Punkt
Threadstarter
- Dabei seit
- 13.03.2008
- Beiträge
- 2
Hallo erstmal!
Hab mich gereggt nachdem ich ein schier unlösbares Problem habe.
In meinem jugendlichen Leichtsinn habe ich mich dem Laptop eines Bekannten
angenommen. Ich höre mich noch sagen "...kann ja mal drüber schauen...".
Nach der Anmeldung im System gibt einen Bluescreen und dann meistens (anscheinend
je nach lust und laune) einen reboot.
Das ganze passiert im normalfall so schnell das ich es nicht schaffe den
Automatischen reboot auszuschlaten.
Im abgesicherten modus habe ich das Problem überhaupt nicht, da habe ich auch den
reboot deaktiviert scheint aber nicht zu helfen...
Ich habe in nem anderen thread gelesen das ihr anhand vom windebugger
weiterhelfen könnt.
Mit hilfe vom debugger komme ich zum entschluss das FDC1ANT.sys der übeltäter ist
allerdings bringt mich das nicht weiter weil mir google nicht sagen kann wozu er gut ist...
hier noch das log:
Hab mich gereggt nachdem ich ein schier unlösbares Problem habe.
In meinem jugendlichen Leichtsinn habe ich mich dem Laptop eines Bekannten
angenommen. Ich höre mich noch sagen "...kann ja mal drüber schauen...".
Nach der Anmeldung im System gibt einen Bluescreen und dann meistens (anscheinend
je nach lust und laune) einen reboot.
Das ganze passiert im normalfall so schnell das ich es nicht schaffe den
Automatischen reboot auszuschlaten.
Im abgesicherten modus habe ich das Problem überhaupt nicht, da habe ich auch den
reboot deaktiviert scheint aber nicht zu helfen...
Ich habe in nem anderen thread gelesen das ihr anhand vom windebugger
weiterhelfen könnt.
Mit hilfe vom debugger komme ich zum entschluss das FDC1ANT.sys der übeltäter ist
allerdings bringt mich das nicht weiter weil mir google nicht sagen kann wozu er gut ist...
hier noch das log:
Code:
Microsoft (R) Windows Debugger Version 6.8.0004.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: c:\; http://www.alexander.com/SymServe
Windows Vista Kernel Version 6000 UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6000.16386.x86fre.vista_rtm.061101-2205
Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11db0
Debug session time: Thu Mar 13 23:05:15.021 2008 (GMT+5)
System Uptime: 0 days 0:05:40.624
WARNING: Process directory table base 03C014E0 doesn't match CR3 00122000
WARNING: Process directory table base 03C014E0 doesn't match CR3 00122000
Loading Kernel Symbols
.........................................................................................................................................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 7F, {8, 8014a000, 0, 0}
*** ERROR: Module load completed but symbols could not be loaded for FDC1ANT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SRTSP.SYS
*** ERROR: Module load completed but symbols could not be loaded for NAVEX15.SYS
PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details
Probably caused by : FDC1ANT.SYS ( FDC1ANT+123d )
Followup: MachineOwner
---------
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 00000008, EXCEPTION_DOUBLE_FAULT
Arg2: 8014a000
Arg3: 00000000
Arg4: 00000000
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details
BUGCHECK_STR: 0x7f_8
TSS: 00000028 -- (.tss 0x28)
eax=9d8f01e0 ebx=00000000 ecx=9d8f0210 edx=6578652e esi=9d8f0230 edi=9d8f023d
eip=81c85523 esp=9d8eff70 ebp=9d8f01c0 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
nt!_output_l+0x1b:
81c85523 57 push edi
Resetting default scope
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
TRAP_FRAME: 9d8f1008 -- (.trap 0xffffffff9d8f1008)
ErrCode = 00000000
eax=8ffac0a0 ebx=81cf5928 ecx=dde10096 edx=dde10097 esi=00000100 edi=00000006
eip=81c91569 esp=9d8f107c ebp=81cf5928 iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010286
nt!ExpInterlockedPopEntrySListFault:
81c91569 8b18 mov ebx,dword ptr [eax] ds:0023:8ffac0a0=05b039e8
Resetting default scope
LAST_CONTROL_TRANSFER: from 81c83fa1 to 81c85523
STACK_TEXT:
9d8f01c0 81c83fa1 9d8f01e0 8aa511ce 00000000 nt!_output_l+0x1b
9d8f0200 8aa5123d 9d8f023c 8aa511ce 00000444 nt!sprintf+0x4f
WARNING: Stack unwind information not available. Following frames may be wrong.
9d8f027c 8aa52f90 8378f500 90f2be00 81c27ecf FDC1ANT+0x123d
9d8f02a0 81c2031f 90542d9c 90542d7c 90eabac0 FDC1ANT+0x2f90
9d8f02bc 81c2a6b1 00000043 90eabac0 90542da8 nt!IoPageRead+0x176
9d8f0378 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f03f0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f03f0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f0480 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f04d4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f050c 8aa50423 8d2e2b38 00000001 9d8f056c nt!SeQueryInformationToken+0x5b
9d8f0618 8aa5289e 9d8f0650 11e2a000 8378f500 FDC1ANT+0x423
9d8f067c 8aa52f90 8378f500 834f5808 81c27ecf FDC1ANT+0x289e
9d8f06a0 81c2031f 90577bcc 90577bac 90eabac0 FDC1ANT+0x2f90
9d8f06bc 81c2a6b1 00000043 90eabac0 90577bd8 nt!IoPageRead+0x176
9d8f0778 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f07f0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f07f0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f0880 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f08d4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f090c 8aa50423 8d2e2b38 00000001 9d8f096c nt!SeQueryInformationToken+0x5b
9d8f0a18 8aa5289e 9d8f0a50 11e2a000 8378f500 FDC1ANT+0x423
9d8f0a7c 8aa52f90 8378f500 90f4c890 81c27ecf FDC1ANT+0x289e
9d8f0aa0 81c2031f 9057591c 905758fc 90eabac0 FDC1ANT+0x2f90
9d8f0abc 81c2a6b1 00000043 90eabac0 90575928 nt!IoPageRead+0x176
9d8f0b78 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f0bf0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f0bf0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f0c80 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f0cd4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f0d0c 8aa50423 8d2e2b38 00000001 9d8f0d6c nt!SeQueryInformationToken+0x5b
9d8f0e18 8aa5289e 9d8f0e50 11e2a000 8378f500 FDC1ANT+0x423
9d8f0e7c 8aa52f90 8378f500 90ed63a8 81c27ecf FDC1ANT+0x289e
9d8f0ea0 81c2031f 9057503c 9057501c 90eabac0 FDC1ANT+0x2f90
9d8f0ebc 81c2a6b1 00000043 90eabac0 90575048 nt!IoPageRead+0x176
9d8f0f78 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f0ff0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f0ff0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f1080 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f10d4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f110c 8aa50423 8d2e2b38 00000001 9d8f116c nt!SeQueryInformationToken+0x5b
9d8f1218 8aa5289e 9d8f1250 11e2a000 8378f500 FDC1ANT+0x423
9d8f127c 8aa52f90 8378f500 90ea6a08 81c27ecf FDC1ANT+0x289e
9d8f12a0 81c2031f 903a2f5c 903a2f3c 90eabac0 FDC1ANT+0x2f90
9d8f12bc 81c2a6b1 00000043 90eabac0 903a2f68 nt!IoPageRead+0x176
9d8f1378 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f13f0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f13f0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f1480 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f14d4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f150c 8aa50423 8d2e2b38 00000001 9d8f156c nt!SeQueryInformationToken+0x5b
9d8f1618 8aa5289e 9d8f1650 11e2a000 8378f500 FDC1ANT+0x423
9d8f167c 8aa52f90 8378f500 8335a008 81c27ecf FDC1ANT+0x289e
9d8f16a0 81c2031f 90572324 90572304 90eabac0 FDC1ANT+0x2f90
9d8f16bc 81c2a6b1 00000043 90eabac0 90572330 nt!IoPageRead+0x176
9d8f1778 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f17f0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f17f0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f1880 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f18d4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f190c 8aa50423 8d2e2b38 00000001 9d8f196c nt!SeQueryInformationToken+0x5b
9d8f1a18 8aa5289e 9d8f1a50 11e2a000 8378f500 FDC1ANT+0x423
9d8f1a7c 8aa52f90 8378f500 902bd880 81c27ecf FDC1ANT+0x289e
9d8f1aa0 81c2031f 90e51a2c 90e51a0c 90eabac0 FDC1ANT+0x2f90
9d8f1abc 81c2a6b1 00000043 90eabac0 90e51a38 nt!IoPageRead+0x176
9d8f1b78 81caaf05 8ffac0a0 00000000 00000000 nt!MiDispatchFault+0xce9
9d8f1bf0 81c8fa74 00000000 8ffac0a0 00000000 nt!MmAccessFault+0x1119
9d8f1bf0 81c91569 00000000 8ffac0a0 00000000 nt!KiTrap0E+0xdc
9d8f1c80 81ce725d 00000001 8d2e2b38 00000024 nt!ExpInterlockedPopEntrySListFault
9d8f1cd4 81e43a62 00000001 00000024 20206553 nt!ExAllocatePoolWithTag+0x252
9d8f1d0c 8aa50423 8d2e2b38 00000001 9d8f1d6c nt!SeQueryInformationToken+0x5b
9d8f1e18 8aa5289e 9d8f1e50 11e2a000 8378f500 FDC1ANT+0x423
9d8f1e7c 8aa52f90 8378f500 9027f4a0 81c27ecf FDC1ANT+0x289e
9d8f1ea0 81c2031f 832255e4 832255c4 90eabac0 FDC1ANT+0x2f90
9d8f1ebc 81c2a6b1 00000043 90eabac0 832255f0 nt!IoPageRead+0x176
STACK_COMMAND: .tss 0x28 ; kb
MODULE_NAME: FDC1ANT
IMAGE_NAME: FDC1ANT.SYS
FOLLOWUP_NAME: MachineOwner
DEBUG_FLR_IMAGE_TIMESTAMP: 45bb5387
FOLLOWUP_IP:
FDC1ANT+123d
8aa5123d 83c40c add esp,0Ch
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: FDC1ANT+123d
FAILURE_BUCKET_ID: TRAP_FRAME_RECURSION
BUCKET_ID: TRAP_FRAME_RECURSION
Followup: MachineOwner
---------
kd> lmv
start end module name
80201000 80203900 compbatt (deferred)
Image path: \SystemRoot\system32\DRIVERS\compbatt.sys
Image name: compbatt.sys
Timestamp: Thu Nov 02 13:05:03 2006 (4549ADB7)
CheckSum: 0000F08F
ImageSize: 00002900
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80204000 8020d000 WMILIB (deferred)
Image path: \SystemRoot\system32\drivers\WMILIB.SYS
Image name: WMILIB.SYS
Timestamp: Thu Nov 02 13:24:53 2006 (4549B25D)
CheckSum: 00004EA9
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8020d000 8021a000 WDFLDR (deferred)
Image path: \SystemRoot\system32\drivers\WDFLDR.SYS
Image name: WDFLDR.SYS
Timestamp: Thu Nov 02 13:24:05 2006 (4549B22D)
CheckSum: 000124C2
ImageSize: 0000D000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8021a000 80255000 CLFS (deferred)
Image path: \SystemRoot\system32\CLFS.SYS
Image name: CLFS.SYS
Timestamp: Thu Nov 02 13:00:52 2006 (4549ACBC)
CheckSum: 00041B8F
ImageSize: 0003B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80255000 8025d000 BOOTVID (deferred)
Image path: \SystemRoot\system32\BOOTVID.dll
Image name: BOOTVID.dll
Timestamp: Thu Nov 02 14:09:29 2006 (4549BCD1)
CheckSum: 0000C572
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8025d000 80266000 PSHED (deferred)
Image path: \SystemRoot\system32\PSHED.dll
Image name: PSHED.dll
Timestamp: Thu Nov 02 14:12:51 2006 (4549BD9B)
CheckSum: 0001395B
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80266000 802c6000 mcupdate_GenuineIntel (deferred)
Image path: \SystemRoot\system32\mcupdate_GenuineIntel.dll
Image name: mcupdate_GenuineIntel.dll
Timestamp: Tue Apr 24 08:10:05 2007 (462D7C15)
CheckSum: 00065549
ImageSize: 00060000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
802c6000 802ce000 kdcom (deferred)
Image path: kdcom.dll
Image name: kdcom.dll
Timestamp: Thu Nov 02 14:12:20 2006 (4549BD7C)
CheckSum: 00009994
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80404000 8040b000 pciide (deferred)
Image path: \SystemRoot\system32\drivers\pciide.sys
Image name: pciide.sys
Timestamp: Thu Nov 02 13:21:35 2006 (4549B197)
CheckSum: 000100AE
ImageSize: 00007000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: pciide.sys
OriginalFilename: pciide.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Generic PCI IDE Bus Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
8040b000 8041b000 mountmgr (deferred)
Image path: \SystemRoot\System32\drivers\mountmgr.sys
Image name: mountmgr.sys
Timestamp: Thu Nov 02 13:21:06 2006 (4549B17A)
CheckSum: 0000F0B3
ImageSize: 00010000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8041b000 80425000 BATTC (deferred)
Image path: \SystemRoot\system32\DRIVERS\BATTC.SYS
Image name: BATTC.SYS
Timestamp: Thu Nov 02 13:05:00 2006 (4549ADB4)
CheckSum: 0000A38F
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80425000 80434000 volmgr (deferred)
Image path: \SystemRoot\system32\drivers\volmgr.sys
Image name: volmgr.sys
Timestamp: Thu Nov 02 13:21:44 2006 (4549B1A0)
CheckSum: 00015FAA
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80434000 80459000 pci (deferred)
Image path: \SystemRoot\system32\drivers\pci.sys
Image name: pci.sys
Timestamp: Thu Nov 02 13:05:13 2006 (4549ADC1)
CheckSum: 0002E8CB
ImageSize: 00025000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: pci.sys
OriginalFilename: pci.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: NT Plug and Play PCI Enumerator
LegalCopyright: © Microsoft Corporation. All rights reserved.
80459000 80461000 msisadrv (deferred)
Image path: \SystemRoot\system32\drivers\msisadrv.sys
Image name: msisadrv.sys
Timestamp: Thu Nov 02 13:05:08 2006 (4549ADBC)
CheckSum: 0000D703
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80461000 804a4000 acpi (deferred)
Image path: \SystemRoot\system32\drivers\acpi.sys
Image name: acpi.sys
Timestamp: Thu Nov 02 13:05:03 2006 (4549ADB7)
CheckSum: 00047E42
ImageSize: 00043000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
804a4000 8051f000 Wdf01000 (deferred)
Image path: \SystemRoot\system32\drivers\Wdf01000.sys
Image name: Wdf01000.sys
Timestamp: Thu Nov 02 13:24:18 2006 (4549B23A)
CheckSum: 0007DC5C
ImageSize: 0007B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8051f000 80600000 CI (deferred)
Image path: \SystemRoot\system32\CI.dll
Image name: CI.dll
Timestamp: Thu Nov 02 14:12:45 2006 (4549BD95)
CheckSum: 000A28B7
ImageSize: 000E1000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80602000 8060b000 crcdisk (deferred)
Image path: \SystemRoot\system32\drivers\crcdisk.sys
Image name: crcdisk.sys
Timestamp: Thu Nov 02 13:22:27 2006 (4549B1CB)
CheckSum: 00006D96
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8060b000 80613000 spldr (deferred)
Image path: \SystemRoot\System32\Drivers\spldr.sys
Image name: spldr.sys
Timestamp: Thu Oct 26 03:10:44 2006 (453FE7EC)
CheckSum: 0000BC5E
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80613000 80717000 ndis (deferred)
Image path: \SystemRoot\system32\drivers\ndis.sys
Image name: ndis.sys
Timestamp: Thu Nov 02 13:27:33 2006 (4549B2FD)
CheckSum: 000889FD
ImageSize: 00104000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80717000 80727000 fileinfo (deferred)
Image path: \SystemRoot\system32\drivers\fileinfo.sys
Image name: fileinfo.sys
Timestamp: Thu Nov 02 13:06:47 2006 (4549AE1F)
CheckSum: 0001C10F
ImageSize: 00010000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80727000 80758000 fltmgr (deferred)
Image path: \SystemRoot\system32\drivers\fltmgr.sys
Image name: fltmgr.sys
Timestamp: Thu Nov 02 13:00:58 2006 (4549ACC2)
CheckSum: 00035410
ImageSize: 00031000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80758000 80776000 ataport (deferred)
Image path: \SystemRoot\system32\drivers\ataport.SYS
Image name: ataport.SYS
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 0002A0B2
ImageSize: 0001E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
80776000 8077e000 atapi (deferred)
Image path: \SystemRoot\system32\drivers\atapi.sys
Image name: atapi.sys
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 00005F2B
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8077e000 807c8000 volmgrx (deferred)
Image path: \SystemRoot\System32\drivers\volmgrx.sys
Image name: volmgrx.sys
Timestamp: Thu Nov 02 13:21:54 2006 (4549B1AA)
CheckSum: 0004955F
ImageSize: 0004A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
807c8000 807f2000 pcmcia (deferred)
Image path: \SystemRoot\system32\DRIVERS\pcmcia.sys
Image name: pcmcia.sys
Timestamp: Thu Nov 02 13:05:13 2006 (4549ADC1)
CheckSum: 00035D9A
ImageSize: 0002A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
807f2000 80800000 PCIIDEX (deferred)
Image path: \SystemRoot\system32\drivers\PCIIDEX.SYS
Image name: PCIIDEX.SYS
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 0001200C
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81a0c000 81a1b000 mup (deferred)
Image path: \SystemRoot\System32\Drivers\mup.sys
Image name: mup.sys
Timestamp: Thu Nov 02 13:01:04 2006 (4549ACC8)
CheckSum: 00019B87
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81a1b000 81a2a000 partmgr (deferred)
Image path: \SystemRoot\System32\drivers\partmgr.sys
Image name: partmgr.sys
Timestamp: Thu Nov 02 13:21:47 2006 (4549B1A3)
CheckSum: 00015E29
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81a2a000 81a94000 ksecdd (deferred)
Image path: \SystemRoot\System32\Drivers\ksecdd.sys
Image name: ksecdd.sys
Timestamp: Thu Nov 02 13:13:45 2006 (4549AFC1)
CheckSum: 00064045
ImageSize: 0006A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81a94000 81b9c000 Ntfs (deferred)
Image path: \SystemRoot\System32\Drivers\Ntfs.sys
Image name: Ntfs.sys
Timestamp: Thu Nov 02 13:01:39 2006 (4549ACEB)
CheckSum: 001119DE
ImageSize: 00108000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntfs.sys
OriginalFilename: ntfs.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: NT File System Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
81b9c000 81bd5000 NETIO (deferred)
Image path: \SystemRoot\system32\drivers\NETIO.SYS
Image name: NETIO.SYS
Timestamp: Thu Nov 02 13:28:01 2006 (4549B319)
CheckSum: 0003D74B
ImageSize: 00039000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81bd5000 81c00000 msrpc (deferred)
Image path: \SystemRoot\system32\drivers\msrpc.sys
Image name: msrpc.sys
Timestamp: unavailable (FFFFFFFE)
CheckSum: missing
ImageSize: 0002B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
81c00000 81fa1000 nt (pdb symbols) c:\symbols\ntkrpamp.pdb\FD50D285751D4684938604B2CC1B41682\ntkrpamp.pdb
Loaded symbol image file: ntkrpamp.exe
Image path: ntkrpamp.exe
Image name: ntkrpamp.exe
Timestamp: Thu Nov 02 13:06:16 2006 (4549AE00)
CheckSum: 00360858
ImageSize: 003A1000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntkrpamp.exe
OriginalFilename: ntkrpamp.exe
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: NT Kernel & System
LegalCopyright: © Microsoft Corporation. All rights reserved.
81fa1000 81fd5000 hal (deferred)
Image path: halmacpi.dll
Image name: halmacpi.dll
Timestamp: Thu Nov 02 13:00:18 2006 (4549AC9A)
CheckSum: 00027A6F
ImageSize: 00034000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
83b73000 83b94000 CLASSPNP (deferred)
Image path: \SystemRoot\system32\drivers\CLASSPNP.SYS
Image name: CLASSPNP.SYS
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 00028767
ImageSize: 00021000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
83b94000 83ba5000 disk (deferred)
Image path: \SystemRoot\system32\drivers\disk.sys
Image name: disk.sys
Timestamp: Thu Nov 02 13:21:40 2006 (4549B19C)
CheckSum: 00016517
ImageSize: 00011000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
83ba5000 83bca000 ecache (deferred)
Image path: \SystemRoot\System32\drivers\ecache.sys
Image name: ecache.sys
Timestamp: Thu Nov 02 13:22:42 2006 (4549B1DA)
CheckSum: 0002A2CD
ImageSize: 00025000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
83bca000 83c00000 volsnap (deferred)
Image path: \SystemRoot\system32\drivers\volsnap.sys
Image name: volsnap.sys
Timestamp: Thu Nov 02 13:22:11 2006 (4549B1BB)
CheckSum: 0003CABF
ImageSize: 00036000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84415000 8441c000 WCPU (deferred)
Image path: \??\C:\Program Files\P4G\WCPU.sys
Image name: WCPU.sys
Timestamp: Thu Dec 21 14:50:33 2006 (458A5FF1)
CheckSum: 0000E408
ImageSize: 00007000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
844b5000 844c5000 lltdio (deferred)
Image path: \SystemRoot\system32\DRIVERS\lltdio.sys
Image name: lltdio.sys
Timestamp: Thu Nov 02 13:26:48 2006 (4549B2D0)
CheckSum: 00010AFF
ImageSize: 00010000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84525000 84535000 NDProxy (deferred)
Image path: \SystemRoot\System32\Drivers\NDProxy.SYS
Image name: NDProxy.SYS
Timestamp: Thu Nov 02 13:28:08 2006 (4549B320)
CheckSum: 000109C4
ImageSize: 00010000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84538000 84555000 EraserUtilRebootDrv (deferred)
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Image name: EraserUtilRebootDrv.sys
Timestamp: Thu Mar 29 04:21:40 2007 (460AFF8C)
CheckSum: 0001DBAD
ImageSize: 0001D000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a03000 84a0c000 tunmp (deferred)
Image path: \SystemRoot\system32\DRIVERS\tunmp.sys
Image name: tunmp.sys
Timestamp: Thu Jun 07 07:26:53 2007 (466773F5)
CheckSum: 0000774F
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a0c000 84a19000 umbus (deferred)
Image path: \SystemRoot\system32\DRIVERS\umbus.sys
Image name: umbus.sys
Timestamp: Thu Nov 02 13:25:24 2006 (4549B27C)
CheckSum: 0000A198
ImageSize: 0000D000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a1c000 84a28000 vga (deferred)
Image path: \SystemRoot\System32\drivers\vga.sys
Image name: vga.sys
Timestamp: Thu Nov 02 13:23:56 2006 (4549B224)
CheckSum: 0000AE5E
ImageSize: 0000C000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a28000 84a31000 Fs_Rec (deferred)
Image path: \SystemRoot\System32\Drivers\Fs_Rec.SYS
Image name: Fs_Rec.SYS
Timestamp: unavailable (FFFFFFFE)
CheckSum: missing
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a51000 84a62000 SRTSPX (deferred)
Image path: \SystemRoot\System32\Drivers\SRTSPX.SYS
Image name: SRTSPX.SYS
Timestamp: Fri Jan 12 06:41:05 2007 (45A6EE39)
CheckSum: 000097B9
ImageSize: 00011000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a64000 84a65700 USBD (deferred)
Image path: \SystemRoot\system32\DRIVERS\USBD.SYS
Image name: USBD.SYS
Timestamp: Thu Nov 02 13:25:00 2006 (4549B264)
CheckSum: 000034E1
ImageSize: 00001700
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: usbd.sys
OriginalFilename: usbd.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Universal Serial Bus Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
84a66000 84a67380 swenum (deferred)
Image path: \SystemRoot\system32\DRIVERS\swenum.sys
Image name: swenum.sys
Timestamp: Thu Nov 02 13:21:15 2006 (4549B183)
CheckSum: 00007AE5
ImageSize: 00001380
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84a74000 84a75780 SYMDNS (deferred)
Image path: \SystemRoot\System32\Drivers\SYMDNS.SYS
Image name: SYMDNS.SYS
Timestamp: Tue Oct 24 04:56:34 2006 (453D5DBA)
CheckSum: 0000CA7E
ImageSize: 00001780
File version: 7.1.0.23
Product version: 7.1.0.0
File flags: 0 (Mask 4F)
File OS: 40004 NT Win32
File type: 5.0 VXD
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Symantec Corporation
ProductName: Symantec Security Drivers
InternalName: SYMDNS
OriginalFilename: SYMDNS
ProductVersion: 7.1
FileVersion: 7.1.0.23
FileDescription: DNS Filter Driver
LegalCopyright: Copyright 2002 - 2006 Symantec Corporation
LegalTrademarks: Copyright 2002 - 2006 Symantec Corporation
84ad6000 84add000 Null (deferred)
Image path: \SystemRoot\System32\Drivers\Null.SYS
Image name: Null.SYS
Timestamp: unavailable (FFFFFFFE)
CheckSum: missing
ImageSize: 00007000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84add000 84ae4000 Beep (deferred)
Image path: \SystemRoot\System32\Drivers\Beep.SYS
Image name: Beep.SYS
Timestamp: Thu Nov 02 13:21:03 2006 (4549B177)
CheckSum: 0000F272
ImageSize: 00007000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84b18000 84b20000 dump_atapi (deferred)
Image path: \SystemRoot\System32\Drivers\dump_atapi.sys
Image name: dump_atapi.sys
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 00005F2B
ImageSize: 00008000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: atapi.sys
OriginalFilename: atapi.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: ATAPI IDE Miniport Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
84b60000 84b68000 ATKACPI (deferred)
Image path: \SystemRoot\system32\DRIVERS\ATKACPI.sys
Image name: ATKACPI.sys
Timestamp: Thu Dec 14 11:41:57 2006 (4580F93D)
CheckSum: 0000A891
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84b68000 84b70000 RDPCDD (deferred)
Image path: \SystemRoot\System32\DRIVERS\RDPCDD.sys
Image name: RDPCDD.sys
Timestamp: Thu Nov 02 13:32:01 2006 (4549B409)
CheckSum: 000095C6
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84b70000 84b78000 rdpencdd (deferred)
Image path: \SystemRoot\system32\drivers\rdpencdd.sys
Image name: rdpencdd.sys
Timestamp: Thu Nov 02 13:32:01 2006 (4549B409)
CheckSum: 0000CDEE
ImageSize: 00008000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
84b9c000 84b9f780 CmBatt (deferred)
Image path: \SystemRoot\system32\DRIVERS\CmBatt.sys
Image name: CmBatt.sys
Timestamp: Thu Nov 02 13:05:03 2006 (4549ADB7)
CheckSum: 0000BB7C
ImageSize: 00003780
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
86a41000 86a46080 SYMREDRV (deferred)
Image path: \SystemRoot\System32\Drivers\SYMREDRV.SYS
Image name: SYMREDRV.SYS
Timestamp: Tue Oct 24 04:59:54 2006 (453D5E82)
CheckSum: 0000A5EA
ImageSize: 00005080
File version: 7.1.0.23
Product version: 7.1.0.0
File flags: 0 (Mask 4F)
File OS: 40004 NT Win32
File type: 5.0 VXD
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Symantec Corporation
ProductName: Symantec Security Drivers
InternalName: SYMREDRV
OriginalFilename: SYMREDRV
ProductVersion: 7.1
FileVersion: 7.1.0.23
FileDescription: Redirector Filter Driver
LegalCopyright: Copyright 2002 - 2006 Symantec Corporation
LegalTrademarks: Copyright 2002 - 2006 Symantec Corporation
86aac000 86abd440 NAVENG (deferred)
Image path: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070715.002\NAVENG.SYS
Image name: NAVENG.SYS
Timestamp: Fri Mar 16 09:04:29 2007 (45FA1E55)
CheckSum: 0001623A
ImageSize: 00011440
File version: 20071.2.0.18
Product version: 20071.2.0.18
File flags: 0 (Mask 0)
File OS: 4 Unknown Win32
File type: 3.0 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Symantec Corporation
ProductName: Symantec Antivirus Engine
InternalName: naveng
OriginalFilename: naveng.sys
ProductVersion: 20071.2.0.18
FileVersion: 20071.2.0.18
FileDescription: AV Engine
LegalCopyright: Copyright (C) 1991-2007 Symantec Corporation.
86aee000 86b0f000 VIDEOPRT (deferred)
Image path: \SystemRoot\System32\drivers\VIDEOPRT.SYS
Image name: VIDEOPRT.SYS
Timestamp: Thu Nov 02 13:24:07 2006 (4549B22F)
CheckSum: 0001DD84
ImageSize: 00021000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.4 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: videoprt.sys
OriginalFilename: videoprt.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Video Port Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
86b4f000 86b5c000 watchdog (deferred)
Image path: \SystemRoot\System32\drivers\watchdog.sys
Image name: watchdog.sys
Timestamp: Thu Nov 02 13:07:44 2006 (4549AE58)
CheckSum: 0000E618
ImageSize: 0000D000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: watchdog.sys
OriginalFilename: watchdog.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Watchdog Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
86b79000 86b83000 usbohci (deferred)
Image path: \SystemRoot\system32\DRIVERS\usbohci.sys
Image name: usbohci.sys
Timestamp: Thu Nov 02 13:25:05 2006 (4549B269)
CheckSum: 0000EE06
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
86b83000 86b8e000 tunnel (deferred)
Image path: \SystemRoot\system32\DRIVERS\tunnel.sys
Image name: tunnel.sys
Timestamp: Thu Jun 07 07:27:03 2007 (466773FF)
CheckSum: 0000A64F
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87a01000 87a0c000 kbdclass (deferred)
Image path: \SystemRoot\system32\DRIVERS\kbdclass.sys
Image name: kbdclass.sys
Timestamp: Thu Nov 02 13:21:09 2006 (4549B17D)
CheckSum: 00009F23
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87a0e000 87a33000 drmk (deferred)
Image path: \SystemRoot\system32\drivers\drmk.sys
Image name: drmk.sys
Timestamp: Thu Nov 02 13:50:49 2006 (4549B871)
CheckSum: 0002E713
ImageSize: 00025000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: drmk.sys
OriginalFilename: drmk.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Microsoft Kernel DRM Descrambler Filter
LegalCopyright: © Microsoft Corporation. All rights reserved.
87a33000 87a60000 portcls (deferred)
Image path: \SystemRoot\system32\drivers\portcls.sys
Image name: portcls.sys
Timestamp: Thu Nov 02 13:25:02 2006 (4549B266)
CheckSum: 00034F0F
ImageSize: 0002D000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.9 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: portcls.sys
OriginalFilename: portcls.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Port Class (Class Driver for Port/Miniport Devices)
LegalCopyright: © Microsoft Corporation. All rights reserved.
87a9c000 87aab000 monitor (deferred)
Image path: \SystemRoot\system32\DRIVERS\monitor.sys
Image name: monitor.sys
Timestamp: Thu Nov 02 13:24:05 2006 (4549B22D)
CheckSum: 000126AD
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87b66000 87b71000 Msfs (deferred)
Image path: \SystemRoot\System32\Drivers\Msfs.SYS
Image name: Msfs.SYS
Timestamp: unavailable (FFFFFFFE)
CheckSum: missing
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87b71000 87b7c000 SYMNDISV (deferred)
Image path: \SystemRoot\System32\Drivers\SYMNDISV.SYS
Image name: SYMNDISV.SYS
Timestamp: Tue Oct 24 05:08:52 2006 (453D609C)
CheckSum: 0001767C
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87b7c000 87b87000 dump_dumpata (deferred)
Image path: \SystemRoot\System32\Drivers\dump_dumpata.sys
Image name: dump_dumpata.sys
Timestamp: Thu Nov 02 13:21:34 2006 (4549B196)
CheckSum: 0000C948
ImageSize: 0000B000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: dumpata.sys
OriginalFilename: dumpata.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: ATAPI Dump Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
87bdf000 87bea000 tcpipreg (deferred)
Image path: \SystemRoot\System32\drivers\tcpipreg.sys
Image name: tcpipreg.sys
Timestamp: Thu Nov 02 13:27:46 2006 (4549B30A)
CheckSum: 0000792D
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87c00000 87c12000 HDAudBus (deferred)
Image path: \SystemRoot\system32\DRIVERS\HDAudBus.sys
Image name: HDAudBus.sys
Timestamp: Sat Mar 24 23:24:34 2007 (460573EA)
CheckSum: 0001A527
ImageSize: 00012000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87c12000 87c4f000 USBPORT (deferred)
Image path: \SystemRoot\system32\DRIVERS\USBPORT.SYS
Image name: USBPORT.SYS
Timestamp: Thu Nov 02 13:25:09 2006 (4549B26D)
CheckSum: 0003FA9C
ImageSize: 0003D000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: usbport.sys
OriginalFilename: usbport.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: USB 1.1 & 2.0 Port Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
87c69000 87c76000 modem (deferred)
Image path: \SystemRoot\system32\drivers\modem.sys
Image name: modem.sys
Timestamp: Thu Nov 02 13:28:52 2006 (4549B34C)
CheckSum: 0001590B
ImageSize: 0000D000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87c76000 87c83000 crashdmp (deferred)
Image path: \SystemRoot\System32\Drivers\crashdmp.sys
Image name: crashdmp.sys
Timestamp: Thu Nov 02 13:21:36 2006 (4549B198)
CheckSum: 0001054E
ImageSize: 0000D000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: crashdmp.sys
OriginalFilename: crashdmp.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Crash Dump Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
87d1f000 87dbb000 dxgkrnl (deferred)
Image path: \SystemRoot\System32\drivers\dxgkrnl.sys
Image name: dxgkrnl.sys
Timestamp: Thu Nov 02 13:08:46 2006 (4549AE96)
CheckSum: 000A4A57
ImageSize: 0009C000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87dbe000 87dd2000 smb (deferred)
Image path: \SystemRoot\system32\DRIVERS\smb.sys
Image name: smb.sys
Timestamp: Thu Nov 02 13:27:10 2006 (4549B2E6)
CheckSum: 00010933
ImageSize: 00014000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87dd2000 87de7000 tdx (deferred)
Image path: \SystemRoot\system32\DRIVERS\tdx.sys
Image name: tdx.sys
Timestamp: Thu Nov 02 13:27:34 2006 (4549B2FE)
CheckSum: 0001FE16
ImageSize: 00015000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
87de7000 87e00000 fwpkclnt (deferred)
Image path: \SystemRoot\System32\drivers\fwpkclnt.sys
Image name: fwpkclnt.sys
Timestamp: Thu Nov 02 13:27:26 2006 (4549B2F6)
CheckSum: 0002402A
ImageSize: 00019000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: fwpkclnt.sys
OriginalFilename: fwpkclnt.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: FWP/IPsec Kernel-Mode API
LegalCopyright: © Microsoft Corporation. All rights reserved.
88003000 8801a000 rasl2tp (deferred)
Image path: \SystemRoot\system32\DRIVERS\rasl2tp.sys
Image name: rasl2tp.sys
Timestamp: Thu Nov 02 13:28:13 2006 (4549B325)
CheckSum: 0001283E
ImageSize: 00017000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8801a000 88025000 TDI (deferred)
Image path: \SystemRoot\system32\DRIVERS\TDI.SYS
Image name: TDI.SYS
Timestamp: Thu Nov 02 13:28:46 2006 (4549B346)
CheckSum: 0000B17F
ImageSize: 0000B000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.6 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: tdi.sys
OriginalFilename: tdi.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: TDI Wrapper
LegalCopyright: © Microsoft Corporation. All rights reserved.
88025000 88065000 storport (deferred)
Image path: \SystemRoot\system32\DRIVERS\storport.sys
Image name: storport.sys
Timestamp: Thu Nov 02 13:21:45 2006 (4549B1A1)
CheckSum: 0001ECB2
ImageSize: 00040000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: storport.sys
OriginalFilename: storport.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Microsoft Storage Port Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
8806c000 8809e000 netbt (deferred)
Image path: \SystemRoot\System32\DRIVERS\netbt.sys
Image name: netbt.sys
Timestamp: Thu Nov 02 13:27:18 2006 (4549B2EE)
CheckSum: 0002DCA1
ImageSize: 00032000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8809e000 880c9000 msiscsi (deferred)
Image path: \SystemRoot\system32\DRIVERS\msiscsi.sys
Image name: msiscsi.sys
Timestamp: Thu Nov 02 13:22:40 2006 (4549B1D8)
CheckSum: 0002C426
ImageSize: 0002B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
880d0000 880e6000 pacer (deferred)
Image path: \SystemRoot\system32\DRIVERS\pacer.sys
Image name: pacer.sys
Timestamp: Thu Nov 02 13:27:33 2006 (4549B2FD)
CheckSum: 00014F57
ImageSize: 00016000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
880e6000 880fa000 rimsptsk (deferred)
Image path: \SystemRoot\system32\DRIVERS\rimsptsk.sys
Image name: rimsptsk.sys
Timestamp: Wed Nov 15 08:12:45 2006 (455A8CB5)
CheckSum: 00018B7D
ImageSize: 00014000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
880fa000 88112000 sdbus (deferred)
Image path: \SystemRoot\system32\DRIVERS\sdbus.sys
Image name: sdbus.sys
Timestamp: Sat Apr 28 06:45:33 2007 (4632AE45)
CheckSum: 0001FC78
ImageSize: 00018000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88112000 88123000 Rtnicxp (deferred)
Image path: \SystemRoot\system32\DRIVERS\Rtnicxp.sys
Image name: Rtnicxp.sys
Timestamp: Mon Nov 06 06:31:19 2006 (454E976F)
CheckSum: 0000ECFA
ImageSize: 00011000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88133000 8813e000 mouclass (deferred)
Image path: \SystemRoot\system32\DRIVERS\mouclass.sys
Image name: mouclass.sys
Timestamp: Thu Nov 02 13:21:09 2006 (4549B17D)
CheckSum: 0000DE48
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8813f000 8816af00 SYMTDI (deferred)
Image path: \SystemRoot\System32\Drivers\SYMTDI.SYS
Image name: SYMTDI.SYS
Timestamp: Tue Oct 24 04:56:29 2006 (453D5DB5)
CheckSum: 00038671
ImageSize: 0002BF00
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8816b000 8817e000 wanarp (deferred)
Image path: \SystemRoot\system32\DRIVERS\wanarp.sys
Image name: wanarp.sys
Timestamp: Thu Nov 02 13:28:13 2006 (4549B325)
CheckSum: 00016E17
ImageSize: 00013000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8817e000 881a8100 SynTP (deferred)
Image path: \SystemRoot\system32\DRIVERS\SynTP.sys
Image name: SynTP.sys
Timestamp: Fri Oct 13 06:00:06 2006 (452EEC1E)
CheckSum: 0002E62B
ImageSize: 0002A100
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
881c7000 881da000 i8042prt (deferred)
Image path: \SystemRoot\system32\DRIVERS\i8042prt.sys
Image name: i8042prt.sys
Timestamp: Thu Nov 02 13:21:12 2006 (4549B180)
CheckSum: 0001977C
ImageSize: 00013000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
881db000 881fcf00 SYMFW (deferred)
Image path: \SystemRoot\System32\Drivers\SYMFW.SYS
Image name: SYMFW.SYS
Timestamp: Tue Oct 24 04:58:55 2006 (453D5E47)
CheckSum: 000268DF
ImageSize: 00021F00
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
881fd000 88220000 SYMEVENT (deferred)
Image path: \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
Image name: SYMEVENT.SYS
Timestamp: Sat Dec 16 05:00:34 2006 (45833E2A)
CheckSum: 0001D49E
ImageSize: 00023000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88220000 88229000 rasacd (deferred)
Image path: \SystemRoot\System32\DRIVERS\rasacd.sys
Image name: rasacd.sys
Timestamp: Thu Nov 02 13:28:13 2006 (4549B325)
CheckSum: 0000E90B
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88229000 88231180 SYMIDS (deferred)
Image path: \SystemRoot\System32\Drivers\SYMIDS.SYS
Image name: SYMIDS.SYS
Timestamp: Tue Oct 24 04:59:36 2006 (453D5E70)
CheckSum: 0000E154
ImageSize: 00008180
File version: 7.1.0.23
Product version: 7.1.0.0
File flags: 0 (Mask 4F)
File OS: 40000 NT Base
File type: 0.0 Unknown
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Symantec Corporation
ProductName: Symantec Security Drivers
ProductVersion: 7.1
FileVersion: 7.1.0.23
FileDescription: IDS Filter Driver
LegalCopyright: Copyright 2002 - 2006 Symantec Corporation
LegalTrademarks: Copyright 2002 - 2006 Symantec Corporation
882b0000 882c8000 cdrom (deferred)
Image path: \SystemRoot\system32\DRIVERS\cdrom.sys
Image name: cdrom.sys
Timestamp: Thu Nov 02 13:21:44 2006 (4549B1A0)
CheckSum: 0001BA75
ImageSize: 00018000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
882d6000 88320000 SRTSP (no symbols)
Loaded symbol image file: SRTSP.SYS
Image path: \SystemRoot\System32\Drivers\SRTSP.SYS
Image name: SRTSP.SYS
Timestamp: Fri Jan 12 06:41:05 2007 (45A6EE39)
CheckSum: 0003E5FD
ImageSize: 0004A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88320000 8832e000 intelppm (deferred)
Image path: \SystemRoot\system32\DRIVERS\intelppm.sys
Image name: intelppm.sys
Timestamp: Thu Nov 02 13:00:18 2006 (4549AC9A)
CheckSum: 00013132
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8832e000 8833c000 usbehci (deferred)
Image path: \SystemRoot\system32\DRIVERS\usbehci.sys
Image name: usbehci.sys
Timestamp: Thu Nov 02 13:25:04 2006 (4549B268)
CheckSum: 00017319
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8834a000 88358000 Npfs (deferred)
Image path: \SystemRoot\System32\Drivers\Npfs.SYS
Image name: Npfs.SYS
Timestamp: Thu Nov 02 13:00:57 2006 (4549ACC1)
CheckSum: 00016EA8
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88358000 88366000 netbios (deferred)
Image path: \SystemRoot\system32\DRIVERS\netbios.sys
Image name: netbios.sys
Timestamp: Thu Nov 02 13:27:26 2006 (4549B2F6)
CheckSum: 0000F480
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88404000 8843a000 IDSvix86 (deferred)
Image path: \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070709.002\IDSvix86.sys
Image name: IDSvix86.sys
Timestamp: Thu Mar 15 00:52:38 2007 (45F8598E)
CheckSum: 00037A00
ImageSize: 00036000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8843a000 88481000 afd (deferred)
Image path: \SystemRoot\system32\drivers\afd.sys
Image name: afd.sys
Timestamp: Thu Nov 02 13:28:41 2006 (4549B341)
CheckSum: 00049FFB
ImageSize: 00047000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88481000 884b5000 usbhub (deferred)
Image path: \SystemRoot\system32\DRIVERS\usbhub.sys
Image name: usbhub.sys
Timestamp: Thu Nov 02 13:25:20 2006 (4549B278)
CheckSum: 000355FE
ImageSize: 00034000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
884d1000 8850c000 rdbss (deferred)
Image path: \SystemRoot\system32\DRIVERS\rdbss.sys
Image name: rdbss.sys
Timestamp: Thu Nov 02 13:01:24 2006 (4549ACDC)
CheckSum: 0003A186
ImageSize: 0003B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8850c000 88572000 SPBBCDrv (deferred)
Image path: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
Image name: SPBBCDrv.sys
Timestamp: Sat Oct 07 01:31:22 2006 (4526C422)
CheckSum: 00066F19
ImageSize: 00066000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88572000 8857c000 mssmbios (deferred)
Image path: \SystemRoot\system32\DRIVERS\mssmbios.sys
Image name: mssmbios.sys
Timestamp: Thu Nov 02 13:05:13 2006 (4549ADC1)
CheckSum: 00010CCD
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88804000 88817000 raspptp (deferred)
Image path: \SystemRoot\system32\DRIVERS\raspptp.sys
Image name: raspptp.sys
Timestamp: Thu Nov 02 13:28:14 2006 (4549B326)
CheckSum: 00018677
ImageSize: 00013000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88817000 88826000 raspppoe (deferred)
Image path: \SystemRoot\system32\DRIVERS\raspppoe.sys
Image name: raspppoe.sys
Timestamp: Thu Nov 02 13:28:12 2006 (4549B324)
CheckSum: 00015C59
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88834000 8884b000 dfsc (deferred)
Image path: \SystemRoot\System32\Drivers\dfsc.sys
Image name: dfsc.sys
Timestamp: Thu Nov 02 13:01:04 2006 (4549ACC8)
CheckSum: 00015C96
ImageSize: 00017000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8884b000 8886e000 ndiswan (deferred)
Image path: \SystemRoot\system32\DRIVERS\ndiswan.sys
Image name: ndiswan.sys
Timestamp: Thu Nov 02 13:28:13 2006 (4549B325)
CheckSum: 00023D9F
ImageSize: 00023000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8886e000 88879000 ndistapi (deferred)
Image path: \SystemRoot\system32\DRIVERS\ndistapi.sys
Image name: ndistapi.sys
Timestamp: Thu Nov 02 13:28:07 2006 (4549B31F)
CheckSum: 00008E55
ImageSize: 0000B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
88879000 89000000 atikmdag (deferred)
Image path: \SystemRoot\system32\DRIVERS\atikmdag.sys
Image name: atikmdag.sys
Timestamp: Thu Dec 21 07:19:31 2006 (4589F63B)
CheckSum: 002358FE
ImageSize: 00787000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8900b000 89033000 fastfat (deferred)
Image path: \SystemRoot\System32\Drivers\fastfat.SYS
Image name: fastfat.SYS
Timestamp: Thu Nov 02 13:00:49 2006 (4549ACB9)
CheckSum: 0002A9C1
ImageSize: 00028000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
89033000 8905d000 ks (deferred)
Image path: \SystemRoot\system32\DRIVERS\ks.sys
Image name: ks.sys
Timestamp: Thu Nov 02 13:21:18 2006 (4549B186)
CheckSum: 000285FF
ImageSize: 0002A000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.0 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ks.sys
OriginalFilename: ks.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Kernel CSA Library
LegalCopyright: © Microsoft Corporation. All rights reserved.
89068000 89077000 termdd (deferred)
Image path: \SystemRoot\system32\DRIVERS\termdd.sys
Image name: termdd.sys
Timestamp: Thu Nov 02 13:32:00 2006 (4549B408)
CheckSum: 00016581
ImageSize: 0000F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
89081000 8908b000 MODEMCSA (deferred)
Image path: \SystemRoot\system32\drivers\MODEMCSA.sys
Image name: MODEMCSA.sys
Timestamp: Thu Nov 02 13:28:52 2006 (4549B34C)
CheckSum: 00009FDE
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8908b000 89095000 nsiproxy (deferred)
Image path: \SystemRoot\system32\drivers\nsiproxy.sys
Image name: nsiproxy.sys
Timestamp: Thu Nov 02 13:27:30 2006 (4549B2FA)
CheckSum: 0000D051
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
89095000 8909f000 Dxapi (deferred)
Image path: \SystemRoot\System32\drivers\Dxapi.sys
Image name: Dxapi.sys
Timestamp: Thu Nov 02 13:08:17 2006 (4549AE79)
CheckSum: 0000C639
ImageSize: 0000A000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: dxapi.sys
OriginalFilename: dxapi.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: DirectX API Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
8909f000 890a9000 ndisuio (deferred)
Image path: \SystemRoot\system32\DRIVERS\ndisuio.sys
Image name: ndisuio.sys
Timestamp: Thu Nov 02 13:27:22 2006 (4549B2F2)
CheckSum: 000086D8
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
890d1000 890db000 secdrv (deferred)
Image path: \SystemRoot\System32\Drivers\secdrv.SYS
Image name: secdrv.SYS
Timestamp: Wed Sep 13 17:48:32 2006 (45080528)
CheckSum: 0000F9E8
ImageSize: 0000A000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
89131000 891ff820 NAVEX15 (no symbols)
Loaded symbol image file: NAVEX15.SYS
Image path: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070715.002\NAVEX15.SYS
Image name: NAVEX15.SYS
Timestamp: Fri Mar 16 09:44:23 2007 (45FA27AF)
CheckSum: 000DB4F1
ImageSize: 000CE820
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8a80b000 8a86d000 eeCtrl (deferred)
Image path: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Image name: eeCtrl.sys
Timestamp: Thu Mar 29 04:21:40 2007 (460AFF8C)
CheckSum: 00063805
ImageSize: 00062000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8a86d000 8a9ff780 RTKVHDA (deferred)
Image path: \SystemRoot\system32\drivers\RTKVHDA.sys
Image name: RTKVHDA.sys
Timestamp: Fri Dec 01 10:08:47 2006 (456FBFE7)
CheckSum: 001A21BD
ImageSize: 00192780
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8aa50000 8aa5b0a0 FDC1ANT (no symbols)
Loaded symbol image file: FDC1ANT.SYS
Image path: \??\C:\Windows\system32\drivers\FDC1ANT.SYS
Image name: FDC1ANT.SYS
Timestamp: Sat Jan 27 17:58:39 2007 (45BB5387)
CheckSum: 0000CC2F
ImageSize: 0000B0A0
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8ab10000 8abffa00 smserial (deferred)
Image path: \SystemRoot\system32\DRIVERS\smserial.sys
Image name: smserial.sys
Timestamp: Mon Oct 09 21:17:55 2006 (452A7D3B)
CheckSum: 000FC6F4
ImageSize: 000EFA00
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8e52f000 8e600000 tcpip (deferred)
Image path: \SystemRoot\System32\drivers\tcpip.sys
Image name: tcpip.sys
Timestamp: Thu Nov 02 13:28:31 2006 (4549B337)
CheckSum: 000D0F67
ImageSize: 000D1000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95200000 953ff000 win32k (deferred)
Image path: \SystemRoot\System32\win32k.sys
Image name: win32k.sys
Timestamp: Thu Feb 15 07:27:33 2007 (45D3CC1D)
CheckSum: 001F82C6
ImageSize: 001FF000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95800000 95809000 TSDDD (deferred)
Image path: \SystemRoot\System32\TSDDD.dll
Image name: TSDDD.dll
Timestamp: Thu Nov 02 13:32:02 2006 (4549B40A)
CheckSum: 000133E7
ImageSize: 00009000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95810000 9581e000 cdd (deferred)
Image path: \SystemRoot\System32\cdd.dll
Image name: cdd.dll
Timestamp: Thu Nov 02 14:09:20 2006 (4549BCC8)
CheckSum: 0000ADC7
ImageSize: 0000E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95a11000 95a3c000 nwifi (deferred)
Image path: \SystemRoot\system32\DRIVERS\nwifi.sys
Image name: nwifi.sys
Timestamp: Thu Nov 02 13:25:41 2006 (4549B28D)
CheckSum: 0003428E
ImageSize: 0002B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95a98000 95aac000 mpsdrv (deferred)
Image path: \SystemRoot\System32\drivers\mpsdrv.sys
Image name: mpsdrv.sys
Timestamp: Thu Jun 07 07:25:55 2007 (466773BB)
CheckSum: 00017B0B
ImageSize: 00014000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95aac000 95abf000 rspndr (deferred)
Image path: \SystemRoot\system32\DRIVERS\rspndr.sys
Image name: rspndr.sys
Timestamp: Thu Nov 02 13:26:48 2006 (4549B2D0)
CheckSum: 00016310
ImageSize: 00013000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95b3f000 95ba1000 ACEDRV08 (deferred)
Image path: \??\C:\Windows\system32\drivers\ACEDRV08.sys
Image name: ACEDRV08.sys
Timestamp: Thu Nov 23 20:26:29 2006 (4565C4AD)
CheckSum: 0002A084
ImageSize: 00062000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
95ba1000 95bbc000 luafv (deferred)
Image path: \SystemRoot\system32\drivers\luafv.sys
Image name: luafv.sys
Timestamp: Thu Nov 02 13:03:07 2006 (4549AD43)
CheckSum: 0001BBEF
ImageSize: 0001B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
96e00000 96e12000 mrxsmb20 (deferred)
Image path: \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Image name: mrxsmb20.sys
Timestamp: Thu Nov 02 13:01:16 2006 (4549ACD4)
CheckSum: 00019A68
ImageSize: 00012000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97c00000 97c1b000 srvnet (deferred)
Image path: \SystemRoot\System32\DRIVERS\srvnet.sys
Image name: srvnet.sys
Timestamp: Thu Nov 02 13:01:43 2006 (4549ACEF)
CheckSum: 00015050
ImageSize: 0001B000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97c90000 97ca2000 WUDFPf (deferred)
Image path: \SystemRoot\system32\DRIVERS\WUDFPf.sys
Image name: WUDFPf.sys
Timestamp: Thu Nov 02 13:24:36 2006 (4549B24C)
CheckSum: 00018BF0
ImageSize: 00012000
File version: 6.0.6000.16386
Product version: 6.0.6000.16386
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: WUDFPf.sys
OriginalFilename: WUDFPf.sys
ProductVersion: 6.0.6000.16386
FileVersion: 6.0.6000.16386 (vista_rtm.061101-2205)
FileDescription: Windows Driver Foundation - User-mode Driver Framework Platform Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
97ca2000 97cb6280 WUDFRd (deferred)
Image path: \SystemRoot\system32\DRIVERS\WUDFRd.sys
Image name: WUDFRd.sys
Timestamp: Thu Nov 02 13:24:51 2006 (4549B25B)
CheckSum: 0001CE3C
ImageSize: 00014280
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97cb7000 97cd0000 bowser (deferred)
Image path: \SystemRoot\system32\DRIVERS\bowser.sys
Image name: bowser.sys
Timestamp: Thu Nov 02 13:01:11 2006 (4549ACCF)
CheckSum: 0001D6EC
ImageSize: 00019000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97e0f000 97e2d000 mrxsmb (deferred)
Image path: \SystemRoot\system32\DRIVERS\mrxsmb.sys
Image name: mrxsmb.sys
Timestamp: Thu Nov 02 13:01:20 2006 (4549ACD8)
CheckSum: 00022082
ImageSize: 0001E000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97e2d000 97ebb000 spsys (deferred)
Image path: \SystemRoot\system32\drivers\spsys.sys
Image name: spsys.sys
Timestamp: Thu Oct 26 03:13:28 2006 (453FE890)
CheckSum: 00089D11
ImageSize: 0008E000
File version: 6.0.5840.16389
Product version: 6.0.5840.16389
File flags: 8 (Mask 3F) Private
File OS: 40004 NT Win32
File type: 3.0 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: spsys.sys
OriginalFilename: spsys.sys
ProductVersion: 6.0.5840.16389
FileVersion: 6.0.5840.16389 (VISTA_RTM(sepbld-s).061025-1421)
FileDescription: security processor
LegalCopyright: © Microsoft Corporation. All rights reserved.
97efb000 97f1a000 mrxdav (deferred)
Image path: \SystemRoot\system32\drivers\mrxdav.sys
Image name: mrxdav.sys
Timestamp: Thu Nov 02 13:01:24 2006 (4549ACDC)
CheckSum: 00020D0D
ImageSize: 0001F000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
97f9a000 98000000 HTTP (deferred)
Image path: \SystemRoot\system32\drivers\HTTP.sys
Image name: HTTP.sys
Timestamp: Thu Nov 02 13:27:06 2006 (4549B2E2)
CheckSum: 0006169A
ImageSize: 00066000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
9821c000 98232000 cdfs (deferred)
Image path: \SystemRoot\system32\DRIVERS\cdfs.sys
Image name: cdfs.sys
Timestamp: Thu Nov 02 13:00:50 2006 (4549ACBA)
CheckSum: 0001EEB3
ImageSize: 00016000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
982b5000 982b7540 ghaio (deferred)
Image path: \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
Image name: ghaio.sys
Timestamp: Wed Aug 20 07:58:48 2003 (3F42EAF0)
CheckSum: 00008685
ImageSize: 00002540
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
988f7000 98943000 srv (deferred)
Image path: \SystemRoot\System32\DRIVERS\srv.sys
Image name: srv.sys
Timestamp: Thu Nov 02 13:01:55 2006 (4549ACFB)
CheckSum: 0005310D
ImageSize: 0004C000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
989a3000 989c7000 srv2 (deferred)
Image path: \SystemRoot\System32\DRIVERS\srv2.sys
Image name: srv2.sys
Timestamp: Thu Nov 02 13:01:46 2006 (4549ACF2)
CheckSum: 0002A07A
ImageSize: 00024000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
989c7000 98a00000 mrxsmb10 (deferred)
Image path: \SystemRoot\system32\DRIVERS\mrxsmb10.sys
Image name: mrxsmb10.sys
Timestamp: Thu Nov 02 13:01:25 2006 (4549ACDD)
CheckSum: 00042EE5
ImageSize: 00039000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
9a2e2000 9a3c0000 peauth (deferred)
Image path: \SystemRoot\system32\drivers\peauth.sys
Image name: peauth.sys
Timestamp: Mon Oct 23 13:25:32 2006 (453C8384)
CheckSum: 000DBD03
ImageSize: 000DE000
File version: 6.0.5840.16385
Product version: 6.0.5840.16385
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: PEAuth.sys
OriginalFilename: PEAuth.sys
ProductVersion: 6.0.5840.16385
FileVersion: 6.0.5840.16385 (VISTA_RTM_CLIENT_akaDMD.061022-1800)
FileDescription: Protected Environment Authentication and Authorization Export Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
9a49a000 9a4c0000 ipnat (deferred)
Image path: \SystemRoot\system32\DRIVERS\ipnat.sys
Image name: ipnat.sys
Timestamp: Thu Nov 02 13:28:09 2006 (4549B321)
CheckSum: 0001A08F
ImageSize: 00026000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
Unloaded modules:
84b30000 84b38000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
84403000 84410000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
84422000 8442d000 dump_ataport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
84b50000 84b58000 dump_atapi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
