: 10.0.15052.0
3766. Product version: 10.0.15052.0
3767. File flags: 0 (Mask 3F)
3768. File OS: 40004 NT Win32
3769. File type: 3.7 Driver
3770. File date: 00000000.00000000
3771. Translations: 0409.04b0
3772. CompanyName: Microsoft Corporation
3773. ProductName: Microsoft® Windows® Operating System
3774. InternalName: MSFS.SYS
3775. OriginalFilename: MSFS.SYS
3776. ProductVersion: 10.0.15052.0
3777. FileVersion: 10.0.15052.0 (WinBuild.160101.0800)
3778. FileDescription: Mailslot driver
3779. LegalCopyright: © Microsoft Corporation. All rights reserved.
3780. fffff80a`e7dc0000 fffff80a`e7de2000 tdx (deferred)
3781. Mapped memory image file: C:\ProgramData\dbg\sym\tdx.sys\92AD75A722000\tdx.sys
3782. Image path: \SystemRoot\system32\DRIVERS\tdx.sys
3783. Image name: tdx.sys
3784. Timestamp: ***** Invalid (92AD75A7)
3785. CheckSum: 00026155
3786. ImageSize: 00022000
3787. File version: 10.0.15063.409
3788. Product version: 10.0.15063.409
3789. File flags: 0 (Mask 3F)
3790. File OS: 40004 NT Win32
3791. File type: 3.6 Driver
3792. File date: 00000000.00000000
3793. Translations: 0409.04b0
3794. CompanyName: Microsoft Corporation
3795. ProductName: Microsoft® Windows® Operating System
3796. InternalName: tdx.sys
3797. OriginalFilename: tdx.sys
3798. ProductVersion: 10.0.15063.409
3799. FileVersion: 10.0.15063.409 (WinBuild.160101.0800)
3800. FileDescription: TDI Translation Driver
3801. LegalCopyright: © Microsoft Corporation. All rights reserved.
3802. fffff80a`e7df0000 fffff80a`e808c000 tcpip (deferred)
3803. Mapped memory image file: C:\ProgramData\dbg\sym\tcpip.sys\35A110E029c000\tcpip.sys
3804. Image path: \SystemRoot\System32\drivers\tcpip.sys
3805. Image name: tcpip.sys
3806. Timestamp: Mon Jul 6 14:01:04 1998 (35A110E0)
3807. CheckSum: 00295C38
3808. ImageSize: 0029C000
3809. File version: 10.0.15063.442
3810. Product version: 10.0.15063.442
3811. File flags: 0 (Mask 3F)
3812. File OS: 40004 NT Win32
3813. File type: 3.6 Driver
3814. File date: 00000000.00000000
3815. Translations: 0409.04b0
3816. CompanyName: Microsoft Corporation
3817. ProductName: Microsoft® Windows® Operating System
3818. InternalName: tcpip.sys
3819. OriginalFilename: tcpip.sys
3820. ProductVersion: 10.0.15063.442
3821. FileVersion: 10.0.15063.442 (WinBuild.160101.0800)
3822. FileDescription: TCP/IP Driver
3823. LegalCopyright: © Microsoft Corporation. All rights reserved.
3824. fffff80a`e8090000 fffff80a`e80fa000 fwpkclnt (deferred)
3825. Mapped memory image file: C:\ProgramData\dbg\sym\fwpkclnt.sys\36B0062A6a000\fwpkclnt.sys
3826. Image path: \SystemRoot\System32\drivers\fwpkclnt.sys
3827. Image name: fwpkclnt.sys
3828. Timestamp: Thu Jan 28 01:39:38 1999 (36B0062A)
3829. CheckSum: 0006ABB4
3830. ImageSize: 0006A000
3831. File version: 10.0.15058.0
3832. Product version: 10.0.15058.0
3833. File flags: 0 (Mask 3F)
3834. File OS: 40004 NT Win32
3835. File type: 2.0 Dll
3836. File date: 00000000.00000000
3837. Translations: 0409.04b0
3838. CompanyName: Microsoft Corporation
3839. ProductName: Microsoft® Windows® Operating System
3840. InternalName: fwpkclnt.sys
3841. OriginalFilename: fwpkclnt.sys
3842. ProductVersion: 10.0.15058.0
3843. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3844. FileDescription: FWP/IPsec Kernel-Mode API
3845. LegalCopyright: © Microsoft Corporation. All rights reserved.
3846. fffff80a`e8100000 fffff80a`e812c000 wfplwfs (deferred)
3847. Mapped memory image file: C:\ProgramData\dbg\sym\wfplwfs.sys\4BBA3B962c000\wfplwfs.sys
3848. Image path: \SystemRoot\System32\drivers\wfplwfs.sys
3849. Image name: wfplwfs.sys
3850. Timestamp: Mon Apr 5 15:35:50 2010 (4BBA3B96)
3851. CheckSum: 00033C97
3852. ImageSize: 0002C000
3853. File version: 10.0.15058.0
3854. Product version: 10.0.15058.0
3855. File flags: 0 (Mask 3F)
3856. File OS: 40004 NT Win32
3857. File type: 3.6 Driver
3858. File date: 00000000.00000000
3859. Translations: 0000.04b0
3860. CompanyName: Microsoft Corporation
3861. ProductName: Microsoft® Windows® Operating System
3862. InternalName: WFPLWFS.SYS
3863. OriginalFilename: WFPLWFS.SYS
3864. ProductVersion: 10.0.15058.0
3865. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3866. FileDescription: WFP NDIS 6.30 Lightweight Filter Driver
3867. LegalCopyright: © Microsoft Corporation. All rights reserved.
3868. fffff80a`e8130000 fffff80a`e8186000 aswVmm (deferred)
3869. Image path: \SystemRoot\system32\drivers\aswVmm.sys
3870. Image name: aswVmm.sys
3871. Timestamp: Thu Jun 29 10:44:20 2017 (59551244)
3872. CheckSum: 0005CA69
3873. ImageSize: 00056000
3874. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3875. fffff80a`e8190000 fffff80a`e81a3000 aswRvrt (deferred)
3876. Image path: \SystemRoot\system32\drivers\aswRvrt.sys
3877. Image name: aswRvrt.sys
3878. Timestamp: Mon Jun 19 18:37:16 2017 (5948521C)
3879. CheckSum: 00023CE1
3880. ImageSize: 00013000
3881. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3882. fffff80a`e81b0000 fffff80a`e81c0000 TDI (deferred)
3883. Mapped memory image file: C:\ProgramData\dbg\sym\TDI.SYS\D2C3B05910000\TDI.SYS
3884. Image path: \SystemRoot\system32\DRIVERS\TDI.SYS
3885. Image name: TDI.SYS
3886. Timestamp: ***** Invalid (D2C3B059)
3887. CheckSum: 0000FA4A
3888. ImageSize: 00010000
3889. File version: 10.0.15058.0
3890. Product version: 10.0.15058.0
3891. File flags: 0 (Mask 3F)
3892. File OS: 40004 NT Win32
3893. File type: 3.6 Driver
3894. File date: 00000000.00000000
3895. Translations: 0409.04b0
3896. CompanyName: Microsoft Corporation
3897. ProductName: Microsoft® Windows® Operating System
3898. InternalName: tdi.sys
3899. OriginalFilename: tdi.sys
3900. ProductVersion: 10.0.15058.0
3901. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3902. FileDescription: TDI Wrapper
3903. LegalCopyright: © Microsoft Corporation. All rights reserved.
3904. fffff80a`e81c0000 fffff80a`e81da000 aswRdr2 (deferred)
3905. Image path: \SystemRoot\system32\drivers\aswRdr2.sys
3906. Image name: aswRdr2.sys
3907. Timestamp: Mon Jun 19 18:37:38 2017 (59485232)
3908. CheckSum: 000221F7
3909. ImageSize: 0001A000
3910. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3911. fffff80a`e81e0000 fffff80a`e81fa000 vwififlt (deferred)
3912. Mapped memory image file: C:\ProgramData\dbg\sym\vwififlt.sys\7575D0541a000\vwififlt.sys
3913. Image path: \SystemRoot\System32\drivers\vwififlt.sys
3914. Image name: vwififlt.sys
3915. Timestamp: Sat Jun 12 08:15:16 2032 (7575D054)
3916. CheckSum: 000177F5
3917. ImageSize: 0001A000
3918. File version: 10.0.15046.0
3919. Product version: 10.0.15046.0
3920. File flags: 0 (Mask 3F)
3921. File OS: 40004 NT Win32
3922. File type: 3.6 Driver
3923. File date: 00000000.00000000
3924. Translations: 0000.04b0
3925. CompanyName: Microsoft Corporation
3926. ProductName: Microsoft® Windows® Operating System
3927. InternalName: vwififlt.sys
3928. OriginalFilename: vwififlt.sys
3929. ProductVersion: 10.0.15046.0
3930. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3931. FileDescription: Virtual WiFi Filter Driver
3932. LegalCopyright: © Microsoft Corporation. All rights reserved.
3933. fffff80a`e8400000 fffff80a`e8419000 storqosflt (deferred)
3934. Mapped memory image file: C:\ProgramData\dbg\sym\storqosflt.sys\56737F3B19000\storqosflt.sys
3935. Image path: \SystemRoot\system32\drivers\storqosflt.sys
3936. Image name: storqosflt.sys
3937. Timestamp: Thu Dec 17 22:36:27 2015 (56737F3B)
3938. CheckSum: 00016F44
3939. ImageSize: 00019000
3940. File version: 10.0.15046.0
3941. Product version: 10.0.15046.0
3942. File flags: 0 (Mask 3F)
3943. File OS: 40004 NT Win32
3944. File type: 3.7 Driver
3945. File date: 00000000.00000000
3946. Translations: 0409.04b0
3947. CompanyName: Microsoft Corporation
3948. ProductName: Microsoft® Windows® Operating System
3949. InternalName: storqosflt.sys
3950. OriginalFilename: storqosflt.sys
3951. ProductVersion: 10.0.15046.0
3952. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
3953. FileDescription: Storage QoS Filter
3954. LegalCopyright: © Microsoft Corporation. All rights reserved.
3955. fffff80a`e8420000 fffff80a`e8470000 aswbidsdrivera (deferred)
3956. Image path: \SystemRoot\system32\drivers\aswbidsdrivera.sys
3957. Image name: aswbidsdrivera.sys
3958. Timestamp: Tue Jun 6 12:14:24 2017 (5936D4E0)
3959. CheckSum: 0005E1C4
3960. ImageSize: 00050000
3961. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3962. fffff80a`e8470000 fffff80a`e8476000 AsIO (deferred)
3963. Image path: \SystemRoot\SysWow64\drivers\AsIO.sys
3964. Image name: AsIO.sys
3965. Timestamp: Wed Aug 22 05:54:47 2012 (5034AC67)
3966. CheckSum: 0000EA4F
3967. ImageSize: 00006000
3968. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
3969. fffff80a`e8480000 fffff80a`e84c1000 ahcache (deferred)
3970. Mapped memory image file: C:\ProgramData\dbg\sym\ahcache.sys\410882A241000\ahcache.sys
3971. Image path: \SystemRoot\system32\DRIVERS\ahcache.sys
3972. Image name: ahcache.sys
3973. Timestamp: Thu Jul 29 00:52:50 2004 (410882A2)
3974. CheckSum: 00045EB6
3975. ImageSize: 00041000
3976. File version: 10.0.15058.0
3977. Product version: 10.0.15058.0
3978. File flags: 0 (Mask 3F)
3979. File OS: 40004 NT Win32
3980. File type: 3.7 Driver
3981. File date: 00000000.00000000
3982. Translations: 0409.04b0
3983. CompanyName: Microsoft Corporation
3984. ProductName: Microsoft® Windows® Operating System
3985. InternalName: ahcache.sys
3986. OriginalFilename: ahcache.sys
3987. ProductVersion: 10.0.15058.0
3988. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
3989. FileDescription: Application Compatibility Cache
3990. LegalCopyright: © Microsoft Corporation. All rights reserved.
3991. fffff80a`e84d0000 fffff80a`e84e1000 CompositeBus (deferred)
3992. Mapped memory image file: C:\ProgramData\dbg\sym\CompositeBus.sys\A29FEBD911000\CompositeBus.sys
3993. Image path: \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
3994. Image name: CompositeBus.sys
3995. Timestamp: ***** Invalid (A29FEBD9)
3996. CheckSum: 0000BFAF
3997. ImageSize: 00011000
3998. File version: 10.0.15046.0
3999. Product version: 10.0.15046.0
4000. File flags: 0 (Mask 3F)
4001. File OS: 40004 NT Win32
4002. File type: 2.0 Dll
4003. File date: 00000000.00000000
4004. Translations: 0409.04b0
4005. CompanyName: Microsoft Corporation
4006. ProductName: Microsoft® Windows® Operating System
4007. InternalName: compositebus.sys
4008. OriginalFilename: compositebus.sys
4009. ProductVersion: 10.0.15046.0
4010. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
4011. FileDescription: Multi-Transport Composite Bus Enumerator
4012. LegalCopyright: © Microsoft Corporation. All rights reserved.
4013. fffff80a`e84f0000 fffff80a`e84fd000 kdnic (deferred)
4014. Mapped memory image file: C:\ProgramData\dbg\sym\kdnic.sys\E88EF29Ad000\kdnic.sys
4015. Image path: \SystemRoot\System32\drivers\kdnic.sys
4016. Image name: kdnic.sys
4017. Timestamp: ***** Invalid (E88EF29A)
4018. CheckSum: 00012EF1
4019. ImageSize: 0000D000
4020. File version: 6.1.0.0
4021. Product version: 6.1.0.0
4022. File flags: 0 (Mask 3F)
4023. File OS: 40004 NT Win32
4024. File type: 3.7 Driver
4025. File date: 00000000.00000000
4026. Translations: 0000.04b0
4027. CompanyName: Microsoft Corporation
4028. ProductName: Microsoft Kernel Debugger Network Adapter (NDIS 6.20 Miniport)
4029. InternalName: kdnic.sys
4030. OriginalFilename: kdnic.sys
4031. ProductVersion: 6.01.00.0000
4032. FileVersion: 6.01.00.0000 (WinBuild.160101.0800)
4033. FileDescription: Microsoft Kernel Debugger Network Miniport
4034. LegalCopyright: Copyright (C) Microsoft Corporation. All rights reserved.
4035. fffff80a`e8500000 fffff80a`e8515000 umbus (deferred)
4036. Mapped memory image file: C:\ProgramData\dbg\sym\umbus.sys\6863F00915000\umbus.sys
4037. Image path: \SystemRoot\System32\drivers\umbus.sys
4038. Image name: umbus.sys
4039. Timestamp: Tue Jul 1 10:26:17 2025 (6863F009)
4040. CheckSum: 0001604F
4041. ImageSize: 00015000
4042. File version: 10.0.15046.0
4043. Product version: 10.0.15046.0
4044. File flags: 0 (Mask 3F)
4045. File OS: 40004 NT Win32
4046. File type: 2.0 Dll
4047. File date: 00000000.00000000
4048. Translations: 0409.04b0
4049. CompanyName: Microsoft Corporation
4050. ProductName: Microsoft® Windows® Operating System
4051. InternalName: umbus.sys
4052. OriginalFilename: umbus.sys
4053. ProductVersion: 10.0.15046.0
4054. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
4055. FileDescription: User-Mode Bus Enumerator
4056. LegalCopyright: © Microsoft Corporation. All rights reserved.
4057. fffff80a`e8520000 fffff80a`e85a3000 atikmpag (deferred)
4058. Image path: \SystemRoot\System32\DriverStore\FileRepository\c0315940.inf_amd64_2b462f080682210e\atikmpag.sys
4059. Image name: atikmpag.sys
4060. Timestamp: Tue Jul 4 17:48:49 2017 (595C0D41)
4061. CheckSum: 0008F67A
4062. ImageSize: 00083000
4063. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
4064. fffff80a`e85b0000 fffff80a`e89ea000 athw10x (deferred)
4065. Image path: \SystemRoot\System32\drivers\athw10x.sys
4066. Image name: athw10x.sys
4067. Timestamp: Mon Apr 17 01:38:20 2017 (58F454CC)
4068. CheckSum: 00427F79
4069. ImageSize: 0043A000
4070. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
4071. fffff80a`e89f0000 fffff80a`e8a16000 luafv (deferred)
4072. Mapped memory image file: C:\ProgramData\dbg\sym\luafv.sys\7ED7BCAF26000\luafv.sys
4073. Image path: \SystemRoot\system32\drivers\luafv.sys
4074. Image name: luafv.sys
4075. Timestamp: Mon Jun 8 05:55:59 2037 (7ED7BCAF)
4076. CheckSum: 00027EE2
4077. ImageSize: 00026000
4078. File version: 10.0.15058.0
4079. Product version: 10.0.15058.0
4080. File flags: 0 (Mask 3F)
4081. File OS: 40004 NT Win32
4082. File type: 3.7 Driver
4083. File date: 00000000.00000000
4084. Translations: 0409.04b0
4085. CompanyName: Microsoft Corporation
4086. ProductName: Microsoft® Windows® Operating System
4087. InternalName: luafv.sys
4088. OriginalFilename: luafv.sys
4089. ProductVersion: 10.0.15058.0
4090. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
4091. FileDescription: LUA File Virtualization Filter Driver
4092. LegalCopyright: © Microsoft Corporation. All rights reserved.
4093. fffff80a`e8a20000 fffff80a`e8a46000 wcifs (deferred)
4094. Mapped memory image file: C:\ProgramData\dbg\sym\wcifs.sys\CE08A39126000\wcifs.sys
4095. Image path: \SystemRoot\system32\drivers\wcifs.sys
4096. Image name: wcifs.sys
4097. Timestamp: ***** Invalid (CE08A391)
4098. CheckSum: 0003046A
4099. ImageSize: 00026000
4100. File version: 10.0.15063.442
4101. Product version: 10.0.15063.442
4102. File flags: 0 (Mask 3F)
4103. File OS: 40004 NT Win32
4104. File type: 3.7 Driver
4105. File date: 00000000.00000000
4106. Translations: 0409.04b0
4107. CompanyName: Microsoft Corporation
4108. ProductName: Microsoft® Windows® Operating System
4109. InternalName: wcifs.sys
4110. OriginalFilename: wcifs.sys
4111. ProductVersion: 10.0.15063.442
4112. FileVersion: 10.0.15063.442 (WinBuild.160101.0800)
4113. FileDescription: Windows Container Isolation FS Filter Driver
4114. LegalCopyright: © Microsoft Corporation. All rights reserved.
4115. fffff80a`e8a60000 fffff80a`e8ad5000 rdbss (deferred)
4116. Mapped memory image file: C:\ProgramData\dbg\sym\rdbss.sys\E291A5CA75000\rdbss.sys
4117. Image path: \SystemRoot\system32\DRIVERS\rdbss.sys
4118. Image name: rdbss.sys
4119. Timestamp: ***** Invalid (E291A5CA)
4120. CheckSum: 000792B0
4121. ImageSize: 00075000
4122. File version: 10.0.15058.0
4123. Product version: 10.0.15058.0
4124. File flags: 0 (Mask 3F)
4125. File OS: 40004 NT Win32
4126. File type: 3.7 Driver
4127. File date: 00000000.00000000
4128. Translations: 0409.04b0
4129. CompanyName: Microsoft Corporation
4130. ProductName: Microsoft® Windows® Operating System
4131. InternalName: rdbss.sys
4132. OriginalFilename: RDBSS.Sys
4133. ProductVersion: 10.0.15058.0
4134. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
4135. FileDescription: Redirected Drive Buffering SubSystem Driver
4136. LegalCopyright: © Microsoft Corporation. All rights reserved.
4137. fffff80a`e8ae0000 fffff80a`e8b6f000 csc (deferred)
4138. Mapped memory image file: C:\ProgramData\dbg\sym\csc.sys\7EFA9C6D8f000\csc.sys
4139. Image path: \SystemRoot\system32\drivers\csc.sys
4140. Image name: csc.sys
4141. Timestamp: Sat Jul 4 16:47:41 2037 (7EFA9C6D)
4142. CheckSum: 0008D9D8
4143. ImageSize: 0008F000
4144. File version: 10.0.15058.0
4145. Product version: 10.0.15058.0
4146. File flags: 0 (Mask 3F)
4147. File OS: 40004 NT Win32
4148. File type: 3.7 Driver
4149. File date: 00000000.00000000
4150. Translations: 0409.04b0
4151. CompanyName: Microsoft Corporation
4152. ProductName: Microsoft® Windows® Operating System
4153. InternalName: csc.sys
4154. OriginalFilename: CSC.Sys
4155. ProductVersion: 10.0.15058.0
4156. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
4157. FileDescription: Windows Client Side Caching Driver
4158. LegalCopyright: © Microsoft Corporation. All rights reserved.
4159. fffff80a`e8b70000 fffff80a`e8b81000 nsiproxy (deferred)
4160. Mapped memory image file: C:\ProgramData\dbg\sym\nsiproxy.sys\E796A4DD11000\nsiproxy.sys
4161. Image path: \SystemRoot\system32\drivers\nsiproxy.sys
4162. Image name: nsiproxy.sys
4163. Timestamp: ***** Invalid (E796A4DD)
4164. CheckSum: 0001247A
4165. ImageSize: 00011000
4166. File version: 10.0.15058.0
4167. Product version: 10.0.15058.0
4168. File flags: 0 (Mask 3F)
4169. File OS: 40004 NT Win32
4170. File type: 3.6 Driver
4171. File date: 00000000.00000000
4172. Translations: 0409.04b0
4173. CompanyName: Microsoft Corporation
4174. ProductName: Microsoft® Windows® Operating System
4175. InternalName: nsiproxy.sys
4176. OriginalFilename: nsiproxy.sys
4177. ProductVersion: 10.0.15058.0
4178. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
4179. FileDescription: NSI Proxy
4180. LegalCopyright: © Microsoft Corporation. All rights reserved.
4181. fffff80a`e8b90000 fffff80a`e8b9f000 npsvctrig (deferred)
4182. Mapped memory image file: C:\ProgramData\dbg\sym\npsvctrig.sys\EFF190DDf000\npsvctrig.sys
4183. Image path: \SystemRoot\System32\drivers\npsvctrig.sys
4184. Image name: npsvctrig.sys
4185. Timestamp: ***** Invalid (EFF190DD)
4186. CheckSum: 00009E31
4187. ImageSize: 0000F000
4188. File version: 10.0.15046.0
4189. Product version: 10.0.15046.0
4190. File flags: 0 (Mask 3F)
4191. File OS: 40004 NT Win32
4192. File type: 3.7 Driver
4193. File date: 00000000.00000000
4194. Translations: 0409.04b0
4195. CompanyName: Microsoft Corporation
4196. ProductName: Microsoft® Windows® Operating System
4197. InternalName: npsvctrig.sys
4198. OriginalFilename: npsvctrig.sys
4199. ProductVersion: 10.0.15046.0
4200. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
4201. FileDescription: Named pipe service triggers
4202. LegalCopyright: © Microsoft Corporation. All rights reserved.
4203. fffff80a`e8ba0000 fffff80a`e8bb0000 mssmbios (deferred)
4204. Mapped memory image file: C:\ProgramData\dbg\sym\mssmbios.sys\BC4E1F4C10000\mssmbios.sys
4205. Image path: \SystemRoot\System32\drivers\mssmbios.sys
4206. Image name: mssmbios.sys
4207. Timestamp: ***** Invalid (BC4E1F4C)
4208. CheckSum: 0000F528
4209. ImageSize: 00010000
4210. File version: 10.0.15046.0
4211. Product version: 10.0.15046.0
4212. File flags: 0 (Mask 3F)
4213. File OS: 40004 NT Win32
4214. File type: 3.7 Driver
4215. File date: 00000000.00000000
4216. Translations: 0409.04b0
4217. CompanyName: Microsoft Corporation
4218. ProductName: Microsoft® Windows® Operating System
4219. InternalName: smbios.sys
4220. OriginalFilename: smbios.sys
4221. ProductVersion: 10.0.15046.0
4222. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
4223. FileDescription: System Management BIOS Driver
4224. LegalCopyright: © Microsoft Corporation. All rights reserved.
4225. fffff80a`e8bb0000 fffff80a`e8bba000 HWiNFO64A (deferred)
4226. Image path: \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
4227. Image name: HWiNFO64A.SYS
4228. Timestamp: Tue Mar 31 05:51:32 2015 (551A6E24)
4229. CheckSum: 0000DE1E
4230. ImageSize: 0000A000
4231. Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
4232. fffff80a`e8bc0000 fffff80a`e8bca000 gpuenergydrv (deferred)
4233. Mapped memory image file: C:\ProgramData\dbg\sym\gpuenergydrv.sys\05622075a000\gpuenergydrv.sys
4234. Image path: \SystemRoot\System32\drivers\gpuenergydrv.sys
4235. Image name: gpuenergydrv.sys
4236. Timestamp: Sat Nov 11 03:01:57 1972 (05622075)
4237. CheckSum: 0000429A
4238. ImageSize: 0000A000
4239. File version: 10.0.15046.0
4240. Product version: 10.0.15046.0
4241. File flags: 0 (Mask 3F)
4242. File OS: 40004 NT Win32
4243. File type: 3.7 Driver
4244. File date: 00000000.00000000
4245. Translations: 0409.04b0
4246. CompanyName: Microsoft Corporation
4247. ProductName: Microsoft® Windows® Operating System
4248. InternalName: gpuenergydrv.sys
4249. OriginalFilename: gpuenergydrv.sys
4250. ProductVersion: 10.0.15046.0
4251. FileVersion: 10.0.15046.0 (WinBuild.160101.0800)
4252. FileDescription: GPU Energy Kernel Driver
4253. LegalCopyright: © Microsoft Corporation. All rights reserved.
4254. fffff80a`e8bd0000 fffff80a`e8bfb000 dfsc (deferred)
4255. Mapped memory image file: C:\ProgramData\dbg\sym\dfsc.sys\640317972b000\dfsc.sys
4256. Image path: \SystemRoot\System32\Drivers\dfsc.sys
4257. Image name: dfsc.sys
4258. Timestamp: Sat Mar 4 05:04:07 2023 (64031797)
4259. CheckSum: 00032C04
4260. ImageSize: 0002B000
4261. File version: 10.0.15058.0
4262. Product version: 10.0.15058.0
4263. File flags: 0 (Mask 3F)
4264. File OS: 40004 NT Win32
4265. File type: 3.7 Driver
4266. File date: 00000000.00000000
4267. Translations: 0409.04b0
4268. CompanyName: Microsoft Corporation
4269. ProductName: Microsoft® Windows® Operating System
4270. InternalName: dfsclient.sys
4271. OriginalFilename: dfsclient.sys
4272. ProductVersion: 10.0.15058.0
4273. FileVersion: 10.0.15058.0 (WinBuild.160101.0800)
4274. FileDescription: DFS Namespace Client Driver
4275. LegalCopyright: © Microsoft Corporation. All rights reserved.
4276. Unloaded modules:
4277. fffff803`40400000 fffff803`404af000 BEDaisy.sys
4278. Timestamp: unavailable (00000000)
4279. Checksum: 00000000
4280. ImageSize: 000AF000
4281. fffff803`40b10000 fffff803`40bbf000 BEDaisy.sys
4282. Timestamp: unavailable (00000000)
4283. Checksum: 00000000
4284. ImageSize: 000AF000
4285. fffff803`43950000 fffff803`4395b000 cldflt.sys
4286. Timestamp: unavailable (00000000)
4287. Checksum: 00000000
4288. ImageSize: 0000B000
4289. fffff80a`e7560000 fffff80a`e756f000 dump_storpor
4290. Timestamp: unavailable (00000000)
4291. Checksum: 00000000
4292. ImageSize: 0000F000
4293. fffff80a`e76a0000 fffff80a`e77cc000 dump_iaStorE
4294. Timestamp: unavailable (00000000)
4295. Checksum: 00000000
4296. ImageSize: 0012C000
4297. fffff80a`e77f0000 fffff80a`e780d000 dump_dumpfve
4298. Timestamp: unavailable (00000000)
4299. Checksum: 00000000
4300. ImageSize: 0001D000
4301. fffff803`3ba10000 fffff803`3ba4d000 WUDFRd.sys
4302. Timestamp: unavailable (00000000)
4303. Checksum: 00000000
4304. ImageSize: 0003D000
4305. fffff803`43950000 fffff803`4395a000 amdkmafd.sys
4306. Timestamp: unavailable (00000000)
4307. Checksum: 00000000
4308. ImageSize: 0000A000
4309. fffff80a`e8400000 fffff80a`e8420000 dam.sys
4310. Timestamp: unavailable (00000000)
4311. Checksum: 00000000
4312. ImageSize: 00020000
4313. fffff80a`e73e0000 fffff80a`e73ef000 hwpolicy.sys
4314. Timestamp: unavailable (00000000)
4315. Checksum: 00000000
4316. ImageSize: 0000F000
4317.  
4318. ------------------------------ BIOS INFO -------------------------------
4319. [SMBIOS Data Tables v2.7]
4320. [DMI Version - 0]
4321. [2.0 Calling Convention - No]
4322. [Table Size - 3070 bytes]
4323. [BIOS Information (Type 0) - Length 24 - Handle 0000h]
4324. Vendor American Megatrends Inc.
4325. BIOS Version 2201
4326. BIOS Starting Address Segment f000
4327. BIOS Release Date 06/25/2015
4328. BIOS ROM Size 1000000
4329. BIOS Characteristics
4330. 07: - PCI Supported
4331. 10: - APM Supported
4332. 11: - Upgradeable FLASH BIOS
4333. 12: - BIOS Shadowing Supported
4334. 15: - CD-Boot Supported
4335. 16: - Selectable Boot Supported
4336. 17: - BIOS ROM Socketed
4337. 19: - EDD Supported
4338. 23: - 1.2MB Floppy Supported
4339. 24: - 720KB Floppy Supported
4340. 25: - 2.88MB Floppy Supported
4341. 26: - Print Screen Device Supported
4342. 27: - Keyboard Services Supported
4343. 28: - Serial Services Supported
4344. 29: - Printer Services Supported
4345. 32: - BIOS Vendor Reserved
4346. BIOS Characteristic Extensions
4347. 00: - ACPI Supported
4348. 01: - USB Legacy Supported
4349. 08: - BIOS Boot Specification Supported
4350. 10: - Specification Reserved
4351. 11: - Specification Reserved
4352. BIOS Major Revision 4
4353. BIOS Minor Revision 6
4354. EC Firmware Major Revision 255
4355. EC Firmware Minor Revision 255
4356. [System Information (Type 1) - Length 27 - Handle 0001h]
4357. Manufacturer ASUS
4358. Product Name All Series
4359. Version System Version
4360. UUID 00000000-0000-0000-0000-000000000000
4361. Wakeup Type Power Switch
4362. SKUNumber All
4363. Family ASUS MB
4364. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
4365. Manufacturer ASUSTeK COMPUTER INC.
4366. Product B85M-G R2.0
4367. Version Rev X.0x
4368. Feature Flags 09h
4369. 98285280: - 98285328: - ?¿Ï#
4370. Chassis Handle 0003h
4371. Board Type 0ah - Processor/Memory Module
4372. Number of Child Handles 0
4373. [System Enclosure (Type 3) - Length 22 - Handle 0003h]
4374. Manufacturer Chassis Manufacture
4375. Chassis Type Desktop
4376. Version Chassis Version
4377. Bootup State Safe
4378. Power Supply State Safe
4379. Thermal State Safe
4380. Security Status None
4381. OEM Defined 0
4382. Height 0U
4383. Number of Power Cords 1
4384. Number of Contained Elements 0
4385. Contained Element Size 0
4386. [Onboard Devices Information (Type 10) - Length 8 - Handle 0021h]
4387. Number of Devices 2
4388. 01: Type Ethernet [enabled]
4389. 01: Description Onboard Ethernet
4390. 02: Type Sound [enabled]
4391. 02: Description Onboard Audio
4392. [OEM Strings (Type 11) - Length 5 - Handle 0022h]
4393. Number of Strings 4
4394. 3 AB85
4395. [System Configuration Options (Type 12) - Length 5 - Handle 0023h]
4396. [Memory Device (Type 17) - Length 34 - Handle 003fh]
4397. Physical Memory Array Handle 0040h
4398. Total Width 0 bits
4399. Data Width 0 bits
4400. Form Factor 09h - DIMM
4401. Device Locator ChannelA-DIMM0
4402. Bank Locator BANK 0
4403. Memory Type 02h - Unknown
4404. Type Detail 0000h -
4405. Speed 0MHz
4406. Manufacturer [Empty]
4407. Part Number [Empty]
4408. [Physical Memory Array (Type 16) - Length 23 - Handle 0040h]
4409. Location 03h - SystemBoard/Motherboard
4410. Use 03h - System Memory
4411. Memory Error Correction 03h - None
4412. Maximum Capacity 33554432KB
4413. Number of Memory Devices 4
4414. [Memory Device (Type 17) - Length 34 - Handle 0041h]
4415. Physical Memory Array Handle 0040h
4416. Total Width 64 bits
4417. Data Width 64 bits
4418. Size 8192MB
4419. Form Factor 09h - DIMM
4420. Device Locator ChannelA-DIMM1
4421. Bank Locator BANK 1
4422. Memory Type 18h - Specification Reserved
4423. Type Detail 0080h - Synchronous
4424. Speed 1600MHz
4425. Manufacturer Kingston
4426. Part Number KHX1600C10D3/8G
4427. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0042h]
4428. Starting Address 00000000h
4429. Ending Address 007fffffh
4430. Memory Device Handle 0041h
4431. Mem Array Mapped Adr Handle 0046h
4432. [Memory Device (Type 17) - Length 34 - Handle 0043h]
4433. Physical Memory Array Handle 0040h
4434. Total Width 0 bits
4435. Data Width 0 bits
4436. Form Factor 09h - DIMM
4437. Device Locator ChannelB-DIMM0
4438. Bank Locator BANK 2
4439. Memory Type 02h - Unknown
4440. Type Detail 0000h -
4441. Speed 0MHz
4442. Manufacturer [Empty]
4443. Part Number [Empty]
4444. [Memory Device (Type 17) - Length 34 - Handle 0044h]
4445. Physical Memory Array Handle 0040h
4446. Total Width 64 bits
4447. Data Width 64 bits
4448. Size 8192MB
4449. Form Factor 09h - DIMM
4450. Device Locator ChannelB-DIMM1
4451. Bank Locator BANK 3
4452. Memory Type 18h - Specification Reserved
4453. Type Detail 0080h - Synchronous
4454. Speed 1600MHz
4455. Manufacturer Kingston
4456. Part Number KHX1600C10D3/8G
4457. [Memory Device Mapped Address (Type 20) - Length 35 - Handle 0045h]
4458. Starting Address 00800000h
4459. Ending Address 00ffffffh
4460. Memory Device Handle 0044h
4461. Mem Array Mapped Adr Handle 0046h
4462. [Memory Array Mapped Address (Type 19) - Length 31 - Handle 0046h]
4463. Starting Address 00000000h
4464. Ending Address 00ffffffh
4465. Memory Array Handle 0040h
4466. Partition Width 04
4467. [Cache Information (Type 7) - Length 19 - Handle 0047h]
4468. Socket Designation CPU Internal L1
4469. Cache Configuration 0180h - WB Enabled Int NonSocketed L1
4470. Maximum Cache Size 0100h - 256K
4471. Installed Size 0100h - 256K
4472. Supported SRAM Type 0002h - Unknown
4473. Current SRAM Type 0002h - Unknown
4474. Cache Speed 0ns
4475. Error Correction Type Multi-Bit ECC
4476. System Cache Type Other
4477. Associativity 8-way Set-Associative
4478. [Cache Information (Type 7) - Length 19 - Handle 0048h]
4479. Socket Designation CPU Internal L2
4480. Cache Configuration 0181h - WB Enabled Int NonSocketed L2
4481. Maximum Cache Size 0400h - 1024K
4482. Installed Size 0400h - 1024K
4483. Supported SRAM Type 0002h - Unknown
4484. Current SRAM Type 0002h - Unknown
4485. Cache Speed 0ns
4486. Error Correction Type Multi-Bit ECC
4487. System Cache Type Unified
4488. Associativity 8-way Set-Associative
4489. [Cache Information (Type 7) - Length 19 - Handle 0049h]
4490. Socket Designation CPU Internal L3
4491. Cache Configuration 0182h - WB Enabled Int NonSocketed L3
4492. Maximum Cache Size 1800h - 6144K
4493. Installed Size 1800h - 6144K
4494. Supported SRAM Type 0002h - Unknown
4495. Current SRAM Type 0002h - Unknown
4496. Cache Speed 0ns
4497. Error Correction Type Multi-Bit ECC
4498. System Cache Type Unified
4499. Associativity Specification Reserved
4500. [Processor Information (Type 4) - Length 42 - Handle 004dh]
4501. Socket Designation SOCKET 1150
4502. Processor Type Central Processor
4503. Processor Family 01h - Other
4504. Processor Manufacturer Intel
4505. Processor ID c3060300fffbebbf
4506. Processor Version Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
4507. Processor Voltage 8ch - 1.2V
4508. External Clock 100MHz
4509. Max Speed 3900MHz
4510. Current Speed 3208MHz
4511. Status Enabled Populated
4512. Processor Upgrade Specification Reserved
4513. L1 Cache Handle 0047h
4514. L2 Cache Handle 0048h
4515. L3 Cache Handle 0049h
4516. Part Number Fill By OEM
4517. 1: kd> q
4518. quit: