Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Npcap 0.03 call for test

From: Tyson Key <tyson.key () gmail com>
Date: Mon, 27 Jul 2015 14:08:18 +0100
Hi Yang,

I just tried this version on my machine (after uninstalling WinPCap,
rebooting, installing NPCap, and then rebooting again), and it seems that
during starting Wireshark, I still receive the BAD_POOL_CALLER BSoD:

==================================================
Dump File         : 072715-38828-01.dmp
Crash Time        : 27/07/2015 01:55:12 pm
Bug Check String  : BAD_POOL_CALLER
Bug Check Code    : 0x000000c2
Parameter 1       : 00000000`00000007
Parameter 2       : 00000000`00001200
Parameter 3       : 00000000`00000000
Parameter 4       : ffffe000`53e2a9c8
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+150ca0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.3.9600.17736 (winblue_r9.150322-1500)
Processor         : x64
Crash Address     : ntoskrnl.exe+150ca0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\072715-38828-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 9600
Dump File Size    : 281,520
Dump File Time    : 27/07/2015 01:56:27 pm
==================================================

If it helps, here's the list of loaded drivers, and DLLs, at the time of
crashing:

dump_diskdump.sys fffff800`bd725000 fffff800`bd731000 0x0000c000
0x5215f8a2 22/08/2013
12:40:18 pm
dump_amd_sata.sys fffff800`bd731000 fffff800`bd74e000 0x0001d000
0x50b875ba 30/11/2012
10:00:42 am
dump_dumpfve.sys fffff800`bd74e000 fffff800`bd764000 0x00016000
0x530894b8 22/02/2014
01:14:48 pm
X5XSEx_Pr148.Sys fffff800`bec00000 fffff800`bec12000 0x00012000
0x501a77cf 02/08/2012
01:51:27 pm
ATMFD.DLL fffff960`00a65000 fffff960`00ac4000 0x0005f000 0x00000000 Adobe
Type Manager Windows NT OpenType/Type 1 Font Driver 5.1 Build 243 Adobe
Systems Incorporated C:\WINDOWS\system32\ATMFD.DLL
amd_sata.sys fffff800`bab68000 fffff800`bab85000 0x0001d000 0x50b875ba
30/11/2012
10:00:42 am AHCI 1.3 Device Driver AHCI 1.3 Device Driver 1.3.001.0068 Advanced
Micro Devices C:\WINDOWS\system32\drivers\amd_sata.sys
amd_xata.sys fffff800`babe3000 fffff800`babed000 0x0000a000 0x50b875be
30/11/2012
10:00:46 am Stor Filter Driver Stor Filter Driver 1.3.001.0068 Advanced
Micro Devices C:\WINDOWS\system32\drivers\amd_xata.sys
usbfilter.sys fffff800`bcbe6000 fffff800`bcbf7000 0x00011000
0x503d6ff0 29/08/2012
02:27:12 am AMD USB Filter Driver AMD USB Filter Driver 2.0.10.273 built
by: WinDDK Advanced Micro Devices C:\WINDOWS\system32\drivers\usbfilter.sys
AtihdW86.sys fffff800`bd2be000 fffff800`bd2d9000 0x0001b000 0x511d6100
14/02/2013
11:11:12 pm AMD HD Audio Driver AMD High Definition Audio Function Driver
8.0.0.8811 Advanced Micro Devices C:\WINDOWS\system32\drivers\AtihdW86.sys
atikmpag.sys fffff800`bbcec000 fffff800`bbd8b000 0x0009f000 0x52a58b19
09/12/2013
10:19:21 am AMD driver AMD multi-vendor Miniport Driver 8.14.01.6354 Advanced
Micro Devices, Inc. C:\WINDOWS\system32\drivers\atikmpag.sys
atikmdag.sys fffff800`bbe8b000 fffff800`bcb79000 0x00cee000 0x52a598df
09/12/2013
11:18:07 am ATI Radeon Family ATI Radeon Kernel Mode Driver
8.01.01.1360 Advanced
Micro Devices, Inc. C:\WINDOWS\system32\drivers\atikmdag.sys
AmdAS4.sys fffff800`bd1cf000 fffff800`bd1d8000 0x00009000 0x511370a9 07/02/2013
10:15:21 am Amd AS4 Device Driver AMD AS4 Driver 1.1.0.0017 Advanced Micro
Devices, INC. C:\WINDOWS\system32\drivers\AmdAS4.sys
CHDRT64.sys fffff800`bd4f7000 fffff800`bd6a0000 0x001a9000 0x512c4346
26/02/2013
06:08:22 am Conexant HDAudio Driver 64-bit High Definition Audio Function
Driver 8.64.49.0 built by: WinDDK Conexant Systems Inc.
C:\WINDOWS\system32\drivers\CHDRT64.sys
cbfs3.sys fffff800`bbc11000 fffff800`bbc64000 0x00053000 0x4cf3f857 29/11/2010
08:00:39 pm Callback File System (TM) Callback File System Driver 3, 1, 83,
205 EldoS Corporation C:\WINDOWS\system32\drivers\cbfs3.sys
GEARAspiWDM.sys fffff800`bcff8000 fffff800`bcffec00 0x00006c00
0x4fa2e2e1 03/05/2012
08:56:17 pm CD DVD Filter CD DVD Filter 2.02.03.00 GEAR Software Inc.
C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
npf.sys fffff800`bbbc1000 fffff800`bbbd2000 0x00011000 0x55b5ffcd 27/07/2015
10:54:21 am Npcap npf.sys (NT6 AMD64) Kernel Filter Driver 0.03 Insecure.Com
LLC. C:\WINDOWS\system32\drivers\npf.sys
AcpiVpc.sys fffff800`bd1a6000 fffff800`bd1bc000 0x00016000 0x4fb1aefd
15/05/2012
02:18:53 am Lenovo ACPI Virtual Power Controller Driver 6.1.2601.3 Lenovo
Corporation C:\WINDOWS\system32\drivers\AcpiVpc.sys
LhdX64.sys fffff800`bb25d000 fffff800`bb26b000 0x0000e000 0x4b4b3e92 11/01/2010
04:06:58 pm Disk Driver HD Disk Driver 1.10.0.1 Lenovo.
C:\WINDOWS\system32\drivers\LhdX64.sys
secdrv.SYS fffff800`bed93000 fffff800`bed9e000 0x0000b000 0x4508052e 13/09/2006
02:18:38 pm Macrovision SECURITY Driver Macrovision SECURITY Driver
4.03.086 Macrovision
Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
C:\WINDOWS\system32\drivers\secdrv.SYS
ntoskrnl.exe ntoskrnl.exe+2a4ff2 fffff801`bc47b000 fffff801`bcc0f000
0x00794000 0x550f41a6 22/03/2015 11:26:46 pm Microsoft® Windows® Operating
System NT Kernel & System 6.3.9600.17736 (winblue_r9.150322-1500) Microsoft
Corporation C:\WINDOWS\system32\ntoskrnl.exe
hal.dll fffff801`bc40b000 fffff801`bc47b000 0x00070000 0x538bade8 01/06/2014
11:49:12 pm Microsoft® Windows® Operating System Hardware Abstraction Layer
DLL 6.3.9600.17196 (winblue_gdr.140601-1505) Microsoft Corporation
C:\WINDOWS\system32\hal.dll
kd.dll fffff801`bb54b000 fffff801`bb554000 0x00009000 0x5215f8bb 22/08/2013
12:40:43 pm Microsoft® Windows® Operating System Local Kernel Debugger
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation C:\WINDOWS\system32\kd.dll
mcupdate_AuthenticAMD.dll fffff800`ba489000 fffff800`ba4a4000 0x0001b000
0x5216068e 22/08/2013 01:39:42 pm Microsoft® Windows® Operating System AMD
Microcode Update Library 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\mcupdate_AuthenticAMD.dll
werkernel.sys fffff800`ba4a4000 fffff800`ba4b2000 0x0000e000
0x5215f8a8 22/08/2013
12:40:24 pm Microsoft® Windows® Operating System Windows Error Reporting
Kernel Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\werkernel.sys
CLFS.SYS fffff800`ba4b2000 fffff800`ba514000 0x00062000 0x54f656f9 04/03/2015
01:51:05 am Microsoft® Windows® Operating System Common Log File System
Driver 6.3.9600.17719 (winblue_r9.150303-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\CLFS.SYS
tm.sys fffff800`ba514000 fffff800`ba536000 0x00022000 0x5215f875 22/08/2013
12:39:33 pm Microsoft® Windows® Operating System Kernel Transaction Manager
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\tm.sys
PSHED.dll fffff800`ba536000 fffff800`ba54b000 0x00015000 0x52346b3f 14/09/2013
02:57:19 pm Microsoft® Windows® Operating System Platform Specific Hardware
Error Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\PSHED.dll
BOOTVID.dll fffff800`ba54b000 fffff800`ba555000 0x0000a000 0x5215f8aa
22/08/2013
12:40:26 pm Microsoft® Windows® Operating System VGA Boot Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\BOOTVID.dll
CI.dll fffff800`ba555000 fffff800`ba5dd000 0x00088000 0x548276b0 06/12/2014
04:23:28 am Microsoft® Windows® Operating System Code Integrity Module
(Test) 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\CI.dll
msrpc.sys fffff800`ba400000 fffff800`ba45d000 0x0005d000 0x5215f86a 22/08/2013
12:39:22 pm Microsoft® Windows® Operating System Kernel Remote Procedure
Call Provider 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\msrpc.sys
Wdf01000.sys fffff800`ba649000 fffff800`ba718000 0x000cf000 0x5215f850
22/08/2013
12:38:56 pm Microsoft® Windows® Operating System Kernel Mode Driver
Framework Runtime 1.13.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\Wdf01000.sys
WDFLDR.SYS fffff800`ba718000 fffff800`ba729000 0x00011000 0x5215f857 22/08/2013
12:39:03 pm Microsoft® Windows® Operating System Kernel Mode Driver
Framework Loader 1.13.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\WDFLDR.SYS
acpiex.sys fffff800`ba729000 fffff800`ba741000 0x00018000 0x5215f80b 22/08/2013
12:37:47 pm Microsoft® Windows® Operating System ACPIEx Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\acpiex.sys
WppRecorder.sys fffff800`ba741000 fffff800`ba74c000 0x0000b000
0x5215f87c 22/08/2013
12:39:40 pm Microsoft® Windows® Operating System WPP Trace Recorder
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\WppRecorder.sys
ACPI.sys fffff800`ba74c000 fffff800`ba7d4000 0x00088000 0x54335e2e 07/10/2014
04:29:50 am Microsoft® Windows® Operating System ACPI Driver for NT
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\ACPI.sys
WMILIB.SYS fffff800`ba7d4000 fffff800`ba7de000 0x0000a000 0x5215f8a7 22/08/2013
12:40:23 pm Microsoft® Windows® Operating System WMILIB WMI support library
Dll 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\WMILIB.SYS
cng.sys fffff800`ba85b000 fffff800`ba8e6000 0x0008b000 0x55187b0d 29/03/2015
11:22:05 pm Microsoft® Windows® Operating System Kernel Cryptography, Next
Generation 6.3.9600.17785 (winblue_r10.150329-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\cng.sys
msisadrv.sys fffff800`ba8f4000 ffffd800`ba8fe000 0xffffe0000000a000
0x5215f857 22/08/2013 12:39:03 pm Microsoft® Windows® Operating System ISA
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\msisadrv.sys
pci.sys fffff800`ba8fe000 fffff800`ba946000 0x00048000 0x53d0f1d4 24/07/2014
12:45:24 pm Microsoft® Windows® Operating System NT Plug and Play PCI
Enumerator 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\pci.sys
vdrvroot.sys fffff800`ba946000 fffff800`ba953000 0x0000d000 0x5215f849
22/08/2013
12:38:49 pm Microsoft® Windows® Operating System Virtual Drive Root
Enumerator 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\vdrvroot.sys
pdc.sys fffff800`ba953000 fffff800`ba96f000 0x0001c000 0x5434c9f7 08/10/2014
06:21:59 am Microsoft® Windows® Operating System Power Dependency
Coordinator Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\pdc.sys
partmgr.sys fffff800`ba96f000 fffff800`ba987000 0x00018000 0x5434e912
08/10/2014
08:34:42 am Microsoft® Windows® Operating System Partition Management
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\partmgr.sys
spaceport.sys fffff800`ba987000 fffff800`ba9f0000 0x00069000
0x54505527 29/10/2014
03:47:03 am Microsoft® Windows® Operating System Storage Spaces Driver
6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\spaceport.sys
volmgr.sys fffff800`ba800000 fffff800`ba815000 0x00015000 0x5215f889 22/08/2013
12:39:53 pm Microsoft® Windows® Operating System Volume Manager Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\volmgr.sys
volmgrx.sys fffff800`baabf000 fffff800`bab1e000 0x0005f000 0x5215f8a7
22/08/2013
12:40:23 pm Microsoft® Windows® Operating System Volume Manager Extension
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\volmgrx.sys
mountmgr.sys fffff800`bab4d000 fffff800`bab68000 0x0001b000 0x54333f58
07/10/2014
02:18:16 am Microsoft® Windows® Operating System Mount Point Manager
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\mountmgr.sys
storport.sys fffff800`bab85000 fffff800`babe3000 0x0005e000 0x5423822b
25/09/2014
03:47:07 am Microsoft® Windows® Operating System Microsoft Storage Port
Driver 6.3.9600.17383 (winblue_r4.140924-1541) Microsoft Corporation
C:\WINDOWS\system32\drivers\storport.sys
EhStorClass.sys fffff800`baa00000 fffff800`baa1a000 0x0001a000
0x5215f827 22/08/2013
12:38:15 pm Microsoft® Windows® Operating System Enhanced Storage Class
driver for IEEE 1667 devices 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\EhStorClass.sys
fltmgr.sys fffff800`baa1a000 fffff800`baa76000 0x0005c000 0x53fbf00c 26/08/2014
03:25:16 am Microsoft® Windows® Operating System Microsoft Filesystem
Filter Manager 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\fltmgr.sys
fileinfo.sys fffff800`baa76000 fffff800`baa8c000 0x00016000 0x53089456
22/02/2014
01:13:10 pm Microsoft® Windows® Operating System FileInfo Filter
Driver 6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\fileinfo.sys
Wof.sys fffff800`baa8c000 fffff800`baab7000 0x0002b000 0x53216bf1 13/03/2014
09:27:29 am Microsoft® Windows® Operating System Windows Overlay
Filter 6.3.9600.17050
(winblue_gdr.140312-1703) Microsoft Corporation
C:\WINDOWS\system32\drivers\Wof.sys
WdFilter.sys fffff800`ba815000 ffffd800`ba858000 0xffffe00000043000
0x54cb5b0a 30/01/2015 11:20:58 am Microsoft Malware Protection Microsoft
antimalware file system filter driver 4.7.0205.0 Microsoft Corporation
C:\WINDOWS\system32\drivers\WdFilter.sys
Ntfs.sys fffff800`bac65000 fffff800`bae5f000 0x001fa000 0x54387b6b 11/10/2014
01:35:55 am Microsoft® Windows® Operating System NT File System Driver
6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\Ntfs.sys
ksecdd.sys fffff800`bae5f000 fffff800`bae7b000 0x0001c000 0x54505548 29/10/2014
03:47:36 am Microsoft® Windows® Operating System Kernel Security Support
Provider Interface 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft
Corporation C:\WINDOWS\system32\drivers\ksecdd.sys
pcw.sys fffff800`bae7b000 fffff800`bae8b000 0x00010000 0x5215cfea 22/08/2013
09:46:34 am Microsoft® Windows® Operating System Performance Counters for
Windows Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\pcw.sys
Fs_Rec.sys fffff800`bae8b000 fffff800`bae96000 0x0000b000 0x5215cfe9 22/08/2013
09:46:33 am Microsoft® Windows® Operating System File System Recognizer
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\Fs_Rec.sys
ndis.sys fffff800`bae96000 fffff800`bafad000 0x00117000 0x54d01043 03/02/2015
01:03:15 am Microsoft® Windows® Operating System Network Driver Interface
Specification (NDIS) 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\ndis.sys
NETIO.SYS fffff800`bb046000 fffff800`bb0be000 0x00078000 0x540ebbe6 09/09/2014
09:35:50 am Microsoft® Windows® Operating System Network I/O Subsystem
6.3.9600.17337
(winblue_r3.140908-1537) Microsoft Corporation
C:\WINDOWS\system32\drivers\NETIO.SYS
ksecpkg.sys fffff800`bb0be000 fffff800`bb0ef000 0x00031000 0x558e14bf
27/06/2015
04:13:03 am Microsoft® Windows® Operating System Kernel Security Support
Provider Interface Packages 6.3.9600.17918 (winblue_ltsb.150626-1534) Microsoft
Corporation C:\WINDOWS\system32\drivers\ksecpkg.sys
tcpip.sys fffff800`bb286000 fffff800`bb4f2000 0x0026c000 0x54505542 29/10/2014
03:47:30 am Microsoft® Windows® Operating System TCP/IP Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\tcpip.sys
fwpkclnt.sys fffff800`bb4f2000 fffff800`bb55e000 0x0006c000 0x545054f3
29/10/2014
03:46:11 am Microsoft® Windows® Operating System FWP/IPsec Kernel-Mode
API 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\fwpkclnt.sys
wfplwfs.sys fffff800`bb55e000 fffff800`bb583000 0x00025000 0x545054e1
29/10/2014
03:45:53 am Microsoft® Windows® Operating System WFP NDIS 6.30 Lightweight
Filter Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\wfplwfs.sys
fvevol.sys fffff800`bb0ef000 fffff800`bb184000 0x00095000 0x534325db 07/04/2014
11:25:31 pm Microsoft® Windows® Operating System BitLocker Drive Encryption
Driver 6.3.9600.17031 (winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\fvevol.sys
volsnap.sys fffff800`bb583000 fffff800`bb5d2000 0x0004f000 0x53a21598
18/06/2014
11:41:28 pm Microsoft® Windows® Operating System Volume Shadow Copy
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\volsnap.sys
rdyboost.sys fffff800`bb200000 fffff800`bb246000 0x00046000 0x53089474
22/02/2014
01:13:40 pm Microsoft® Windows® Operating System ReadyBoost Driver
6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\rdyboost.sys
mup.sys fffff800`bb246000 fffff800`bb25d000 0x00017000 0x5215f8ac 22/08/2013
12:40:28 pm Microsoft® Windows® Operating System Multiple UNC Provider
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\mup.sys
intelpep.sys fffff800`bb26b000 fffff800`bb27a000 0x0000f000 0x5434e8d8
08/10/2014
08:33:44 am Microsoft® Windows® Operating System Intel Power Engine
Plugin 6.3.9600.17396
(winblue_r4.141007-2030) Microsoft Corporation
C:\WINDOWS\system32\drivers\intelpep.sys
disk.sys fffff800`bb5d2000 fffff800`bb5ee000 0x0001c000 0x5215f883 22/08/2013
12:39:47 pm Microsoft® Windows® Operating System PnP Disk Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\disk.sys
CLASSPNP.SYS fffff800`bb184000 fffffa46`bb1da000 0x0000024600056000
0x5434c9ff 08/10/2014 06:22:07 am Microsoft® Windows® Operating System SCSI
Class System Dll 6.3.9600.17396 (winblue_r4.141007-2030) Microsoft
Corporation C:\WINDOWS\system32\drivers\CLASSPNP.SYS
crashdmp.sys fffff800`bb1da000 ffffc800`bb1ef000 0xffffd00000015000
0x5215f893 22/08/2013 12:40:03 pm Microsoft® Windows® Operating System Crash
Dump Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\crashdmp.sys
cdrom.sys fffff800`bafad000 fffff800`bafdb000 0x0002e000 0x5215cfeb 22/08/2013
09:46:35 am Microsoft® Windows® Operating System SCSI CD-ROM Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\cdrom.sys
Null.SYS fffff800`bb27a000 fffff800`bb283000 0x00009000 0x5215f8a8 22/08/2013
12:40:24 pm Microsoft® Windows® Operating System NULL Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\Null.SYS
Beep.SYS fffff800`bb033000 fffff800`bb03b000 0x00008000 0x5215f8a8 22/08/2013
12:40:24 pm Microsoft® Windows® Operating System BEEP Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\Beep.SYS
BasicRender.sys fffff800`bb1ef000 fffff800`bb1fd000 0x0000e000
0x5308948a 22/02/2014
01:14:02 pm Microsoft® Windows® Operating System Microsoft Basic Render
Driver 6.3.9600.17031 (winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\BasicRender.sys
dxgkrnl.sys fffff800`bb80e000 fffff800`bb98e000 0x00180000 0x54505515
29/10/2014
03:46:45 am Microsoft® Windows® Operating System DirectX Graphics
Kernel 6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\dxgkrnl.sys
watchdog.sys fffff800`bb98e000 fffff800`bb9a0000 0x00012000 0x530894af
22/02/2014
01:14:39 pm Microsoft® Windows® Operating System Watchdog Driver 6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\watchdog.sys
dxgmms1.sys fffff800`bac00000 fffff800`bac63000 0x00063000 0x54505506
29/10/2014
03:46:30 am Microsoft® Windows® Operating System DirectX Graphics MMS
6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\dxgmms1.sys
BasicDisplay.sys fffff800`bb9a0000 fffff800`bb9b2000 0x00012000
0x5215f873 22/08/2013
12:39:31 pm Microsoft® Windows® Operating System Microsoft Basic Display
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\BasicDisplay.sys
Npfs.SYS fffff800`bb9b2000 fffff800`bb9c6000 0x00014000 0x5215f8a9 22/08/2013
12:40:25 pm Microsoft® Windows® Operating System NPFS Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\Npfs.SYS
Msfs.SYS fffff800`bb9c6000 fffff800`bb9d2000 0x0000c000 0x5215f8a8 22/08/2013
12:40:24 pm Microsoft® Windows® Operating System Mailslot driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\Msfs.SYS
tdx.sys fffff800`bb9d2000 fffff800`bb9f2000 0x00020000 0x5215f7c2 22/08/2013
12:36:34 pm Microsoft® Windows® Operating System TDI Translation
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\tdx.sys
TDI.SYS fffff800`bb9f2000 fffff800`bba00000 0x0000e000 0x5215f855 22/08/2013
12:39:01 pm Microsoft® Windows® Operating System TDI Wrapper 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\TDI.SYS
ws2ifsl.sys fffff800`bb800000 fffff800`bb80b000 0x0000b000 0x5215f893
22/08/2013
12:40:03 pm Microsoft® Windows® Operating System Winsock2 IFS Layer
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\ws2ifsl.sys
netbt.sys fffff800`bba92000 fffff800`bbade000 0x0004c000 0x5215f7dd 22/08/2013
12:37:01 pm Microsoft® Windows® Operating System MBT Transport driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\netbt.sys
afd.sys fffff800`bbade000 fffff800`bbb70000 0x00092000 0x5387f4e5 30/05/2014
04:03:01 am Microsoft® Windows® Operating System Ancillary Function Driver
for WinSock 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\afd.sys
pacer.sys fffff800`bbb70000 fffff800`bbb9a000 0x0002a000 0x545054ca 29/10/2014
03:45:30 am Microsoft® Windows® Operating System QoS Packet Scheduler
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\pacer.sys
vwififlt.sys fffff800`bbb9a000 fffff800`bbbb2000 0x00018000 0x53609ba2
30/04/2014
07:43:46 am Microsoft® Windows® Operating System Virtual WiFi Filter
Driver 6.3.9600.17111
(winblue_gdr.140429-1523) Microsoft Corporation
C:\WINDOWS\system32\drivers\vwififlt.sys
nm3.sys fffff800`bbbb2000 fffff800`bbbc1000 0x0000f000 0x4c102c5f 10/06/2010
01:05:51 am Microsoft Network Monitor 3 Driver Netmon -- NDIS 6.0
Monitoring Filter Driver 3.4.2350.0 Microsoft Corporation
C:\WINDOWS\system32\drivers\nm3.sys
netbios.sys fffff800`bbbd2000 fffff800`bbbe3000 0x00011000 0x5450553b
29/10/2014
03:47:23 am Microsoft® Windows® Operating System NetBIOS interface
driver 6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\netbios.sys
rdbss.sys fffff800`bba00000 fffff800`bba70000 0x00070000 0x52affb72 17/12/2013
08:21:22 am Microsoft® Windows® Operating System Redirected Drive Buffering
SubSystem Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\rdbss.sys
wanarp.sys fffff800`bba70000 fffff800`bba89000 0x00019000 0x545054c2 29/10/2014
03:45:22 am Microsoft® Windows® Operating System MS Remote Access and
Routing ARP Driver 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft
Corporation C:\WINDOWS\system32\drivers\wanarp.sys
nsiproxy.sys fffff800`bbbe3000 fffff800`bbbf1000 0x0000e000 0x545054eb
29/10/2014
03:46:03 am Microsoft® Windows® Operating System NSI Proxy 6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\nsiproxy.sys
npsvctrig.sys fffff800`bbbf1000 fffff800`bbbfd000 0x0000c000
0x5215f82e 22/08/2013
12:38:22 pm Microsoft® Windows® Operating System Named pipe service
triggers 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\npsvctrig.sys
mssmbios.sys fffff800`bafdb000 fffff800`bafe7000 0x0000c000 0x5215f87d
22/08/2013
12:39:41 pm Microsoft® Windows® Operating System System Management BIOS
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\mssmbios.sys
dfsc.sys fffff800`ba600000 fffff800`ba626000 0x00026000 0x53183e6a 06/03/2014
10:22:50 am Microsoft® Windows® Operating System DFS Namespace Client
Driver 6.3.9600.17041
(winblue_gdr.140305-1710) Microsoft Corporation
C:\WINDOWS\system32\drivers\dfsc.sys
ahcache.sys fffff800`bbc64000 fffff800`bbc7d000 0x00019000 0x550b7e3a
20/03/2015
02:56:10 am Microsoft® Windows® Operating System Application Compatibility
Cache 6.3.9600.17734 (winblue_r9.150319-1700) Microsoft Corporation
C:\WINDOWS\system32\drivers\ahcache.sys
loop.sys fffff800`bbc87000 fffff800`bbc91000 0x0000a000 0x5215f841 22/08/2013
12:38:41 pm Microsoft® Windows® Operating System Loopback Network
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\loop.sys
CompositeBus.sys fffff800`bbca3000 fffff800`bbcb2000 0x0000f000
0x5215f848 22/08/2013
12:38:48 pm Microsoft® Windows® Operating System Multi-Transport Composite
Bus Enumerator 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\CompositeBus.sys
kdnic.sys fffff800`bbcb2000 fffff800`bbcbd000 0x0000b000 0x5215f832 22/08/2013
12:38:26 pm Microsoft Kernel Debugger Network Adapter (NDIS 6.20
Miniport) Microsoft
Kernel Debugger Network Miniport 6.01.00.0000
(winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\kdnic.sys
umbus.sys fffff800`bbcbd000 fffff800`bbcce000 0x00011000 0x5215f853 22/08/2013
12:38:59 pm Microsoft® Windows® Operating System User-Mode Bus
Enumerator 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\umbus.sys
amdppm.sys fffff800`bbcce000 00001780`bbcec000 0x00001f800001e000
0x5215cfea 22/08/2013
09:46:34 am Microsoft® Windows® Operating System Processor Device
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\amdppm.sys
HDAudBus.sys fffff800`bcb79000 fffff800`bcb92000 0x00019000 0x53d0f1e3
24/07/2014
12:45:39 pm Microsoft® Windows® Operating System High Definition Audio Bus
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\HDAudBus.sys
vwifibus.sys fffff800`bcc00000 fffff800`bcc0d000 0x0000d000 0x5215f854
22/08/2013
12:39:00 pm Microsoft® Windows® Operating System Virtual WiFi Bus
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\vwifibus.sys
USBXHCI.SYS fffff800`bcc0d000 fffff800`bcc62000 0x00055000 0x5527309b
10/04/2015
03:08:27 am Microsoft® Windows® Operating System USB XHCI Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\USBXHCI.SYS
ucx01000.sys fffff800`bcbb4000 fffff800`bcbe6000 0x00032000 0x54337387
07/10/2014
06:00:55 am Microsoft® Windows® Operating System USB Controller
Extension 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\ucx01000.sys
usbohci.sys fffff800`bcc62000 fffff800`bcc6f000 0x0000d000 0x5215f86f
22/08/2013
12:39:27 pm Microsoft® Windows® Operating System OHCI USB Miniport
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\usbohci.sys
USBPORT.SYS fffff800`bbe0e000 fffff800`bbe7d000 0x0006f000 0x53897701
31/05/2014
07:30:25 am Microsoft® Windows® Operating System USB 1.1 & 2.0 Port
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\USBPORT.SYS
usbehci.sys fffff800`bbd8b000 fffff800`bbda3000 0x00018000 0x538976e2
31/05/2014
07:29:54 am Microsoft® Windows® Operating System EHCI eUSB Miniport
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\usbehci.sys
i8042prt.sys fffff800`bbda3000 fffff800`bbdc2000 0x0001f000 0x5458783e
04/11/2014
07:54:54 am Microsoft® Windows® Operating System i8042 Port Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\i8042prt.sys
USBD.SYS fffff800`bd16d000 fffff800`bd179000 0x0000c000 0x53897735 31/05/2014
07:31:17 am Microsoft® Windows® Operating System Universal Serial Bus
Driver 6.3.9600.17195
(winblue_gdr.140530-1506) Microsoft Corporation
C:\WINDOWS\system32\drivers\USBD.SYS
kbdclass.sys fffff800`bd179000 fffff800`bd18b000 0x00012000 0x5458783e
04/11/2014
07:54:54 am Microsoft® Windows® Operating System Keyboard Class Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\kbdclass.sys
mouclass.sys fffff800`bd196000 fffff800`bd1a6000 0x00010000 0x54587837
04/11/2014
07:54:47 am Microsoft® Windows® Operating System Mouse Class Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\mouclass.sys
CmBatt.sys fffff800`bd1bc000 fffff800`bd1c2380 0x00006380 0x5215f87f 22/08/2013
12:39:43 pm Microsoft® Windows® Operating System Control Method Battery
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\CmBatt.sys
BATTC.SYS fffff800`bd1c3000 fffff800`bd1cf000 0x0000c000 0x5215f894 22/08/2013
12:40:04 pm Microsoft® Windows® Operating System Battery Class Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\BATTC.SYS
NdisVirtualBus.sys fffff800`bd03d000 fffff800`bd048000 0x0000b000
0x5215f7b9 22/08/2013
12:36:25 pm Microsoft® Windows® Operating System Microsoft Virtual Network
Adapter Enumerator 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\NdisVirtualBus.sys
swenum.sys fffff800`bd085000 fffff800`bd086600 0x00001600 0x5450554d 29/10/2014
03:47:41 am Microsoft® Windows® Operating System Plug and Play Software
Device Enumerator 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft
Corporation C:\WINDOWS\system32\drivers\swenum.sys
ks.sys fffff800`bd087000 fffff800`bd0d5000 0x0004e000 0x53b6a513 04/07/2014
01:58:59 pm Microsoft® Windows® Operating System Kernel CSA Library
6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\ks.sys
rdpbus.sys fffff800`bd0e2000 fffff800`bd0ed000 0x0000b000 0x5215f84c 22/08/2013
12:38:52 pm Microsoft® Windows® Operating System Microsoft RDP Bus Device
driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\rdpbus.sys
fastfat.SYS fffff800`bd000000 fffff800`bd039000 0x00039000 0x5215f8a2
22/08/2013
12:40:18 pm Microsoft® Windows® Operating System Fast FAT File System
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\fastfat.SYS
usbhub.sys fffff800`bd246000 fffff800`bd2b0000 0x0006a000 0x53d0f1d9 24/07/2014
12:45:29 pm Microsoft® Windows® Operating System Default Hub Driver
for USB 6.3.9600.17238
(winblue_gdr.140723-2018) Microsoft Corporation
C:\WINDOWS\system32\drivers\usbhub.sys
portcls.sys fffff800`bd2d9000 fffff800`bd320000 0x00047000 0x5450550b
29/10/2014
03:46:35 am Microsoft® Windows® Operating System Port Class (Class Driver
for Port/Miniport Devices) 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\portcls.sys
drmk.sys fffff800`bd320000 fffff800`bd33c000 0x0001c000 0x5450554a 29/10/2014
03:47:38 am Microsoft® Windows® Operating System Microsoft Trusted Audio
Drivers 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\drmk.sys
ksthunk.sys fffff800`bd33c000 fffff800`bd341300 0x00005300 0x5215f873
22/08/2013
12:39:31 pm Microsoft® Windows® Operating System Kernel Streaming WOW Thunk
Service 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\ksthunk.sys
UsbHub3.sys fffff800`bd342000 fffff800`bd3ba000 0x00078000 0x5507a0c0
17/03/2015
04:34:24 am Microsoft® Windows® Operating System USB3 HUB Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\UsbHub3.sys
usbccgp.sys fffff800`bd6fe000 fffff800`bd725000 0x00027000 0x53d0f1b3
24/07/2014
12:44:51 pm Microsoft® Windows® Operating System USB Common Class Generic
Parent Driver 6.3.9600.17238 (winblue_gdr.140723-2018) Microsoft Corporation
C:\WINDOWS\system32\drivers\usbccgp.sys
BTHUSB.sys fffff800`be0d7000 fffff800`be0f0000 0x00019000 0x545054f8 29/10/2014
03:46:16 am Microsoft® Windows® Operating System Bluetooth Miniport
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\BTHUSB.sys
bthport.sys fffff800`be207000 fffff800`be334000 0x0012d000 0x5550f23f
11/05/2015
07:17:35 pm Microsoft® Windows® Operating System Bluetooth Bus Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\bthport.sys
BthLEEnum.sys fffff800`be334000 fffff800`be371000 0x0003d000
0x529f7772 04/12/2013
07:41:54 pm Microsoft® Windows® Operating System Bluetooth LE Bus
Enumerator 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\BthLEEnum.sys
rfcomm.sys fffff800`be371000 fffff800`be39f000 0x0002e000 0x54caf3e8 30/01/2015
04:00:56 am Microsoft® Windows® Operating System Bluetooth RFCOMM
Driver 6.3.9600.17670
(winblue_r8.150129-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\rfcomm.sys
BthEnum.sys fffff800`be39f000 fffff800`be3b1000 0x00012000 0x545054f3
29/10/2014
03:46:11 am Microsoft® Windows® Operating System Bluetooth Bus
Extender 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\BthEnum.sys
win32k.sys fffff960`001a5000 fffff960`005bb000 0x00416000 0x558b67ea 25/06/2015
03:31:06 am Microsoft® Windows® Operating System Multi-User Win32
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\win32k.sys
HIDPARSE.SYS fffff800`be3b1000 fffff800`be3b8f00 0x00007f00 0x5215f8aa
22/08/2013
12:40:26 pm Microsoft® Windows® Operating System Hid Parsing Library
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\HIDPARSE.SYS
bthpan.sys fffff800`be3b9000 fffff800`be3da000 0x00021000 0x53d0f0f7 24/07/2014
12:41:43 pm Microsoft® Windows® Operating System Bluetooth Personal Area
Networking 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\bthpan.sys
bthmodem.sys fffff800`be3da000 fffff800`be3ee000 0x00014000 0x53d0f14a
24/07/2014
12:43:06 pm Microsoft® Windows® Operating System Bluetooth Communications
Driver 6.3.9600.17238 (winblue_gdr.140723-2018) Microsoft Corporation
C:\WINDOWS\system32\drivers\bthmodem.sys
modem.sys fffff800`be3ee000 fffff800`be3fd000 0x0000f000 0x5215f89f 22/08/2013
12:40:15 pm Microsoft® Windows® Operating System Modem Device Driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\modem.sys
HIDCLASS.SYS fffff800`be13c000 fffff800`be15b000 0x0001f000 0x53183ed8
06/03/2014
10:24:40 am Microsoft® Windows® Operating System Hid Class Library
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\HIDCLASS.SYS
monitor.sys fffff800`be1f0000 fffff800`be1fe000 0x0000e000 0x5215f7c5
22/08/2013
12:36:37 pm Microsoft® Windows® Operating System Monitor Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\monitor.sys
TSDDD.dll fffff960`00787000 fffff960`00790000 0x00009000 0x00000000 Microsoft®
Windows® Operating System Framebuffer Display Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\TSDDD.dll
cdd.dll fffff960`0093d000 fffff960`00977000 0x0003a000 0x00000000 Microsoft®
Windows® Operating System Canonical Display Driver 6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation C:\WINDOWS\system32\cdd.dll
luafv.sys fffff800`bd798000 fffff800`bd7bc000 0x00024000 0x530894a1 22/02/2014
01:14:25 pm Microsoft® Windows® Operating System LUA File Virtualization
Filter Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\luafv.sys
WudfPf.sys fffff800`bd7bc000 fffff800`bd7dd000 0x00021000 0x54505503 29/10/2014
03:46:27 am Microsoft® Windows® Operating System Windows Driver Foundation
- User-mode Driver Framework Platform Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\WudfPf.sys
WUDFRd.sys fffff800`bd400000 fffff800`bd43d000 0x0003d000 0x545054f5 29/10/2014
03:46:13 am Microsoft® Windows® Operating System Windows Driver Foundation
- User-mode Driver Framework Reflector 6.3.9600.17415
(winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\WUDFRd.sys
mshidumdf.sys fffff800`bd84c000 fffff800`bd855000 0x00009000
0x5215f85a 22/08/2013
12:39:06 pm Microsoft® Windows® Operating System Pass-through Driver for
HID-UMDF Interface 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\mshidumdf.sys
RMCAST.sys fffff800`bd43d000 fffff800`bd476000 0x00039000 0x545054e5 29/10/2014
03:45:57 am Microsoft® Windows® Operating System Reliable Multicast
Transport 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\RMCAST.sys
lltdio.sys fffff800`bd4cf000 fffff800`bd4e3000 0x00014000 0x5215f7b2 22/08/2013
12:36:18 pm Microsoft® Windows® Operating System Link-Layer Topology Mapper
I/O Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\lltdio.sys
nwifi.sys fffff800`be66d000 fffff800`be6e1000 0x00074000 0x545054d5 29/10/2014
03:45:41 am Microsoft® Windows® Operating System NativeWiFi Miniport
Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\nwifi.sys
ndisuio.sys fffff800`be6e1000 fffff800`be6f5000 0x00014000 0x5215f7fe
22/08/2013
12:37:34 pm Microsoft® Windows® Operating System NDIS User mode I/O
driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\ndisuio.sys
rspndr.sys fffff800`be6f5000 fffff800`be70d000 0x00018000 0x5215f7c2 22/08/2013
12:36:34 pm Microsoft® Windows® Operating System Link-Layer Topology
Responder Driver for NDIS 6 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\rspndr.sys
vwifimp.sys fffff800`be70d000 fffff800`be71c000 0x0000f000 0x53609b37
30/04/2014
07:41:59 am Microsoft® Windows® Operating System Virtual WiFi Miniport
Driver 6.3.9600.17111 (winblue_gdr.140429-1523) Microsoft Corporation
C:\WINDOWS\system32\drivers\vwifimp.sys
HTTP.sys fffff800`be8a2000 fffff800`be99c000 0x000fa000 0x54ebc87c 24/02/2015
01:40:28 am Microsoft® Windows® Operating System HTTP Protocol Stack
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\HTTP.sys
bowser.sys fffff800`be99c000 fffff800`be9bc000 0x00020000 0x5215f83e 22/08/2013
12:38:38 pm Microsoft® Windows® Operating System NT Lan Manager Datagram
Receiver Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft
Corporation C:\WINDOWS\system32\drivers\bowser.sys
mpsdrv.sys fffff800`be9bc000 fffff800`be9d3000 0x00017000 0x545054cb 29/10/2014
03:45:31 am Microsoft® Windows® Operating System Microsoft Protection
Service Driver 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft Corporation
C:\WINDOWS\system32\drivers\mpsdrv.sys
mrxsmb.sys fffff800`be800000 fffff800`be86c000 0x0006c000 0x558e1497 27/06/2015
04:12:23 am Microsoft® Windows® Operating System Windows NT SMB
Minirdr 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\mrxsmb.sys
mrxsmb20.sys fffff800`be71c000 fffff800`be754000 0x00038000 0x558e14c9
27/06/2015
04:13:13 am Microsoft® Windows® Operating System Longhorn SMB 2.0
Redirector 6.3.9600.17918
(winblue_ltsb.150626-1534) Microsoft Corporation
C:\WINDOWS\system32\drivers\mrxsmb20.sys
mrxsmb10.sys fffff800`be754000 fffff800`be7a0000 0x0004c000 0x558e1486
27/06/2015
04:12:06 am Microsoft® Windows® Operating System Longhorn SMB Downlevel
SubRdr 6.3.9600.17918 (winblue_ltsb.150626-1534) Microsoft Corporation
C:\WINDOWS\system32\drivers\mrxsmb10.sys
Ndu.sys fffff800`be9d3000 fffff800`be9f0000 0x0001d000 0x545054bc 29/10/2014
03:45:16 am Microsoft® Windows® Operating System Windows Network Data Usage
Monitoring Driver 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft
Corporation C:\WINDOWS\system32\drivers\Ndu.sys
peauth.sys fffff800`becea000 fffff800`bed93000 0x000a9000 0x53089381 22/02/2014
01:09:37 pm Microsoft® Windows® Operating System Protected Environment
Authentication and Authorization Export Driver 6.3.9600.17031
(winblue_gdr.140221-1952) Microsoft Corporation
C:\WINDOWS\system32\drivers\peauth.sys
srvnet.sys fffff800`bed9e000 fffff800`bede1000 0x00043000 0x53ad0d9d 27/06/2014
07:22:21 am Microsoft® Windows® Operating System Server Network driver
6.3.9600.17222
(winblue_gdr.140626-1508) Microsoft Corporation
C:\WINDOWS\system32\drivers\srvnet.sys
tcpipreg.sys fffff800`bede1000 fffff800`bedf3000 0x00012000 0x53183dbf
06/03/2014
10:19:59 am Microsoft® Windows® Operating System TCP/IP Registry
Compatibility Driver 6.3.9600.17041 (winblue_gdr.140305-1710) Microsoft
Corporation C:\WINDOWS\system32\drivers\tcpipreg.sys
tunnel.sys fffff800`bec12000 fffff800`bec3f000 0x0002d000 0x5215f791 22/08/2013
12:35:45 pm Microsoft® Windows® Operating System Microsoft Tunnel Interface
Driver 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\tunnel.sys
srv2.sys fffff800`bea05000 fffff800`beab2000 0x000ad000 0x5434e8ca 08/10/2014
08:33:30 am Microsoft® Windows® Operating System Smb 2.0 Server driver
6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\srv2.sys
srv.sys fffff800`beab2000 fffff800`beb40000 0x0008e000 0x53d0f15f 24/07/2014
12:43:27 pm Microsoft® Windows® Operating System Server driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\srv.sys
rdpvideominiport.sys fffff800`beb40000 fffff800`beb4b000 0x0000b000
0x5450553d 29/10/2014 03:47:25 am Microsoft® Windows® Operating System
Microsoft
RDP Video Miniport driver 6.3.9600.17415 (winblue_r4.141028-1500) Microsoft
Corporation C:\WINDOWS\system32\drivers\rdpvideominiport.sys
rdpdr.sys fffff800`beb4b000 fffff800`beb7f000 0x00034000 0x5215f7ce 22/08/2013
12:36:46 pm Microsoft® Windows® Operating System Microsoft RDP Device
redirector 6.3.9600.16384 (winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\rdpdr.sys
WdNisDrv.sys fffff800`beb7f000 fffff800`beb9e000 0x0001f000 0x54cb5b3c
30/01/2015
11:21:48 am Microsoft Malware Protection Microsoft Network Realtime
Inspection Driver 4.7.0205.0 Microsoft Corporation
C:\WINDOWS\system32\drivers\WdNisDrv.sys
condrv.sys fffff800`beb9e000 fffff800`bebae000 0x00010000 0x5215f8a1 22/08/2013
12:40:17 pm Microsoft® Windows® Operating System Console Driver 6.3.9600.16384
(winblue_rtm.130821-1623) Microsoft Corporation
C:\WINDOWS\system32\drivers\condrv.sys
btath_bus.sys fffff800`bd0d5000 fffff800`bd0e2000 0x0000d000
0x50fd07f2 21/01/2013
10:18:42 am Blue Manager Qualcomm Atheros BUS driver 8.0.0.220 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_bus.sys
btfilter.sys fffff800`be030000 fffff800`be0d7000 0x000a7000 0x5359d020
25/04/2014
04:01:52 am Windows (R) Win 7 DDK driver Qualcomm Atheros BtFilter
Driver 8.0.1.242
built by: WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btfilter.sys
btath_rcp.sys fffff800`be0f0000 fffff800`be13c000 0x0004c000
0x50d03d6a 18/12/2012
10:54:50 am Blue Manager Qualcomm Atheros AVRCP driver 8.0.0.218 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_rcp.sys
btath_avdt.sys fffff800`be15b000 fffff800`be186000 0x0002b000
0x50fd080f 21/01/2013
10:19:11 am Blue Manager Qualcomm Atheros Bluetooth AVDT driver 8.0.0.220
built by: WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_avdt.sys
btath_a2dp.sys fffff800`be186000 fffff800`be1f0000 0x0006a000
0x50fd0d87 21/01/2013
10:42:31 am Blue Manager Qualcomm Atheros A2DP driver 8.0.0.220 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_a2dp.sys
btath_hcrp.sys fffff800`bd800000 fffff800`bd84c000 0x0004c000
0x50d03d6e 18/12/2012
10:54:54 am Blue Manager Qualcomm Atheros HCRP driver 8.0.0.218 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_hcrp.sys
btath_flt.sys fffff800`bd764000 fffff800`bd780000 0x0001c000
0x50fd0d7e 21/01/2013
10:42:22 am Blue Manager Qualcomm Atheros FILTER driver 8.0.0.220 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_flt.sys
btath_lwflt.sys fffff800`bd780000 fffff800`bd798000 0x00018000
0x50935bb0 02/11/2012
06:35:44 am Blue Manager Qualcomm Atheros FILTER driver 8.0.0.216 built by:
WinDDK Qualcomm Atheros C:\WINDOWS\system32\drivers\btath_lwflt.sys
L1C63x64.sys fffff800`bcb92000 fffff800`bcbb4000 0x00022000 0x5158fbc5
01/04/2013
04:15:17 am Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet
Controller Qualcomm
Atheros Ar81xx series PCI-E Gigabit Ethernet Controller 2.1.0.16 Qualcomm
Atheros Co., Ltd. C:\WINDOWS\system32\drivers\L1C63x64.sys
athw8x.sys fffff800`bcc6f000 fffff800`bcff8000 0x00389000 0x50f7c13b 17/01/2013
10:15:39 am Driver for Qualcomm Atheros CB42/CB43/MB42/MB43 Network
Adapter Qualcomm
Atheros Extensible Wireless LAN device driver 3.0.1.145 Qualcomm Atheros
Communications, Inc. C:\WINDOWS\system32\drivers\athw8x.sys
RtsUer.sys fffff800`bd6a0000 fffff800`bd6fe000 0x0005e000 0x5485418e 08/12/2014
07:13:34 am Windows (R) Win 7 DDK driver RTS USB READER Driver
6.3.9600.31207 Realsil Semiconductor Corporation
C:\WINDOWS\system32\drivers\RtsUer.sys
rtsuvc.sys fffff800`bd855000 fffff800`be02fc00 0x007dac00 0x51654249 10/04/2013
11:43:21 am Realtek UVC Driver for XP/Vista/Win7/Win8 Realtek UVC Driver
for XP/Vista/Win7/Win8 6.2.9200.10227 Realtek Semiconductor Corp.
C:\WINDOWS\system32\drivers\rtsuvc.sys
rimvndis6_AMD64.sys fffff800`bbc7d000 fffff800`bbc87000 0x0000a000
0x52d5699d 14/01/2014 05:45:17 pm RIM Tunnel Driver RIM Tunnel Driver
1.1.0.17 Research in Motion Limited
C:\WINDOWS\system32\drivers\rimvndis6_AMD64.sys
RimSerial_AMD64.sys fffff800`bd1d8000 fffff800`bd1eb000 0x00013000
0x5085b1e7 22/10/2012 09:51:51 pm RIM Modem RIM Virtual Serial Driver
2.3.0.11 Research in Motion Ltd
C:\WINDOWS\system32\drivers\RimSerial_AMD64.sys
SynTP.sys fffff800`bd0ee000 fffff800`bd16d000 0x0007f000 0x515e5476 05/04/2013
05:35:02 am Synaptics Pointing Device Driver Synaptics Touchpad Driver 16.5.2
04Apr13 Synaptics Incorporated C:\WINDOWS\system32\drivers\SynTP.sys
USBPcap.sys fffff800`bd2b0000 fffff800`bd2be000 0x0000e000 0x53050192
19/02/2014
08:10:10 pm USBPcap Sniffer Driver USBPcap Driver 1.0.0.6 USBPcap
C:\WINDOWS\system32\drivers\USBPcap.sys
vmci.sys fffff800`bab1e000 fffff800`bab37000 0x00019000 0x5196d716 18/05/2013
02:19:18 am VMware PCI VMCI Bus Device VMware PCI VMCI Bus Device
9.5.10.0 VMware,
Inc. C:\WINDOWS\system32\drivers\vmci.sys
vsock.sys fffff800`bab37000 fffff800`bab4d000 0x00016000 0x51f9cbf2 01/08/2013
03:46:10 am VMware vSockets Service VMware vSockets Service 9.5.7.0 VMware,
Inc. C:\WINDOWS\system32\drivers\vsock.sys
vmnetadapter.sys fffff800`bbc91000 fffff800`bbc99000 0x00008000
0x51e84544 18/07/2013
08:43:00 pm VMware virtual network adapter driver (64-bit) VMware virtual
network adapter driver (64-bit) 4.2.1.0 VMware, Inc.
C:\WINDOWS\system32\drivers\vmnetadapter.sys
VMNET.SYS fffff800`bbc99000 fffff800`bbca3000 0x0000a000 0x51e8453a 18/07/2013
08:42:50 pm VMware virtual network driver (64-bit) VMware virtual network
driver (64-bit) 4.2.1.0 VMware, Inc. C:\WINDOWS\system32\drivers\VMNET.SYS
VMkbd.sys fffff800`bd18b000 fffff800`bd196000 0x0000b000 0x5451569d 29/10/2014
10:05:33 pm VMware keyboard filter driver (64-bit) VMware keyboard filter
driver (64-bit) 1.5.0.0 VMware, Inc. C:\WINDOWS\system32\drivers\VMkbd.sys
vmnetbridge.sys fffff800`bd476000 fffff800`bd487000 0x00011000
0x51e84573 18/07/2013
08:43:47 pm VMware bridge driver (64-bit) VMware bridge driver (64-bit)
4.2.1.0 VMware, Inc. C:\WINDOWS\system32\drivers\vmnetbridge.sys
hcmon.sys fffff800`be86c000 fffff800`be87d000 0x00011000 0x530ff71c 28/02/2014
03:40:28 am VMware USB monitor VMware USB monitor 8.5.7.1 VMware, Inc.
C:\WINDOWS\system32\drivers\hcmon.sys
vmx86.sys fffff800`be87d000 fffff800`be896000 0x00019000 0x5451616e 29/10/2014
10:51:42 pm VMware kernel driver VMware kernel driver 10.0.4 VMware, Inc.
C:\WINDOWS\system32\drivers\vmx86.sys
vmnetuserif.sys fffff800`bedf3000 fffff800`bedfd000 0x0000a000
0x54514f10 29/10/2014
09:33:20 pm VMware network application interface driver (64-bit) VMware
network application interface driver (64-bit) 4.2.1.0 VMware, Inc.
C:\WINDOWS\system32\drivers\vmnetuserif.sys

Tyson.

2015-07-27 8:53 GMT+01:00 Yang Luo <hsluoyb () gmail com>:


Hi all,

as version string shows when you substitute Npcap with new versions, it
easily caused confusion when a user installs it. So I have updated the
version to 0.03 in all exe, dll and sys files.


On Mon, Jul 27, 2015 at 3:19 PM, Yang Luo <hsluoyb () gmail com> wrote:


Hi list,

Thanks for your tests for the first two versions of Npcap, I have fixed
several problems as following:
1) Npcap causes BSoD if you uninstall Npcap when Npcap is still in use
for capturing packets.
2) Npcap can't start the driver automatically when system reboots in
0.02, now I have added this feature back.
3) Npcap lose many packets for loopback capturing in 0.02, like TCP data
packets. Now I have fixed it and tested against TCP data transmission,  UDP
data transmission and Apache HTTP server (XAMPP).
4) "Npcap Loopback Adapter" can be successfully renamed in Win10.
5) Npcap can see MB miniport adapter now.

The latest Npcap installer is:
https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/npcap-nmap-0.03.exe

I have tested this version Npcap under Wireshark 1.12.6 x64, in Windows
8.1 x64 and Windows 10 Insider Preview 10240 x64.

Notice:
1) You need to try it under Win7 and later, and no need to change the
installation options, just click the "Next"s. Npcap installed in "WinPcap
Compatible Mode" is exclusive with WinPcap, so you must uninstall WinPcap
first (installer will prompt you this).
2) If you have installed WinPcap, better to reboot the PC after
uninstalling Winpcap and then install Npcap.

The README is:
https://github.com/nmap/npcap


Cheers,
Yang




___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org
?subject=unsubscribe





-- 
                                          Fight Internet Censorship!
http://www.eff.org
http://vmlemon.wordpress.com | Twitter/FriendFeed/Skype: vmlemon |
00447934365844

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: