================================================== Filename : ntoskrnl.exe Address In Stack : ntoskrnl.exe+66c6a8 From Address : fffff803`0620a000 To Address : fffff803`0698b000 Size : 0x00781000 Time Stamp : 0x52718d9c Time String : 30/10/2013 23:52:12 Product Name : Microsoft® Windows® Operating System File Description : NT Kernel & System File Version : 6.3.9600.16452 (winblue_gdr.131030-1505) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\ntoskrnl.exe ================================================== ================================================== Filename : nvlddmkm.sys Address In Stack : nvlddmkm.sys+9a879 From Address : fffff800`01ced000 To Address : fffff800`0292e000 Size : 0x00c41000 Time Stamp : 0x5280da75 Time String : 11/11/2013 14:24:05 Product Name : NVIDIA Windows Kernel Mode Driver, Version 331.82 File Description : NVIDIA Windows Kernel Mode Driver, Version 331.82 File Version : 9.18.13.3182 Company : NVIDIA Corporation Full Path : C:\WINDOWS\system32\drivers\nvlddmkm.sys ================================================== ================================================== Filename : hal.dll Address In Stack : From Address : fffff803`0698b000 To Address : fffff803`069fa000 Size : 0x0006f000 Time Stamp : 0x523d5260 Time String : 21/09/2013 9:01:36 Product Name : Microsoft® Windows® Operating System File Description : Hardware Abstraction Layer DLL File Version : 6.3.9600.16408 (winblue_gdr.130920-1803) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\hal.dll ================================================== ================================================== Filename : kd.dll Address In Stack : From Address : fffff803`0563c000 To Address : fffff803`05645000 Size : 0x00009000 Time Stamp : 0x5215f8bb Time String : 22/08/2013 12:40:43 Product Name : Microsoft® Windows® Operating System File Description : Local Kernel Debugger File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\kd.dll ================================================== ================================================== Filename : mcupdate_GenuineIntel.dll Address In Stack : From Address : fffff800`00011000 To Address : fffff800`00077000 Size : 0x00066000 Time Stamp : 0x5215f8a0 Time String : 22/08/2013 12:40:16 Product Name : Microsoft® Windows® Operating System File Description : Intel Microcode Update Library File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\mcupdate_GenuineIntel.dll ================================================== ================================================== Filename : werkernel.sys Address In Stack : From Address : fffff800`00077000 To Address : fffff800`00085000 Size : 0x0000e000 Time Stamp : 0x5215f8a8 Time String : 22/08/2013 12:40:24 Product Name : Microsoft® Windows® Operating System File Description : Windows Error Reporting Kernel Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\werkernel.sys ================================================== ================================================== Filename : CLFS.SYS Address In Stack : From Address : fffff800`00085000 To Address : fffff800`000e7000 Size : 0x00062000 Time Stamp : 0x5215f8a4 Time String : 22/08/2013 12:40:20 Product Name : Microsoft® Windows® Operating System File Description : Common Log File System Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\CLFS.SYS ================================================== ================================================== Filename : tm.sys Address In Stack : From Address : fffff800`000e7000 To Address : fffff800`00109000 Size : 0x00022000 Time Stamp : 0x5215f875 Time String : 22/08/2013 12:39:33 Product Name : Microsoft® Windows® Operating System File Description : Kernel Transaction Manager Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\tm.sys ================================================== ================================================== Filename : PSHED.dll Address In Stack : From Address : fffff800`00109000 To Address : fffff800`0011e000 Size : 0x00015000 Time Stamp : 0x52346b3f Time String : 14/09/2013 14:57:19 Product Name : Microsoft® Windows® Operating System File Description : Platform Specific Hardware Error Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\PSHED.dll ================================================== ================================================== Filename : BOOTVID.dll Address In Stack : From Address : fffff800`0011e000 To Address : fffff800`00128000 Size : 0x0000a000 Time Stamp : 0x5215f8aa Time String : 22/08/2013 12:40:26 Product Name : Microsoft® Windows® Operating System File Description : VGA Boot Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\BOOTVID.dll ================================================== ================================================== Filename : CI.dll Address In Stack : From Address : fffff800`00128000 To Address : fffff800`001b0000 Size : 0x00088000 Time Stamp : 0x523d51aa Time String : 21/09/2013 8:58:34 Product Name : Microsoft® Windows® Operating System File Description : Code Integrity Module (Test) File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\CI.dll ================================================== ================================================== Filename : msrpc.sys Address In Stack : From Address : fffff800`00299000 To Address : fffff800`002f6000 Size : 0x0005d000 Time Stamp : 0x5215f86a Time String : 22/08/2013 12:39:22 Product Name : Microsoft® Windows® Operating System File Description : Kernel Remote Procedure Call Provider File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\msrpc.sys ================================================== ================================================== Filename : VerifierExt.sys Address In Stack : From Address : fffff800`002f6000 To Address : fffff800`0036a000 Size : 0x00074000 Time Stamp : 0x52344b48 Time String : 14/09/2013 12:40:56 Product Name : Microsoft® Windows® Operating System File Description : Driver Verifier Extension File Version : 6.3.9600.16404 (winblue_gdr.130913-2141) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\VerifierExt.sys ================================================== ================================================== Filename : Wdf01000.sys Address In Stack : From Address : fffff800`004d6000 To Address : fffff800`005a5000 Size : 0x000cf000 Time Stamp : 0x5215f850 Time String : 22/08/2013 12:38:56 Product Name : Microsoft® Windows® Operating System File Description : Kernel Mode Driver Framework Runtime File Version : 1.13.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Wdf01000.sys ================================================== ================================================== Filename : WDFLDR.SYS Address In Stack : From Address : fffff800`005a5000 To Address : fffff800`005b6000 Size : 0x00011000 Time Stamp : 0x5215f857 Time String : 22/08/2013 12:39:03 Product Name : Microsoft® Windows® Operating System File Description : Kernel Mode Driver Framework Loader File Version : 1.13.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WDFLDR.SYS ================================================== ================================================== Filename : acpiex.sys Address In Stack : From Address : fffff800`005b6000 To Address : fffff800`005ce000 Size : 0x00018000 Time Stamp : 0x5215f80b Time String : 22/08/2013 12:37:47 Product Name : Microsoft® Windows® Operating System File Description : ACPIEx Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\acpiex.sys ================================================== ================================================== Filename : WppRecorder.sys Address In Stack : From Address : fffff800`005ce000 To Address : fffff800`005d9000 Size : 0x0000b000 Time Stamp : 0x5215f87c Time String : 22/08/2013 12:39:40 Product Name : Microsoft® Windows® Operating System File Description : WPP Trace Recorder File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WppRecorder.sys ================================================== ================================================== Filename : ACPI.sys Address In Stack : From Address : fffff800`00400000 To Address : fffff800`00485000 Size : 0x00085000 Time Stamp : 0x5253b6f6 Time String : 8/10/2013 8:40:38 Product Name : Microsoft® Windows® Operating System File Description : ACPI Driver for NT File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ACPI.sys ================================================== ================================================== Filename : WMILIB.SYS Address In Stack : From Address : fffff800`00485000 To Address : fffff800`0048f000 Size : 0x0000a000 Time Stamp : 0x5215f8a7 Time String : 22/08/2013 12:40:23 Product Name : Microsoft® Windows® Operating System File Description : WMILIB WMI support library Dll File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WMILIB.SYS ================================================== ================================================== Filename : cng.sys Address In Stack : From Address : fffff800`0036a000 To Address : fffff800`003f5000 Size : 0x0008b000 Time Stamp : 0x5215f821 Time String : 22/08/2013 12:38:09 Product Name : Microsoft® Windows® Operating System File Description : Kernel Cryptography, Next Generation File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\cng.sys ================================================== ================================================== Filename : msisadrv.sys Address In Stack : From Address : fffff800`0049a000 To Address : fffff800`004a4000 Size : 0x0000a000 Time Stamp : 0x5215f857 Time String : 22/08/2013 12:39:03 Product Name : Microsoft® Windows® Operating System File Description : ISA Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\msisadrv.sys ================================================== ================================================== Filename : pci.sys Address In Stack : From Address : fffff800`00200000 To Address : fffff800`00249000 Size : 0x00049000 Time Stamp : 0x5215f837 Time String : 22/08/2013 12:38:31 Product Name : Microsoft® Windows® Operating System File Description : NT Plug and Play PCI Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\pci.sys ================================================== ================================================== Filename : vdrvroot.sys Address In Stack : From Address : fffff800`004a4000 To Address : fffff800`004b1000 Size : 0x0000d000 Time Stamp : 0x5215f849 Time String : 22/08/2013 12:38:49 Product Name : Microsoft® Windows® Operating System File Description : Virtual Drive Root Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\vdrvroot.sys ================================================== ================================================== Filename : pdc.sys Address In Stack : From Address : fffff800`004b1000 To Address : fffff800`004cd000 Size : 0x0001c000 Time Stamp : 0x52733502 Time String : 1/11/2013 5:58:42 Product Name : Microsoft® Windows® Operating System File Description : Power Dependency Coordinator Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\pdc.sys ================================================== ================================================== Filename : partmgr.sys Address In Stack : From Address : fffff800`005d9000 To Address : fffff800`005f1000 Size : 0x00018000 Time Stamp : 0x5215f8a4 Time String : 22/08/2013 12:40:20 Product Name : Microsoft® Windows® Operating System File Description : Partition Management Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\partmgr.sys ================================================== ================================================== Filename : spaceport.sys Address In Stack : From Address : fffff800`006a8000 To Address : fffff800`00706000 Size : 0x0005e000 Time Stamp : 0x52718a77 Time String : 30/10/2013 23:38:47 Product Name : Microsoft® Windows® Operating System File Description : Storage Spaces Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\spaceport.sys ================================================== ================================================== Filename : volmgr.sys Address In Stack : From Address : fffff800`00706000 To Address : fffff800`0071b000 Size : 0x00015000 Time Stamp : 0x5215f889 Time String : 22/08/2013 12:39:53 Product Name : Microsoft® Windows® Operating System File Description : Volume Manager Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\volmgr.sys ================================================== ================================================== Filename : volmgrx.sys Address In Stack : From Address : fffff800`0071b000 To Address : fffff800`0077a000 Size : 0x0005f000 Time Stamp : 0x5215f8a7 Time String : 22/08/2013 12:40:23 Product Name : Microsoft® Windows® Operating System File Description : Volume Manager Extension Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\volmgrx.sys ================================================== ================================================== Filename : mountmgr.sys Address In Stack : From Address : fffff800`0077a000 To Address : fffff800`00795000 Size : 0x0001b000 Time Stamp : 0x5215f894 Time String : 22/08/2013 12:40:04 Product Name : Microsoft® Windows® Operating System File Description : Mount Point Manager File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mountmgr.sys ================================================== ================================================== Filename : storahci.sys Address In Stack : From Address : fffff800`00795000 To Address : fffff800`007b2000 Size : 0x0001d000 Time Stamp : 0x5215f8b7 Time String : 22/08/2013 12:40:39 Product Name : Microsoft® Windows® Operating System File Description : MS AHCI Storport Miniport Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\storahci.sys ================================================== ================================================== Filename : storport.sys Address In Stack : From Address : fffff800`00600000 To Address : fffff800`0065f000 Size : 0x0005f000 Time Stamp : 0x5215f857 Time String : 22/08/2013 12:39:03 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Storage Port Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\storport.sys ================================================== ================================================== Filename : EhStorClass.sys Address In Stack : From Address : fffff800`0065f000 To Address : fffff800`00679000 Size : 0x0001a000 Time Stamp : 0x5215f827 Time String : 22/08/2013 12:38:15 Product Name : Microsoft® Windows® Operating System File Description : Enhanced Storage Class driver for IEEE 1667 devices File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\EhStorClass.sys ================================================== ================================================== Filename : fltmgr.sys Address In Stack : From Address : fffff800`008d7000 To Address : fffff800`00933000 Size : 0x0005c000 Time Stamp : 0x5215f8a2 Time String : 22/08/2013 12:40:18 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Filesystem Filter Manager File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\fltmgr.sys ================================================== ================================================== Filename : fileinfo.sys Address In Stack : From Address : fffff800`00933000 To Address : fffff800`00949000 Size : 0x00016000 Time Stamp : 0x5215f845 Time String : 22/08/2013 12:38:45 Product Name : Microsoft® Windows® Operating System File Description : FileInfo Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\fileinfo.sys ================================================== ================================================== Filename : WdFilter.sys Address In Stack : From Address : fffff800`00949000 To Address : fffff800`0098d000 Size : 0x00044000 Time Stamp : 0x5215f876 Time String : 22/08/2013 12:39:34 Product Name : Microsoft® Windows® Operating System File Description : Microsoft antimalware file system filter driver File Version : 4.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WdFilter.sys ================================================== ================================================== Filename : Ntfs.sys Address In Stack : From Address : fffff800`00a9b000 To Address : fffff800`00c91000 Size : 0x001f6000 Time Stamp : 0x5215d042 Time String : 22/08/2013 9:48:02 Product Name : Microsoft® Windows® Operating System File Description : NT File System Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Ntfs.sys ================================================== ================================================== Filename : ksecdd.sys Address In Stack : From Address : fffff800`00c91000 To Address : fffff800`00cad000 Size : 0x0001c000 Time Stamp : 0x523d51f0 Time String : 21/09/2013 8:59:44 Product Name : Microsoft® Windows® Operating System File Description : Kernel Security Support Provider Interface File Version : 6.3.9600.16408 (winblue_gdr.130920-1803) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ksecdd.sys ================================================== ================================================== Filename : pcw.sys Address In Stack : From Address : fffff800`00cad000 To Address : fffff800`00cbd000 Size : 0x00010000 Time Stamp : 0x5215cfea Time String : 22/08/2013 9:46:34 Product Name : Microsoft® Windows® Operating System File Description : Performance Counters for Windows Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\pcw.sys ================================================== ================================================== Filename : Fs_Rec.sys Address In Stack : From Address : fffff800`00cbd000 To Address : fffff800`00cc8000 Size : 0x0000b000 Time Stamp : 0x5215cfe9 Time String : 22/08/2013 9:46:33 Product Name : Microsoft® Windows® Operating System File Description : File System Recognizer Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Fs_Rec.sys ================================================== ================================================== Filename : ndis.sys Address In Stack : From Address : fffff800`00cc8000 To Address : fffff800`00de0000 Size : 0x00118000 Time Stamp : 0x523d51e2 Time String : 21/09/2013 8:59:30 Product Name : Microsoft® Windows® Operating System File Description : Network Driver Interface Specification (NDIS) File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ndis.sys ================================================== ================================================== Filename : NETIO.SYS Address In Stack : From Address : fffff800`00a00000 To Address : fffff800`00a79000 Size : 0x00079000 Time Stamp : 0x5215f7e4 Time String : 22/08/2013 12:37:08 Product Name : Microsoft® Windows® Operating System File Description : Network I/O Subsystem File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\NETIO.SYS ================================================== ================================================== Filename : ksecpkg.sys Address In Stack : From Address : fffff800`0098d000 To Address : fffff800`009c1000 Size : 0x00034000 Time Stamp : 0x5215f7fc Time String : 22/08/2013 12:37:32 Product Name : Microsoft® Windows® Operating System File Description : Kernel Security Support Provider Interface Packages File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ksecpkg.sys ================================================== ================================================== Filename : tcpip.sys Address In Stack : From Address : fffff800`00e13000 To Address : fffff800`01091000 Size : 0x0027e000 Time Stamp : 0x5253b704 Time String : 8/10/2013 8:40:52 Product Name : Microsoft® Windows® Operating System File Description : TCP/IP Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\tcpip.sys ================================================== ================================================== Filename : fwpkclnt.sys Address In Stack : From Address : fffff800`01091000 To Address : fffff800`010fd000 Size : 0x0006c000 Time Stamp : 0x5215f7c6 Time String : 22/08/2013 12:36:38 Product Name : Microsoft® Windows® Operating System File Description : FWP/IPsec Kernel-Mode API File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\fwpkclnt.sys ================================================== ================================================== Filename : wfplwfs.sys Address In Stack : From Address : fffff800`010fd000 To Address : fffff800`01122000 Size : 0x00025000 Time Stamp : 0x5259df5e Time String : 13/10/2013 0:46:38 Product Name : Microsoft® Windows® Operating System File Description : WFP NDIS 6.30 Lightweight Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\wfplwfs.sys ================================================== ================================================== Filename : fvevol.sys Address In Stack : From Address : fffff800`01122000 To Address : fffff800`011b5000 Size : 0x00093000 Time Stamp : 0x523d5198 Time String : 21/09/2013 8:58:16 Product Name : Microsoft® Windows® Operating System File Description : BitLocker Drive Encryption Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\fvevol.sys ================================================== ================================================== Filename : volsnap.sys Address In Stack : From Address : fffff800`00800000 To Address : fffff800`00850000 Size : 0x00050000 Time Stamp : 0x5215f8be Time String : 22/08/2013 12:40:46 Product Name : Microsoft® Windows® Operating System File Description : Volume Shadow Copy Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\volsnap.sys ================================================== ================================================== Filename : rdyboost.sys Address In Stack : From Address : fffff800`011b5000 To Address : fffff800`011fa000 Size : 0x00045000 Time Stamp : 0x5259e015 Time String : 13/10/2013 0:49:41 Product Name : Microsoft® Windows® Operating System File Description : ReadyBoost Driver File Version : 6.3.9600.16427 (winblue_gdr.131012-0944) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\rdyboost.sys ================================================== ================================================== Filename : mup.sys Address In Stack : From Address : fffff800`00a79000 To Address : fffff800`00a90000 Size : 0x00017000 Time Stamp : 0x5215f8ac Time String : 22/08/2013 12:40:28 Product Name : Microsoft® Windows® Operating System File Description : Multiple UNC Provider Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mup.sys ================================================== ================================================== Filename : intelpep.sys Address In Stack : From Address : fffff800`00e00000 To Address : fffff800`00e0f000 Size : 0x0000f000 Time Stamp : 0x527df643 Time String : 9/11/2013 9:45:55 Product Name : Microsoft® Windows® Operating System File Description : Intel Power Engine Plugin File Version : 6.3.9600.16459 (winblue_gdr.131108-1637) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\intelpep.sys ================================================== ================================================== Filename : disk.sys Address In Stack : From Address : fffff800`00850000 To Address : fffff800`0086c000 Size : 0x0001c000 Time Stamp : 0x5215f883 Time String : 22/08/2013 12:39:47 Product Name : Microsoft® Windows® Operating System File Description : PnP Disk Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\disk.sys ================================================== ================================================== Filename : CLASSPNP.SYS Address In Stack : From Address : fffff800`0086c000 To Address : fffff800`008c2000 Size : 0x00056000 Time Stamp : 0x5215cff7 Time String : 22/08/2013 9:46:47 Product Name : Microsoft® Windows® Operating System File Description : SCSI Class System Dll File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\CLASSPNP.SYS ================================================== ================================================== Filename : crashdmp.sys Address In Stack : From Address : fffff800`00de0000 To Address : fffff800`00df5000 Size : 0x00015000 Time Stamp : 0x5215f893 Time String : 22/08/2013 12:40:03 Product Name : Microsoft® Windows® Operating System File Description : Crash Dump Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\crashdmp.sys ================================================== ================================================== Filename : cdrom.sys Address In Stack : From Address : fffff800`00679000 To Address : fffff800`006a7000 Size : 0x0002e000 Time Stamp : 0x5215cfeb Time String : 22/08/2013 9:46:35 Product Name : Microsoft® Windows® Operating System File Description : SCSI CD-ROM Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\cdrom.sys ================================================== ================================================== Filename : Null.SYS Address In Stack : From Address : fffff800`00df5000 To Address : fffff800`00dfe000 Size : 0x00009000 Time Stamp : 0x5215f8a8 Time String : 22/08/2013 12:40:24 Product Name : Microsoft® Windows® Operating System File Description : NULL Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Null.SYS ================================================== ================================================== Filename : Beep.SYS Address In Stack : From Address : fffff800`00a90000 To Address : fffff800`00a98000 Size : 0x00008000 Time Stamp : 0x5215f8a8 Time String : 22/08/2013 12:40:24 Product Name : Microsoft® Windows® Operating System File Description : BEEP Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Beep.SYS ================================================== ================================================== Filename : BasicRender.sys Address In Stack : From Address : fffff800`007b2000 To Address : fffff800`007c0000 Size : 0x0000e000 Time Stamp : 0x5215f86f Time String : 22/08/2013 12:39:27 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Basic Render Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\BasicRender.sys ================================================== ================================================== Filename : dxgkrnl.sys Address In Stack : From Address : fffff800`0144a000 To Address : fffff800`015c4000 Size : 0x0017a000 Time Stamp : 0x5277b2d6 Time String : 4/11/2013 15:44:38 Product Name : Microsoft® Windows® Operating System File Description : DirectX Graphics Kernel File Version : 6.3.9600.16455 (winblue_gdr.131103-1206) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\dxgkrnl.sys ================================================== ================================================== Filename : watchdog.sys Address In Stack : From Address : fffff800`015c4000 To Address : fffff800`015d6000 Size : 0x00012000 Time Stamp : 0x5215f884 Time String : 22/08/2013 12:39:48 Product Name : Microsoft® Windows® Operating System File Description : Watchdog Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\watchdog.sys ================================================== ================================================== Filename : dxgmms1.sys Address In Stack : From Address : fffff800`0164f000 To Address : fffff800`016b0000 Size : 0x00061000 Time Stamp : 0x5277b2b7 Time String : 4/11/2013 15:44:07 Product Name : Microsoft® Windows® Operating System File Description : DirectX Graphics MMS File Version : 6.3.9600.16455 (winblue_gdr.131103-1206) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\dxgmms1.sys ================================================== ================================================== Filename : BasicDisplay.sys Address In Stack : From Address : fffff800`016b0000 To Address : fffff800`016c2000 Size : 0x00012000 Time Stamp : 0x5215f873 Time String : 22/08/2013 12:39:31 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Basic Display Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\BasicDisplay.sys ================================================== ================================================== Filename : Npfs.SYS Address In Stack : From Address : fffff800`016c2000 To Address : fffff800`016d6000 Size : 0x00014000 Time Stamp : 0x5215f8a9 Time String : 22/08/2013 12:40:25 Product Name : Microsoft® Windows® Operating System File Description : NPFS Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Npfs.SYS ================================================== ================================================== Filename : Msfs.SYS Address In Stack : From Address : fffff800`016d6000 To Address : fffff800`016e2000 Size : 0x0000c000 Time Stamp : 0x5215f8a8 Time String : 22/08/2013 12:40:24 Product Name : Microsoft® Windows® Operating System File Description : Mailslot driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Msfs.SYS ================================================== ================================================== Filename : tdx.sys Address In Stack : From Address : fffff800`016e2000 To Address : fffff800`01702000 Size : 0x00020000 Time Stamp : 0x5215f7c2 Time String : 22/08/2013 12:36:34 Product Name : Microsoft® Windows® Operating System File Description : TDI Translation Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\tdx.sys ================================================== ================================================== Filename : TDI.SYS Address In Stack : From Address : fffff800`01702000 To Address : fffff800`01710000 Size : 0x0000e000 Time Stamp : 0x5215f855 Time String : 22/08/2013 12:39:01 Product Name : Microsoft® Windows® Operating System File Description : TDI Wrapper File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\TDI.SYS ================================================== ================================================== Filename : netbt.sys Address In Stack : From Address : fffff800`01710000 To Address : fffff800`0175c000 Size : 0x0004c000 Time Stamp : 0x5215f7dd Time String : 22/08/2013 12:37:01 Product Name : Microsoft® Windows® Operating System File Description : MBT Transport driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\netbt.sys ================================================== ================================================== Filename : afd.sys Address In Stack : From Address : fffff800`0175c000 To Address : fffff800`017ef000 Size : 0x00093000 Time Stamp : 0x5215f7d2 Time String : 22/08/2013 12:36:50 Product Name : Microsoft® Windows® Operating System File Description : Ancillary Function Driver for WinSock File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\afd.sys ================================================== ================================================== Filename : pacer.sys Address In Stack : From Address : fffff800`01600000 To Address : fffff800`0162a000 Size : 0x0002a000 Time Stamp : 0x5215f7a6 Time String : 22/08/2013 12:36:06 Product Name : Microsoft® Windows® Operating System File Description : QoS Packet Scheduler File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\pacer.sys ================================================== ================================================== Filename : netbios.sys Address In Stack : From Address : fffff800`0162a000 To Address : fffff800`0163b000 Size : 0x00011000 Time Stamp : 0x5215f852 Time String : 22/08/2013 12:38:58 Product Name : Microsoft® Windows® Operating System File Description : NetBIOS interface driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\netbios.sys ================================================== ================================================== Filename : rdbss.sys Address In Stack : From Address : fffff800`018dc000 To Address : fffff800`0194c000 Size : 0x00070000 Time Stamp : 0x5215f80c Time String : 22/08/2013 12:37:48 Product Name : Microsoft® Windows® Operating System File Description : Redirected Drive Buffering SubSystem Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\rdbss.sys ================================================== ================================================== Filename : csc.sys Address In Stack : From Address : fffff800`0194c000 To Address : fffff800`019da000 Size : 0x0008e000 Time Stamp : 0x5215f818 Time String : 22/08/2013 12:38:00 Product Name : Microsoft® Windows® Operating System File Description : Windows Client Side Caching Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\csc.sys ================================================== ================================================== Filename : nsiproxy.sys Address In Stack : From Address : fffff800`019da000 To Address : fffff800`019e8000 Size : 0x0000e000 Time Stamp : 0x5215f7c2 Time String : 22/08/2013 12:36:34 Product Name : Microsoft® Windows® Operating System File Description : NSI Proxy File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\nsiproxy.sys ================================================== ================================================== Filename : npsvctrig.sys Address In Stack : From Address : fffff800`019e8000 To Address : fffff800`019f4000 Size : 0x0000c000 Time Stamp : 0x5215f82e Time String : 22/08/2013 12:38:22 Product Name : Microsoft® Windows® Operating System File Description : Named pipe service triggers File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\npsvctrig.sys ================================================== ================================================== Filename : mssmbios.sys Address In Stack : From Address : fffff800`019f4000 To Address : fffff800`01a00000 Size : 0x0000c000 Time Stamp : 0x5215f87d Time String : 22/08/2013 12:39:41 Product Name : Microsoft® Windows® Operating System File Description : System Management BIOS Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mssmbios.sys ================================================== ================================================== Filename : dfsc.sys Address In Stack : From Address : fffff800`01800000 To Address : fffff800`01826000 Size : 0x00026000 Time Stamp : 0x5215f818 Time String : 22/08/2013 12:38:00 Product Name : Microsoft® Windows® Operating System File Description : DFS Namespace Client Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\dfsc.sys ================================================== ================================================== Filename : ahcache.sys Address In Stack : From Address : fffff800`01836000 To Address : fffff800`0184d000 Size : 0x00017000 Time Stamp : 0x5215f88a Time String : 22/08/2013 12:39:54 Product Name : Microsoft® Windows® Operating System File Description : Application Compatibility Cache File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ahcache.sys ================================================== ================================================== Filename : CompositeBus.sys Address In Stack : From Address : fffff800`0184d000 To Address : fffff800`0185c000 Size : 0x0000f000 Time Stamp : 0x5215f848 Time String : 22/08/2013 12:38:48 Product Name : Microsoft® Windows® Operating System File Description : Multi-Transport Composite Bus Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\CompositeBus.sys ================================================== ================================================== Filename : kdnic.sys Address In Stack : From Address : fffff800`0185c000 To Address : fffff800`01867000 Size : 0x0000b000 Time Stamp : 0x5215f832 Time String : 22/08/2013 12:38:26 Product Name : Microsoft Kernel Debugger Network Adapter (NDIS 6.20 Miniport) File Description : Microsoft Kernel Debugger Network Miniport File Version : 6.01.00.0000 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\kdnic.sys ================================================== ================================================== Filename : umbus.sys Address In Stack : From Address : fffff800`01867000 To Address : fffff800`01878000 Size : 0x00011000 Time Stamp : 0x5215f853 Time String : 22/08/2013 12:38:59 Product Name : Microsoft® Windows® Operating System File Description : User-Mode Bus Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\umbus.sys ================================================== ================================================== Filename : USBXHCI.SYS Address In Stack : From Address : fffff800`01878000 To Address : fffff800`018cd000 Size : 0x00055000 Time Stamp : 0x527df5ea Time String : 9/11/2013 9:44:26 Product Name : Microsoft® Windows® Operating System File Description : USB XHCI Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\USBXHCI.SYS ================================================== ================================================== Filename : ucx01000.sys Address In Stack : From Address : fffff800`01400000 To Address : fffff800`01432000 Size : 0x00032000 Time Stamp : 0x5215f7fc Time String : 22/08/2013 12:37:32 Product Name : Microsoft® Windows® Operating System File Description : USB Controller Extension File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ucx01000.sys ================================================== ================================================== Filename : TeeDriverx64.sys Address In Stack : From Address : fffff800`015d6000 To Address : fffff800`015f2000 Size : 0x0001c000 Time Stamp : 0x5228c72a Time String : 5/09/2013 19:02:18 Product Name : Intel(R) Management Engine Interface File Description : Intel(R) Management Engine Interface File Version : 9.5.15.1730 Company : Intel Corporation Full Path : C:\WINDOWS\system32\drivers\TeeDriverx64.sys ================================================== ================================================== Filename : usbehci.sys Address In Stack : From Address : fffff800`01432000 To Address : fffff800`0144a000 Size : 0x00018000 Time Stamp : 0x5215f863 Time String : 22/08/2013 12:39:15 Product Name : Microsoft® Windows® Operating System File Description : EHCI eUSB Miniport Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\usbehci.sys ================================================== ================================================== Filename : USBPORT.SYS Address In Stack : From Address : fffff800`01a5f000 To Address : fffff800`01ace000 Size : 0x0006f000 Time Stamp : 0x5215f87c Time String : 22/08/2013 12:39:40 Product Name : Microsoft® Windows® Operating System File Description : USB 1.1 & 2.0 Port Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\USBPORT.SYS ================================================== ================================================== Filename : HDAudBus.sys Address In Stack : From Address : fffff800`01ace000 To Address : fffff800`01ae7000 Size : 0x00019000 Time Stamp : 0x5215f83d Time String : 22/08/2013 12:38:37 Product Name : Microsoft® Windows® Operating System File Description : High Definition Audio Bus Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\HDAudBus.sys ================================================== ================================================== Filename : Rt630x64.sys Address In Stack : From Address : fffff800`0292e000 To Address : fffff800`029fa000 Size : 0x000cc000 Time Stamp : 0x51f21ecf Time String : 26/07/2013 8:01:35 Product Name : Realtek 8136/8168/8169 PCI/PCIe Adapters File Description : Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver File Version : 8.019.0726.2013 Company : Realtek Full Path : C:\WINDOWS\system32\drivers\Rt630x64.sys ================================================== ================================================== Filename : ICCWDT.sys Address In Stack : From Address : fffff800`01c00000 To Address : fffff800`01c0c000 Size : 0x0000c000 Time Stamp : 0x50ffa349 Time String : 23/01/2013 9:46:01 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : parport.sys Address In Stack : From Address : fffff800`01c0c000 To Address : fffff800`01c28000 Size : 0x0001c000 Time Stamp : 0x5215f892 Time String : 22/08/2013 12:40:02 Product Name : Microsoft® Windows® Operating System File Description : Parallel Port Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\parport.sys ================================================== ================================================== Filename : wmiacpi.sys Address In Stack : From Address : fffff800`01c28000 To Address : fffff800`01c32000 Size : 0x0000a000 Time Stamp : 0x5215f894 Time String : 22/08/2013 12:40:04 Product Name : Microsoft® Windows® Operating System File Description : Windows Management Interface for ACPI File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\wmiacpi.sys ================================================== ================================================== Filename : intelppm.sys Address In Stack : From Address : fffff800`01c32000 To Address : fffff800`01c50000 Size : 0x0001e000 Time Stamp : 0x5215cfeb Time String : 22/08/2013 9:46:35 Product Name : Microsoft® Windows® Operating System File Description : Processor Device Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\intelppm.sys ================================================== ================================================== Filename : AcpiCtlDrv.sys Address In Stack : From Address : fffff800`01c50000 To Address : fffff800`01c5a000 Size : 0x0000a000 Time Stamp : 0x50059bc4 Time String : 17/07/2012 18:07:16 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : nvvad64v.sys Address In Stack : From Address : fffff800`01c5a000 To Address : fffff800`01c67000 Size : 0x0000d000 Time Stamp : 0x52711f5c Time String : 30/10/2013 16:01:48 Product Name : NVIDIA Virtual Audio Driver File Description : NVIDIA Virtual Audio Driver File Version : 1.2.12 built by: WinDDK Company : NVIDIA Corporation Full Path : C:\WINDOWS\system32\drivers\nvvad64v.sys ================================================== ================================================== Filename : portcls.sys Address In Stack : From Address : fffff800`01c67000 To Address : fffff800`01cae000 Size : 0x00047000 Time Stamp : 0x5237fe4f Time String : 17/09/2013 8:01:35 Product Name : Microsoft® Windows® Operating System File Description : Port Class (Class Driver for Port/Miniport Devices) File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\portcls.sys ================================================== ================================================== Filename : drmk.sys Address In Stack : From Address : fffff800`01cae000 To Address : fffff800`01cca000 Size : 0x0001c000 Time Stamp : 0x5215f86c Time String : 22/08/2013 12:39:24 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Trusted Audio Drivers File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\drmk.sys ================================================== ================================================== Filename : ks.sys Address In Stack : From Address : fffff800`01ae7000 To Address : fffff800`01b33000 Size : 0x0004c000 Time Stamp : 0x52283517 Time String : 5/09/2013 8:39:03 Product Name : Microsoft® Windows® Operating System File Description : Kernel CSA Library File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ks.sys ================================================== ================================================== Filename : ksthunk.sys Address In Stack : From Address : fffff800`01cca000 To Address : fffff800`01ccf300 Size : 0x00005300 Time Stamp : 0x5215f873 Time String : 22/08/2013 12:39:31 Product Name : Microsoft® Windows® Operating System File Description : Kernel Streaming WOW Thunk Service File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\ksthunk.sys ================================================== ================================================== Filename : NdisVirtualBus.sys Address In Stack : From Address : fffff800`01cd0000 To Address : fffff800`01cdb000 Size : 0x0000b000 Time Stamp : 0x5215f7b9 Time String : 22/08/2013 12:36:25 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Virtual Network Adapter Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\NdisVirtualBus.sys ================================================== ================================================== Filename : swenum.sys Address In Stack : From Address : fffff800`01cdb000 To Address : fffff800`01cdc600 Size : 0x00001600 Time Stamp : 0x5215f871 Time String : 22/08/2013 12:39:29 Product Name : Microsoft® Windows® Operating System File Description : Plug and Play Software Device Enumerator File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\swenum.sys ================================================== ================================================== Filename : rdpbus.sys Address In Stack : From Address : fffff800`01cdd000 To Address : fffff800`01ce8000 Size : 0x0000b000 Time Stamp : 0x5215f84c Time String : 22/08/2013 12:38:52 Product Name : Microsoft® Windows® Operating System File Description : Microsoft RDP Bus Device driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\rdpbus.sys ================================================== ================================================== Filename : usbhub.sys Address In Stack : From Address : fffff800`01b33000 To Address : fffff800`01b9e000 Size : 0x0006b000 Time Stamp : 0x5215f839 Time String : 22/08/2013 12:38:33 Product Name : Microsoft® Windows® Operating System File Description : Default Hub Driver for USB File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\usbhub.sys ================================================== ================================================== Filename : USBD.SYS Address In Stack : From Address : fffff800`01b9e000 To Address : fffff800`01baa000 Size : 0x0000c000 Time Stamp : 0x5215f8a6 Time String : 22/08/2013 12:40:22 Product Name : Microsoft® Windows® Operating System File Description : Universal Serial Bus Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\USBD.SYS ================================================== ================================================== Filename : UsbHub3.sys Address In Stack : From Address : fffff800`02a29000 To Address : fffff800`02aa1000 Size : 0x00078000 Time Stamp : 0x5237fe39 Time String : 17/09/2013 8:01:13 Product Name : Microsoft® Windows® Operating System File Description : USB3 HUB Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\UsbHub3.sys ================================================== ================================================== Filename : RTKVHD64.sys Address In Stack : From Address : fffff800`02c19000 To Address : fffff800`02fad200 Size : 0x00394200 Time Stamp : 0x529dcde2 Time String : 3/12/2013 13:26:10 Product Name : Realtek(r) High Definition Audio Function Driver File Description : Realtek(r) High Definition Audio Function Driver File Version : 6.0.1.7106 built by: WinDDK Company : Realtek Semiconductor Corp. Full Path : C:\WINDOWS\system32\drivers\RTKVHD64.sys ================================================== ================================================== Filename : MBfilt64.sys Address In Stack : From Address : fffff800`02fae000 To Address : fffff800`02fbc000 Size : 0x0000e000 Time Stamp : 0x4a7267b0 Time String : 31/07/2009 4:40:32 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : nvhda64v.sys Address In Stack : From Address : fffff800`02fbc000 To Address : fffff800`02ff0000 Size : 0x00034000 Time Stamp : 0x51bdb1af Time String : 16/06/2013 13:38:07 Product Name : NVIDIA HDMI Audio Driver File Description : NVIDIA HDMI Audio Driver File Version : 1.3.26.4 Company : NVIDIA Corporation Full Path : C:\WINDOWS\system32\drivers\nvhda64v.sys ================================================== ================================================== Filename : dump_diskdump.sys Address In Stack : From Address : fffff800`02ff0000 To Address : fffff800`02ffc000 Size : 0x0000c000 Time Stamp : 0x5215f8a2 Time String : 22/08/2013 12:40:18 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : dump_storahci.sys Address In Stack : From Address : fffff800`02adf000 To Address : fffff800`02afc000 Size : 0x0001d000 Time Stamp : 0x5215f8b7 Time String : 22/08/2013 12:40:39 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : dump_dumpfve.sys Address In Stack : From Address : fffff800`02c00000 To Address : fffff800`02c16000 Size : 0x00016000 Time Stamp : 0x5215f88b Time String : 22/08/2013 12:39:55 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : usbccgp.sys Address In Stack : From Address : fffff800`02afc000 To Address : fffff800`02b26000 Size : 0x0002a000 Time Stamp : 0x52678625 Time String : 23/10/2013 9:17:41 Product Name : Microsoft® Windows® Operating System File Description : USB Common Class Generic Parent Driver File Version : 6.3.9600.16442 (winblue_gdr.131022-1819) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\usbccgp.sys ================================================== ================================================== Filename : hidusb.sys Address In Stack : From Address : fffff800`02b26000 To Address : fffff800`02b34000 Size : 0x0000e000 Time Stamp : 0x5215f852 Time String : 22/08/2013 12:38:58 Product Name : Microsoft® Windows® Operating System File Description : USB Miniport Driver for Input Devices File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\hidusb.sys ================================================== ================================================== Filename : HIDCLASS.SYS Address In Stack : From Address : fffff800`02b34000 To Address : fffff800`02b53000 Size : 0x0001f000 Time Stamp : 0x5215f861 Time String : 22/08/2013 12:39:13 Product Name : Microsoft® Windows® Operating System File Description : Hid Class Library File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\HIDCLASS.SYS ================================================== ================================================== Filename : HIDPARSE.SYS Address In Stack : From Address : fffff800`02b53000 To Address : fffff800`02b5af00 Size : 0x00007f00 Time Stamp : 0x5215f8aa Time String : 22/08/2013 12:40:26 Product Name : Microsoft® Windows® Operating System File Description : Hid Parsing Library File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\HIDPARSE.SYS ================================================== ================================================== Filename : kbdhid.sys Address In Stack : From Address : fffff800`02b5b000 To Address : fffff800`02b69000 Size : 0x0000e000 Time Stamp : 0x5215f861 Time String : 22/08/2013 12:39:13 Product Name : Microsoft® Windows® Operating System File Description : HID Keyboard Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\kbdhid.sys ================================================== ================================================== Filename : kbdclass.sys Address In Stack : From Address : fffff800`02b69000 To Address : fffff800`02b79000 Size : 0x00010000 Time Stamp : 0x5215f86b Time String : 22/08/2013 12:39:23 Product Name : Microsoft® Windows® Operating System File Description : Keyboard Class Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\kbdclass.sys ================================================== ================================================== Filename : mouhid.sys Address In Stack : From Address : fffff800`02b79000 To Address : fffff800`02b86000 Size : 0x0000d000 Time Stamp : 0x5215f861 Time String : 22/08/2013 12:39:13 Product Name : Microsoft® Windows® Operating System File Description : HID Mouse Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mouhid.sys ================================================== ================================================== Filename : mouclass.sys Address In Stack : From Address : fffff800`02b86000 To Address : fffff800`02b96000 Size : 0x00010000 Time Stamp : 0x5215f861 Time String : 22/08/2013 12:39:13 Product Name : Microsoft® Windows® Operating System File Description : Mouse Class Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mouclass.sys ================================================== ================================================== Filename : win32k.sys Address In Stack : From Address : fffff960`00195000 To Address : fffff960`005ae000 Size : 0x00419000 Time Stamp : 0x527c90e6 Time String : 8/11/2013 8:21:10 Product Name : Microsoft® Windows® Operating System File Description : Multi-User Win32 Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\win32k.sys ================================================== ================================================== Filename : monitor.sys Address In Stack : From Address : fffff800`02b96000 To Address : fffff800`02ba4000 Size : 0x0000e000 Time Stamp : 0x5215f7c5 Time String : 22/08/2013 12:36:37 Product Name : Microsoft® Windows® Operating System File Description : Monitor Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\monitor.sys ================================================== ================================================== Filename : TSDDD.dll Address In Stack : From Address : fffff960`00621000 To Address : fffff960`0062a000 Size : 0x00009000 Time Stamp : 0x00000000 Time String : Product Name : Microsoft® Windows® Operating System File Description : Framebuffer Display Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\TSDDD.dll ================================================== ================================================== Filename : cdd.dll Address In Stack : From Address : fffff960`00951000 To Address : fffff960`0098c000 Size : 0x0003b000 Time Stamp : 0x00000000 Time String : Product Name : Microsoft® Windows® Operating System File Description : Canonical Display Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\cdd.dll ================================================== ================================================== Filename : luafv.sys Address In Stack : From Address : fffff800`02ba4000 To Address : fffff800`02bc8000 Size : 0x00024000 Time Stamp : 0x5215f878 Time String : 22/08/2013 12:39:36 Product Name : Microsoft® Windows® Operating System File Description : LUA File Virtualization Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\luafv.sys ================================================== ================================================== Filename : WudfPf.sys Address In Stack : From Address : fffff800`02bc8000 To Address : fffff800`02be9000 Size : 0x00021000 Time Stamp : 0x5215f7f1 Time String : 22/08/2013 12:37:21 Product Name : Microsoft® Windows® Operating System File Description : Windows Driver Foundation - User-mode Driver Framework Platform Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WudfPf.sys ================================================== ================================================== Filename : WinUSB.sys Address In Stack : From Address : fffff800`02a00000 To Address : fffff800`02a19000 Size : 0x00019000 Time Stamp : 0x5215f813 Time String : 22/08/2013 12:37:55 Product Name : Microsoft® Windows® Operating System File Description : Windows WinUSB Class Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WinUSB.sys ================================================== ================================================== Filename : WUDFRd.sys Address In Stack : From Address : fffff800`02aa1000 To Address : fffff800`02adf000 Size : 0x0003e000 Time Stamp : 0x5215f7d2 Time String : 22/08/2013 12:36:50 Product Name : Microsoft® Windows® Operating System File Description : Windows Driver Foundation - User-mode Driver Framework Reflector File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WUDFRd.sys ================================================== ================================================== Filename : scfilter.sys Address In Stack : From Address : fffff800`02be9000 To Address : fffff800`02bfa000 Size : 0x00011000 Time Stamp : 0x5215f81f Time String : 22/08/2013 12:38:07 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Smart Card Reader Filter Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\scfilter.sys ================================================== ================================================== Filename : lltdio.sys Address In Stack : From Address : fffff800`01baa000 To Address : fffff800`01bbe000 Size : 0x00014000 Time Stamp : 0x5215f7b2 Time String : 22/08/2013 12:36:18 Product Name : Microsoft® Windows® Operating System File Description : Link-Layer Topology Mapper I/O Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\lltdio.sys ================================================== ================================================== Filename : rspndr.sys Address In Stack : From Address : fffff800`01bbe000 To Address : fffff800`01bd6000 Size : 0x00018000 Time Stamp : 0x5215f7c2 Time String : 22/08/2013 12:36:34 Product Name : Microsoft® Windows® Operating System File Description : Link-Layer Topology Responder Driver for NDIS 6 File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\rspndr.sys ================================================== ================================================== Filename : HTTP.sys Address In Stack : From Address : fffff800`03291000 To Address : fffff800`0338b000 Size : 0x000fa000 Time Stamp : 0x5215f7e5 Time String : 22/08/2013 12:37:09 Product Name : Microsoft® Windows® Operating System File Description : HTTP Protocol Stack File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\HTTP.sys ================================================== ================================================== Filename : bowser.sys Address In Stack : From Address : fffff800`0338b000 To Address : fffff800`033ab000 Size : 0x00020000 Time Stamp : 0x5215f83e Time String : 22/08/2013 12:38:38 Product Name : Microsoft® Windows® Operating System File Description : NT Lan Manager Datagram Receiver Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\bowser.sys ================================================== ================================================== Filename : mpsdrv.sys Address In Stack : From Address : fffff800`033ab000 To Address : fffff800`033c2000 Size : 0x00017000 Time Stamp : 0x5215f7a6 Time String : 22/08/2013 12:36:06 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Protection Service Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mpsdrv.sys ================================================== ================================================== Filename : mrxsmb.sys Address In Stack : From Address : fffff800`03200000 To Address : fffff800`0326d000 Size : 0x0006d000 Time Stamp : 0x523d5132 Time String : 21/09/2013 8:56:34 Product Name : Microsoft® Windows® Operating System File Description : Windows NT SMB Minirdr File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mrxsmb.sys ================================================== ================================================== Filename : mrxsmb20.sys Address In Stack : From Address : fffff800`033c2000 To Address : fffff800`033fb000 Size : 0x00039000 Time Stamp : 0x523d5187 Time String : 21/09/2013 8:57:59 Product Name : Microsoft® Windows® Operating System File Description : Longhorn SMB 2.0 Redirector File Version : 6.3.9600.16408 (winblue_gdr.130920-1803) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mrxsmb20.sys ================================================== ================================================== Filename : iocbios2.sys Address In Stack : From Address : fffff800`0326d000 To Address : fffff800`03277000 Size : 0x0000a000 Time Stamp : 0x50eb0b87 Time String : 7/01/2013 18:53:11 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : mrxsmb10.sys Address In Stack : From Address : fffff800`01a00000 To Address : fffff800`01a4b000 Size : 0x0004b000 Time Stamp : 0x5215f78e Time String : 22/08/2013 12:35:42 Product Name : Microsoft® Windows® Operating System File Description : Longhorn SMB Downlevel SubRdr File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mrxsmb10.sys ================================================== ================================================== Filename : Ndu.sys Address In Stack : From Address : fffff800`01bd6000 To Address : fffff800`01bf3000 Size : 0x0001d000 Time Stamp : 0x5215f78e Time String : 22/08/2013 12:35:42 Product Name : Microsoft® Windows® Operating System File Description : Windows Network Data Usage Monitoring Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\Ndu.sys ================================================== ================================================== Filename : condrv.sys Address In Stack : From Address : fffff800`03277000 To Address : fffff800`03287000 Size : 0x00010000 Time Stamp : 0x5215f8a1 Time String : 22/08/2013 12:40:17 Product Name : Microsoft® Windows® Operating System File Description : Console Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\condrv.sys ================================================== ================================================== Filename : peauth.sys Address In Stack : From Address : fffff800`034db000 To Address : fffff800`03584000 Size : 0x000a9000 Time Stamp : 0x5215f7a7 Time String : 22/08/2013 12:36:07 Product Name : Microsoft® Windows® Operating System File Description : Protected Environment Authentication and Authorization Export Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\peauth.sys ================================================== ================================================== Filename : secdrv.SYS Address In Stack : From Address : fffff800`03584000 To Address : fffff800`0358f000 Size : 0x0000b000 Time Stamp : 0x4508052e Time String : 13/09/2006 14:18:38 Product Name : Macrovision SECURITY Driver File Description : Macrovision SECURITY Driver File Version : 4.03.086 Company : Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. Full Path : C:\WINDOWS\system32\drivers\secdrv.SYS ================================================== ================================================== Filename : srvnet.sys Address In Stack : From Address : fffff800`0358f000 To Address : fffff800`035d2000 Size : 0x00043000 Time Stamp : 0x52303881 Time String : 11/09/2013 10:31:45 Product Name : Microsoft® Windows® Operating System File Description : Server Network driver File Version : 6.3.9600.16401 (winblue_gdr.130910-1935) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\srvnet.sys ================================================== ================================================== Filename : tcpipreg.sys Address In Stack : From Address : fffff800`035d2000 To Address : fffff800`035e4000 Size : 0x00012000 Time Stamp : 0x5215f7a3 Time String : 22/08/2013 12:36:03 Product Name : Microsoft® Windows® Operating System File Description : TCP/IP Registry Compatibility Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\tcpipreg.sys ================================================== ================================================== Filename : srv2.sys Address In Stack : From Address : fffff800`03400000 To Address : fffff800`034ad000 Size : 0x000ad000 Time Stamp : 0x523d5199 Time String : 21/09/2013 8:58:17 Product Name : Microsoft® Windows® Operating System File Description : Smb 2.0 Server driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\srv2.sys ================================================== ================================================== Filename : srv.sys Address In Stack : From Address : fffff800`036a3000 To Address : fffff800`0373b000 Size : 0x00098000 Time Stamp : 0x524ff17b Time String : 5/10/2013 12:01:15 Product Name : Microsoft® Windows® Operating System File Description : Server driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\srv.sys ================================================== ================================================== Filename : tunnel.sys Address In Stack : From Address : fffff800`0373b000 To Address : fffff800`03768000 Size : 0x0002d000 Time Stamp : 0x5215f791 Time String : 22/08/2013 12:35:45 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Tunnel Interface Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\tunnel.sys ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`03768000 To Address : fffff800`0376f000 Size : 0x00007000 Time Stamp : 0x4ac94bd0 Time String : 5/10/2009 2:28:48 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : mslldp.sys Address In Stack : From Address : fffff800`0376f000 To Address : fffff800`03785000 Size : 0x00016000 Time Stamp : 0x5215f7a7 Time String : 22/08/2013 12:36:07 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Link-Layer Discovery Protocol Driver File Version : 6.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\mslldp.sys ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`03785000 To Address : fffff800`0378c000 Size : 0x00007000 Time Stamp : 0x50a9b67a Time String : 19/11/2012 5:32:58 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`0378c000 To Address : fffff800`03793000 Size : 0x00007000 Time Stamp : 0x50ab3bdf Time String : 20/11/2012 9:14:23 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`0379d000 To Address : fffff800`037a4000 Size : 0x00007000 Time Stamp : 0x5089142e Time String : 25/10/2012 11:27:58 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`037a4000 To Address : fffff800`037ab000 Size : 0x00007000 Time Stamp : 0x50ab3d06 Time String : 20/11/2012 9:19:18 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : NTIOLib_X64.sys Address In Stack : From Address : fffff800`037ab000 To Address : fffff800`037b2000 Size : 0x00007000 Time Stamp : 0x5089eb84 Time String : 26/10/2012 2:46:44 Product Name : File Description : File Version : Company : Full Path : ================================================== ================================================== Filename : WdNisDrv.sys Address In Stack : From Address : fffff800`037b2000 To Address : fffff800`037d3000 Size : 0x00021000 Time Stamp : 0x5215f784 Time String : 22/08/2013 12:35:32 Product Name : Microsoft® Windows® Operating System File Description : Microsoft Network Realtime Inspection Driver File Version : 4.3.9600.16384 (winblue_rtm.130821-1623) Company : Microsoft Corporation Full Path : C:\WINDOWS\system32\drivers\WdNisDrv.sys ==================================================