Advertisement
Guest User

Untitled

a guest
Jun 25th, 2018
110
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.02 KB | None | 0 0
  1. 0: kd> .imgscan
  2. MZ at ffffdebb`7f400000, prot 00000040, type 01000000 - size 390000
  3. Name: win32kfull.sys
  4. MZ at ffffdebb`7f790000, prot 00000040, type 01000000 - size 234000
  5. Name: win32kbase.sys
  6. MZ at ffffdebb`7fad0000, prot 00000040, type 01000000 - size 3f000
  7. Name: cdd.dll
  8. MZ at ffffdebb`7fe00000, prot 00000040, type 01000000 - size 7c000
  9. Name: WIN32K.SYS
  10. MZ at fffff800`0d412000, prot 00000040, type 01000000 - size 961000
  11. Name: ntoskrnl.exe
  12. MZ at fffff800`0dd73000, prot 00000040, type 01000000 - size 8c000
  13. Name: HAL.dll
  14. MZ at fffff800`0e000000, prot 00000040, type 01000000 - size b000
  15. Name: KD.dll
  16. MZ at fffff800`32800000, prot 00000040, type 01000000 - size 60000
  17. Name: msrpc.sys
  18. MZ at fffff800`32860000, prot 00000040, type 01000000 - size 2a000
  19. Name: ksecdd.sys
  20. MZ at fffff800`32890000, prot 00000040, type 01000000 - size 11000
  21. Name: WerLiveKernelApi.dll
  22. MZ at fffff800`328b0000, prot 00000040, type 01000000 - size 64000
  23. Name: CLFS.SYS
  24. MZ at fffff800`32920000, prot 00000040, type 01000000 - size 24000
  25. Name: ntostmhost.dll
  26. MZ at fffff800`32950000, prot 00000040, type 01000000 - size 17000
  27. Name: PSHED.dll
  28. MZ at fffff800`32970000, prot 00000040, type 01000000 - size b000
  29. Name: BOOTVID.dll
  30. MZ at fffff800`32980000, prot 00000040, type 01000000 - size 69000
  31. Name: FLTMGR.SYS
  32. MZ at fffff800`32b00000, prot 00000040, type 01000000 - size e000
  33. Name: cmimcext.dll
  34. MZ at fffff800`32b10000, prot 00000040, type 01000000 - size c000
  35. Name: ntosext.dll
  36. MZ at fffff800`32b20000, prot 00000040, type 01000000 - size b5000
  37. Name: CI.dll
  38. MZ at fffff800`32c90000, prot 00000040, type 01000000 - size 159000
  39. Name: mcupdate_GenuineIntel.exe
  40. MZ at fffff800`32e00000, prot 00000040, type 01000000 - size e4000
  41. Name: Wdf01000.exe
  42. MZ at fffff800`32ef0000, prot 00000040, type 01000000 - size 13000
  43. Name: WDFLDR.SYS
  44. MZ at fffff800`32f10000, prot 00000040, type 01000000 - size e000
  45. Name: WppRecorder.sys
  46. MZ at fffff800`32f20000, prot 00000040, type 01000000 - size f000
  47. Name: SleepStudyHelper.sys
  48. MZ at fffff800`32f30000, prot 00000040, type 01000000 - size 23000
  49. Name: acpiex.exe
  50. MZ at fffff800`32f60000, prot 00000040, type 01000000 - size 4f000
  51. Name: mssecflt.exe
  52. MZ at fffff800`32fb0000, prot 00000040, type 01000000 - size 15000
  53. Name: SgrmAgent.exe
  54. MZ at fffff800`32fd0000, prot 00000040, type 01000000 - size a5000
  55. Name: ACPI.SYS
  56. MZ at fffff800`33080000, prot 00000040, type 01000000 - size c000
  57. Name: WMILIB.SYS
  58. MZ at fffff800`33090000, prot 00000040, type 01000000 - size 2f000
  59. Name: intelpep.exe
  60. MZ at fffff800`330c0000, prot 00000040, type 01000000 - size 16000
  61. Name: WindowsTrustedRT.exe
  62. MZ at fffff800`330e0000, prot 00000040, type 01000000 - size b000
  63. Name: WindowsTrustedRTProxy.exe
  64. MZ at fffff800`330f0000, prot 00000040, type 01000000 - size 14000
  65. Name: pcw.exe
  66. MZ at fffff800`33110000, prot 00000040, type 01000000 - size b000
  67. Name: msisadrv.exe
  68. MZ at fffff800`33120000, prot 00000040, type 01000000 - size 60000
  69. Name: pci.exe
  70. MZ at fffff800`33180000, prot 00000040, type 01000000 - size 12000
  71. Name: vdrvroot.exe
  72. MZ at fffff800`331a0000, prot 00000040, type 01000000 - size 28000
  73. Name: PDC.exe
  74. MZ at fffff800`331d0000, prot 00000040, type 01000000 - size 19000
  75. Name: CEA.sys
  76. MZ at fffff800`331f0000, prot 00000040, type 01000000 - size 2d000
  77. Name: partmgr.exe
  78. MZ at fffff800`33220000, prot 00000040, type 01000000 - size 99000
  79. Name: spaceport.exe
  80. MZ at fffff800`332c0000, prot 00000040, type 01000000 - size 19000
  81. Name: volmgr.exe
  82. MZ at fffff800`332e0000, prot 00000040, type 01000000 - size 5e000
  83. Name: volmgrx.exe
  84. MZ at fffff800`33340000, prot 00000040, type 01000000 - size 1e000
  85. Name: mountmgr.exe
  86. MZ at fffff800`33360000, prot 00000040, type 01000000 - size 2a000
  87. Name: storahci.exe
  88. MZ at fffff800`33390000, prot 00000040, type 01000000 - size 8f000
  89. Name: storport.sys
  90. MZ at fffff800`33420000, prot 00000040, type 01000000 - size 1f000
  91. Name: stornvme.exe
  92. MZ at fffff800`33440000, prot 00000040, type 01000000 - size 1c000
  93. Name: EhStorClass.exe
  94. MZ at fffff800`33460000, prot 00000040, type 01000000 - size 1a000
  95. Name: fileinfo.exe
  96. MZ at fffff800`33480000, prot 00000040, type 01000000 - size 3b000
  97. Name: wof.exe
  98. MZ at fffff800`334c0000, prot 00000040, type 01000000 - size 25b000
  99. Name: ntfs.exe
  100. MZ at fffff800`33720000, prot 00000040, type 01000000 - size d000
  101. Name: fs_rec.exe
  102. MZ at fffff800`33730000, prot 00000040, type 01000000 - size 141000
  103. Name: NDIS.SYS
  104. MZ at fffff800`33880000, prot 00000040, type 01000000 - size 89000
  105. Name: NETIO.SYS
  106. MZ at fffff800`33910000, prot 00000040, type 01000000 - size 30000
  107. Name: ksecpkg.exe
  108. MZ at fffff800`33ad0000, prot 00000040, type 01000000 - size b2000
  109. Name: cng.sys
  110. MZ at fffff800`33c00000, prot 00000040, type 01000000 - size bc000
  111. Name: fvevol.exe
  112. MZ at fffff800`33cc0000, prot 00000040, type 01000000 - size b000
  113. Name: volume.exe
  114. MZ at fffff800`33cd0000, prot 00000040, type 01000000 - size 67000
  115. Name: volsnap.exe
  116. MZ at fffff800`33d40000, prot 00000040, type 01000000 - size 4c000
  117. Name: rdyboost.exe
  118. MZ at fffff800`33d90000, prot 00000040, type 01000000 - size 24000
  119. Name: MUP.SYS
  120. MZ at fffff800`33dc0000, prot 00000040, type 01000000 - size 11000
  121. Name: iorate.exe
  122. MZ at fffff800`33df0000, prot 00000040, type 01000000 - size 1c000
  123. Name: disk.exe
  124. MZ at fffff800`33e10000, prot 00000040, type 01000000 - size 6b000
  125. Name: CLASSPNP.SYS
  126. MZ at fffff800`33ea0000, prot 00000040, type 01000000 - size 1b000
  127. Name: CRASHDMP.SYS
  128. MZ at fffff800`33f60000, prot 00000040, type 01000000 - size 2e000
  129. Name: cdrom.exe
  130. MZ at fffff800`33f90000, prot 00000040, type 01000000 - size 14000
  131. Name: filecrypt.exe
  132. MZ at fffff800`33fb0000, prot 00000040, type 01000000 - size d000
  133. Name: tbs.sys
  134. MZ at fffff800`33fc0000, prot 00000040, type 01000000 - size a000
  135. Name: null.exe
  136. MZ at fffff800`33fd0000, prot 00000040, type 01000000 - size a000
  137. Name: beep.exe
  138. MZ at fffff800`34000000, prot 00000040, type 01000000 - size 2a4000
  139. Name: TCPIP.SYS
  140. MZ at fffff800`342b0000, prot 00000040, type 01000000 - size 76000
  141. Name: fwpkclnt.sys
  142. MZ at fffff800`34330000, prot 00000040, type 01000000 - size 2d000
  143. Name: wfplwfs.exe
  144. MZ at fffff800`34a00000, prot 00000040, type 01000000 - size 9e000
  145. Name: afd.exe
  146. MZ at fffff800`34aa0000, prot 00000040, type 01000000 - size 1a000
  147. Name: vwififlt.SYS
  148. MZ at fffff800`34ac0000, prot 00000040, type 01000000 - size 29000
  149. Name: pacer.exe
  150. MZ at fffff800`34af0000, prot 00000040, type 01000000 - size 12000
  151. Name: netbios.exe
  152. MZ at fffff800`34b50000, prot 00000040, type 01000000 - size 76000
  153. Name: rdbss.sys
  154. MZ at fffff800`34bd0000, prot 00000040, type 01000000 - size 90000
  155. Name: csc.exe
  156. MZ at fffff800`34c60000, prot 00000040, type 01000000 - size 12000
  157. Name: nsiproxy.exe
  158. MZ at fffff800`34c80000, prot 00000040, type 01000000 - size d000
  159. Name: NpSvcTrig.exe
  160. MZ at fffff800`34c90000, prot 00000040, type 01000000 - size f000
  161. Name: mssmbios.exe
  162. MZ at fffff800`34ca0000, prot 00000040, type 01000000 - size a000
  163. Name: gpuenergydrv.exe
  164. MZ at fffff800`34cb0000, prot 00000040, type 01000000 - size 29000
  165. Name: dfsc.exe
  166. MZ at fffff800`34d00000, prot 00000040, type 01000000 - size 60000
  167. Name: fastfat.exe
  168. MZ at fffff800`34d60000, prot 00000040, type 01000000 - size 14000
  169. Name: bam.exe
  170. MZ at fffff800`34d80000, prot 00000040, type 01000000 - size 45000
  171. Name: ahcache.exe
  172. MZ at fffff800`34dd0000, prot 00000040, type 01000000 - size 11000
  173. Name: CompositeBus.exe
  174. MZ at fffff800`34df0000, prot 00000040, type 01000000 - size d000
  175. Name: kdnic.sys
  176. MZ at fffff800`34e00000, prot 00000040, type 01000000 - size 15000
  177. Name: UmBus.exe
  178. MZ at fffff800`34e20000, prot 00000004, type 00020000
  179. MZ at fffff800`353c0000, prot 00000004, type 00020000 - size 2b9000
  180. Name: dxgkrnl.sys
  181. MZ at fffff800`35680000, prot 00000040, type 01000000 - size 14000
  182. Name: watchdog.sys
  183. MZ at fffff800`356a0000, prot 00000040, type 01000000 - size 1a000
  184. Name: vmbkmclr.sys
  185. MZ at fffff800`356c0000, prot 00000040, type 01000000 - size 16000
  186. Name: BasicDisplay.exe
  187. MZ at fffff800`356e0000, prot 00000040, type 01000000 - size 10000
  188. Name: BasicRender.exe
  189. MZ at fffff800`356f0000, prot 00000040, type 01000000 - size 1b000
  190. Name: npfs.exe
  191. MZ at fffff800`35710000, prot 00000040, type 01000000 - size 10000
  192. Name: msfs.exe
  193. MZ at fffff800`35720000, prot 00000040, type 01000000 - size 23000
  194. Name: tdx.exe
  195. MZ at fffff800`35750000, prot 00000040, type 01000000 - size 10000
  196. Name: TDI.SYS
  197. MZ at fffff800`35760000, prot 00000040, type 01000000 - size 54000
  198. Name: netbt.exe
  199. MZ at fffff800`357c0000, prot 00000040, type 01000000 - size 13000
  200. Name: afunix.dll
  201. MZ at fffff800`35e00000, prot 00000040, type 01000000 - size 33000
  202. Name: HIDCLASS.SYS
  203. MZ at fffff800`35e40000, prot 00000040, type 01000000 - size 13000
  204. Name: HIDPARSE.SYS
  205. MZ at fffff800`35e60000, prot 00000040, type 01000000 - size f000
  206. Name: mouhid.exe
  207. MZ at fffff800`35e70000, prot 00000040, type 01000000 - size 11000
  208. Name: mouclass.exe
  209. MZ at fffff800`35e90000, prot 00000040, type 01000000 - size 10000
  210. Name: kbdhid.exe
  211. MZ at fffff800`35ea0000, prot 00000040, type 01000000 - size 13000
  212. Name: kbdclass.exe
  213. MZ at fffff800`35ec0000, prot 00000040, type 01000000 - size 2b000
  214. Name: USBAudio.exe
  215. MZ at fffff800`35ef0000, prot 00000040, type 01000000 - size 27000
  216. Name: ndu.exe
  217. MZ at fffff800`35fe0000, prot 00000040, type 01000000 - size 48000
  218. Name: srvnet.sys
  219. MZ at fffff800`36030000, prot 00000040, type 01000000 - size 13000
  220. Name: tcpipreg.exe
  221. MZ at fffff800`36050000, prot 00000040, type 01000000 - size bc000
  222. Name: srv2.exe
  223. MZ at fffff800`36110000, prot 00000040, type 01000000 - size 1b000
  224. Name: rassstp.exe
  225. MZ at fffff800`36130000, prot 00000040, type 01000000 - size 16000
  226. Name: ndproxy.exe
  227. MZ at fffff800`36150000, prot 00000040, type 01000000 - size 27000
  228. Name: AgileVpn.exe
  229. MZ at fffff800`36180000, prot 00000040, type 01000000 - size 20000
  230. Name: rasl2tp.exe
  231. MZ at fffff800`361a0000, prot 00000040, type 01000000 - size 1f000
  232. Name: raspptp.exe
  233. MZ at fffff800`361c0000, prot 00000040, type 01000000 - size 1b000
  234. Name: raspppoe.exe
  235. MZ at fffff800`361e0000, prot 00000040, type 01000000 - size f000
  236. Name: NDISTAPI.SYS
  237. MZ at fffff800`361f0000, prot 00000040, type 01000000 - size 37000
  238. Name: ndiswan.exe
  239. MZ at fffff800`36230000, prot 00000040, type 01000000 - size 12000
  240. Name: condrv.exe
  241. MZ at fffff800`36260000, prot 00000040, type 01000000 - size 13000
  242. Name: qwavedrv.exe
  243. MZ at fffff800`364d0000, prot 00000040, type 01000000 - size e000
  244. Name: SYS.exe
  245. MZ at fffff800`36500000, prot 00000040, type 01000000 - size 1f000
  246. Name: stornvme.exe
  247. MZ at fffff800`36540000, prot 00000040, type 01000000 - size 1d000
  248. Name: DUMPFVE.SYS
  249. MZ at fffff800`36570000, prot 00000040, type 01000000 - size 4c000
  250. Name: usbvideo.exe
  251. MZ at fffff800`365f0000, prot 00000040, type 01000000 - size c6000
  252. Name: dxgmms2.sys
  253. MZ at fffff800`366c0000, prot 00000040, type 01000000 - size 11000
  254. Name: monitor.exe
  255. MZ at fffff800`366e0000, prot 00000040, type 01000000 - size 27000
  256. Name: luafv.exe
  257. MZ at fffff800`36710000, prot 00000040, type 01000000 - size 28000
  258. Name: wcifs.exe
  259. MZ at fffff800`36740000, prot 00000004, type 00020000 - size 13000
  260. Name: mmcss.exe
  261. MZ at fffff800`36760000, prot 00000040, type 01000000 - size 6e000
  262. Name: cldflt.exe
  263. MZ at fffff800`367d0000, prot 00000040, type 01000000 - size 19000
  264. Name: storqosflt.exe
  265. MZ at fffff800`36820000, prot 00000040, type 01000000 - size 1a000
  266. Name: mslldp.exe
  267. MZ at fffff800`36840000, prot 00000040, type 01000000 - size d000
  268. Name: rdpvideominiport.exe
  269. MZ at fffff800`36850000, prot 00000040, type 01000000 - size 16000
  270. Name: lltdio.exe
  271. MZ at fffff800`36870000, prot 00000040, type 01000000 - size 1a000
  272. Name: rspndr.exe
  273. MZ at fffff800`36890000, prot 00000040, type 01000000 - size 1b000
  274. Name: wanarp.exe
  275. MZ at fffff800`368b0000, prot 00000040, type 01000000 - size 102000
  276. Name: http.exe
  277. MZ at fffff800`369c0000, prot 00000040, type 01000000 - size 21000
  278. Name: bowser.exe
  279. MZ at fffff800`369f0000, prot 00000040, type 01000000 - size 19000
  280. Name: mpsdrv.exe
  281. MZ at fffff800`36a10000, prot 00000040, type 01000000 - size 82000
  282. Name: mrxsmb.sys
  283. MZ at fffff800`36aa0000, prot 00000040, type 01000000 - size 3d000
  284. Name: mrxsmb20.exe
  285. MZ at fffff800`371b0000, prot 00000040, type 01000000 - size 2f000
  286. Name: usbccgp.exe
  287. MZ at fffff800`371e0000, prot 00000040, type 01000000 - size 12000
  288. Name: hidusb.exe
  289. MZ at fffff800`38400000, prot 00000040, type 01000000 - size 64000
  290. Name: portcls.sys
  291. MZ at fffff800`384a0000, prot 00000040, type 01000000 - size 6b000
  292. Name: ks.sys
  293. MZ at fffff800`38cd0000, prot 00000004, type 00020000 - size 6f000
  294. Name: usbxhci.exe
  295. MZ at fffff800`38d40000, prot 00000040, type 01000000 - size 3c000
  296. Name: ucx01000.exe
  297. MZ at fffff800`38e20000, prot 00000040, type 01000000 - size 1c000
  298. Name: serial.exe
  299. MZ at fffff800`38e40000, prot 00000040, type 01000000 - size f000
  300. Name: SerEnum.exe
  301. MZ at fffff800`38e50000, prot 00000040, type 01000000 - size 86000
  302. Name: e1i63x64.sys
  303. MZ at fffff800`38ee0000, prot 00000040, type 01000000 - size c000
  304. Name: wmiacpi.exe
  305. MZ at fffff800`38ef0000, prot 00000040, type 01000000 - size 3d000
  306. Name: intelppm.exe
  307. MZ at fffff800`38f30000, prot 00000040, type 01000000 - size b000
  308. Name: acpipagr.exe
  309. MZ at fffff800`38f40000, prot 00000040, type 01000000 - size d000
  310. Name: UEFI.SYS
  311. MZ at fffff800`38f50000, prot 00000004, type 00020000 - size d000
  312. Name: NdisVirtualBus.exe
  313. MZ at fffff800`38f60000, prot 00000040, type 01000000 - size c000
  314. Name: swenum.exe
  315. MZ at fffff800`38f70000, prot 00000040, type 01000000 - size e000
  316. Name: rdpbus.exe
  317. MZ at fffff800`38fa0000, prot 00000040, type 01000000 - size f000
  318. Name: ksthunk.exe
  319. MZ at fffff800`38fb0000, prot 00000040, type 01000000 - size 8e000
  320. Name: usbhub3.sys
  321. MZ at fffff800`39040000, prot 00000040, type 01000000 - size e000
  322. Name: USBD.SYS
  323. MZ at fffff800`3bbc0000, prot 00000040, type 01000000 - size 1d000
  324. Name: hdaudbus.exe
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement