New
#1
Computer crashes when waking up from sleep mode.
Hi:
My computer crashes right after it wakes up from sleep mode.
I used MSDaRT to diagnose the problem, and obtained a Analysis.log file, but I can't figure out where the problem is.
Here is a copy of the contents of the file:
Code:Opened log file 'C:\Windows\msdart_crashanalyzer_kd_ansi.log' Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506 Machine Name: Kernel base = 0xfffff800`0304b000 PsLoadedModuleList = 0xfffff800`03290670 Debug session time: Sun Jan 15 13:14:45.651 2012 (GMT-8) System Uptime: 0 days 3:53:06.612 Loading Kernel Symbols ............................................................... ................................................................ .................................................... Loading User Symbols Loading unloaded module list ....... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck A, {fffffa8014383df8, 2, 1, fffff8000317efe6} Probably caused by : memory_corruption ( nt!MiReleaseConfirmedPageFileSpace+86 ) Followup: MachineOwner --------- 2: kd> .logclose Closing open log file C:\Windows\msdart_crashanalyzer_kd_ansi.log Opened log file 'C:\Windows\msdart_crashanalyzer_kd_unicode.log' 2: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: fffffa8014383df8, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000001, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff8000317efe6, address which referenced memory Debugging Details: ------------------ WRITE_ADDRESS: fffffa8014383df8 CURRENT_IRQL: 2 FAULTING_IP: nt!MiReleaseConfirmedPageFileSpace+86 fffff800`0317efe6 480fb328 btr qword ptr [rax],rbp DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: System TRAP_FRAME: fffff880033fc8e0 -- (.trap 0xfffff880033fc8e0) .trap 0xfffff880033fc8e0 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=fffffa80068e7010 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff8000317efe6 rsp=fffff880033fca70 rbp=000000006d4e6f49 r8=fffff880033fcaa0 r9=0000000000004b03 r10=0000000000000000 r11=0000058000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!MiReleaseConfirmedPageFileSpace+0x86: fffff800`0317efe6 480fb328 btr qword ptr [rax],rbp ds:0011:fffffa80`068e7010=ffffffffffffffff .trap Resetting default scope LAST_CONTROL_TRANSFER: from fffff800030c71e9 to fffff800030c7c40 STACK_TEXT: fffff880`033fc798 fffff800`030c71e9 : 00000000`0000000a fffffa80`14383df8 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx fffff880`033fc7a0 fffff800`030c5e60 : b0300001`1dc82921 fffffa80`03b8ab60 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff880`033fc8e0 fffff800`0317efe6 : 00000000`80000000 00000000`00000000 fffffa80`067da2a0 00000980`00000000 : nt!KiPageFault+0x260 fffff880`033fca70 fffff800`03134471 : 6d4e6f49`03050100 00000000`00000000 6d4e6f49`03050100 00000000`00000000 : nt!MiReleaseConfirmedPageFileSpace+0x86 fffff880`033fcaf0 fffff800`0336725f : fffffa80`06ef8dc0 00000000`00000000 00000000`0008c081 fffffa80`046522f0 : nt! ?? ::FNODOBFM::`string'+0x2bd1d fffff880`033fcbc0 fffff800`0311518d : fffffa80`06ef8dc8 00000000`00000001 00000000`00000000 00000000`00000631 : nt!MiSegmentDelete+0x7b fffff880`033fcc00 fffff800`03115051 : 00000000`00000000 00000000`00000080 fffffa80`03af5890 fffffa80`00000012 : nt!MiProcessDereferenceList+0x131 fffff880`033fccc0 fffff800`03362fee : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MiDereferenceSegmentThread+0x10d fffff880`033fcd40 fffff800`030b95e6 : fffff880`03163180 fffffa80`03b8ab60 fffff880`0316dfc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a fffff880`033fcd80 00000000`00000000 : fffff880`033fd000 fffff880`033f7000 fffff880`033fc530 00000000`00000000 : nt!KxStartSystemThread+0x16 STACK_COMMAND: kb FOLLOWUP_IP: nt!MiReleaseConfirmedPageFileSpace+86 fffff800`0317efe6 480fb328 btr qword ptr [rax],rbp SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: nt!MiReleaseConfirmedPageFileSpace+86 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt DEBUG_FLR_IMAGE_TIMESTAMP: 4e02aaa3 IMAGE_NAME: memory_corruption FAILURE_BUCKET_ID: X64_0xA_nt!MiReleaseConfirmedPageFileSpace+86 BUCKET_ID: X64_0xA_nt!MiReleaseConfirmedPageFileSpace+86 Followup: MachineOwner --------- 2: kd> !thread THREAD fffffa8003b8ab60 Cid 0004.0060 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 2 Not impersonating DeviceMap fffff8a000008830 Owning Process fffffa8003af5890 Image: System Attached Process N/A Image: N/A Wait Start TickCount 836010 Ticks: 60561 (0:00:15:44.757) Context Switch Count 1462 UserTime 00:00:00.000 KernelTime 00:00:00.093 Win32 Start Address nt!MiDereferenceSegmentThread (0xfffff80003114f44) Stack Init fffff880033fcdb0 Current fffff880033fc530 Base fffff880033fd000 Limit fffff880033f7000 Call 0 Priority 18 BasePriority 8 UnusualBoost 0 ForegroundBoost 0 IoPriority 2 PagePriority 5 Child-SP RetAddr : Args to Child : Call Site fffff880`033fc798 fffff800`030c71e9 : 00000000`0000000a fffffa80`14383df8 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx fffff880`033fc7a0 fffff800`030c5e60 : b0300001`1dc82921 fffffa80`03b8ab60 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff880`033fc8e0 fffff800`0317efe6 : 00000000`80000000 00000000`00000000 fffffa80`067da2a0 00000980`00000000 : nt!KiPageFault+0x260 (TrapFrame @ fffff880`033fc8e0) fffff880`033fca70 fffff800`03134471 : 6d4e6f49`03050100 00000000`00000000 6d4e6f49`03050100 00000000`00000000 : nt!MiReleaseConfirmedPageFileSpace+0x86 fffff880`033fcaf0 fffff800`0336725f : fffffa80`06ef8dc0 00000000`00000000 00000000`0008c081 fffffa80`046522f0 : nt! ?? ::FNODOBFM::`string'+0x2bd1d fffff880`033fcbc0 fffff800`0311518d : fffffa80`06ef8dc8 00000000`00000001 00000000`00000000 00000000`00000631 : nt!MiSegmentDelete+0x7b fffff880`033fcc00 fffff800`03115051 : 00000000`00000000 00000000`00000080 fffffa80`03af5890 fffffa80`00000012 : nt!MiProcessDereferenceList+0x131 fffff880`033fccc0 fffff800`03362fee : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MiDereferenceSegmentThread+0x10d fffff880`033fcd40 fffff800`030b95e6 : fffff880`03163180 fffffa80`03b8ab60 fffff880`0316dfc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a fffff880`033fcd80 00000000`00000000 : fffff880`033fd000 fffff880`033f7000 fffff880`033fc530 00000000`00000000 : nt!KxStartSystemThread+0x16 2: kd> lm kv start end module name fffff800`00bd3000 fffff800`00bdd000 kdcom (deferred) Image path: kdcom.dll Image name: kdcom.dll Timestamp: Sat Feb 05 08:52:49 2011 (4D4D8061) CheckSum: 0000F59B ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff800`03002000 fffff800`0304b000 hal (deferred) Image path: hal.dll Image name: hal.dll Timestamp: Sat Nov 20 05:00:25 2010 (4CE7C669) CheckSum: 000404C3 ImageSize: 00049000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff800`0304b000 fffff800`03634000 nt (pdb symbols) c:\symbols\ntkrnlmp.pdb\47F5C3BF9E0A493C9F63BB8F6413358B2\ntkrnlmp.pdb Loaded symbol image file: ntkrnlmp.exe Image path: ntkrnlmp.exe Image name: ntkrnlmp.exe Timestamp: Wed Jun 22 18:53:23 2011 (4E02AAA3) CheckSum: 0055C228 ImageSize: 005E9000 File version: 6.1.7601.17640 Product version: 6.1.7601.17640 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 1.0 App File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: ntkrnlmp.exe OriginalFilename: ntkrnlmp.exe ProductVersion: 6.1.7601.17640 FileVersion: 6.1.7601.17640 (win7sp1_gdr.110622-1506) FileDescription: NT Kernel & System LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`00c00000 fffff880`00c0f000 WDFLDR (deferred) Image path: \SystemRoot\system32\drivers\WDFLDR.SYS Image name: WDFLDR.SYS Timestamp: Mon Jul 13 15:19:54 2009 (4A5BC11A) CheckSum: 00011010 ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00c11000 fffff880`00c1e000 mcupdate_AuthenticAMD (deferred) Image path: \SystemRoot\system32\mcupdate_AuthenticAMD.dll Image name: mcupdate_AuthenticAMD.dll Timestamp: Mon Jul 13 17:29:09 2009 (4A5BDF65) CheckSum: 0000BABC ImageSize: 0000D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00c1e000 fffff880`00c32000 PSHED (deferred) Image path: \SystemRoot\system32\PSHED.dll Image name: PSHED.dll Timestamp: Mon Jul 13 17:32:23 2009 (4A5BE027) CheckSum: 0000F762 ImageSize: 00014000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00c32000 fffff880`00c90000 CLFS (deferred) Image path: \SystemRoot\system32\CLFS.SYS Image name: CLFS.SYS Timestamp: Mon Jul 13 15:19:57 2009 (4A5BC11D) CheckSum: 00065C46 ImageSize: 0005E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00c90000 fffff880`00d50000 CI (deferred) Image path: \SystemRoot\system32\CI.dll Image name: CI.dll Timestamp: Sat Nov 20 05:12:36 2010 (4CE7C944) CheckSum: 000CB0F6 ImageSize: 000C0000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00d50000 fffff880`00df4000 Wdf01000 (deferred) Image path: \SystemRoot\system32\drivers\Wdf01000.sys Image name: Wdf01000.sys Timestamp: Mon Jul 13 15:22:07 2009 (4A5BC19F) CheckSum: 000A2E74 ImageSize: 000A4000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00e0d000 fffff880`00e64000 ACPI (deferred) Image path: \SystemRoot\system32\drivers\ACPI.sys Image name: ACPI.sys Timestamp: Sat Nov 20 01:19:16 2010 (4CE79294) CheckSum: 0005ACF6 ImageSize: 00057000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00e64000 fffff880`00e6d000 WMILIB (deferred) Image path: \SystemRoot\system32\drivers\WMILIB.SYS Image name: WMILIB.SYS Timestamp: Mon Jul 13 15:19:51 2009 (4A5BC117) CheckSum: 00005007 ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00e6d000 fffff880`00e77000 msisadrv (deferred) Image path: \SystemRoot\system32\drivers\msisadrv.sys Image name: msisadrv.sys Timestamp: Mon Jul 13 15:19:26 2009 (4A5BC0FE) CheckSum: 0001320D ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00e77000 fffff880`00eaa000 pci (deferred) Image path: \SystemRoot\system32\drivers\pci.sys Image name: pci.sys Timestamp: Sat Nov 20 01:19:11 2010 (4CE7928F) CheckSum: 00033150 ImageSize: 00033000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: pci.sys OriginalFilename: pci.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: NT Plug and Play PCI Enumerator LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`00eaa000 fffff880`00eb7000 vdrvroot (deferred) Image path: \SystemRoot\system32\drivers\vdrvroot.sys Image name: vdrvroot.sys Timestamp: Mon Jul 13 16:01:31 2009 (4A5BCADB) CheckSum: 0000C04B ImageSize: 0000D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00eb7000 fffff880`00ecc000 partmgr (deferred) Image path: \SystemRoot\System32\drivers\partmgr.sys Image name: partmgr.sys Timestamp: Sat Nov 20 01:20:00 2010 (4CE792C0) CheckSum: 000209B5 ImageSize: 00015000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00ecc000 fffff880`00ee1000 volmgr (deferred) Image path: \SystemRoot\system32\drivers\volmgr.sys Image name: volmgr.sys Timestamp: Sat Nov 20 01:19:28 2010 (4CE792A0) CheckSum: 00019F72 ImageSize: 00015000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00ee1000 fffff880`00f3d000 volmgrx (deferred) Image path: \SystemRoot\System32\drivers\volmgrx.sys Image name: volmgrx.sys Timestamp: Sat Nov 20 01:20:43 2010 (4CE792EB) CheckSum: 00065F6D ImageSize: 0005C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00f3d000 fffff880`00f44000 pciide (deferred) Image path: \SystemRoot\system32\drivers\pciide.sys Image name: pciide.sys Timestamp: Mon Jul 13 15:19:49 2009 (4A5BC115) CheckSum: 000068CB ImageSize: 00007000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: pciide.sys OriginalFilename: pciide.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Generic PCI IDE Bus Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`00f44000 fffff880`00f54000 PCIIDEX (deferred) Image path: \SystemRoot\system32\drivers\PCIIDEX.SYS Image name: PCIIDEX.SYS Timestamp: Mon Jul 13 15:19:48 2009 (4A5BC114) CheckSum: 00019CC5 ImageSize: 00010000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00f54000 fffff880`00f55e80 AiCharger (deferred) Image path: \SystemRoot\system32\DRIVERS\AiCharger.sys Image name: AiCharger.sys Timestamp: Wed May 05 00:37:36 2010 (4BE12E50) CheckSum: 00004C40 ImageSize: 00001E80 File version: 5.2.3790.0 Product version: 5.2.3790.0 File flags: 8 (Mask 3F) Private File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: ASUSTek Computer Inc. ProductName: ASUS Ai Charger InternalName: AiCharger.sys OriginalFilename: AiCharger.sys ProductVersion: 1.00.00 FileVersion: 1.00.00 built by: WinDDK FileDescription: ASUS Charger driver LegalCopyright: Copyright (c) ASUSTek Computer Inc. All rights reserved. fffff880`00f56000 fffff880`00f70000 mountmgr (deferred) Image path: \SystemRoot\System32\drivers\mountmgr.sys Image name: mountmgr.sys Timestamp: Sat Nov 20 01:19:21 2010 (4CE79299) CheckSum: 00022621 ImageSize: 0001A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00f70000 fffff880`00fac000 vmbus (deferred) Image path: \SystemRoot\system32\drivers\vmbus.sys Image name: vmbus.sys Timestamp: Sat Nov 20 01:57:29 2010 (4CE79B89) CheckSum: 0003F6CF ImageSize: 0003C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00fac000 fffff880`00fc0000 winhv (deferred) Image path: \SystemRoot\system32\drivers\winhv.sys Image name: winhv.sys Timestamp: Sat Nov 20 01:20:02 2010 (4CE792C2) CheckSum: 00017BFE ImageSize: 00014000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00fc0000 fffff880`00fc9000 atapi (deferred) Image path: \SystemRoot\system32\drivers\atapi.sys Image name: atapi.sys Timestamp: Mon Jul 13 15:19:47 2009 (4A5BC113) CheckSum: 000065BB ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00fc9000 fffff880`00ff3000 ataport (deferred) Image path: \SystemRoot\system32\drivers\ataport.SYS Image name: ataport.SYS Timestamp: Sat Nov 20 01:19:15 2010 (4CE79293) CheckSum: 000287EF ImageSize: 0002A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`00ff3000 fffff880`00ffe000 msahci (deferred) Image path: \SystemRoot\system32\drivers\msahci.sys Image name: msahci.sys Timestamp: Sat Nov 20 02:33:58 2010 (4CE7A416) CheckSum: 00017292 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01000000 fffff880`01071000 SYMDS64 (deferred) Image path: \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS Image name: SYMDS64.SYS Timestamp: Tue Dec 07 16:16:58 2010 (4CFECE7A) CheckSum: 0007C65C ImageSize: 00071000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01071000 fffff880`01085000 fileinfo (deferred) Image path: \SystemRoot\system32\drivers\fileinfo.sys Image name: fileinfo.sys Timestamp: Mon Jul 13 15:34:25 2009 (4A5BC481) CheckSum: 00015644 ImageSize: 00014000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01085000 fffff880`010a7000 tdx (deferred) Image path: \SystemRoot\system32\DRIVERS\tdx.sys Image name: tdx.sys Timestamp: Sat Nov 20 01:21:54 2010 (4CE79332) CheckSum: 000288B2 ImageSize: 00022000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`010a7000 fffff880`010b4000 TDI (deferred) Image path: \SystemRoot\system32\DRIVERS\TDI.SYS Image name: TDI.SYS Timestamp: Sat Nov 20 01:22:06 2010 (4CE7933E) CheckSum: 00016255 ImageSize: 0000D000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.6 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: tdi.sys OriginalFilename: tdi.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: TDI Wrapper LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`010d9000 fffff880`01103000 vsmraid (deferred) Image path: \SystemRoot\system32\DRIVERS\vsmraid.sys Image name: vsmraid.sys Timestamp: Fri Jan 30 17:18:57 2009 (4983A701) CheckSum: 00028DEF ImageSize: 0002A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01103000 fffff880`01166000 storport (deferred) Image path: \SystemRoot\system32\DRIVERS\storport.sys Image name: storport.sys Timestamp: Thu Mar 10 20:30:23 2011 (4D79A55F) CheckSum: 000309FA ImageSize: 00063000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01166000 fffff880`0117d000 amd_sata (deferred) Image path: \SystemRoot\system32\DRIVERS\amd_sata.sys Image name: amd_sata.sys Timestamp: Thu Jun 16 11:07:44 2011 (4DFA5480) CheckSum: 0001BC1D ImageSize: 00017000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0117d000 fffff880`0118b000 amd_xata (deferred) Image path: \SystemRoot\system32\DRIVERS\amd_xata.sys Image name: amd_xata.sys Timestamp: Thu Jun 16 11:07:47 2011 (4DFA5483) CheckSum: 00015B5B ImageSize: 0000E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0118b000 fffff880`01196000 amdxata (deferred) Image path: \SystemRoot\system32\drivers\amdxata.sys Image name: amdxata.sys Timestamp: Fri Mar 19 08:18:18 2010 (4BA3A3CA) CheckSum: 000092B7 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01196000 fffff880`011e2000 fltmgr (deferred) Image path: \SystemRoot\system32\drivers\fltmgr.sys Image name: fltmgr.sys Timestamp: Sat Nov 20 01:19:24 2010 (4CE7929C) CheckSum: 0005452D ImageSize: 0004C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01200000 fffff880`01272000 cng (deferred) Image path: \SystemRoot\System32\Drivers\cng.sys Image name: cng.sys Timestamp: Wed Nov 16 20:23:17 2011 (4EC48C35) CheckSum: 0007FEF2 ImageSize: 00072000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0127e000 fffff880`01362000 SYMEFA64 (deferred) Image path: \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS Image name: SYMEFA64.SYS Timestamp: Sun Mar 13 19:20:58 2011 (4D7D899A) CheckSum: 000E6F15 ImageSize: 000E4000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01362000 fffff880`01390000 symsnap (deferred) Image path: \SystemRoot\system32\DRIVERS\symsnap.sys Image name: symsnap.sys Timestamp: Tue Sep 15 13:02:11 2009 (4AB000D3) CheckSum: 00034921 ImageSize: 0002E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01390000 fffff880`013ee000 msrpc (deferred) Image path: \SystemRoot\System32\Drivers\msrpc.sys Image name: msrpc.sys Timestamp: Sat Nov 20 01:21:56 2010 (4CE79334) CheckSum: 0005E9E7 ImageSize: 0005E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`013ee000 fffff880`013ff000 Npfs (deferred) Image path: \SystemRoot\System32\Drivers\Npfs.SYS Image name: Npfs.SYS Timestamp: Mon Jul 13 15:19:48 2009 (4A5BC114) CheckSum: 00019AED ImageSize: 00011000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01400000 fffff880`0141b000 ksecdd (deferred) Image path: \SystemRoot\System32\Drivers\ksecdd.sys Image name: ksecdd.sys Timestamp: Wed Nov 16 19:48:13 2011 (4EC483FD) CheckSum: 0001B182 ImageSize: 0001B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0141b000 fffff880`0142c000 pcw (deferred) Image path: \SystemRoot\System32\drivers\pcw.sys Image name: pcw.sys Timestamp: Mon Jul 13 15:19:27 2009 (4A5BC0FF) CheckSum: 00014B5E ImageSize: 00011000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0142c000 fffff880`01436000 Fs_Rec (deferred) Image path: \SystemRoot\System32\Drivers\Fs_Rec.sys Image name: Fs_Rec.sys Timestamp: Mon Jul 13 15:19:45 2009 (4A5BC111) CheckSum: 0001398A ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01436000 fffff880`0143f000 rdpencdd (deferred) Image path: \SystemRoot\system32\drivers\rdpencdd.sys Image name: rdpencdd.sys Timestamp: Mon Jul 13 16:16:34 2009 (4A5BCE62) CheckSum: 000074D5 ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0143f000 fffff880`01448000 rdprefmp (deferred) Image path: \SystemRoot\system32\drivers\rdprefmp.sys Image name: rdprefmp.sys Timestamp: Mon Jul 13 16:16:35 2009 (4A5BCE63) CheckSum: 0000ABCD ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01450000 fffff880`015f3000 Ntfs (deferred) Image path: \SystemRoot\System32\Drivers\Ntfs.sys Image name: Ntfs.sys Timestamp: Thu Mar 10 19:39:39 2011 (4D79997B) CheckSum: 0019968A ImageSize: 001A3000 File version: 6.1.7601.17577 Product version: 6.1.7601.17577 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: ntfs.sys OriginalFilename: ntfs.sys ProductVersion: 6.1.7601.17577 FileVersion: 6.1.7601.17577 (win7sp1_gdr.110310-1504) FileDescription: NT File System Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`015f3000 fffff880`015fe000 Msfs (deferred) Image path: \SystemRoot\System32\Drivers\Msfs.SYS Image name: Msfs.SYS Timestamp: Mon Jul 13 15:19:47 2009 (4A5BC113) CheckSum: 00007126 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01600000 fffff880`01660000 NETIO (deferred) Image path: \SystemRoot\system32\drivers\NETIO.SYS Image name: NETIO.SYS Timestamp: Sat Nov 20 01:23:13 2010 (4CE79381) CheckSum: 00066D17 ImageSize: 00060000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01660000 fffff880`0168b000 ksecpkg (deferred) Image path: \SystemRoot\System32\Drivers\ksecpkg.sys Image name: ksecpkg.sys Timestamp: Wed Nov 16 20:23:44 2011 (4EC48C50) CheckSum: 0002A56C ImageSize: 0002B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0168b000 fffff880`016b5000 cdrom (deferred) Image path: \SystemRoot\system32\DRIVERS\cdrom.sys Image name: cdrom.sys Timestamp: Sat Nov 20 01:19:20 2010 (4CE79298) CheckSum: 0002B742 ImageSize: 0002A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`016b5000 fffff880`016c3000 vga (deferred) Image path: \SystemRoot\System32\drivers\vga.sys Image name: vga.sys Timestamp: Mon Jul 13 15:38:47 2009 (4A5BC587) CheckSum: 00013E6F ImageSize: 0000E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`016c3000 fffff880`016e8000 VIDEOPRT (deferred) Image path: \SystemRoot\System32\drivers\VIDEOPRT.SYS Image name: VIDEOPRT.SYS Timestamp: Mon Jul 13 15:38:51 2009 (4A5BC58B) CheckSum: 00028FC7 ImageSize: 00025000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.4 Driver File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: videoprt.sys OriginalFilename: videoprt.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Video Port Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`016e8000 fffff880`016f8000 watchdog (deferred) Image path: \SystemRoot\System32\drivers\watchdog.sys Image name: watchdog.sys Timestamp: Mon Jul 13 15:37:35 2009 (4A5BC53F) CheckSum: 00019CBE ImageSize: 00010000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: watchdog.sys OriginalFilename: watchdog.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Watchdog Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`016fd000 fffff880`017f0000 ndis (deferred) Image path: \SystemRoot\system32\drivers\ndis.sys Image name: ndis.sys Timestamp: Sat Nov 20 01:23:30 2010 (4CE79392) CheckSum: 000E8AC1 ImageSize: 000F3000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`017f0000 fffff880`017f9000 RDPCDD (deferred) Image path: \SystemRoot\System32\DRIVERS\RDPCDD.sys Image name: RDPCDD.sys Timestamp: Mon Jul 13 16:16:34 2009 (4A5BCE62) CheckSum: 0000FFAC ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01800000 fffff880`01818000 rspndr (deferred) Image path: \SystemRoot\system32\DRIVERS\rspndr.sys Image name: rspndr.sys Timestamp: Mon Jul 13 16:08:50 2009 (4A5BCC92) CheckSum: 0001656B ImageSize: 00018000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01830000 fffff880`01a34000 tcpip (deferred) Image path: \SystemRoot\System32\drivers\tcpip.sys Image name: tcpip.sys Timestamp: Wed Sep 28 19:43:04 2011 (4E83E948) CheckSum: 001E3EE2 ImageSize: 00204000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01a34000 fffff880`01a7e000 fwpkclnt (deferred) Image path: \SystemRoot\System32\drivers\fwpkclnt.sys Image name: fwpkclnt.sys Timestamp: Sat Nov 20 01:21:37 2010 (4CE79321) CheckSum: 0004AB00 ImageSize: 0004A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01a7e000 fffff880`01a8e000 vmstorfl (deferred) Image path: \SystemRoot\system32\drivers\vmstorfl.sys Image name: vmstorfl.sys Timestamp: Sat Nov 20 01:57:30 2010 (4CE79B8A) CheckSum: 0000ED21 ImageSize: 00010000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01a8e000 fffff880`01ada000 volsnap (deferred) Image path: \SystemRoot\system32\drivers\volsnap.sys Image name: volsnap.sys Timestamp: Sat Nov 20 01:20:08 2010 (4CE792C8) CheckSum: 000527ED ImageSize: 0004C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01ada000 fffff880`01ae2000 spldr (deferred) Image path: \SystemRoot\System32\Drivers\spldr.sys Image name: spldr.sys Timestamp: Mon May 11 08:56:27 2009 (4A0858BB) CheckSum: 0000E0E9 ImageSize: 00008000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01ae2000 fffff880`01b1c000 rdyboost (deferred) Image path: \SystemRoot\System32\drivers\rdyboost.sys Image name: rdyboost.sys Timestamp: Sat Nov 20 01:43:10 2010 (4CE7982E) CheckSum: 00037356 ImageSize: 0003A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01b1c000 fffff880`01b2e000 mup (deferred) Image path: \SystemRoot\System32\Drivers\mup.sys Image name: mup.sys Timestamp: Mon Jul 13 15:23:45 2009 (4A5BC201) CheckSum: 00015DFD ImageSize: 00012000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01b2e000 fffff880`01b37000 hwpolicy (deferred) Image path: \SystemRoot\System32\drivers\hwpolicy.sys Image name: hwpolicy.sys Timestamp: Sat Nov 20 01:18:54 2010 (4CE7927E) CheckSum: 0000D9F4 ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01b37000 fffff880`01b71000 fvevol (deferred) Image path: \SystemRoot\System32\DRIVERS\fvevol.sys Image name: fvevol.sys Timestamp: Sat Nov 20 01:24:06 2010 (4CE793B6) CheckSum: 000389BC ImageSize: 0003A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01b71000 fffff880`01b87000 disk (deferred) Image path: \SystemRoot\system32\DRIVERS\disk.sys Image name: disk.sys Timestamp: Mon Jul 13 15:19:57 2009 (4A5BC11D) CheckSum: 0001FF1D ImageSize: 00016000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01b87000 fffff880`01bb7000 CLASSPNP (deferred) Image path: \SystemRoot\system32\DRIVERS\CLASSPNP.SYS Image name: CLASSPNP.SYS Timestamp: Sat Nov 20 01:19:23 2010 (4CE7929B) CheckSum: 000318BE ImageSize: 00030000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01bb7000 fffff880`01bbf000 AtiPcie64 (deferred) Image path: \SystemRoot\system32\DRIVERS\AtiPcie64.sys Image name: AtiPcie64.sys Timestamp: Wed Mar 10 06:33:45 2010 (4B97ADC9) CheckSum: 00010318 ImageSize: 00008000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01bea000 fffff880`01bf3000 Null (deferred) Image path: \SystemRoot\System32\Drivers\Null.SYS Image name: Null.SYS Timestamp: Mon Jul 13 15:19:37 2009 (4A5BC109) CheckSum: 0000E9DB ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`01bf3000 fffff880`01bfa000 Beep (deferred) Image path: \SystemRoot\System32\Drivers\Beep.SYS Image name: Beep.SYS Timestamp: Mon Jul 13 16:00:13 2009 (4A5BCA8D) CheckSum: 000036EB ImageSize: 00007000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04816000 fffff880`048df000 HTTP (deferred) Image path: \SystemRoot\system32\drivers\HTTP.sys Image name: HTTP.sys Timestamp: Sat Nov 20 01:24:30 2010 (4CE793CE) CheckSum: 000C56EE ImageSize: 000C9000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`048df000 fffff880`048fd000 bowser (deferred) Image path: \SystemRoot\system32\DRIVERS\bowser.sys Image name: bowser.sys Timestamp: Tue Feb 22 20:55:04 2011 (4D649328) CheckSum: 00022D38 ImageSize: 0001E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`048fd000 fffff880`04915000 mpsdrv (deferred) Image path: \SystemRoot\System32\drivers\mpsdrv.sys Image name: mpsdrv.sys Timestamp: Mon Jul 13 16:08:25 2009 (4A5BCC79) CheckSum: 0001C76E ImageSize: 00018000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04915000 fffff880`04942000 mrxsmb (deferred) Image path: \SystemRoot\system32\DRIVERS\mrxsmb.sys Image name: mrxsmb.sys Timestamp: Tue Apr 26 18:40:38 2011 (4DB78226) CheckSum: 00030225 ImageSize: 0002D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04942000 fffff880`04990000 mrxsmb10 (deferred) Image path: \SystemRoot\system32\DRIVERS\mrxsmb10.sys Image name: mrxsmb10.sys Timestamp: Fri Jul 08 18:46:28 2011 (4E17C104) CheckSum: 000503C4 ImageSize: 0004E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04990000 fffff880`049b4000 mrxsmb20 (deferred) Image path: \SystemRoot\system32\DRIVERS\mrxsmb20.sys Image name: mrxsmb20.sys Timestamp: Tue Apr 26 18:39:37 2011 (4DB781E9) CheckSum: 0002D8BD ImageSize: 00024000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04a00000 fffff880`04a5a000 usbhub (deferred) Image path: \SystemRoot\system32\DRIVERS\usbhub.sys Image name: usbhub.sys Timestamp: Thu Mar 24 19:29:25 2011 (4D8C0C15) CheckSum: 00054F31 ImageSize: 0005A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04a5f000 fffff880`04a8c000 Ironx64 (deferred) Image path: \SystemRoot\system32\drivers\N360x64\0501000.01D\Ironx64.SYS Image name: Ironx64.SYS Timestamp: Fri Nov 12 15:06:50 2010 (4CDDC88A) CheckSum: 0002AB51 ImageSize: 0002D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04a8c000 fffff880`04aa2000 SRTSPX64 (deferred) Image path: \SystemRoot\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS Image name: SRTSPX64.SYS Timestamp: Tue Mar 29 18:46:18 2011 (4D92997A) CheckSum: 0001674A ImageSize: 00016000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04aa2000 fffff880`04aac000 SASKUTIL64 (deferred) Image path: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS Image name: SASKUTIL64.SYS Timestamp: Tue Jul 12 13:00:01 2011 (4E1CB5D1) CheckSum: 00009495 ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04aac000 fffff880`04ab6000 SASDIFSV64 (deferred) Image path: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS Image name: SASDIFSV64.SYS Timestamp: Thu Jul 21 15:03:00 2011 (4E28B024) CheckSum: 00010523 ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04ab6000 fffff880`04b07000 rdbss (deferred) Image path: \SystemRoot\system32\DRIVERS\rdbss.sys Image name: rdbss.sys Timestamp: Sat Nov 20 01:27:51 2010 (4CE79497) CheckSum: 0004D76F ImageSize: 00051000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04b07000 fffff880`04b13000 nsiproxy (deferred) Image path: \SystemRoot\system32\drivers\nsiproxy.sys Image name: nsiproxy.sys Timestamp: Mon Jul 13 15:21:02 2009 (4A5BC15E) CheckSum: 00013ED5 ImageSize: 0000C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04b13000 fffff880`04b1e000 mssmbios (deferred) Image path: \SystemRoot\system32\drivers\mssmbios.sys Image name: mssmbios.sys Timestamp: Mon Jul 13 15:31:10 2009 (4A5BC3BE) CheckSum: 0000F474 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04b1e000 fffff880`04b9b000 IDSvia64 (deferred) Image path: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120113.002\IDSvia64.sys Image name: IDSvia64.sys Timestamp: Wed Jul 20 05:19:46 2011 (4E26D5F2) CheckSum: 00084C8B ImageSize: 0007D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04b9b000 fffff880`04ba7000 ElbyCDIO (deferred) Image path: \SystemRoot\System32\Drivers\ElbyCDIO.sys Image name: ElbyCDIO.sys Timestamp: Thu Dec 16 14:58:13 2010 (4D0A9985) CheckSum: 0000C8ED ImageSize: 0000C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04ba7000 fffff880`04bd4000 nvhda64v (deferred) Image path: \SystemRoot\system32\drivers\nvhda64v.sys Image name: nvhda64v.sys Timestamp: Thu Jul 07 08:21:14 2011 (4E15DCFA) CheckSum: 000304E7 ImageSize: 0002D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04bd4000 fffff880`04bf9000 DefragFS (deferred) Image path: \SystemRoot\System32\Drivers\DefragFS.SYS Image name: DefragFS.SYS Timestamp: Tue Dec 15 02:18:19 2009 (4B27626B) CheckSum: 00025D08 ImageSize: 00025000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04c00000 fffff880`04c36000 SYMEVENT64x86 (deferred) Image path: \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS Image name: SYMEVENT64x86.SYS Timestamp: Thu Mar 24 15:02:36 2011 (4D8BCD8C) CheckSum: 00031D48 ImageSize: 00036000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04c3f000 fffff880`04cc8000 afd (deferred) Image path: \SystemRoot\system32\drivers\afd.sys Image name: afd.sys Timestamp: Sun Apr 24 18:33:58 2011 (4DB4DD96) CheckSum: 00082518 ImageSize: 00089000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04cc8000 fffff880`04d0d000 netbt (deferred) Image path: \SystemRoot\System32\DRIVERS\netbt.sys Image name: netbt.sys Timestamp: Sat Nov 20 01:23:18 2010 (4CE79386) CheckSum: 00041134 ImageSize: 00045000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d0d000 fffff880`04d16000 wfplwf (deferred) Image path: \SystemRoot\system32\DRIVERS\wfplwf.sys Image name: wfplwf.sys Timestamp: Mon Jul 13 16:09:26 2009 (4A5BCCB6) CheckSum: 0000B17B ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d16000 fffff880`04d3c000 pacer (deferred) Image path: \SystemRoot\system32\DRIVERS\pacer.sys Image name: pacer.sys Timestamp: Sat Nov 20 02:52:18 2010 (4CE7A862) CheckSum: 00020DCF ImageSize: 00026000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d3c000 fffff880`04d4b000 netbios (deferred) Image path: \SystemRoot\system32\DRIVERS\netbios.sys Image name: netbios.sys Timestamp: Mon Jul 13 16:09:26 2009 (4A5BCCB6) CheckSum: 00011668 ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d4b000 fffff880`04d68000 serial (deferred) Image path: \SystemRoot\system32\DRIVERS\serial.sys Image name: serial.sys Timestamp: Mon Jul 13 16:00:40 2009 (4A5BCAA8) CheckSum: 0001D422 ImageSize: 0001D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d68000 fffff880`04d83000 wanarp (deferred) Image path: \SystemRoot\system32\DRIVERS\wanarp.sys Image name: wanarp.sys Timestamp: Sat Nov 20 02:52:36 2010 (4CE7A874) CheckSum: 00017CCC ImageSize: 0001B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d83000 fffff880`04d97000 termdd (deferred) Image path: \SystemRoot\system32\drivers\termdd.sys Image name: termdd.sys Timestamp: Sat Nov 20 03:03:40 2010 (4CE7AB0C) CheckSum: 00019E15 ImageSize: 00014000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04d97000 fffff880`04dfe000 SYMNETS (deferred) Image path: \SystemRoot\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS Image name: SYMNETS.SYS Timestamp: Tue Apr 19 14:33:31 2011 (4DAE0DBB) CheckSum: 00065D5E ImageSize: 00067000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04e06000 fffff880`04efa000 dxgkrnl (deferred) Image path: \SystemRoot\System32\drivers\dxgkrnl.sys Image name: dxgkrnl.sys Timestamp: Sat Nov 20 01:50:50 2010 (4CE799FA) CheckSum: 000FA948 ImageSize: 000F4000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04efa000 fffff880`04f40000 dxgmms1 (deferred) Image path: \SystemRoot\System32\drivers\dxgmms1.sys Image name: dxgmms1.sys Timestamp: Sat Nov 20 01:49:53 2010 (4CE799C1) CheckSum: 00047A89 ImageSize: 00046000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: dxgmms1.sys OriginalFilename: dxgmms1.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: DirectX Graphics MMS LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`04f40000 fffff880`04f64000 HDAudBus (deferred) Image path: \SystemRoot\system32\drivers\HDAudBus.sys Image name: HDAudBus.sys Timestamp: Sat Nov 20 02:43:42 2010 (4CE7A65E) CheckSum: 0002BFAB ImageSize: 00024000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04f64000 fffff880`04fe9000 Rt64win7 (deferred) Image path: \SystemRoot\system32\DRIVERS\Rt64win7.sys Image name: Rt64win7.sys Timestamp: Thu Jun 09 22:33:15 2011 (4DF1BAAB) CheckSum: 0008B67F ImageSize: 00085000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04fe9000 fffff880`04ff4000 usbohci (deferred) Image path: \SystemRoot\system32\DRIVERS\usbohci.sys Image name: usbohci.sys Timestamp: Thu Mar 24 19:29:03 2011 (4D8C0BFF) CheckSum: 00008443 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04ff4000 fffff880`04ffc000 ASACPI (deferred) Image path: \SystemRoot\system32\DRIVERS\ASACPI.sys Image name: ASACPI.sys Timestamp: Wed Jul 15 19:31:29 2009 (4A5E9F11) CheckSum: 00010BC2 ImageSize: 00008000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`04ffc000 fffff880`04ffd480 swenum (deferred) Image path: \SystemRoot\system32\drivers\swenum.sys Image name: swenum.sys Timestamp: Mon Jul 13 16:00:18 2009 (4A5BCA92) CheckSum: 0000934E ImageSize: 00001480 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05000000 fffff880`05083000 csc (deferred) Image path: \SystemRoot\system32\drivers\csc.sys Image name: csc.sys Timestamp: Sat Nov 20 01:27:12 2010 (4CE79470) CheckSum: 0008519D ImageSize: 00083000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05083000 fffff880`050a1000 dfsc (deferred) Image path: \SystemRoot\System32\Drivers\dfsc.sys Image name: dfsc.sys Timestamp: Sat Nov 20 01:26:31 2010 (4CE79447) CheckSum: 0001D647 ImageSize: 0001E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`050a1000 fffff880`050b2000 blbdrive (deferred) Image path: \SystemRoot\system32\DRIVERS\blbdrive.sys Image name: blbdrive.sys Timestamp: Mon Jul 13 15:35:59 2009 (4A5BC4DF) CheckSum: 00019567 ImageSize: 00011000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`050b2000 fffff880`050d3000 WudfPf (deferred) Image path: \SystemRoot\system32\drivers\WudfPf.sys Image name: WudfPf.sys Timestamp: Sat Nov 20 02:42:44 2010 (4CE7A624) CheckSum: 00021FC8 ImageSize: 00021000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`050d7000 fffff880`05150000 eeCtrl64 (deferred) Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys Image name: eeCtrl64.sys Timestamp: Fri Oct 21 17:18:28 2011 (4EA219E4) CheckSum: 00084158 ImageSize: 00079000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05150000 fffff880`05176000 EraserUtilRebootDrv (deferred) Image path: \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys Image name: EraserUtilRebootDrv.sys Timestamp: Fri Oct 21 17:18:29 2011 (4EA219E5) CheckSum: 00031B27 ImageSize: 00026000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05176000 fffff880`05185000 discache (deferred) Image path: \SystemRoot\System32\drivers\discache.sys Image name: discache.sys Timestamp: Mon Jul 13 15:37:18 2009 (4A5BC52E) CheckSum: 00015F3F ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05185000 fffff880`051b4000 SCSIPORT (deferred) Image path: \SystemRoot\system32\DRIVERS\SCSIPORT.SYS Image name: SCSIPORT.SYS Timestamp: Sat Nov 20 02:34:01 2010 (4CE7A419) CheckSum: 000375EA ImageSize: 0002F000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: scsiport.sys OriginalFilename: scsiport.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: SCSI Port Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`051b4000 fffff880`051f7000 ks (deferred) Image path: \SystemRoot\system32\drivers\ks.sys Image name: ks.sys Timestamp: Sat Nov 20 02:33:23 2010 (4CE7A3F3) CheckSum: 00045588 ImageSize: 00043000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.0 Driver File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: ks.sys OriginalFilename: ks.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: Kernel CSA Library LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`05200000 fffff880`05215000 NDProxy (deferred) Image path: \SystemRoot\System32\Drivers\NDProxy.SYS Image name: NDProxy.SYS Timestamp: Sat Nov 20 02:52:20 2010 (4CE7A864) CheckSum: 00019428 ImageSize: 00015000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0521c000 fffff880`0533b000 BHDrvx64 (deferred) Image path: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys Image name: BHDrvx64.sys Timestamp: Wed Nov 23 11:32:10 2011 (4ECD4A3A) CheckSum: 001271A6 ImageSize: 0011F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0533b000 fffff880`05341000 AsIO (deferred) Image path: \SystemRoot\SysWow64\drivers\AsIO.sys Image name: AsIO.sys Timestamp: Sun Aug 02 23:03:16 2009 (4A768BB4) CheckSum: 00009238 ImageSize: 00006000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05341000 fffff880`05367000 tunnel (deferred) Image path: \SystemRoot\system32\DRIVERS\tunnel.sys Image name: tunnel.sys Timestamp: Sat Nov 20 02:51:50 2010 (4CE7A846) CheckSum: 0002CD96 ImageSize: 00026000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`05367000 fffff880`0537c000 amdppm (deferred) Image path: \SystemRoot\system32\DRIVERS\amdppm.sys Image name: amdppm.sys Timestamp: Mon Jul 13 15:19:25 2009 (4A5BC0FD) CheckSum: 0001EA42 ImageSize: 00015000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0537c000 fffff880`0539d000 raspptp (deferred) Image path: \SystemRoot\system32\DRIVERS\raspptp.sys Image name: raspptp.sys Timestamp: Sat Nov 20 02:52:31 2010 (4CE7A86F) CheckSum: 000251CB ImageSize: 00021000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0539d000 fffff880`053b7000 rassstp (deferred) Image path: \SystemRoot\system32\DRIVERS\rassstp.sys Image name: rassstp.sys Timestamp: Mon Jul 13 16:10:25 2009 (4A5BCCF1) CheckSum: 0002274B ImageSize: 0001A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`053b7000 fffff880`053c6000 kbdclass (deferred) Image path: \SystemRoot\system32\DRIVERS\kbdclass.sys Image name: kbdclass.sys Timestamp: Mon Jul 13 15:19:50 2009 (4A5BC116) CheckSum: 0001B4C5 ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`053c6000 fffff880`053d5000 mouclass (deferred) Image path: \SystemRoot\system32\DRIVERS\mouclass.sys Image name: mouclass.sys Timestamp: Mon Jul 13 15:19:50 2009 (4A5BC116) CheckSum: 0000E5DE ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`053d5000 fffff880`053e4000 VClone (deferred) Image path: \SystemRoot\system32\DRIVERS\VClone.sys Image name: VClone.sys Timestamp: Sat Jan 15 08:21:04 2011 (4D31C970) CheckSum: 0000CF5B ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`053e4000 fffff880`053f6000 umbus (deferred) Image path: \SystemRoot\system32\DRIVERS\umbus.sys Image name: umbus.sys Timestamp: Sat Nov 20 02:44:37 2010 (4CE7A695) CheckSum: 0001AF58 ImageSize: 00012000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`06800000 fffff880`0680e000 hidusb (deferred) Image path: \SystemRoot\system32\DRIVERS\hidusb.sys Image name: hidusb.sys Timestamp: Sat Nov 20 02:43:49 2010 (4CE7A665) CheckSum: 00012706 ImageSize: 0000E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0680e000 fffff880`06827000 HIDCLASS (deferred) Image path: \SystemRoot\system32\DRIVERS\HIDCLASS.SYS Image name: HIDCLASS.SYS Timestamp: Sat Nov 20 02:43:49 2010 (4CE7A665) CheckSum: 00015D32 ImageSize: 00019000 File version: 6.1.7601.17514 Product version: 6.1.7601.17514 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: hidclass.sys OriginalFilename: hidclass.sys ProductVersion: 6.1.7601.17514 FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileDescription: Hid Class Library LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06827000 fffff880`0682f080 HIDPARSE (deferred) Image path: \SystemRoot\system32\DRIVERS\HIDPARSE.SYS Image name: HIDPARSE.SYS Timestamp: Mon Jul 13 16:06:17 2009 (4A5BCBF9) CheckSum: 0000D669 ImageSize: 00008080 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: hidparse.sys OriginalFilename: hidparse.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Hid Parsing Library LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06830000 fffff880`0683d000 mouhid (deferred) Image path: \SystemRoot\system32\DRIVERS\mouhid.sys Image name: mouhid.sys Timestamp: Mon Jul 13 16:00:20 2009 (4A5BCA94) CheckSum: 00009604 ImageSize: 0000D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0683d000 fffff880`0684b000 kbdhid (deferred) Image path: \SystemRoot\system32\DRIVERS\kbdhid.sys Image name: kbdhid.sys Timestamp: Sat Nov 20 02:33:25 2010 (4CE7A3F5) CheckSum: 0000D561 ImageSize: 0000E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0684b000 fffff880`06859000 crashdmp (deferred) Image path: \SystemRoot\System32\Drivers\crashdmp.sys Image name: crashdmp.sys Timestamp: Mon Jul 13 16:01:01 2009 (4A5BCABD) CheckSum: 000178C7 ImageSize: 0000E000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: crashdmp.sys OriginalFilename: crashdmp.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Crash Dump Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06859000 fffff880`06863000 dump_diskdump (deferred) Image path: \SystemRoot\System32\Drivers\dump_diskdump.sys Image name: dump_diskdump.sys Timestamp: Fri Apr 22 12:04:32 2011 (4DB1DF50) CheckSum: 0000E8AB ImageSize: 0000A000 File version: 6.1.7601.17601 Product version: 6.1.7601.17601 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: diskdump.sys OriginalFilename: diskdump.sys ProductVersion: 6.1.7601.17601 FileVersion: 6.1.7601.17601 (win7sp1_gdr.110422-0546) FileDescription: Crash Dump Disk Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06863000 fffff880`0688d000 dump_vsmraid (deferred) Image path: \SystemRoot\System32\Drivers\dump_vsmraid.sys Image name: dump_vsmraid.sys Timestamp: Fri Jan 30 17:18:57 2009 (4983A701) CheckSum: 00028DEF ImageSize: 0002A000 File version: 6.0.6000.6210 Product version: 6.0.6000.6210 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: VIA Technologies Inc.,Ltd ProductName: VIA RAID driver InternalName: vsmraid OriginalFilename: vsmraid ProductVersion: 6.0.6000.6210 FileVersion: 6.0.6000.6210 PrivateBuild: 6.0.6000.6210 SpecialBuild: 6.0.6000.6210 FileDescription: VIA RAID DRIVER FOR AMD-X86-64 LegalCopyright: Copyright (C) VIA Technologies 1992-2007 LegalTrademarks: Copyright (C) VIA Technologies 1992-2007 Comments: Copyright (C) VIA Technologies 1992-2007 fffff880`0688d000 fffff880`068a0000 dump_dumpfve (deferred) Image path: \SystemRoot\System32\Drivers\dump_dumpfve.sys Image name: dump_dumpfve.sys Timestamp: Mon Jul 13 15:21:51 2009 (4A5BC18F) CheckSum: 00010DEA ImageSize: 00013000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: dumpfve.sys OriginalFilename: dumpfve.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Bitlocker Drive Encryption Crashdump Filter LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`068a0000 fffff880`068ac000 Dxapi (deferred) Image path: \SystemRoot\System32\drivers\Dxapi.sys Image name: Dxapi.sys Timestamp: Mon Jul 13 15:38:28 2009 (4A5BC574) CheckSum: 0001418E ImageSize: 0000C000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: dxapi.sys OriginalFilename: dxapi.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: DirectX API Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`068ac000 fffff880`068ba000 monitor (deferred) Image path: \SystemRoot\system32\DRIVERS\monitor.sys Image name: monitor.sys Timestamp: Mon Jul 13 15:38:52 2009 (4A5BC58C) CheckSum: 000092BF ImageSize: 0000E000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`068ba000 fffff880`068dd000 luafv (deferred) Image path: \SystemRoot\system32\drivers\luafv.sys Image name: luafv.sys Timestamp: Mon Jul 13 15:26:13 2009 (4A5BC295) CheckSum: 00027BF1 ImageSize: 00023000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`068dd000 fffff880`068f2000 lltdio (deferred) Image path: \SystemRoot\system32\DRIVERS\lltdio.sys Image name: lltdio.sys Timestamp: Mon Jul 13 16:08:50 2009 (4A5BCC92) CheckSum: 0001109D ImageSize: 00015000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`068f9000 fffff880`06936000 portcls (deferred) Image path: \SystemRoot\system32\drivers\portcls.sys Image name: portcls.sys Timestamp: Mon Jul 13 16:06:27 2009 (4A5BCC03) CheckSum: 00047A50 ImageSize: 0003D000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.9 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: portcls.sys OriginalFilename: portcls.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Port Class (Class Driver for Port/Miniport Devices) LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06936000 fffff880`06958000 drmk (deferred) Image path: \SystemRoot\system32\drivers\drmk.sys Image name: drmk.sys Timestamp: Mon Jul 13 17:01:25 2009 (4A5BD8E5) CheckSum: 0002966E ImageSize: 00022000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: drmk.sys OriginalFilename: drmk.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Microsoft Trusted Audio Drivers LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`06958000 fffff880`0695d200 ksthunk (deferred) Image path: \SystemRoot\system32\drivers\ksthunk.sys Image name: ksthunk.sys Timestamp: Mon Jul 13 16:00:19 2009 (4A5BCA93) CheckSum: 0000AF92 ImageSize: 00005200 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`0695e000 fffff880`069ba000 HdAudio (deferred) Image path: \SystemRoot\system32\drivers\HdAudio.sys Image name: HdAudio.sys Timestamp: Sat Nov 20 02:44:23 2010 (4CE7A687) CheckSum: 000598DA ImageSize: 0005C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`069ba000 fffff880`069d5000 USBSTOR (deferred) Image path: \SystemRoot\system32\DRIVERS\USBSTOR.SYS Image name: USBSTOR.SYS Timestamp: Thu Mar 10 20:37:16 2011 (4D79A6FC) CheckSum: 00026255 ImageSize: 0001B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`069d5000 fffff880`069d6f00 USBD (deferred) Image path: \SystemRoot\system32\DRIVERS\USBD.SYS Image name: USBD.SYS Timestamp: Thu Mar 24 19:28:59 2011 (4D8C0BFB) CheckSum: 00005257 ImageSize: 00001F00 File version: 6.1.7601.17586 Product version: 6.1.7601.17586 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: usbd.sys OriginalFilename: usbd.sys ProductVersion: 6.1.7601.17586 FileVersion: 6.1.7601.17586 (win7sp1_gdr.110324-1501) FileDescription: Universal Serial Bus Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`069d7000 fffff880`069f4000 usbccgp (deferred) Image path: \SystemRoot\system32\DRIVERS\usbccgp.sys Image name: usbccgp.sys Timestamp: Thu Mar 24 19:29:14 2011 (4D8C0C0A) CheckSum: 0001B399 ImageSize: 0001D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`07055000 fffff880`070fb000 peauth (deferred) Image path: \SystemRoot\system32\drivers\peauth.sys Image name: peauth.sys Timestamp: Mon Jul 13 17:01:19 2009 (4A5BD8DF) CheckSum: 000AB7C9 ImageSize: 000A6000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: PEAuth.sys OriginalFilename: PEAuth.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Protected Environment Authentication and Authorization Export Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`070fb000 fffff880`07106000 secdrv (deferred) Image path: \SystemRoot\System32\Drivers\secdrv.SYS Image name: secdrv.SYS Timestamp: Wed Sep 13 05:18:38 2006 (4508052E) CheckSum: 00010B40 ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`07106000 fffff880`07137000 srvnet (deferred) Image path: \SystemRoot\System32\DRIVERS\srvnet.sys Image name: srvnet.sys Timestamp: Thu Apr 28 19:05:35 2011 (4DBA2AFF) CheckSum: 0003409F ImageSize: 00031000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`07137000 fffff880`07149000 tcpipreg (deferred) Image path: \SystemRoot\System32\drivers\tcpipreg.sys Image name: tcpipreg.sys Timestamp: Sat Nov 20 02:51:48 2010 (4CE7A844) CheckSum: 0000F328 ImageSize: 00012000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`07149000 fffff880`071b2000 srv2 (deferred) Image path: \SystemRoot\System32\DRIVERS\srv2.sys Image name: srv2.sys Timestamp: Thu Apr 28 19:05:46 2011 (4DBA2B0A) CheckSum: 0006CA1E ImageSize: 00069000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`074be000 fffff880`07556000 srv (deferred) Image path: \SystemRoot\System32\DRIVERS\srv.sys Image name: srv.sys Timestamp: Thu Apr 28 19:06:06 2011 (4DBA2B1E) CheckSum: 0007C839 ImageSize: 00098000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`08600000 fffff880`08620000 ENG64 (deferred) Image path: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120114.019\ENG64.SYS Image name: ENG64.SYS Timestamp: Fri Jul 29 05:17:51 2011 (4E32B2FF) CheckSum: 0001D2D5 ImageSize: 00020000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`08620000 fffff880`0862a000 hiber_diskdump (deferred) Image path: \SystemRoot\System32\Drivers\hiber_diskdump.sys Image name: hiber_diskdump.sys Timestamp: Fri Apr 22 12:04:32 2011 (4DB1DF50) CheckSum: 0000E8AB ImageSize: 0000A000 File version: 6.1.7601.17601 Product version: 6.1.7601.17601 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: diskdump.sys OriginalFilename: diskdump.sys ProductVersion: 6.1.7601.17601 FileVersion: 6.1.7601.17601 (win7sp1_gdr.110422-0546) FileDescription: Crash Dump Disk Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`0862a000 fffff880`08641000 hiber_amd_sata (deferred) Image path: \SystemRoot\System32\Drivers\hiber_amd_sata.sys Image name: hiber_amd_sata.sys Timestamp: Thu Jun 16 11:07:44 2011 (4DFA5480) CheckSum: 0001BC1D ImageSize: 00017000 File version: 1.2.1.301 Product version: 1.2.1.301 File flags: 8 (Mask 3F) Private File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Advanced Micro Devices ProductName: AHCI 1.2 Device Driver InternalName: amd_sata.sys OriginalFilename: amd_sata.sys ProductVersion: 1.2.001.0301 FileVersion: 1.2.001.0301 built by: WinDDK FileDescription: AHCI 1.2 Device Driver LegalCopyright: Copyright © 2008-2011 AMD, Inc. fffff880`08641000 fffff880`08654000 hiber_dumpfve (deferred) Image path: \SystemRoot\System32\Drivers\hiber_dumpfve.sys Image name: hiber_dumpfve.sys Timestamp: Mon Jul 13 15:21:51 2009 (4A5BC18F) CheckSum: 00010DEA ImageSize: 00013000 File version: 6.1.7600.16385 Product version: 6.1.7600.16385 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.7 Driver File date: 00000000.00000000 Translations: 0000.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: dumpfve.sys OriginalFilename: dumpfve.sys ProductVersion: 6.1.7600.16385 FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255) FileDescription: Bitlocker Drive Encryption Crashdump Filter LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`08672000 fffff880`08732000 SRTSP64 (deferred) Image path: \SystemRoot\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS Image name: SRTSP64.SYS Timestamp: Tue Mar 29 18:46:12 2011 (4D929974) CheckSum: 000BC913 ImageSize: 000C0000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`08752000 fffff880`08783000 WUDFRd (deferred) Image path: \SystemRoot\system32\DRIVERS\WUDFRd.sys Image name: WUDFRd.sys Timestamp: Sat Nov 20 02:43:32 2010 (4CE7A654) CheckSum: 0002E568 ImageSize: 00031000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`08804000 fffff880`089fc000 EX64 (deferred) Image path: \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120114.019\EX64.SYS Image name: EX64.SYS Timestamp: Fri Jul 29 05:15:11 2011 (4E32B25F) CheckSum: 002033EE ImageSize: 001F8000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11200000 fffff880`1120c000 serenum (deferred) Image path: \SystemRoot\system32\DRIVERS\serenum.sys Image name: serenum.sys Timestamp: Mon Jul 13 16:00:33 2009 (4A5BCAA1) CheckSum: 00013C2F ImageSize: 0000C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`1120c000 fffff880`11215000 wmiacpi (deferred) Image path: \SystemRoot\system32\drivers\wmiacpi.sys Image name: wmiacpi.sys Timestamp: Mon Jul 13 15:31:02 2009 (4A5BC3B6) CheckSum: 000042C0 ImageSize: 00009000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11215000 fffff880`11225000 CompositeBus (deferred) Image path: \SystemRoot\system32\drivers\CompositeBus.sys Image name: CompositeBus.sys Timestamp: Sat Nov 20 02:33:17 2010 (4CE7A3ED) CheckSum: 0000983B ImageSize: 00010000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11225000 fffff880`11238000 GenericMount (deferred) Image path: \SystemRoot\system32\DRIVERS\GenericMount.sys Image name: GenericMount.sys Timestamp: Fri Aug 28 14:59:50 2009 (4A986166) CheckSum: 00011DA7 ImageSize: 00013000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11238000 fffff880`1124e000 AgileVpn (deferred) Image path: \SystemRoot\system32\DRIVERS\AgileVpn.sys Image name: AgileVpn.sys Timestamp: Mon Jul 13 16:10:24 2009 (4A5BCCF0) CheckSum: 000192BE ImageSize: 00016000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`1124e000 fffff880`11272000 rasl2tp (deferred) Image path: \SystemRoot\system32\DRIVERS\rasl2tp.sys Image name: rasl2tp.sys Timestamp: Sat Nov 20 02:52:34 2010 (4CE7A872) CheckSum: 0002CCA3 ImageSize: 00024000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11272000 fffff880`1127e000 ndistapi (deferred) Image path: \SystemRoot\system32\DRIVERS\ndistapi.sys Image name: ndistapi.sys Timestamp: Mon Jul 13 16:10:00 2009 (4A5BCCD8) CheckSum: 000063EA ImageSize: 0000C000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`1127e000 fffff880`112ad000 ndiswan (deferred) Image path: \SystemRoot\system32\DRIVERS\ndiswan.sys Image name: ndiswan.sys Timestamp: Sat Nov 20 02:52:32 2010 (4CE7A870) CheckSum: 0002BB81 ImageSize: 0002F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`112ad000 fffff880`112c8000 raspppoe (deferred) Image path: \SystemRoot\system32\DRIVERS\raspppoe.sys Image name: raspppoe.sys Timestamp: Mon Jul 13 16:10:17 2009 (4A5BCCE9) CheckSum: 00019A00 ImageSize: 0001B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`112c8000 fffff880`112d3000 rdpbus (deferred) Image path: \SystemRoot\system32\DRIVERS\rdpbus.sys Image name: rdpbus.sys Timestamp: Mon Jul 13 16:17:46 2009 (4A5BCEAA) CheckSum: 0000C3AD ImageSize: 0000B000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`112dc000 fffff880`11f53000 nvlddmkm (deferred) Image path: \SystemRoot\system32\DRIVERS\nvlddmkm.sys Image name: nvlddmkm.sys Timestamp: Fri Oct 14 22:07:55 2011 (4E99233B) CheckSum: 00C61687 ImageSize: 00C77000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11f53000 fffff880`11f58000 nvBridge (deferred) Image path: \SystemRoot\System32\Drivers\nvBridge.kmd Image name: nvBridge.kmd Timestamp: Fri May 20 19:58:23 2011 (4DD7385F) CheckSum: 00007A70 ImageSize: 00005000 File version: 8.17.12.7533 Product version: 8.17.12.7533 File flags: 8 (Mask 3F) Private File OS: 40004 NT Win32 File type: 3.4 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: NVIDIA Corporation ProductName: NVIDIA Windows Kernel Mode Driver, Version 275.33 InternalName: nvBridge.kmd, NV_LDDM:7600.1, NV_LDDM_DDK_BUILD:61101 OriginalFilename: nvBridge.kmd ProductVersion: 8.17.12.7533 FileVersion: 8.17.12.7533 FileDescription: NVIDIA Windows Kernel Mode Driver, Version 275.33 LegalCopyright: (C) NVIDIA Corporation. All rights reserved. fffff880`11f58000 fffff880`11fae000 USBPORT (deferred) Image path: \SystemRoot\system32\DRIVERS\USBPORT.SYS Image name: USBPORT.SYS Timestamp: Thu Mar 24 19:29:12 2011 (4D8C0C08) CheckSum: 00056970 ImageSize: 00056000 File version: 6.1.7601.17586 Product version: 6.1.7601.17586 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 2.0 Dll File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: usbport.sys OriginalFilename: usbport.sys ProductVersion: 6.1.7601.17586 FileVersion: 6.1.7601.17586 (win7sp1_gdr.110324-1501) FileDescription: USB 1.1 & 2.0 Port Driver LegalCopyright: © Microsoft Corporation. All rights reserved. fffff880`11fae000 fffff880`11fbd000 usbfilter (deferred) Image path: \SystemRoot\system32\DRIVERS\usbfilter.sys Image name: usbfilter.sys Timestamp: Wed Dec 15 02:34:49 2010 (4D0899C9) CheckSum: 00015056 ImageSize: 0000F000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11fbd000 fffff880`11fce000 usbehci (deferred) Image path: \SystemRoot\system32\DRIVERS\usbehci.sys Image name: usbehci.sys Timestamp: Thu Mar 24 19:29:04 2011 (4D8C0C00) CheckSum: 0000DE59 ImageSize: 00011000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11fce000 fffff880`11fdb000 GEARAspiWDM (deferred) Image path: \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys Image name: GEARAspiWDM.sys Timestamp: Mon May 18 04:17:04 2009 (4A1151C0) CheckSum: 000159B4 ImageSize: 0000D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff880`11fdb000 fffff880`11ff8000 parport (deferred) Image path: \SystemRoot\system32\DRIVERS\parport.sys Image name: parport.sys Timestamp: Mon Jul 13 16:00:40 2009 (4A5BCAA8) CheckSum: 0001A431 ImageSize: 0001D000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff960`00000000 fffff960`00314000 win32k (deferred) Image path: \SystemRoot\System32\win32k.sys Image name: win32k.sys Timestamp: Wed Nov 23 20:51:38 2011 (4ECDCD5A) CheckSum: 0030FD37 ImageSize: 00314000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff960`004d0000 fffff960`004da000 TSDDD (deferred) Image path: \SystemRoot\System32\TSDDD.dll Image name: TSDDD.dll Timestamp: Mon Jul 13 16:16:34 2009 (4A5BCE62) CheckSum: 00009E96 ImageSize: 0000A000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff960`00700000 fffff960`00727000 cdd (deferred) Image path: \SystemRoot\System32\cdd.dll Image name: cdd.dll Timestamp: Sat Nov 20 04:55:34 2010 (4CE7C546) CheckSum: 0002D4F0 ImageSize: 00027000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 fffff960`00990000 fffff960`009f1000 ATMFD (deferred) Image path: \SystemRoot\System32\ATMFD.DLL Image name: ATMFD.DLL Timestamp: Sat Feb 19 01:00:32 2011 (4D5F86B0) CheckSum: 000606E3 ImageSize: 00061000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 Unloaded modules: fffff880`08732000 fffff880`08752000 ENG64.SYS Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`08806000 fffff880`089fe000 EX64.SYS Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`08783000 fffff880`087f4000 spsys.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01bbf000 fffff880`01bcd000 crashdmp.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01bcd000 fffff880`01bd7000 dump_storport.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01800000 fffff880`0182a000 dump_vsmraid.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01bd7000 fffff880`01bea000 dump_dumpfve.sys Timestamp: unavailable (00000000) Checksum: 00000000 2: kd> q quit: