ÿþShared User Data: 0xFFDF0000(248000) Product: NT Workstation Suite: NT Version: 5.0 System Time: 0x1c569e1d9e897b0 2005-06-05 15:18:39Z Time Zone ID: 2 Bias: 144000000000 Local Time: 0x1c569c052d6f7b0 2005-06-05 11:18:39Z Tick Count: 0x1038ba System Root: C:\WINNT Processor Architecture: StandardDesign Processor Features: FloatingPointPrecisionErrata: FloatingPointEmulated: CompareExchangeDouble: X MMXInstructionsAvailable: X PPCMovemem64BitOk: AlphaByteInstructions: XMMIInstructionsAvailable: X 3DNOWInstructionsAvailable: RDTSCInstructionAvailable: X PAEEnabled: XMMI64InstructionsAvailable: Large page minimum: 0 Debugger Enabled: No NxSupport: 0x0 Active Console ID: 0 Physical Pages: 0 Booted in safe mode: No TestReturnInstruction: 0 0 0 0 SystemCall: 0x0 SystemCallReturn: 0x0 Cookie: 0x0 Kernel Base : 0x80400000 Kernel Size : 0x19fb90 Page Tables: 0xC0000000 (0x1680000) Page Directory: 0xC0300000 (0x30000) KeNumberProcessors: 0x8046B4CC(46b4cc) 1 KeActiveProcessors: 0x8046B4D4(46b4d4) 1 KiProcessorBlock: 0x8046BDA0(46bda0) KeBootTime: 0x8046B318 (46b318) Value: 0x1c569df60590f40 2005-06-05 15:00:56Z KeBootTimeBias: 0x8046B328 Value: 0 Processor Control Regions: KPCR0: 0xFFDFF000(247000) KdVersionBlock: 0x00000000(1) GDT Base: 0x80036000(36000) IDT Base: 0x80036400(36400) IDTR: 0x8003f400 Limit: 0x7ff GDTR: 0x8003f000 Limit: 0x3ff LDTR: 0x8003f000 Limit: 0x3ff TSS: 0x80249000(249000) Processor Control Block: 0xFFDFF120 IdleThread: 0x8046D3F0 BuildType: 2 CpuType: 6 CpuStep: 0x806 SetMember: 1 CpuID: 1 VendorString: GenuineIntel MHZ: 285 PRCBNumber: 0 LogicalProcessorsPerPhysicalProcessor: 0 DebugActive: false Pagefile Information: MmNumberOfPagingFiles: 0x80480644(480644) Value: 1 MmPagingFile: 0x80480C40(480c40) Pagingfile0: 0xFCD61E28(137ee28) Size: 0xc000 MaximumSize: 0x18000 MinimumSize: 0xc000 FreeSpace: 0xb737 CurrentUsage: 0x8c8 PeakUsage: 0x925 HighestPage: 0x0 FileObject: 0xFCD61EA8 PagefileName: \??\C:\pagefile.sys Memory Information: MmPagesSize: 0x1000 MmLowestPhysicalPage: 0x8046B4D0(46b4d0) Value: 0x2 MmHighestPhysicalPage: 0x8046B4D8(46b4d8) Value: 0x7e7f MmNumberOfPhysicalPages: 0x8046B4DC(46b4dc) Value: 0x7dfb MmPfnDatabase: 0x8046B448(46b448) IDT Tables: IDT: 0x80036400(36400) No. Selector:Offset ParamCount Dpl Type Module 0. 8:80463c46 0 0 0xe \WINNT\System32\ntoskrnl.exe 1. 8:80463d96 0 0 0xe \WINNT\System32\ntoskrnl.exe 3. 8:8046406e 0 3 0xe \WINNT\System32\ntoskrnl.exe 4. 8:804641d2 0 3 0xe \WINNT\System32\ntoskrnl.exe 5. 8:80464316 0 0 0xe \WINNT\System32\ntoskrnl.exe 6. 8:8046447a 0 0 0xe \WINNT\System32\ntoskrnl.exe 7. 8:804649b0 0 0 0xe \WINNT\System32\ntoskrnl.exe 9. 8:80464d6c 0 0 0xe \WINNT\System32\ntoskrnl.exe a. 8:80464e74 0 0 0xe \WINNT\System32\ntoskrnl.exe b. 8:80464fa0 0 0 0xe \WINNT\System32\ntoskrnl.exe c. 8:804652a4 0 0 0xe \WINNT\System32\ntoskrnl.exe d. 8:804654b0 0 0 0xe \WINNT\System32\ntoskrnl.exe e. 8:80465f04 0 0 0xe \WINNT\System32\ntoskrnl.exe f. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 10. 8:804663a7 0 0 0xe \WINNT\System32\ntoskrnl.exe 11. 8:804664cb 0 0 0xe \WINNT\System32\ntoskrnl.exe 13. 8:8046661b 0 0 0xe \WINNT\System32\ntoskrnl.exe 14. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 15. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 16. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 17. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 18. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 19. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1a. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1b. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1c. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1d. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1e. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 1f. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 2a. 8:8046310c 0 3 0xe \WINNT\System32\ntoskrnl.exe 2b. 8:80463202 0 3 0xe \WINNT\System32\ntoskrnl.exe 2c. 8:80463322 0 3 0xe \WINNT\System32\ntoskrnl.exe 2d. 8:80463f5e 0 3 0xe \WINNT\System32\ntoskrnl.exe 2e. 8:80462c2d 0 3 0xe \WINNT\System32\ntoskrnl.exe 2f. 8:8046629f 0 0 0xe \WINNT\System32\ntoskrnl.exe 30. 8:8006807c 0 0 0xe \WINNT\System32\hal.dll 31. 8:fcd9ddc4 0 0 0xe 32. 8:80462284 0 0 0xe \WINNT\System32\ntoskrnl.exe 33. 8:8046228e 0 0 0xe \WINNT\System32\ntoskrnl.exe 34. 8:fcdb1324 0 0 0xe 35. 8:804622a2 0 0 0xe \WINNT\System32\ntoskrnl.exe 36. 8:804622ac 0 0 0xe \WINNT\System32\ntoskrnl.exe 37. 8:804622b6 0 0 0xe \WINNT\System32\ntoskrnl.exe 38. 8:80062db0 0 0 0xe \WINNT\System32\hal.dll 39. 8:fcd30044 0 0 0xe 3a. 8:804622d4 0 0 0xe \WINNT\System32\ntoskrnl.exe 3b. 8:fcdb1944 0 0 0xe 3c. 8:fcd9db44 0 0 0xe 3d. 8:804622f2 0 0 0xe \WINNT\System32\ntoskrnl.exe 3e. 8:fcd29ce4 0 0 0xe 3f. 8:80462306 0 0 0xe \WINNT\System32\ntoskrnl.exe 40. 8:80462310 0 0 0xe \WINNT\System32\ntoskrnl.exe 41. 8:8046231a 0 0 0xe \WINNT\System32\ntoskrnl.exe 42. 8:80462324 0 0 0xe \WINNT\System32\ntoskrnl.exe 43. 8:8046232e 0 0 0xe \WINNT\System32\ntoskrnl.exe 44. 8:80462338 0 0 0xe \WINNT\System32\ntoskrnl.exe 45. 8:80462342 0 0 0xe \WINNT\System32\ntoskrnl.exe 46. 8:8046234c 0 0 0xe \WINNT\System32\ntoskrnl.exe 47. 8:80462356 0 0 0xe \WINNT\System32\ntoskrnl.exe 48. 8:80462360 0 0 0xe \WINNT\System32\ntoskrnl.exe 49. 8:8046236a 0 0 0xe \WINNT\System32\ntoskrnl.exe 4a. 8:80462374 0 0 0xe \WINNT\System32\ntoskrnl.exe 4b. 8:8046237e 0 0 0xe \WINNT\System32\ntoskrnl.exe 4c. 8:80462388 0 0 0xe \WINNT\System32\ntoskrnl.exe 4d. 8:80462392 0 0 0xe \WINNT\System32\ntoskrnl.exe 4e. 8:8046239c 0 0 0xe \WINNT\System32\ntoskrnl.exe 4f. 8:804623a6 0 0 0xe \WINNT\System32\ntoskrnl.exe 50. 8:804623b0 0 0 0xe \WINNT\System32\ntoskrnl.exe 51. 8:804623ba 0 0 0xe \WINNT\System32\ntoskrnl.exe 52. 8:804623c4 0 0 0xe \WINNT\System32\ntoskrnl.exe 53. 8:804623ce 0 0 0xe \WINNT\System32\ntoskrnl.exe 54. 8:804623d8 0 0 0xe \WINNT\System32\ntoskrnl.exe 55. 8:804623e2 0 0 0xe \WINNT\System32\ntoskrnl.exe 56. 8:804623ec 0 0 0xe \WINNT\System32\ntoskrnl.exe 57. 8:804623f6 0 0 0xe \WINNT\System32\ntoskrnl.exe 58. 8:80462400 0 0 0xe \WINNT\System32\ntoskrnl.exe 59. 8:8046240a 0 0 0xe \WINNT\System32\ntoskrnl.exe 5a. 8:80462414 0 0 0xe \WINNT\System32\ntoskrnl.exe 5b. 8:8046241e 0 0 0xe \WINNT\System32\ntoskrnl.exe 5c. 8:80462428 0 0 0xe \WINNT\System32\ntoskrnl.exe 5d. 8:80462432 0 0 0xe \WINNT\System32\ntoskrnl.exe 5e. 8:8046243c 0 0 0xe \WINNT\System32\ntoskrnl.exe 5f. 8:80462446 0 0 0xe \WINNT\System32\ntoskrnl.exe 60. 8:80462450 0 0 0xe \WINNT\System32\ntoskrnl.exe 61. 8:8046245a 0 0 0xe \WINNT\System32\ntoskrnl.exe 62. 8:80462464 0 0 0xe \WINNT\System32\ntoskrnl.exe 63. 8:8046246e 0 0 0xe \WINNT\System32\ntoskrnl.exe 64. 8:80462478 0 0 0xe \WINNT\System32\ntoskrnl.exe 65. 8:80462482 0 0 0xe \WINNT\System32\ntoskrnl.exe 66. 8:8046248c 0 0 0xe \WINNT\System32\ntoskrnl.exe 67. 8:80462496 0 0 0xe \WINNT\System32\ntoskrnl.exe 68. 8:804624a0 0 0 0xe \WINNT\System32\ntoskrnl.exe 69. 8:804624aa 0 0 0xe \WINNT\System32\ntoskrnl.exe 6a. 8:804624b4 0 0 0xe \WINNT\System32\ntoskrnl.exe 6b. 8:804624be 0 0 0xe \WINNT\System32\ntoskrnl.exe 6c. 8:804624c8 0 0 0xe \WINNT\System32\ntoskrnl.exe 6d. 8:804624d2 0 0 0xe \WINNT\System32\ntoskrnl.exe 6e. 8:804624dc 0 0 0xe \WINNT\System32\ntoskrnl.exe 6f. 8:804624e6 0 0 0xe \WINNT\System32\ntoskrnl.exe 70. 8:804624f0 0 0 0xe \WINNT\System32\ntoskrnl.exe 71. 8:804624fa 0 0 0xe \WINNT\System32\ntoskrnl.exe 72. 8:80462504 0 0 0xe \WINNT\System32\ntoskrnl.exe 73. 8:8046250e 0 0 0xe \WINNT\System32\ntoskrnl.exe 74. 8:80462518 0 0 0xe \WINNT\System32\ntoskrnl.exe 75. 8:80462522 0 0 0xe \WINNT\System32\ntoskrnl.exe 76. 8:8046252c 0 0 0xe \WINNT\System32\ntoskrnl.exe 77. 8:80462536 0 0 0xe \WINNT\System32\ntoskrnl.exe 78. 8:80462540 0 0 0xe \WINNT\System32\ntoskrnl.exe 79. 8:8046254a 0 0 0xe \WINNT\System32\ntoskrnl.exe 7a. 8:80462554 0 0 0xe \WINNT\System32\ntoskrnl.exe 7b. 8:8046255e 0 0 0xe \WINNT\System32\ntoskrnl.exe 7c. 8:80462568 0 0 0xe \WINNT\System32\ntoskrnl.exe 7d. 8:80462572 0 0 0xe \WINNT\System32\ntoskrnl.exe 7e. 8:8046257c 0 0 0xe \WINNT\System32\ntoskrnl.exe 7f. 8:80462586 0 0 0xe \WINNT\System32\ntoskrnl.exe 80. 8:80462590 0 0 0xe \WINNT\System32\ntoskrnl.exe 81. 8:8046259a 0 0 0xe \WINNT\System32\ntoskrnl.exe 82. 8:804625a4 0 0 0xe \WINNT\System32\ntoskrnl.exe 83. 8:804625ae 0 0 0xe \WINNT\System32\ntoskrnl.exe 84. 8:804625b8 0 0 0xe \WINNT\System32\ntoskrnl.exe 85. 8:804625c2 0 0 0xe \WINNT\System32\ntoskrnl.exe 86. 8:804625cc 0 0 0xe \WINNT\System32\ntoskrnl.exe 87. 8:804625d6 0 0 0xe \WINNT\System32\ntoskrnl.exe 88. 8:804625e0 0 0 0xe \WINNT\System32\ntoskrnl.exe 89. 8:804625ea 0 0 0xe \WINNT\System32\ntoskrnl.exe 8a. 8:804625f4 0 0 0xe \WINNT\System32\ntoskrnl.exe 8b. 8:804625fe 0 0 0xe \WINNT\System32\ntoskrnl.exe 8c. 8:80462608 0 0 0xe \WINNT\System32\ntoskrnl.exe 8d. 8:80462612 0 0 0xe \WINNT\System32\ntoskrnl.exe 8e. 8:8046261c 0 0 0xe \WINNT\System32\ntoskrnl.exe 8f. 8:80462626 0 0 0xe \WINNT\System32\ntoskrnl.exe 90. 8:80462630 0 0 0xe \WINNT\System32\ntoskrnl.exe 91. 8:8046263a 0 0 0xe \WINNT\System32\ntoskrnl.exe 92. 8:80462644 0 0 0xe \WINNT\System32\ntoskrnl.exe 93. 8:8046264e 0 0 0xe \WINNT\System32\ntoskrnl.exe 94. 8:80462658 0 0 0xe \WINNT\System32\ntoskrnl.exe 95. 8:80462662 0 0 0xe \WINNT\System32\ntoskrnl.exe 96. 8:8046266c 0 0 0xe \WINNT\System32\ntoskrnl.exe 97. 8:80462676 0 0 0xe \WINNT\System32\ntoskrnl.exe 98. 8:80462680 0 0 0xe \WINNT\System32\ntoskrnl.exe 99. 8:8046268a 0 0 0xe \WINNT\System32\ntoskrnl.exe 9a. 8:80462694 0 0 0xe \WINNT\System32\ntoskrnl.exe 9b. 8:8046269e 0 0 0xe \WINNT\System32\ntoskrnl.exe 9c. 8:804626a8 0 0 0xe \WINNT\System32\ntoskrnl.exe 9d. 8:804626b2 0 0 0xe \WINNT\System32\ntoskrnl.exe 9e. 8:804626bc 0 0 0xe \WINNT\System32\ntoskrnl.exe 9f. 8:804626c6 0 0 0xe \WINNT\System32\ntoskrnl.exe a0. 8:804626d0 0 0 0xe \WINNT\System32\ntoskrnl.exe a1. 8:804626da 0 0 0xe \WINNT\System32\ntoskrnl.exe a2. 8:804626e4 0 0 0xe \WINNT\System32\ntoskrnl.exe a3. 8:804626ee 0 0 0xe \WINNT\System32\ntoskrnl.exe a4. 8:804626f8 0 0 0xe \WINNT\System32\ntoskrnl.exe a5. 8:80462702 0 0 0xe \WINNT\System32\ntoskrnl.exe a6. 8:8046270c 0 0 0xe \WINNT\System32\ntoskrnl.exe a7. 8:80462716 0 0 0xe \WINNT\System32\ntoskrnl.exe a8. 8:80462720 0 0 0xe \WINNT\System32\ntoskrnl.exe a9. 8:8046272a 0 0 0xe \WINNT\System32\ntoskrnl.exe aa. 8:80462734 0 0 0xe \WINNT\System32\ntoskrnl.exe ab. 8:8046273e 0 0 0xe \WINNT\System32\ntoskrnl.exe ac. 8:80462748 0 0 0xe \WINNT\System32\ntoskrnl.exe ad. 8:80462752 0 0 0xe \WINNT\System32\ntoskrnl.exe ae. 8:8046275c 0 0 0xe \WINNT\System32\ntoskrnl.exe af. 8:80462766 0 0 0xe \WINNT\System32\ntoskrnl.exe b0. 8:80462770 0 0 0xe \WINNT\System32\ntoskrnl.exe b1. 8:8046277a 0 0 0xe \WINNT\System32\ntoskrnl.exe b2. 8:80462784 0 0 0xe \WINNT\System32\ntoskrnl.exe b3. 8:8046278e 0 0 0xe \WINNT\System32\ntoskrnl.exe b4. 8:80462798 0 0 0xe \WINNT\System32\ntoskrnl.exe b5. 8:804627a2 0 0 0xe \WINNT\System32\ntoskrnl.exe b6. 8:804627ac 0 0 0xe \WINNT\System32\ntoskrnl.exe b7. 8:804627b6 0 0 0xe \WINNT\System32\ntoskrnl.exe b8. 8:804627c0 0 0 0xe \WINNT\System32\ntoskrnl.exe b9. 8:804627ca 0 0 0xe \WINNT\System32\ntoskrnl.exe ba. 8:804627d4 0 0 0xe \WINNT\System32\ntoskrnl.exe bb. 8:804627de 0 0 0xe \WINNT\System32\ntoskrnl.exe bc. 8:804627e8 0 0 0xe \WINNT\System32\ntoskrnl.exe bd. 8:804627f2 0 0 0xe \WINNT\System32\ntoskrnl.exe be. 8:804627fc 0 0 0xe \WINNT\System32\ntoskrnl.exe bf. 8:80462806 0 0 0xe \WINNT\System32\ntoskrnl.exe c0. 8:80462810 0 0 0xe \WINNT\System32\ntoskrnl.exe c1. 8:8046281a 0 0 0xe \WINNT\System32\ntoskrnl.exe c2. 8:80462824 0 0 0xe \WINNT\System32\ntoskrnl.exe c3. 8:8046282e 0 0 0xe \WINNT\System32\ntoskrnl.exe c4. 8:80462838 0 0 0xe \WINNT\System32\ntoskrnl.exe c5. 8:80462842 0 0 0xe \WINNT\System32\ntoskrnl.exe c6. 8:8046284c 0 0 0xe \WINNT\System32\ntoskrnl.exe c7. 8:80462856 0 0 0xe \WINNT\System32\ntoskrnl.exe c8. 8:80462860 0 0 0xe \WINNT\System32\ntoskrnl.exe c9. 8:8046286a 0 0 0xe \WINNT\System32\ntoskrnl.exe ca. 8:80462874 0 0 0xe \WINNT\System32\ntoskrnl.exe cb. 8:8046287e 0 0 0xe \WINNT\System32\ntoskrnl.exe cc. 8:80462888 0 0 0xe \WINNT\System32\ntoskrnl.exe cd. 8:80462892 0 0 0xe \WINNT\System32\ntoskrnl.exe ce. 8:8046289c 0 0 0xe \WINNT\System32\ntoskrnl.exe cf. 8:804628a6 0 0 0xe \WINNT\System32\ntoskrnl.exe d0. 8:804628b0 0 0 0xe \WINNT\System32\ntoskrnl.exe d1. 8:804628ba 0 0 0xe \WINNT\System32\ntoskrnl.exe d2. 8:804628c4 0 0 0xe \WINNT\System32\ntoskrnl.exe d3. 8:804628ce 0 0 0xe \WINNT\System32\ntoskrnl.exe d4. 8:804628d8 0 0 0xe \WINNT\System32\ntoskrnl.exe d5. 8:804628e2 0 0 0xe \WINNT\System32\ntoskrnl.exe d6. 8:804628ec 0 0 0xe \WINNT\System32\ntoskrnl.exe d7. 8:804628f6 0 0 0xe \WINNT\System32\ntoskrnl.exe d8. 8:80462900 0 0 0xe \WINNT\System32\ntoskrnl.exe d9. 8:8046290a 0 0 0xe \WINNT\System32\ntoskrnl.exe da. 8:80462914 0 0 0xe \WINNT\System32\ntoskrnl.exe db. 8:8046291e 0 0 0xe \WINNT\System32\ntoskrnl.exe dc. 8:80462928 0 0 0xe \WINNT\System32\ntoskrnl.exe dd. 8:80462932 0 0 0xe \WINNT\System32\ntoskrnl.exe de. 8:8046293c 0 0 0xe \WINNT\System32\ntoskrnl.exe df. 8:80462946 0 0 0xe \WINNT\System32\ntoskrnl.exe e0. 8:80462950 0 0 0xe \WINNT\System32\ntoskrnl.exe e1. 8:8046295a 0 0 0xe \WINNT\System32\ntoskrnl.exe e2. 8:80462964 0 0 0xe \WINNT\System32\ntoskrnl.exe e3. 8:8046296e 0 0 0xe \WINNT\System32\ntoskrnl.exe e4. 8:80462978 0 0 0xe \WINNT\System32\ntoskrnl.exe e5. 8:80462982 0 0 0xe \WINNT\System32\ntoskrnl.exe e6. 8:8046298c 0 0 0xe \WINNT\System32\ntoskrnl.exe e7. 8:80462996 0 0 0xe \WINNT\System32\ntoskrnl.exe e8. 8:804629a0 0 0 0xe \WINNT\System32\ntoskrnl.exe e9. 8:804629aa 0 0 0xe \WINNT\System32\ntoskrnl.exe ea. 8:804629b4 0 0 0xe \WINNT\System32\ntoskrnl.exe eb. 8:804629be 0 0 0xe \WINNT\System32\ntoskrnl.exe ec. 8:804629c8 0 0 0xe \WINNT\System32\ntoskrnl.exe ed. 8:804629d2 0 0 0xe \WINNT\System32\ntoskrnl.exe ee. 8:804629d9 0 0 0xe \WINNT\System32\ntoskrnl.exe ef. 8:804629e0 0 0 0xe \WINNT\System32\ntoskrnl.exe f0. 8:804629e7 0 0 0xe \WINNT\System32\ntoskrnl.exe f1. 8:804629ee 0 0 0xe \WINNT\System32\ntoskrnl.exe f2. 8:804629f5 0 0 0xe \WINNT\System32\ntoskrnl.exe f3. 8:804629fc 0 0 0xe \WINNT\System32\ntoskrnl.exe f4. 8:80462a03 0 0 0xe \WINNT\System32\ntoskrnl.exe f5. 8:80462a0a 0 0 0xe \WINNT\System32\ntoskrnl.exe f6. 8:80462a11 0 0 0xe \WINNT\System32\ntoskrnl.exe f7. 8:80462a18 0 0 0xe \WINNT\System32\ntoskrnl.exe f8. 8:80462a1f 0 0 0xe \WINNT\System32\ntoskrnl.exe f9. 8:80462a26 0 0 0xe \WINNT\System32\ntoskrnl.exe fa. 8:80462a2d 0 0 0xe \WINNT\System32\ntoskrnl.exe fb. 8:80462a34 0 0 0xe \WINNT\System32\ntoskrnl.exe fc. 8:80462a3b 0 0 0xe \WINNT\System32\ntoskrnl.exe fd. 8:80462a42 0 0 0xe \WINNT\System32\ntoskrnl.exe fe. 8:80462a49 0 0 0xe \WINNT\System32\ntoskrnl.exe ff. 8:80462a50 0 0 0xe \WINNT\System32\ntoskrnl.exe GDT Tables: GDT (callgates only): 0x80036000(36000) No. Selector:Offset ParamCount Dpl Type Module PsLoadedModuleList : 0x8046B618(46b618) Loaded System Modules: 1. ntoskrnl.exe<0xFCE28288(1445280)>: BaseAddress: 0x80400000 (400000) EntryPoint: 0x8040CF90 Size: 1702528 Flags: 0xc004000 Checksum: 0x1ac8b7 LoadCount: 1 Unknown1: 0 ImagePath: \WINNT\System32\ntoskrnl.exe 2. hal.dll<0xFCE281E8(14451e0)>: BaseAddress: 0x80062000 (62000) EntryPoint: 0x8006FE30 Size: 66528 Flags: 0xc004000 Checksum: 0x1a78e LoadCount: 1 Unknown1: 0 ImagePath: \WINNT\System32\hal.dll 3. BOOTVID.DLL<0xFCE28168(1445160)>: BaseAddress: 0xF0810000 (7d01000) EntryPoint: 0xF08118B0 Size: 12288 Flags: 0x9004000 Checksum: 0xd8a2 LoadCount: 2 Unknown1: 0 ImagePath: \WINNT\System32\BOOTVID.DLL 4. ACPI.sys<0xFCE280E8(14450e0)>: BaseAddress: 0xFC9F8000 (7d04000) EntryPoint: 0xFCA1C10B Size: 163840 Flags: 0x9004000 Checksum: 0x2d30f LoadCount: 1 Unknown1: 0 ImagePath: ACPI.sys 5. WMILIB.SYS<0xFCE28068(1445060)>: BaseAddress: 0xF09C8000 (7d2c000) EntryPoint: 0xF09C8AA0 Size: 4096 Flags: 0xd004000 Checksum: 0x8bfd LoadCount: 12 Unknown1: 0 ImagePath: \WINNT\System32\DRIVERS\WMILIB.SYS 6. pci.sys<0xFCE26F88(1443f80)>: BaseAddress: 0xF0400000 (7d2d000) EntryPoint: 0xF040BA88 Size: 61440 Flags: 0x9004000 Checksum: 0x154e3 LoadCount: 1 Unknown1: 0 ImagePath: pci.sys 7. isapnp.sys<0xFCE26F08(1443f00)>: BaseAddress: 0xF0410000 (7d3c000) EntryPoint: 0xF0419A80 Size: 49152 Flags: 0x9004000 Checksum: 0x15782 LoadCount: 1 Unknown1: 0 ImagePath: isapnp.sys 8. ohci1394.sys<0xFCE26E88(1443e80)>: BaseAddress: 0xF0420000 (7d48000) EntryPoint: 0xF04273E0 Size: 40960 Flags: 0x9004000 Checksum: 0xd649 LoadCount: 1 Unknown1: 0 ImagePath: ohci1394.sys 9. 1394BUS.SYS<0xFCE26DE8(1443de0)>: BaseAddress: 0xF0430000 (7d52000) EntryPoint: 0xF0435360 Size: 45056 Flags: 0xd004000 Checksum: 0x111a7 LoadCount: 2 Unknown1: 0 ImagePath: \WINNT\System32\DRIVERS\1394BUS.SYS 10. compbatt.sys<0xFCE26D68(1443d60)>: BaseAddress: 0xF0814000 (7d5d000) EntryPoint: 0xF0815900 Size: 12288 Flags: 0x9004000 Checksum: 0x63b9 LoadCount: 1 Unknown1: 0 ImagePath: compbatt.sys 11. BATTC.SYS<0xFCE27FA8(1444fa0)>: BaseAddress: 0xF0900000 (7da0000) EntryPoint: 0xF0900700 Size: 8192 Flags: 0xd004000 Checksum: 0xba7c LoadCount: 3 Unknown1: 0 ImagePath: \WINNT\System32\DRIVERS\BATTC.SYS 12. PCIIde.sys<0xFCE27F48(1444f40)>: BaseAddress: 0xF09C9000 (7d62000) EntryPoint: 0xF09C92C0 Size: 4096 Flags: 0x9004000 Checksum: 0xfff0 LoadCount: 1 Unknown1: 0 ImagePath: PCIIde.sys 13. PCIIDEX.SYS<0xFCE27EC8(1444ec0)>: BaseAddress: 0xF0680000 (7d63000) EntryPoint: 0xF0683E70 Size: 24576 Flags: 0xd004000 Checksum: 0xbafb LoadCount: 3 Unknown1: 0 ImagePath: \WINNT\System32\Drivers\PCIIDEX.SYS 14. intelide.sys<0xFCE27E48(1444e40)>: BaseAddress: 0xF09CA000 (7d69000) EntryPoint: 0xF09CA2C0 Size: 4096 Flags: 0x9004000 Checksum: 0x3b0a LoadCount: 1 Unknown1: 0 ImagePath: intelide.sys 15. pcmcia.sys<0xFCE27DA8(1444da0)>: BaseAddress: 0xFC9DD000 (7d6a000) EntryPoint: 0xFC9F4A1C Size: 110592 Flags: 0x9004000 Checksum: 0x293f1 LoadCount: 1 Unknown1: 0 ImagePath: pcmcia.sys 16. ftdisk.sys<0xFCE27D28(1444d20)>: BaseAddress: 0xFC9C0000 (7d85000) EntryPoint: 0xFC9D91D8 Size: 118784 Flags: 0x9004000 Checksum: 0x2b963 LoadCount: 1 Unknown1: 0 ImagePath: ftdisk.sys 17. Diskperf.sys<0xFCE25008(1442000)>: BaseAddress: 0xF0902000 (7da2000) EntryPoint: 0xF09032C0 Size: 8192 Flags: 0x9004000 Checksum: 0xeef0 LoadCount: 1 Unknown1: 0 ImagePath: Diskperf.sys 18. dmio.sys<0xFCE25FA8(1442fa0)>: BaseAddress: 0xFC99E000 (7da4000) EntryPoint: 0xFC9A0824 Size: 139264 Flags: 0x9004000 Checksum: 0x30f8e LoadCount: 1 Unknown1: 0 ImagePath: dmio.sys 19. sbp2port.sys<0xFCE25F28(1442f20)>: BaseAddress: 0xF0440000 (7dc6000) EntryPoint: 0xF0446480 Size: 36864 Flags: 0x9004000 Checksum: 0xfd87 LoadCount: 1 Unknown1: 0 ImagePath: sbp2port.sys 20. ACPIEC.sys<0xFCE25E88(1442e80)>: BaseAddress: 0xF0818000 (7dcf000) EntryPoint: 0xF081A280 Size: 12288 Flags: 0x9004000 Checksum: 0x57c2 LoadCount: 1 Unknown1: 0 ImagePath: ACPIEC.sys 21. PartMgr.sys<0xFCE25E08(1442e00)>: BaseAddress: 0xF081C000 (7dd2000) EntryPoint: 0xF081E040 Size: 12288 Flags: 0x9004000 Checksum: 0x742c LoadCount: 1 Unknown1: 0 ImagePath: PartMgr.sys 22. MountMgr.sys<0xFCE25D88(1442d80)>: BaseAddress: 0xF0688000 (7dd5000) EntryPoint: 0xF068E160 Size: 32768 Flags: 0x9004000 Checksum: 0xe831 LoadCount: 1 Unknown1: 0 ImagePath: MountMgr.sys 23. atapi.sys<0xFCE25CE8(1442ce0)>: BaseAddress: 0xFC989000 (7ddd000) EntryPoint: 0xFC99B5BA Size: 86016 Flags: 0x9004000 Checksum: 0x1ad3f LoadCount: 1 Unknown1: 0 ImagePath: atapi.sys 24. va32w2.sys<0xFCE25C68(1442c60)>: BaseAddress: 0xF0690000 (7df2000) EntryPoint: 0xF0693FCE Size: 28672 Flags: 0x9004000 Checksum: 0x9158 LoadCount: 1 Unknown1: 0 ImagePath: va32w2.sys 25. SCSIPORT.SYS<0xFCE25BE8(1442be0)>: BaseAddress: 0xFC977000 (7df9000) EntryPoint: 0xFC9868BC Size: 73728 Flags: 0xd004000 Checksum: 0x162c6 LoadCount: 3 Unknown1: 0 ImagePath: \WINNT\System32\DRIVERS\SCSIPORT.SYS 26. va16w2.sys<0xFCE25B48(1442b40)>: BaseAddress: 0xF0698000 (7e0b000) EntryPoint: 0xF069B246 Size: 20480 Flags: 0x9004000 Checksum: 0x10d4e LoadCount: 1 Unknown1: 0 ImagePath: va16w2.sys 27. disk.sys<0xFCE25AC8(1442ac0)>: BaseAddress: 0xF06A0000 (7e10000) EntryPoint: 0xF06A5120 Size: 28672 Flags: 0x9004000 Checksum: 0x11fe4 LoadCount: 1 Unknown1: 0 ImagePath: disk.sys 28. CLASSPNP.SYS<0xFCE25A48(1442a40)>: BaseAddress: 0xF0450000 (7e17000) EntryPoint: 0xF04570A0 Size: 36864 Flags: 0xd004000 Checksum: 0xa231 LoadCount: 3 Unknown1: 0 ImagePath: \WINNT\System32\DRIVERS\CLASSPNP.SYS 29. Fastfat.sys<0xFCE259A8(14429a0)>: BaseAddress: 0xFC954000 (7e60000) EntryPoint: 0xFC972806 Size: 143360 Flags: 0x9004000 Checksum: 0x2d073 LoadCount: 1 Unknown1: 0 ImagePath: Fastfat.sys 30. KSecDD.sys<0xFCE25928(1442920)>: BaseAddress: 0xFC943000 (7e43000) EntryPoint: 0xFC9528BE Size: 69632 Flags: 0x9004000 Checksum: 0x15d45 LoadCount: 4 Unknown1: 0 ImagePath: KSecDD.sys 31. NDIS.sys<0xFCE258A8(14428a0)>: BaseAddress: 0xFC91B000 (7e54000) EntryPoint: 0xFC93FF1E Size: 163840 Flags: 0x9004000 Checksum: 0x373fe LoadCount: 13 Unknown1: 0 ImagePath: NDIS.sys 32. NaiFsRec.sys<0xFCE25828(1442820)>: BaseAddress: 0xF0904000 (7e7c000) EntryPoint: 0xF090494E Size: 8192 Flags: 0x1004000 Checksum: 0xd391 LoadCount: 1 Unknown1: 0 ImagePath: NaiFsRec.sys 33. Mup.sys<0xFCE25788(1442780)>: BaseAddress: 0xFC905000 (7e7e000) EntryPoint: 0xFC90AB04 Size: 90112 Flags: 0x9004000 Checksum: 0x1f266 LoadCount: 1 Unknown1: 0 ImagePath: Mup.sys 34. VIDEOPRT.SYS<0xFCDC7E68(13e4e60)>: BaseAddress: 0xF0480000 (2234000) EntryPoint: 0xF048A800 Size: 53248 Flags: 0x9104000 Checksum: 0x1a5d2 LoadCount: 3 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS 35. i81xnt5.sys<0xFCDA42A8(13c12a0)>: BaseAddress: 0xFC8B2000 (2212000) EntryPoint: 0xFC8B22E0 Size: 139264 Flags: 0x9104000 Checksum: 0x26d86 LoadCount: 1 Unknown1: 86 ImagePath: \SystemRoot\System32\DRIVERS\i81xnt5.sys 36. PxHelper.sys<0xFCDC7928(13e4920)>: BaseAddress: 0xF087C000 (2283000) EntryPoint: 0xF087D3D8 Size: 12288 Flags: 0x1104000 Checksum: 0x95bd LoadCount: 1 Unknown1: 0 ImagePath: \??\C:\WINNT\System32\drivers\PxHelper.sys 37. cdrom.sys<0xFCDC7308(13e4300)>: BaseAddress: 0xF06D0000 (226b000) EntryPoint: 0xF06D5980 Size: 28672 Flags: 0x9104000 Checksum: 0x9f9f LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\cdrom.sys 38. e100bnt5.sys<0xFCD284C8(13454c0)>: BaseAddress: 0xFC898000 (2293000) EntryPoint: 0xFC89B7B8 Size: 106496 Flags: 0x9104000 Checksum: 0x222a9 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\e100bnt5.sys 39. i8042prt.sys<0xFCDC6E68(13e3e60)>: BaseAddress: 0xF0490000 (22ad000) EntryPoint: 0xF0498000 Size: 49152 Flags: 0x9104000 Checksum: 0xc15a LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\i8042prt.sys 40. kbdclass.sys<0xFCDC69E8(13e39e0)>: BaseAddress: 0xF06E0000 (22be000) EntryPoint: 0xF06E3E64 Size: 24576 Flags: 0x9104000 Checksum: 0xe259 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\kbdclass.sys 41. Apfiltr.sys<0xFCDA3748(13c0740)>: BaseAddress: 0xF04A0000 (22e6000) EntryPoint: 0xF04A8F80 Size: 40960 Flags: 0x9104000 Checksum: 0xa904 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\Apfiltr.sys 42. mouclass.sys<0xFCDA3428(13c0420)>: BaseAddress: 0xF06F0000 (22f0000) EntryPoint: 0xF06F34E4 Size: 24576 Flags: 0x9104000 Checksum: 0x7e78 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\mouclass.sys 43. CmBatt.sys<0xFCD27D68(1344d60)>: BaseAddress: 0xF088C000 (22f9000) EntryPoint: 0xF088DBA0 Size: 12288 Flags: 0x9104000 Checksum: 0x2bdd LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\CmBatt.sys 44. SonyPI.sys<0xFCD4AF68(1367f60)>: BaseAddress: 0xF04B0000 (231c000) EntryPoint: 0xF04B785C Size: 36864 Flags: 0x1104000 Checksum: 0x14b69 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\SonyPI.sys 45. SonyNC.sys<0xFCD4A728(1367720)>: BaseAddress: 0xF06F8000 (2345000) EntryPoint: 0xF06FBE72 Size: 20480 Flags: 0x1104000 Checksum: 0x1ab68 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\SonyNC.sys 46. serial.sys<0xFCD4A0E8(13670e0)>: BaseAddress: 0xF04C0000 (234f000) EntryPoint: 0xF04CA300 Size: 65536 Flags: 0x9104000 Checksum: 0x11703 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\serial.sys 47. serenum.sys<0xFCD49D88(1366d80)>: BaseAddress: 0xF089C000 (2384000) EntryPoint: 0xF089E9C0 Size: 16384 Flags: 0x9104000 Checksum: 0x1105e LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\serenum.sys 48. parport.sys<0xFCD48EE8(1365ee0)>: BaseAddress: 0xF0710000 (238c000) EntryPoint: 0xF07104A2 Size: 28672 Flags: 0x9104000 Checksum: 0xeedd LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\parport.sys 49. fdc.sys<0xFCD48828(1365820)>: BaseAddress: 0xF0720000 (1) EntryPoint: 0xF0724F30 Size: 28672 Flags: 0x9104000 Checksum: 0x1553c LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\fdc.sys 50. USBD.SYS<0xFCD47CE8(1364ce0)>: BaseAddress: 0xF0740000 (23b2000) EntryPoint: 0xF0740300 Size: 20480 Flags: 0x9104000 Checksum: 0x5465 LoadCount: 3 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\USBD.SYS 51. uhcd.sys<0xFCD47EE8(1364ee0)>: BaseAddress: 0xF0730000 (23aa000) EntryPoint: 0xF07302E0 Size: 32768 Flags: 0x9104000 Checksum: 0x11484 LoadCount: 1 Unknown1: 85 ImagePath: \SystemRoot\System32\DRIVERS\uhcd.sys 52. KS.SYS<0xFCDC2C48(13dfc40)>: BaseAddress: 0xFC80B000 (2526000) EntryPoint: 0xFC826060 Size: 122880 Flags: 0x9104000 Checksum: 0x2d626 LoadCount: 5 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\KS.SYS 53. portcls.sys<0xFCDC2EE8(13dfee0)>: BaseAddress: 0xFC829000 (2501000) EntryPoint: 0xFC83F87C Size: 151552 Flags: 0x9104000 Checksum: 0x30ed1 LoadCount: 1 Unknown1: 75 ImagePath: \SystemRoot\system32\drivers\portcls.sys 54. smwdm.sys<0xFCD471E8(13641e0)>: BaseAddress: 0xFC84E000 (2417000) EntryPoint: 0xFC88BE78 Size: 303104 Flags: 0x9104000 Checksum: 0x580c3 LoadCount: 1 Unknown1: 112 ImagePath: \SystemRoot\system32\drivers\smwdm.sys 55. rksample.sys<0xFCDC1D88(13ded80)>: BaseAddress: 0xF04D0000 (254f000) EntryPoint: 0xF04DBE18 Size: 57344 Flags: 0x9104000 Checksum: 0x2434c LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\rksample.sys 56. winachsf.sys<0xFCDC1948(13de940)>: BaseAddress: 0xFC715000 (2624000) EntryPoint: 0xFC77AFC0 Size: 450560 Flags: 0x9104000 Checksum: 0x9726c LoadCount: 1 Unknown1: 621 ImagePath: \SystemRoot\System32\DRIVERS\winachsf.sys 57. Modem.SYS<0xFCDC1548(13de540)>: BaseAddress: 0xF0768000 (26f2000) EntryPoint: 0xF076D6EA Size: 28672 Flags: 0x9104000 Checksum: 0x16f4a LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Modem.SYS 58. audstub.sys<0xFCDC08E8(13dd8e0)>: BaseAddress: 0xF0A45000 (2727000) EntryPoint: 0xF0A45500 Size: 4096 Flags: 0x9104000 Checksum: 0x8ef7 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\audstub.sys 59. rasl2tp.sys<0xFCD46908(1363900)>: BaseAddress: 0xF04E0000 (272c000) EntryPoint: 0xF04EB2A0 Size: 53248 Flags: 0x9104000 Checksum: 0x10dac LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\rasl2tp.sys 60. ndistapi.sys<0xFCD46348(1363340)>: BaseAddress: 0xF08A8000 (2739000) EntryPoint: 0xF08A96E2 Size: 12288 Flags: 0x9104000 Checksum: 0xe062 LoadCount: 2 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\ndistapi.sys 61. ndiswan.sys<0xFCDBFC48(13dcc40)>: BaseAddress: 0xFC6FE000 (273e000) EntryPoint: 0xFC711180 Size: 94208 Flags: 0x9104000 Checksum: 0x24edb LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\ndiswan.sys 62. TDI.SYS<0xFCD45DA8(1362da0)>: BaseAddress: 0xF08B8000 (275b000) EntryPoint: 0xF08B87D0 Size: 16384 Flags: 0x9104000 Checksum: 0x1329d LoadCount: 10 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\TDI.SYS 63. raspptp.sys<0xFCD45FA8(1362fa0)>: BaseAddress: 0xF04F0000 (278f000) EntryPoint: 0xF04FA6C0 Size: 49152 Flags: 0x9104000 Checksum: 0xe275 LoadCount: 1 Unknown1: 84 ImagePath: \SystemRoot\System32\DRIVERS\raspptp.sys 64. ptilink.sys<0xFCD451E8(13621e0)>: BaseAddress: 0xF0788000 (27e1000) EntryPoint: 0xF07882E0 Size: 20480 Flags: 0x9104000 Checksum: 0xf2be LoadCount: 2 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\ptilink.sys 65. raspti.sys<0xFCD25548(1342540)>: BaseAddress: 0xF0798000 (27c9000) EntryPoint: 0xF079B240 Size: 20480 Flags: 0x9104000 Checksum: 0xfed0 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\raspti.sys 66. SonyiNet.sys<0xFCDBEE88(13dbe80)>: BaseAddress: 0xF07A8000 (27d3000) EntryPoint: 0xF07A8414 Size: 28672 Flags: 0x9104000 Checksum: 0x10386 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\SonyiNet.sys 67. parallel.sys<0xFCDBE808(13db800)>: BaseAddress: 0xF0500000 (27ba000) EntryPoint: 0xF0502BBE Size: 61440 Flags: 0x9104000 Checksum: 0x16ad6 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\parallel.sys 68. swenum.sys<0xFCD448E8(13618e0)>: BaseAddress: 0xF0A48000 (280a000) EntryPoint: 0xF0A486A0 Size: 4096 Flags: 0x9104000 Checksum: 0x7716 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\swenum.sys 69. update.sys<0xFCD24D08(1341d00)>: BaseAddress: 0xFC6E4000 (2881000) EntryPoint: 0xFC6FCE60 Size: 106496 Flags: 0x9104000 Checksum: 0x209d8 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\update.sys 70. flpydisk.sys<0xFCDB03A8(13cd3a0)>: BaseAddress: 0xF07C8000 (2878000) EntryPoint: 0xF07CBBA0 Size: 20480 Flags: 0x9104000 Checksum: 0xf1a2 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\flpydisk.sys 71. usbhub.sys<0xFCD3C4E8(13594e0)>: BaseAddress: 0xF0540000 (287f000) EntryPoint: 0xF0540372 Size: 40960 Flags: 0x9104000 Checksum: 0xaef8 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\usbhub.sys 72. NDProxy.SYS<0xFCD9A568(13b7560)>: BaseAddress: 0xF0550000 (292b000) EntryPoint: 0xF0558720 Size: 40960 Flags: 0x9104000 Checksum: 0x121c3 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\NDProxy.SYS 73. USBSTOR.SYS<0xFCD97DA8(13b4da0)>: BaseAddress: 0xF07D8000 (2969000) EntryPoint: 0xF07D9CA0 Size: 20480 Flags: 0x9104000 Checksum: 0x10fba LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\USBSTOR.SYS 74. SonyUSBL.sys<0xFCD96A28(13b3a20)>: BaseAddress: 0xF0912000 (296e000) EntryPoint: 0xF09122C0 Size: 8192 Flags: 0x9104000 Checksum: 0xf068 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\SonyUSBL.sys 75. Fs_Rec.SYS<0xFCCC8608(12e5600)>: BaseAddress: 0xF0916000 (29c2000) EntryPoint: 0xF0917294 Size: 8192 Flags: 0x9104000 Checksum: 0xab4c LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Fs_Rec.SYS 76. Null.SYS<0xFCCC8548(12e5540)>: BaseAddress: 0xF0A7F000 (29a4000) EntryPoint: 0xF0A7F47A Size: 4096 Flags: 0x9104000 Checksum: 0x23ce LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Null.SYS 77. Beep.SYS<0xFCD8E708(13ab700)>: BaseAddress: 0xF0A83000 (29a5000) EntryPoint: 0xF0A8329A Size: 4096 Flags: 0x9104000 Checksum: 0xc54f LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Beep.SYS 78. biosview.sys<0xFCCC93C8(12e63c0)>: BaseAddress: 0xF091A000 (29a6000) EntryPoint: 0xF091A2E2 Size: 8192 Flags: 0x9104000 Checksum: 0x76f0 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\biosview.sys 79. vga.sys<0xFCCC8A88(12e5a80)>: BaseAddress: 0xF08D4000 (29a8000) EntryPoint: 0xF08D6C40 Size: 16384 Flags: 0x9104000 Checksum: 0x1047d LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\drivers\vga.sys 80. mnmdd.SYS<0xFCCC73A8(12e43a0)>: BaseAddress: 0xF0A8B000 (29b9000) EntryPoint: 0xF0A8B3A0 Size: 4096 Flags: 0x9104000 Checksum: 0xf6c2 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\mnmdd.SYS 81. Msfs.SYS<0xFCCC72E8(12e42e0)>: BaseAddress: 0xF07F8000 (29ce000) EntryPoint: 0xF07FBEDA Size: 24576 Flags: 0x9104000 Checksum: 0xe5fa LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Msfs.SYS 82. Npfs.SYS<0xFCCC63E8(12e33e0)>: BaseAddress: 0xF0560000 (29d4000) EntryPoint: 0xF056790E Size: 36864 Flags: 0x9104000 Checksum: 0x17e60 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Npfs.SYS 83. UdfReadr.SYS<0xFCCC4208(12e1200)>: BaseAddress: 0xF8371000 (29fd000) EntryPoint: 0xF8372722 Size: 208896 Flags: 0x1004000 Checksum: 0x38b5d LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\UdfReadr.SYS 84. rasacd.sys<0xFCD8DD68(13aad60)>: BaseAddress: 0xF0922000 (2a85000) EntryPoint: 0xF0923493 Size: 8192 Flags: 0x9104000 Checksum: 0xf369 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\rasacd.sys 85. tcpip.sys<0xFCCC5FA8(12e2fa0)>: BaseAddress: 0xF82E8000 (2aad000) EntryPoint: 0xF832E4CA Size: 323584 Flags: 0x9104000 Checksum: 0x56824 LoadCount: 3 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\tcpip.sys 86. msgpc.sys<0xFCC90C68(12adc60)>: BaseAddress: 0xF0570000 (2b33000) EntryPoint: 0xF05702E0 Size: 36864 Flags: 0x9104000 Checksum: 0x17874 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\msgpc.sys 87. netbt.sys<0xFCC8EFA8(12abfa0)>: BaseAddress: 0xF82C4000 (2be0000) EntryPoint: 0xF82E3F2E Size: 147456 Flags: 0x9104000 Checksum: 0x282d2 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\netbt.sys 88. wanarp.sys<0xFCC8D848(12aa840)>: BaseAddress: 0xF06B0000 (2b8a000) EntryPoint: 0xF06B6266 Size: 32768 Flags: 0x9104000 Checksum: 0x9122 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\wanarp.sys 89. netbios.sys<0xFCD6C348(1389340)>: BaseAddress: 0xF0580000 (2bb6000) EntryPoint: 0xF0586E20 Size: 36864 Flags: 0x9104000 Checksum: 0xb5c1 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\netbios.sys 90. rdbss.sys<0xFCC864C8(12a34c0)>: BaseAddress: 0xF82A2000 (2c11000) EntryPoint: 0xF82BFF20 Size: 139264 Flags: 0x9104000 Checksum: 0x2c2a9 LoadCount: 2 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\rdbss.sys 91. mrxsmb.sys<0xFCD6D688(138a680)>: BaseAddress: 0xF8232000 (2c8d000) EntryPoint: 0xF8254DD6 Size: 385024 Flags: 0x9104000 Checksum: 0x69eb4 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\mrxsmb.sys 92. dump_WMILIB.SYS<0xFCD5ECA8(137bca0)>: BaseAddress: 0xF0AEE000 (5a83000) EntryPoint: 0xF0AEEAA0 Size: 4096 Flags: 0x9104000 Checksum: 0x8bfd LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\dump_WMILIB.SYS 93. dump_atapi.sys<0xFCD61068(137e060)>: BaseAddress: 0xF81F5000 (59ee000) EntryPoint: 0xF82075BA Size: 86016 Flags: 0x9104000 Checksum: 0x1ad3f LoadCount: 1 Unknown1: 87 ImagePath: \SystemRoot\System32\Drivers\dump_atapi.sys 94. win32k.sys<0xFCD5DCE8(137ace0)>: BaseAddress: 0xA0000000 (67ef000) EntryPoint: 0xA0194C37 Size: 1728512 Flags: 0x9104000 Checksum: 0x1b02d1 LoadCount: 1 Unknown1: 0 ImagePath: \??\C:\WINNT\system32\win32k.sys 95. Vchnt5.DLL<0xFCC5F408(127c400)>: BaseAddress: 0xFC793000 (6a4e000) EntryPoint: 0xFC793300 Size: 12288 Flags: 0x9104000 Checksum: 0xfa01 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\Vchnt5.DLL 96. Ch7xxNT5.DLL<0xFCC5F168(127c160)>: BaseAddress: 0xFC78B000 (1) EntryPoint: 0xFC78B300 Size: 16384 Flags: 0x9104000 Checksum: 0xb9b7 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\Ch7xxNT5.DLL 97. SiInt5.DLL<0xFCC5E9A8(127b9a0)>: BaseAddress: 0xF0AF3000 (6a56000) EntryPoint: 0xF0AF32E0 Size: 4096 Flags: 0x9104000 Checksum: 0x10943 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\SiInt5.DLL 98. atv01nt5.DLL<0xFCC5DE48(127ae40)>: BaseAddress: 0xF0778000 (1) EntryPoint: 0xF0778300 Size: 24576 Flags: 0x9104000 Checksum: 0x6ccb LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\atv01nt5.DLL 99. adv01nt5.DLL<0xFCC5D6C8(127a6c0)>: BaseAddress: 0xF0930000 (6a3e000) EntryPoint: 0xF09302E0 Size: 8192 Flags: 0x9104000 Checksum: 0xa1f2 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\adv01nt5.DLL 100. atv02nt5.DLL<0xFCC5CF68(1279f60)>: BaseAddress: 0xFC783000 (6b21000) EntryPoint: 0xFC783300 Size: 12288 Flags: 0x9104000 Checksum: 0x4caf LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\atv02nt5.DLL 101. adv02nt5.DLL<0xFCC5C868(1279860)>: BaseAddress: 0xF0AF6000 (6a64000) EntryPoint: 0xF0AF62E0 Size: 4096 Flags: 0x9104000 Checksum: 0xcef8 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\adv02nt5.DLL 102. atv04nt5.DLL<0xFCC5C128(1279120)>: BaseAddress: 0xF0790000 (1) EntryPoint: 0xF0790300 Size: 24576 Flags: 0x9104000 Checksum: 0xced3 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\atv04nt5.DLL 103. adv05nt5.DLL<0xFCC5BDE8(1278de0)>: BaseAddress: 0xF0AF9000 (6a8d000) EntryPoint: 0xF0AF92E0 Size: 4096 Flags: 0x9104000 Checksum: 0x4c3f LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\adv05nt5.DLL 104. atv06nt5.DLL<0xFCC5B668(1278660)>: BaseAddress: 0xF08A4000 (6a8f000) EntryPoint: 0xF08A4300 Size: 12288 Flags: 0x9104000 Checksum: 0x97ce LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\atv06nt5.DLL 105. i81xdnt5.dll<0xFCC5A9E8(12779e0)>: BaseAddress: 0xF8133000 (6b33000) EntryPoint: 0xF8133320 Size: 663552 Flags: 0x9104000 Checksum: 0xa775c LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\i81xdnt5.dll 106. afd.sys<0xFF282F68(9def60)>: BaseAddress: 0xF7FFD000 (bb1000) EntryPoint: 0xF801784A Size: 122880 Flags: 0x9104000 Checksum: 0x2ce34 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\drivers\afd.sys 107. ParVdm.SYS<0xFF26C9C8(fad9c0)>: BaseAddress: 0xF094A000 (15b6000) EntryPoint: 0xF094A900 Size: 8192 Flags: 0x9104000 Checksum: 0x770b LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\ParVdm.SYS 108. amosnt.sys<0xFF26B6E8(2506e0)>: BaseAddress: 0xF7F8A000 (f9d000) EntryPoint: 0xF7FAAD78 Size: 143360 Flags: 0x9104000 Checksum: 0x3dee3 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\amosnt.sys 109. Aspi32.SYS<0xFF26B1C8(2501c0)>: BaseAddress: 0xF80EB000 (61000) EntryPoint: 0xF80EB48A Size: 16384 Flags: 0x1104000 Checksum: 0xc64f LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Aspi32.SYS 110. dfrwsdrv.sys<0xFF25C7E8(19827e0)>: BaseAddress: 0xF0A74000 (19a7000) EntryPoint: 0xF0A74718 Size: 4096 Flags: 0x9104000 Checksum: 0xb8ac LoadCount: 1 Unknown1: 0 ImagePath: \??\c:\winnt\system32\dfrwsdrv.sys 111. fallback.sys<0xFF25E848(1d8840)>: BaseAddress: 0xF7E7C000 (2b46000) EntryPoint: 0xF7EBF958 Size: 286720 Flags: 0x9104000 Checksum: 0x74577 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\fallback.sys 112. fsksnt.sys<0xFF251A08(4793a00)>: BaseAddress: 0xF7E66000 (454d000) EntryPoint: 0xF7E7A938 Size: 90112 Flags: 0x9104000 Checksum: 0x32482 LoadCount: 1 Unknown1: 1112 ImagePath: \SystemRoot\System32\DRIVERS\fsksnt.sys 113. wdmaud.sys<0xFF250B88(7c7b80)>: BaseAddress: 0xF7E53000 (45d1000) EntryPoint: 0xF7E568B8 Size: 77824 Flags: 0x9104000 Checksum: 0x183eb LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\wdmaud.sys 114. Ich.sys<0xFF24ED08(7d47d00)>: BaseAddress: 0xF8063000 (460e000) EntryPoint: 0xF806F638 Size: 57344 Flags: 0x9104000 Checksum: 0x20e7f LoadCount: 1 Unknown1: 1128 ImagePath: \SystemRoot\System32\DRIVERS\Ich.sys 115. sysaudio.sys<0xFF24E528(7d47520)>: BaseAddress: 0xF8053000 (47c1000) EntryPoint: 0xF805D340 Size: 49152 Flags: 0x9104000 Checksum: 0xe409 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\sysaudio.sys 116. k56nt.sys<0xFF253708(651700)>: BaseAddress: 0xF7DF3000 (4a65000) EntryPoint: 0xF7E4F498 Size: 393216 Flags: 0x9104000 Checksum: 0xaf3ad LoadCount: 1 Unknown1: 1162 ImagePath: \SystemRoot\System32\DRIVERS\k56nt.sys 117. kmixer.sys<0xFF226168(778160)>: BaseAddress: 0xF7D07000 (7ef000) EntryPoint: 0xF7D181B3 Size: 147456 Flags: 0x9104000 Checksum: 0x2ef53 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\system32\drivers\kmixer.sys 118. faxnt.sys<0xFF225788(478b780)>: BaseAddress: 0xF7CD6000 (4e82000) EntryPoint: 0xF7D04B18 Size: 200704 Flags: 0x9104000 Checksum: 0x57808 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\faxnt.sys 119. srv.sys<0xFF24A828(3bd820)>: BaseAddress: 0xF7C73000 (1be0000) EntryPoint: 0xF7CA90A0 Size: 241664 Flags: 0x9104000 Checksum: 0x3abee LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\srv.sys 120. tonesnt.sys<0xFF24DAC8(766ac0)>: BaseAddress: 0xF80A3000 (516f000) EntryPoint: 0xF80ADEB8 Size: 53248 Flags: 0x9104000 Checksum: 0x18925 LoadCount: 1 Unknown1: 1271 ImagePath: \SystemRoot\System32\DRIVERS\tonesnt.sys 121. v124nt.sys<0xFF1FEF08(5486f00)>: BaseAddress: 0xF7B60000 (4a31000) EntryPoint: 0xF7BCE698 Size: 471040 Flags: 0x9104000 Checksum: 0xc7564 LoadCount: 1 Unknown1: 65535 ImagePath: \SystemRoot\System32\DRIVERS\v124nt.sys 122. Cdfs.SYS<0xFF1FDB08(4859b00)>: BaseAddress: 0xF7DB3000 (540e000) EntryPoint: 0xF7DC01A0 Size: 61440 Flags: 0x9104000 Checksum: 0x1296d LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\Drivers\Cdfs.SYS 123. ipsec.sys<0xFCDA5588(13c2580)>: BaseAddress: 0xF7AFB000 (1ed4000) EntryPoint: 0xF7B0DCE6 Size: 86016 Flags: 0x9104000 Checksum: 0x21cb3 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\DRIVERS\ipsec.sys 124. ATMFD.DLL<0xFF191B88(39b1b80)>: BaseAddress: 0xF7656000 (1) EntryPoint: 0xF7658E3A Size: 290816 Flags: 0x9104000 Checksum: 0x4f552 LoadCount: 1 Unknown1: 0 ImagePath: \SystemRoot\System32\ATMFD.DLL Unloaded System Modules: 0x80480418 (0x480418) 1. (0x0): BaseAddress: 0x00000000 ImageEnd: 0x00000000 Unknown1: 0x0 Unknown2: 0x0 2. DMusic.sys(0x55b3848): BaseAddress: 0xF8654000 ImageEnd: 0xF8661000 Unknown1: 0xca2635b0 Unknown2: 0x1c569df 3. swmidi.sys(0x3bd7c8): BaseAddress: 0xF0600000 ImageEnd: 0xF060D000 Unknown1: 0xc7580390 Unknown2: 0x1c569df 4. VGA.dll(0x12784c8): BaseAddress: 0xF81C0000 ImageEnd: 0xF81D5000 Unknown1: 0x91c40090 Unknown2: 0x1c569df 5. i81xdnt5.dll(0x1278728): BaseAddress: 0xF8133000 ImageEnd: 0xF81D5000 Unknown1: 0x91c0f230 Unknown2: 0x1c569df 6. redbook.sys(0x12a99a8): BaseAddress: 0xF0590000 ImageEnd: 0xF0599000 Unknown1: 0x68202490 Unknown2: 0x1c569df Drivers: \Driver\WMI<0xFCDF4A30(1411a30)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0x00000000 FastIoDispatch: 0xFCDF44D8 DriverInit: 0x80561536 \WINNT\System32\ntoskrnl.exe DriverStartIo: 0x00000000 DriverUnload: 0x00000000 IRP_MJ_CREATE: 0x80512A98 \WINNT\System32\ntoskrnl.exe IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0x80512AD8 \WINNT\System32\ntoskrnl.exe IRP_MJ_READ: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0x804B1C53 \WINNT\System32\ntoskrnl.exe IRP_MJ_INTERNAL_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0x80512B8C \WINNT\System32\ntoskrnl.exe IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SYSTEM_CONTROL: 0x80512FB6 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0x80425480 \WINNT\System32\ntoskrnl.exe AddDevice: 0x00000000 ServiceKeyName: \Driver\WMI \Driver\KSecDD<0xFCD50650(136d650)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCE25928 KSecDD.sys FastIoDispatch: 0x00000000 DriverInit: 0xFC9528BE KSecDD.sys DriverStartIo: 0x00000000 DriverUnload: 0x00000000 IRP_MJ_CREATE: 0xFC94BA3A KSecDD.sys IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xFC94BA3A KSecDD.sys IRP_MJ_READ: 0xFC94BA3A KSecDD.sys IRP_MJ_WRITE: 0xFC94BA3A KSecDD.sys IRP_MJ_QUERY_INFORMATION: 0xFC94BA3A KSecDD.sys IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_VOLUME_INFORMATION: 0xFC94BA3A KSecDD.sys IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0xFC94BA3A KSecDD.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0x80425480 \WINNT\System32\ntoskrnl.exe AddDevice: 0x00000000 ServiceKeyName: KSecDD \Driver\NDIS<0xFCD4E8F0(136b8f0)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCE258A8 NDIS.sys FastIoDispatch: 0x00000000 DriverInit: 0xFC93FF1E NDIS.sys DriverStartIo: 0x00000000 DriverUnload: 0x00000000 IRP_MJ_CREATE: 0xFC91F196 NDIS.sys IRP_MJ_CREATE_NAMED_PIPE: 0xFC91F196 NDIS.sys IRP_MJ_CLOSE: 0xFC91F196 NDIS.sys IRP_MJ_READ: 0xFC91F196 NDIS.sys IRP_MJ_WRITE: 0xFC91F196 NDIS.sys IRP_MJ_QUERY_INFORMATION: 0xFC91F196 NDIS.sys IRP_MJ_SET_INFORMATION: 0xFC91F196 NDIS.sys IRP_MJ_QUERY_EA: 0xFC91F196 NDIS.sys IRP_MJ_SET_EA: 0xFC91F196 NDIS.sys IRP_MJ_FLUSH_BUFFERS: 0xFC91F196 NDIS.sys IRP_MJ_QUERY_VOLUME_INFORMATION: 0xFC91F196 NDIS.sys IRP_MJ_SET_VOLUME_INFORMATION: 0xFC91F196 NDIS.sys IRP_MJ_DIRECTORY_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_FILE_SYSTEM_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_DEVICE_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_SHUTDOWN: 0xFC91F196 NDIS.sys IRP_MJ_LOCK_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_CLEANUP: 0xFC91F196 NDIS.sys IRP_MJ_CREATE_MAILSLOT: 0xFC91F196 NDIS.sys IRP_MJ_QUERY_SECURITY: 0xFC91F196 NDIS.sys IRP_MJ_SET_SECURITY: 0xFC91F196 NDIS.sys IRP_MJ_POWER: 0xFC91F196 NDIS.sys IRP_MJ_SYSTEM_CONTROL: 0xFC91F196 NDIS.sys IRP_MJ_DEVICE_CHANGE: 0xFC91F196 NDIS.sys IRP_MJ_QUERY_QUOTA: 0xFC91F196 NDIS.sys IRP_MJ_SET_QUOTA: 0xFC91F196 NDIS.sys IRP_MJ_PNP: 0xFC91F196 NDIS.sys AddDevice: 0x00000000 ServiceKeyName: NDIS \Driver\Beep<0xFCD8E5D0(13ab5d0)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCD8E708 \SystemRoot\System32\Drivers\Beep.SYS FastIoDispatch: 0x00000000 DriverInit: 0xF0A8329A \SystemRoot\System32\Drivers\Beep.SYS DriverStartIo: 0xF0A83572 \SystemRoot\System32\Drivers\Beep.SYS DriverUnload: 0xF0A8367E \SystemRoot\System32\Drivers\Beep.SYS IRP_MJ_CREATE: 0xF0A834C0 \SystemRoot\System32\Drivers\Beep.SYS IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF0A8350E \SystemRoot\System32\Drivers\Beep.SYS IRP_MJ_READ: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0xF0A83456 \SystemRoot\System32\Drivers\Beep.SYS IRP_MJ_INTERNAL_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0xF0A8339E \SystemRoot\System32\Drivers\Beep.SYS IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0x80425480 \WINNT\System32\ntoskrnl.exe AddDevice: 0x00000000 ServiceKeyName: Beep \Driver\V124<0xFF217E50(53cae50)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFF1FEF08 \SystemRoot\System32\DRIVERS\v124nt.sys FastIoDispatch: 0x00000000 DriverInit: 0xF7BCE698 \SystemRoot\System32\DRIVERS\v124nt.sys DriverStartIo: 0x00000000 DriverUnload: 0xF7B6BA60 \SystemRoot\System32\DRIVERS\v124nt.sys IRP_MJ_CREATE: 0xF7B6BB00 \SystemRoot\System32\DRIVERS\v124nt.sys IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF7B6BB00 \SystemRoot\System32\DRIVERS\v124nt.sys IRP_MJ_READ: 0xF7B6BB00 \SystemRoot\System32\DRIVERS\v124nt.sys IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_INTERNAL_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0x80425480 \WINNT\System32\ntoskrnl.exe AddDevice: 0x00000000 ServiceKeyName: V124 \Driver\Raspti<0xFCD253B0(13423b0)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCD25548 \SystemRoot\System32\DRIVERS\raspti.sys FastIoDispatch: 0x00000000 DriverInit: 0xF079B240 \SystemRoot\System32\DRIVERS\raspti.sys DriverStartIo: 0x00000000 DriverUnload: 0xFC9306B4 NDIS.sys IRP_MJ_CREATE: 0xFC91EF12 NDIS.sys IRP_MJ_CREATE_NAMED_PIPE: 0xFC922018 NDIS.sys IRP_MJ_CLOSE: 0xFC921F43 NDIS.sys IRP_MJ_READ: 0xFC922018 NDIS.sys IRP_MJ_WRITE: 0xFC922018 NDIS.sys IRP_MJ_QUERY_INFORMATION: 0xFC922018 NDIS.sys IRP_MJ_SET_INFORMATION: 0xFC922018 NDIS.sys IRP_MJ_QUERY_EA: 0xFC922018 NDIS.sys IRP_MJ_SET_EA: 0xFC922018 NDIS.sys IRP_MJ_FLUSH_BUFFERS: 0xFC922018 NDIS.sys IRP_MJ_QUERY_VOLUME_INFORMATION: 0xFC922018 NDIS.sys IRP_MJ_SET_VOLUME_INFORMATION: 0xFC922018 NDIS.sys IRP_MJ_DIRECTORY_CONTROL: 0xFC922018 NDIS.sys IRP_MJ_FILE_SYSTEM_CONTROL: 0xFC922018 NDIS.sys IRP_MJ_DEVICE_CONTROL: 0xFC9218DE NDIS.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0xFC922018 NDIS.sys IRP_MJ_SHUTDOWN: 0xFC922018 NDIS.sys IRP_MJ_LOCK_CONTROL: 0xFC922018 NDIS.sys IRP_MJ_CLEANUP: 0xFC922018 NDIS.sys IRP_MJ_CREATE_MAILSLOT: 0xFC922018 NDIS.sys IRP_MJ_QUERY_SECURITY: 0xFC922018 NDIS.sys IRP_MJ_SET_SECURITY: 0xFC922018 NDIS.sys IRP_MJ_POWER: 0xFC923361 NDIS.sys IRP_MJ_SYSTEM_CONTROL: 0xFC9249DF NDIS.sys IRP_MJ_DEVICE_CHANGE: 0xFC922018 NDIS.sys IRP_MJ_QUERY_QUOTA: 0xFC922018 NDIS.sys IRP_MJ_SET_QUOTA: 0xFC922018 NDIS.sys IRP_MJ_PNP: 0xFC922374 NDIS.sys AddDevice: 0xFC92083C NDIS.sys ServiceKeyName: Raspti \Driver\Mouclass<0xFCD4BED0(1368ed0)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCDA3428 \SystemRoot\System32\DRIVERS\mouclass.sys FastIoDispatch: 0x00000000 DriverInit: 0xF06F34E4 \SystemRoot\System32\DRIVERS\mouclass.sys DriverStartIo: 0xF06F0C7C \SystemRoot\System32\DRIVERS\mouclass.sys DriverUnload: 0x00000000 IRP_MJ_CREATE: 0xF06F058C \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF06F0808 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_READ: 0xF06F0A38 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0xF06F04F2 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0xF06F2466 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0xF06F2080 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0xF06F04B6 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0xF06F2F92 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_SYSTEM_CONTROL: 0xF06F3270 \SystemRoot\System32\DRIVERS\mouclass.sys IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0xF06F1026 \SystemRoot\System32\DRIVERS\mouclass.sys AddDevice: 0xF06F2142 \SystemRoot\System32\DRIVERS\mouclass.sys ServiceKeyName: Mouclass \Driver\Diskperf<0xFCD59570(1376570)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCE25008 Diskperf.sys FastIoDispatch: 0x00000000 DriverInit: 0xF09032C0 Diskperf.sys DriverStartIo: 0x00000000 DriverUnload: 0xF0902EC2 Diskperf.sys IRP_MJ_CREATE: 0xF09023B6 Diskperf.sys IRP_MJ_CREATE_NAMED_PIPE: 0xF09022F6 Diskperf.sys IRP_MJ_CLOSE: 0xF09022F6 Diskperf.sys IRP_MJ_READ: 0xF09023CC Diskperf.sys IRP_MJ_WRITE: 0xF09023CC Diskperf.sys IRP_MJ_QUERY_INFORMATION: 0xF09022F6 Diskperf.sys IRP_MJ_SET_INFORMATION: 0xF09022F6 Diskperf.sys IRP_MJ_QUERY_EA: 0xF09022F6 Diskperf.sys IRP_MJ_SET_EA: 0xF09022F6 Diskperf.sys IRP_MJ_FLUSH_BUFFERS: 0xF090268A Diskperf.sys IRP_MJ_QUERY_VOLUME_INFORMATION: 0xF09022F6 Diskperf.sys IRP_MJ_SET_VOLUME_INFORMATION: 0xF09022F6 Diskperf.sys IRP_MJ_DIRECTORY_CONTROL: 0xF09022F6 Diskperf.sys IRP_MJ_FILE_SYSTEM_CONTROL: 0xF09022F6 Diskperf.sys IRP_MJ_DEVICE_CONTROL: 0xF090256E Diskperf.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0xF09022F6 Diskperf.sys IRP_MJ_SHUTDOWN: 0xF090268A Diskperf.sys IRP_MJ_LOCK_CONTROL: 0xF09022F6 Diskperf.sys IRP_MJ_CLEANUP: 0xF09022F6 Diskperf.sys IRP_MJ_CREATE_MAILSLOT: 0xF09022F6 Diskperf.sys IRP_MJ_QUERY_SECURITY: 0xF09022F6 Diskperf.sys IRP_MJ_SET_SECURITY: 0xF09022F6 Diskperf.sys IRP_MJ_POWER: 0xF0902314 Diskperf.sys IRP_MJ_SYSTEM_CONTROL: 0xF0902DCA Diskperf.sys IRP_MJ_DEVICE_CHANGE: 0xF09022F6 Diskperf.sys IRP_MJ_QUERY_QUOTA: 0xF09022F6 Diskperf.sys IRP_MJ_SET_QUOTA: 0xF09022F6 Diskperf.sys IRP_MJ_PNP: 0xF0902C26 Diskperf.sys AddDevice: 0xF0902AFA Diskperf.sys ServiceKeyName: Diskperf \Driver\Kbdclass<0xFCDC6810(13e3810)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCDC69E8 \SystemRoot\System32\DRIVERS\kbdclass.sys FastIoDispatch: 0x00000000 DriverInit: 0xF06E3E64 \SystemRoot\System32\DRIVERS\kbdclass.sys DriverStartIo: 0xF06E0D58 \SystemRoot\System32\DRIVERS\kbdclass.sys DriverUnload: 0x00000000 IRP_MJ_CREATE: 0xF06E066E \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF06E08EC \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_READ: 0xF06E0B1C \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0xF06E05D4 \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0xF06E28EC \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0xF06E2380 \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0xF06E04B6 \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0xF06E35E2 \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_SYSTEM_CONTROL: 0xF06E3BFE \SystemRoot\System32\DRIVERS\kbdclass.sys IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0xF06E1168 \SystemRoot\System32\DRIVERS\kbdclass.sys AddDevice: 0xF06E2494 \SystemRoot\System32\DRIVERS\kbdclass.sys ServiceKeyName: Kbdclass \Driver\Compbatt<0xFCD2B670(1348670)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCE26D68 compbatt.sys FastIoDispatch: 0x00000000 DriverInit: 0xF0815900 compbatt.sys DriverStartIo: 0x00000000 DriverUnload: 0xF0814DC0 compbatt.sys IRP_MJ_CREATE: 0xF081445C compbatt.sys IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF081445C compbatt.sys IRP_MJ_READ: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FLUSH_BUFFERS: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_VOLUME_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DIRECTORY_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_FILE_SYSTEM_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_DEVICE_CONTROL: 0xF0814DC8 compbatt.sys IRP_MJ_INTERNAL_DEVICE_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SHUTDOWN: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_LOCK_CONTROL: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLEANUP: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CREATE_MAILSLOT: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_SECURITY: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_POWER: 0xF0814930 compbatt.sys IRP_MJ_SYSTEM_CONTROL: 0xF0814476 compbatt.sys IRP_MJ_DEVICE_CHANGE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_QUOTA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_PNP: 0xF0814872 compbatt.sys AddDevice: 0xF081432E compbatt.sys ServiceKeyName: Compbatt \Driver\NDProxy<0xFCD9A3D0(13b73d0)> SecurityDescriptor: 0xE12AEC98(18cfc98) Revision: 1 Sbz1: 0 Control: DaclPresent SelfRelative O: S-1-5-32-544 G: S-1-5-18 D:(A;;FA;;;SY)(A;;0x1200a9;;;BA) Section: 0xFCD9A568 \SystemRoot\System32\Drivers\NDProxy.SYS FastIoDispatch: 0x00000000 DriverInit: 0xF0558720 \SystemRoot\System32\Drivers\NDProxy.SYS DriverStartIo: 0x00000000 DriverUnload: 0xF0550506 \SystemRoot\System32\Drivers\NDProxy.SYS IRP_MJ_CREATE: 0xF0550604 \SystemRoot\System32\Drivers\NDProxy.SYS IRP_MJ_CREATE_NAMED_PIPE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_CLOSE: 0xF0550604 \SystemRoot\System32\Drivers\NDProxy.SYS IRP_MJ_READ: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_WRITE: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_INFORMATION: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_QUERY_EA: 0x80425480 \WINNT\System32\ntoskrnl.exe IRP_MJ_SET_EA: 0x80425480 \WINNT\System32\ntoskrnl.ex