File Name: WpdF.dll Windows Portable Device File System driver
---------------------------------
msvcrt.dll KERNEL32.dll NTDLL.DLL USER32.dll D R M H e a d e r . S u b s c r i p t i o n C o n t e n t I D D R M H e a d e r . C o n t e n t D i s t r i b u t o r D R M H e a d e r . S E C U R I T Y V E R S I O N D R M H e a d e r . C I D D R M H e a d e r . L A I N F O D R M H e a d e r . K I D D R M H e a d e r . L I D R i g h t s B a s e L A U R L I s D R M C a c h e d I s D R M T y p e L i b S o f t w a r e S Y S T E M S E C U R I T Y S A M M i m e H a r d w a r e I n t e r f a c e F i l e T y p e C o m p o n e n t C a t e g o r i e s C L S I D A p p I D D e l e t e N o R e m o v e F o r c e R e m o v e V a l B D M S # À F
ô
à
Ð
¬¸ÈwU³_ üS°eæ—œÁðx
ÃÚB ¬ %ºú1pÁZ8¥{ïSIJšxIà:ã°ŸÄ
¸
Œ
x
d
P
D
<
(
ô
[ ÿ¹zI…`/CÊT8äãÿ< .ßOµnqS 4ÏÚk@–++Ó ³k ÀOa ÿÜ Kí- œF´ ·ô/§À-•ä- L¬øF¶cjBfÅ3 öÐU.Šâ H– JK %¯‹hB¥:íðÿE¥ðù ã¤ËoxËRP® ßAvAì‹Ýø7
ô
à
Ð
{ 9 F F 2 8 1 7 1 - F 2 B A - 4 7 2 0 - A A E 1 - 9 2 D A 5 4 E 8 B B 0 E } RegDeleteKeyW a d v a p i 3 2 . d l l RegDeleteKeyExW A P I - M S - W i n - C o r e - L o c a l R e g i s t r y - L 1 - 1 - 0 . d l l °
€¼
€È
€Ô
ۆ
ۏ
€ô
€
€$
€H
€p
€ˆ
€´
€Ð
€H K C R H K C U H K L M H K U H K P D H K D D H K C C H K E Y _ C L A S S E S _ R O O T H K E Y _ C U R R E N T _ U S E R H K E Y _ L O C A L _ M A C H I N E H K E Y _ U S E R S H K E Y _ P E R F O R M A N C E _ D A T A H K E Y _ D Y N _ D A T A H K E Y _ C U R R E N T _ C O N F I G . t l b w p d f s . d l l a
¬a
V¿
·k
«\
·a
\ I m p l e m e n t e d C a t e g o r i e s \ R e q u i r e d C a t e g o r i e s C L S I D \ à À F À Fƒw
w
w
'w
0w
æv
A P P I D F À FR E G I S T R Y M o d u l e _ R a w M o d u l e
NULL m_hEventCancelCallback != INVALID_HANDLE_VALUE DeviceContext::SetCurrentOperation DeviceContext::CancelOperation DeviceContext::SignalCancelCallbackEvent DeviceContext::ResetCancelCallbackEvent x… ³Ê?Ó¹ ·2HVvÈwU³_ üS°eæ—œÁðx
ÃÚB ¬ %ºú1pÁN U L L < N U L L > €OCQueue::OnCleanup W P D F S _ D e v i c e C o n t e x t CQueue::OnCancel Á¶
=³
s´
@? €> @Á¶
¢¶
¹
£ty\› .ƒ†¨®z¢ù‰ðx
ÃÚB ¬ %ºú1pÁí¿
Î-
Q
ÖU
²Ë
óÀ
°™½Ÿ¦J±m‚Ú¶¤ Á¶
!Â
Â
Jess*Ð ¾Ç +â /À3tÐŽ©Ò ‘z É óÁ3tÐŽ©Ò ‘z É ó<W 7Öz#ø ^vi þÿ$¬¸ÈwU³_ üS°eæ—œÁ % ) 5 C S g ƒ £ Ó K ™ ‡ 5 [
³ / y [( Ï2 @ ·P ¡e € S¡ 5Ë ‹B a– )… Ã, /
----------BEGIN MY NOTE:
In text below: during the PE phase of the install, additional files are added to my
standard disk install. They are somehow stored in the bios of my laptop, either via the eprom chip or stored in a partition of high memory as a "Virtual Disk" or "Virtual USB" port.
I think this is what the the "Add" reference below is describing.
It calls "exceptions" somehow to
END MY NOTE----------------------
“Y S
#³ ³( f QQ( ÿË2 @ ¢P ˜e € !E¡ ù/Ë ÿÿÿÿCDiskNotifyInfoCollection::FindDiskNotifyHandle CDiskNotifyInfoCollection::
FindVolumeNotifyHandle ºé
CDiskNotifyInfoCollection::Remove D E V I C E W P D F S N o t i f i c a t i o n W n d C l a s s szVolumePnPPath && pDevice && pPortableDeviceClassExtension pDNI \ \ . \ % w S CDiskNotifyInfoCollection::Add [K- t…Øa λ?Å ðx
ÃÚB ¬ %ºú1pÁZ8¥{ïSIJšxIà:ã°Ÿÿ÷
nÁ
Î-
Q
ÖU
ç
ø
_Á
Î-
Q
ÖU
Oÿ
³ø
"䲉 O C¼ï¤Jþ¨>³Á¶
8
É7Љ^ëá²zFßÊÙ.Ñyðx
ÃÚB ¬ %ºú1pÁÎ-
Q
ÖU
[ñ
»
Î-
Q
ÖU
R÷
á
Î-
Q
ÖU
üû
Î-
Q
ÖU
"Ç
-
íÚ
Î-
Q
ÖU
DÊ
S
Á¶
>
[
ÑÈ¢‹>*ö©–N -´à4
´8
ô4
5
5
D5
05
6
X5
ä:
H;
;
ø:
¨:
4;
;
Ð:
¼:
à4
ô4
5
5
È8
D5
05
6
X5
l5
´8
ð8
9
Ü8
9
à4
5
èE
ô4
6
5
D5
05
6
X5
l5
€5
Ð5
ä5
”5
4 ü6
¨5
Ô6
è6
¬6
ø5
\6
H6
t7
ˆ7
46
87
ü6
L7
7
¼5
$7
˜6
„6
p6
À6
Ô6
è6
p6
`7
À6
¼5
Î-
Q
ÖU
+
e3
Î-
Q
ÖU
1ï
‹3
h
ppAttributes pszObjectID Î-
Q
ÖU
(Ì
,A
GU
Î-
Q
ÖU
q
RA
ppValues pKeys pszVolumePath pRequest xûnìCô’t<ô³% ðx
ÃÚB ¬ %ºú1pÁÎ-
Q
ÖU
êÌ
,W
Î-
Q
ÖU
ËÍ
RW
Î-
Q
ÖU
®ë
xW
Ø
Î-
Q
ÖU
WÈ
žW
Î-
Q
ÖU
±Î
ÄW
Á¶
;a
h
pResults pParams Õ¤×âž tCV Ðw;; ÖW#ÚÚà.I˜ÛÝaÅ;£SÖâ3qsïVÒøŽªœ+n$ÇÈöMå,|EŸSïÎÊ©\ c¬ÂåÖä5Mœ^SéÜ` ¯ ðx
ÃÚB ¬ %ºú1pÁU n k n o w n F i n d N e x t C l o s e F i l e S a v e N e w O b j e c t D e l e t e T e m p F i l e C r e a t e T e m p F i l e O p e n F i l e D e l e t e F i l e R e a d F a s t P r o p e r t i e s R e a d S l o w P r o p e r t i e s W r i t e P r o p e r t i e s W r i t e F i l e D a t a R e a d F i l e D a t a G e t F i l e A t t r i b u t e s C h e c k F o r F i l e D a t a C h e c k F o r F i l e E x i s t e n c e U n i n i t i a l i z e D r i v e r I n i t i a l i z e D r i v e r U n d e f i n e d N / A Y@ @@pwszVal m_pWdfDevice && pParams \ % 5 C : % 3 B % % 2 5 pDiDetailData lpVolumeDiskExtents pbVolumePath szDeviceName pWdfDevice D C I M . A V I . A S F . B M P . D O C . E X I F . G I F . H T M . H T M L . I C O . J P E G . J P G . M 3 U . M P 3 . M P E G . M P G . P N G . T I F . T I F F . T X T . W A V . W M A . W M V . W P L y ¾ µx-Èx^Œ“]§´¬¸ÈwU³_ üS°eæ—œÁ´f
pdw pSystemTime pullFileSize szMulti pszParentID pObjectManagementContext pszTargetObjectID hFile != INVALID_HANDLE_VALUE pBuffer COperationReadData::Cancel hFile && hFile != INVALID_HANDLE_VALUE pdwNumBytesWritten pDeviceContext COperationWriteData::Cancel pEnumContext pszFilePath pResourceContext dwMode == STGM_READ || dwMode == STGM_WRITE pObjectIDs pValues . . . * . * pszPath m_pszObjectID N E W pszNewVolumeLabel szTo szFrom pszNewTrailingID pOutputBuffer \ \ . \ % w s M S C : G e n e r i c h i e r a r c h i c a l D C F Â 2Íàkù„ ùù~F:çW M / A l b u m T i t l e W M / V i d e o W i d t h ¡ ¸ 5 1M–Ùl¿Ég ™FG D u r a t i o n B i t r a t e I s _ P r o t e c t e d T i t l e A u t h o r D e s c r i p t i o n W M / T r a c k W M / G e n r e W M / Y e a r W M / C o m p o s e r W M / T r a c k N u m b e r W M / V i d e o H e i g h t W M / V i d e o F r a m e R a t e pValues && pbCanceled ppThumbnailData . * \ * ÿŸ U³þèhFæ¡ ¡7W
WMCreateEditor w m v c o r e . d l l Y/¶(eÑ – ø
à=L9o<Ò { ÀOyz·%\
A\
c\
¢\
¾\
¿]
]
,^
-]
Â
@]
Delete NoRemove ForceRemove Val B D M S T/
P/
L/
H/
D/
8/
,/
$/
Ic
àê
0ë
Invalid parameter passed to C runtime function.
ole32.dll OLEAUT32.dll à À F cõS¿¶Ð ”ò É û‹
cõS¿¶Ð ”ò É û‹
ä¢+Lk•B»C&2+™®²•Ú&§ â KD¾òèl¿üˆ«‚¾,¥#H–åÐ'&qü8Y§E .]
CoTaskMemAlloc CoTaskMemRealloc CoTaskMemFree StringFromGUID2 CoCreateInstance PropVariantClear CoCreateGuid StringFromCLSID TraceMessage GetTraceEnableFlags GetTraceEnableLevel GetTraceLoggerHandle A RegisterTraceGuidsW UnregisterTraceGuids A RegDeleteValueW RegCloseKey RegCreateKeyExW RegOpenKeyExW RegSetValueExW RegQueryInfoKeyW RegEnumKeyExW TraceEvent SHFileOperationW SHGetDesktopFolder H SHParseDisplayName H AssocGetPerceivedType SetupDiDestroyDeviceInfoList l SetupDiGetDeviceInterfaceDetailW < SetupDiEnumDeviceInterfaces SetupDiGetClassDevsW U SetupDiGetDevicePropertyW SetupDiOpenDeviceInfoW A SetupDiCreateDeviceInfoList DeleteObject GetDIBits  ÿÿÿÿÿÿÿÿ Ä € ŒÀ ÿÿÿÿÿÿÿÿŽÊ ÐÁ ÿÿÿÿÿÿÿÿœË D ôÆ ŒÉ €É tÉ fÉ VÉ DÉ &É É øÈ äÈ ØÈ ÄÈ °È žÈ ŽÈ ~È fÈ TÈ xÊ ZÊ >Ê *Ê Ê üÉ æÉ ÐÉ ÀÉ ¸É ¦É ‚Ä ŽÄ Ä ¸Ä ÐÄ ìÄ Å Å $Å 6Å JÅ VÅ lÅ ˆÅ Å ¸Å ÆÅ ÜÅ îÅ þÅ Æ Æ 2Æ DÆ ZÆ pÆ |Æ ŠÆ šÆ ¬Æ ºÆ ÊÆ ÚÆ èÆ HÈ Ç *Ç <Ç TÇ dÇ ˆÇ ¬Ç ÂÇ ØÇ ðÇ
È È &È <È šÉ œÊ ¨Ê ¸Ê ÖÊ öÊ Ë Ë .Ë BË PË bË tË €Ë ˆË xÄ pÄ bÄ XÄ NÄ DÄ *Ä Ä øà ìà Þà Öà Ìà Âà ¸Ã ¬Ã ¢Ã ”à †Ã zà nà dà Tà Hà >à .à à à à ô Þ Ò Ê À °Â  ??3@YAXPAX@Z + ??_V@YAXPAX@Z Þ malloc ¦ free ë memcpy_s c _CxxThrowException U wcscpy_s ] wcsncpy_s P wcscat_s s __CxxFrameHandler3 ) ??_U@YAPAXI@Z î memset ü _purecall ??2@YAPAXI@Z ” _ftol2 í memmove_s _wcsupr_s Å _vscwprintf J vswprintf_s [ wcsncmp ï _wcsicmp d wcsstr ` wcsrchr ê memcpy i _wtoi j _XcptFilter Õ _initterm _amsg_exit msvcrt.dll ??1type_info@@UAE@XZ Y _except_handler4_common ÿ realloc V _errno ¦ _unlock __dllonexit B _lock ë _onexit N lstrlenW ± RaiseException î EnterCriticalSection 9 LeaveCriticalSection â InitializeCriticalSection Ñ DeleteCriticalSection GetLastError ? LoadLibraryW E GetProcAddress GetModuleHandleW E lstrcmpiW GetModuleFileNameW Þ DisableThreadLibraryCalls ï InterlockedIncrement ë InterlockedDecrement b FreeLibrary g MultiByteToWideChar ± SizeofResource A LoadResource N FindResourceW > LoadLibraryExW — SetThreadLocale Œ GetThreadLocale ì InterlockedExchange ù WaitForSingleObject Y SetEvent ResetEvent T LockResource M FindResourceExW R CloseHandle … CreateEventW µ CreateThread CreateFileW . FindClose § QueryPerformanceCounter ¨ QueryPerformanceFrequency Ý DeviceIoControl § GetVolumeInformationW X SetErrorMode GetVolumePathNamesForVolumeNameW © GetVolumeNameForVolumeMountPointW ê GetFileAttributesW a SetFileAttributesW % FileTimeToSystemTime $ FileTimeToLocalFileTime C CancelIoEx Ö DeleteFileW 8 GetOverlappedResult À ReadFile % WriteFile © SetVolumeLabelW ç GetFileAttributesExW ñ GetFileSizeEx E FindNextFileW 9 FindFirstFileW RemoveDirectoryW CreateDirectoryW c MoveFileW ƒ GetTempFileNameW Î GetDiskFreeSpaceExW Î DelayLoadFailureHook é InterlockedCompareExchange = LoadLibraryExA £ GetVersionExA Î HeapDestroy Ë HeapAlloc Ï HeapFree Ò HeapReAlloc Ô HeapSize J GetProcessHeap ² Sleep “ GetTickCount Å GetCurrentThreadId Á GetCurrentProcessId y GetSystemTimeAsFileTime À TerminateProcess À GetCurrentProcess Ó UnhandledExceptionFilter ¥ SetUnhandledExceptionFilter ‰ OutputDebugStringA KERNEL32.dll 1 CharNextW 6 PostMessageW R RegisterDeviceNotificationW UnregisterDeviceNotification œ DefWindowProcW 7 PostQuitMessage UnregisterClassW ¯ DispatchMessageW ] GetMessageW n CreateWindowExW N RegisterClassW e ReleaseDC ! GetDC UnregisterClassA USER32.dll gµ[J
Ì ØË ìË Ì Z æx -~ ?~ 4Ð Ì $Ì 6Ì HÌ \Ì WpdFs.DLL DllCanUnloadNow DllGetClassObject DllRegisterServer DllUnregisterServer Microsoft_WDF_UMDF_Version Ð
è
Ð
¼
¬
¤
Œ
p
L
0
ü
À
€
|/
.?AVCAtlException@ATL@@ ,
ÒŠ
¯ˆ
T‰
Ë~
Ë~
1
ÿÿÿÿÿÿÿÿfm
>m
¶m
¬m
¢m
˜m
Žm
„m
zm
pm
Hm
\m
Rm
m
an
|n
m
m
úl
ðl
æl
Ül
Òl
Èl
¾l
£l
Wn
Mn
Cn
9n
/n
%n
n
åm
Àm
Ûm
ïm
gl
ql
{l
…l
l
™l
]l
Bl
ø € ¸ È Ø @M Ê °ô X ñ T Y P E L I B R E G I S T R Y 4 V S _ V E R S I O N _ I N F O ½ ïþ @° @° ? þ S t r i n g F i l e I n f o Ú 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n ~ + F i l e D e s c r i p t i o n W i n d o w s P o r t a b l e D e v i c e F i l e S y s t e m D r i v e r l & F i l e V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 ( w i n 7 _ r t m . 0 9 0 7 1 3 - 1 2 5 5 ) I n t e r n a l N a m e € . L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . <
O r i g i n a l F i l e n a m e W p d F s . D L L j % P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m B P r o d u c t V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 D V a r F i l e I n f o $ T r a n s l a t i o n ° MSFT A ! . ¼
, H À ! < p | °
$
€ ÿÿÿÿÿÿÿÿ KXWpdFsLib ÿÿÿÿ 8=´WpdFsWWWd ÿÿÿÿ 8á£IDriverEntryÈ
8K IWDFDriverWW, ÿÿÿÿ
8ñEIWDFObjectWW, ÿÿÿÿ õcDeleteWdfObjectW ÿÿÿÿ 8!UIObjectCleanupWW ÿÿÿÿ X(OnCleanupWWWÿÿÿÿÿÿÿÿ
pWdfObjectWW, ÿÿÿÿ
õAssignContextWWWÿÿÿÿÿÿÿÿ dxpCleanupCallbackÿÿÿÿÿÿÿÿ .ZpContext, ÿÿÿÿ 1$RetrieveContextWÿÿÿÿô
ä³ppvContextWW, =ëAcquireLockW, ÿÿÿÿ Ô!ReleaseLockWô ÿÿÿÿ 8m²IWDFDeviceInitializeô ÿÿÿÿ Þ*SetFilterWWWX ÿÿÿÿ 8÷P_WDF_CALLBACK_CONSTRAINTX ÿÿÿÿ 0´=NoneX ÿÿÿÿ 0ÏXWdfDeviceLevelWWX p 0u¯WdfLevelReservedX ÿÿÿÿ 0J£WdfLevelMaximumWô ÿÿÿÿ bSetLockingConstraintÿÿÿÿÿÿÿÿ }ÓLockType¼ ( "8áw_WDF_PROPERTY_STORE_RETRIEVE_FLAGSWW¼ ÿÿÿÿ 0£ãWdfPropertyStoreNormalWW¼ | 0áWdfPropertyStoreCreateIfMissingW¼ ÿÿÿÿ 0 žWdfPropertyStoreCreateVolatileWW¼ ÿÿÿÿ!0> WdfPropertyStoreRetrieveFlagsMaskWWW Ð 8á IWDFNamedPropertyStoreWW ÿÿÿÿ
I@GetNamedValueWWWÿÿÿÿÿÿÿÿ o pszNameWÿÿÿÿÿÿÿÿ »^pvWW p
ÔøSetNamedValueWWW ÿÿÿÿ glGetNameCountÿÿÿÿÿÿÿÿ cpdwCount ÿÿÿÿ †kGetNameAtWWWÿÿÿÿ u—iPropWWWÿÿÿÿÀ ppwszNameWWW„ ÿÿÿÿ 8Rç_WDF_PROPERTY_STORE_DISPOSITIONW„ ä 04ÕCreatedNewStoreW„ ÿÿÿÿ 0ˆ¡OpenedExistingStoreWô ÿÿÿÿ éçRetrieveDevicePropertyStoreWÿÿÿÿÿÿÿÿ H¥pcwszServiceNameÿÿÿÿÿÿÿÿ oFlagsWWWÿÿÿÿÿÿÿÿ Ÿ¸ppPropStoreWÿÿÿÿð $pDispositionô ÿÿÿÿ r SetPowerPolicyOwnershipWÿÿÿÿÿÿÿÿ VùfTrueWWWè ÿÿÿÿ 8 ~_WDF_TRI_STATEWWè ÿÿÿÿ
0 WdfUseDefaultWWWè ÿÿÿÿ 0Œ³WdfFalseè ÿÿÿÿ 0œÎWdfTrueWô ÿÿÿÿ <AutoForwardCreateCleanupCloseWWWÿÿÿÿÿÿÿÿ ù StateWWWô X ñRetrieveDeviceInstanceIdÿÿÿÿ -ËBufferWWÿÿÿÿ¬ ; pdwSizeInCharsWWL Ø 8ç _WDF_PNP_CAPABILITYWL \ 0VšWdfPnpCapInvalidL 0ñæWdfPnpCapLockSupportedWWL ÿÿÿÿ 0•~WdfPnpCapEjectSupportedWL ÿÿÿÿ 0êÛWdfPnpCapRemovableWWL ÿÿÿÿ 0©†WdfPnpCapDockDeviceWL ÿÿÿÿ 0AÐWdfPnpCapSurpriseRemovalOkWWL ÿÿÿÿ 0¢IWdfPnpCapNoDisplayInUIWWL ( 0ÁÊWdfPnpCapMaximumô ÿÿÿÿ ô%SetPnpCapabilityÿÿÿÿü
šCapabilityWWÿÿÿÿ@ äKValueWWWô P ¢&GetPnpCapability° ÿÿÿÿ
8[IWDFDeviceWW° ¼ Ô}GetDriverWWWÿÿÿÿÿÿÿÿ °ÈppWdfDriverW ( 8>öIWDFIoTargetx ¨ 8ŒÄIWDFFilex ÿÿÿÿ (èRetrieveFileNameÿÿÿÿT ŒNpFileNameWWWÿÿÿÿÿÿÿÿ –PpdwFileNameLengthInCharsx Ø
ÙGetDeviceWWWÿÿÿÿÿÿÿÿ §#ppWdfDeviceW ÿÿÿÿ
KGetTargetFileWWWÿÿÿÿÿÿÿÿ ÅDppWdfFileWWW ÿÿÿÿ ÐCancelSentRequestsForFileWWWÿÿÿÿ$ «pFileWWWÜ ÿÿÿÿ
8ö IWDFIoRequestWWW@ ÿÿÿÿ 8|×ULONG_PTRWWWÜ X ½üCompleteWithInformationWÿÿÿÿÿÿÿÿ â¯CompletionStatusÿÿÿÿ0 ‹ßInformationWÜ t Á SetInformationWWÜ ð
Complete¤ < !8¾|IRequestCallbackRequestCompletionWWW H 8;™IWDFRequestCompletionParamsW ÿÿÿÿ GetCompletionStatusW ÿÿÿÿ MDGetInformationWWl ÿÿÿÿ 8N¤_WDF_REQUEST_TYPEWWWl ÿÿÿÿ 0 IWdfRequestUndefinedWl Œ 0 ´WdfRequestCreatel Ø 0"sWdfRequestCleanupWWWl h 0¨¥WdfRequestReadWWl ÿÿÿÿ 0 LWdfRequestWriteWl ÿÿÿÿ 0:"WdfRequestDeviceIoControlWWWl ”
0ÍõWdfRequestCloseWl 4
0-5WdfRequestUsbWWWl ÿÿÿÿ 0¶ÒWdfRequestOtherWl ÿÿÿÿ 02 WdfRequestInternalIoctlWl œ 0 ÙWdfRequestTypeNoFormatWWl h 0ý§WdfRequestFlushBuffersWWl ÿÿÿÿ 0 ÊWdfRequestQueryInformationWWl ÿÿÿÿ 0ÑÿWdfRequestSetInformationl ÿÿÿÿ 0 äWdfRequestMaximumWWW ÿÿÿÿ µ@GetCompletedRequestTypeW¤ ÿÿÿÿ PÌOnCompletionÿÿÿÿÿÿÿÿ ¯ipWdfRequestWÿÿÿÿ cpIoTargetWWWÿÿÿÿÿÿÿÿ ~ŸpParamsWÜ ÿÿÿÿ G©SetCompletionCallbackWWWÿÿÿÿÿÿÿÿ ZÏpCompletionCallbackWÜ )JGetTypeWÜ ÿÿÿÿ æVGetCreateParametersWÿÿÿÿ( }pOptionsÿÿÿÿÿÿÿÿ ¼ÜpFileAttributesWÿÿÿÿÀ
pShareAccessÜ $ 1mGetReadParametersWWWÿÿÿÿ| üæpSizeInBytesÿÿÿÿH
‘ pullOffsetWWÿÿÿÿÄ •ÅpulKeyWWÜ ¬ £ GetWriteParametersWWÜ ì AµGetDeviceIoControlParametersÿÿÿÿL ÊpControlCodeÿÿÿÿd
g pInBufferSizeWWWÿÿÿÿô !pOutBufferSizeWWÐ ˆ
8íVIWDFMemoryWW4 L 8 ç_WDFMEMORY_OFFSETWWW4 ôÊBufferOffset4 ÿÿÿÿ eäBufferLengthÐ ¼ gÕCopyFromMemoryWWÿÿÿÿ8
G¶SourceWWÿÿÿÿÿÿÿÿ <SourceOffsetÐ ¤ ÞCopyToBufferÿÿÿÿ|
)iTargetBufferÿÿÿÿÿÿÿÿ û NumOfBytesToCopyToWWÐ ÿÿÿÿ ˜`CopyFromBufferWWÿÿÿÿ
æ›DestOffsetWWÿÿÿÿ E\SourceBufferÿÿÿÿô m™NumOfBytesToCopyFromÐ t ÑEGetSizeWÐ (
EGetDataBufferWWWÿÿÿÿ
ÔðBufferSizeWWÐ ÿÿÿÿ WºSetBufferWWWÜ p ŽVGetOutputMemoryWÿÿÿÿÐ
ppWdfMemoryWÜ ÿÿÿÿ ¸^GetInputMemoryWW˜ ÿÿÿÿ 8+ IRequestCallbackCancelWW˜ ô ˜æOnCancelÜ „ ŒMarkCancelableWWÿÿÿÿŒ M:pCancelCallbackWÜ H ôUnmarkCancelableÜ Ô { CancelSentRequestWWWü , 8JÈIWDFIoQueueWü ô /ÝConfigureRequestDispatchingWÿÿÿÿ T;RequestTypeWÿÿÿÿ¼ ©âForwardW` 8)‘_WDF_IO_QUEUE_STATEW` ÿÿÿÿ 0à WdfIoQueueAcceptRequests` ÿÿÿÿ 0ëMWdfIoQueueDispatchRequestsWW` X 0aãWdfIoQueueNoRequests` t
0‚ÖWdfIoQueueDriverNoRequestsWW` ÿÿÿÿ 07)WdfIoQueuePnpHeldWWWü t 4 GetStateÿÿÿÿÿÿÿÿ úÝpulNumOfRequestsInQueueWÿÿÿÿ¨ ×.pulNumOfRequestsInDriverü L
»dRetrieveNextRequestWÿÿÿÿX »1ppRequestWWWü Ð RetrieveNextRequestByFileObjectWü
¾ StartWWWÄ ¨ 8Þ IQueueCallbackStateChangeWWWÄ Œ
€OnStateChangeWWWÿÿÿÿø
1ÐpWdfQueueWWWÿÿÿÿ,
tQQueueStateWWü ` ö4Stopÿÿÿÿ°
éÓpStopCompleteWWWü ÿÿÿÿ lIStopSynchronouslyWWWü \ £íDrainWWWÿÿÿÿŒ !ipDrainCompleteWWü ü ´ DrainSynchronouslyWWü D öoPurgeWWWÿÿÿÿ +=pPurgeCompleteWWü 4 ×ÁPurgeSynchronouslyWWÜ d ºñForwardToIoQueueÿÿÿÿÿÿÿÿ ÕÁpDestinationÜ d ÍäSendÿÿÿÿ ® TimeoutWÜ \
çÂGetFileObjectWWWÿÿÿÿ0 :ÝppFileObjectÜ H JFormatUsingCurrentTypeWWÜ ˆ çYGetRequestorProcessIdWWWÜ ô
OeGetIoQueueWWÿÿÿÿÄ ¶ ppWdfIoQueue(
ÿÿÿÿ 8›)_SECURITY_IMPERSONATION_LEVELWWW( ÿÿÿÿ 0L·SecurityAnonymousWWW(
| 0ÁÁSecurityIdentificationWW(
Ü 0 ôSecurityImpersonationWWW(
¨ 0-ÉSecurityDelegationWWŒ
à 8gáIImpersonateCallbackŒ
OnImpersonateWWWÿÿÿÿ¨ XnContextWÜ ô ‡KImpersonateWÿÿÿÿH `òImpersonationLevelWWÿÿÿÿÿÿÿÿ Ý pCallbackWWWÿÿÿÿ 6†pvCallbackContextWWWÜ À IsFrom32BitProcessWWÜ ÿÿÿÿ ”±GetCompletionParamsWÿÿÿÿ †ppCompletionParamsWW ˜ o‹FormatRequestForReadÿÿÿÿ4 —pRequestÿÿÿÿ¤
pOutputMemoryWWWÿÿÿÿ€ pOutputMemoryOffsetWÿÿÿÿ€ A8DeviceOffset ÿÿÿÿ LFormatRequestForWriteWWWÿÿÿÿœ ûÿpInputMemoryÿÿÿÿÿÿÿÿ ™;pInputMemoryOffsetWW t ErFormatRequestForIoctlWWWÿÿÿÿ` Ì<IoctlCodeWWW° ÿÿÿÿ BÚGetDefaultIoTargetWWÿÿÿÿ|
IœppWdfIoTargetWWWð
8£!IWDFDriverCreatedFileWWWð
ô « CloseWWW° ÿÿÿÿ
\÷CreateWdfFileWWWÿÿÿÿ¤
º.pcwszFileNameWWWÿÿÿÿ @ppFileWW° x ÁÇGetDefaultIoQueueWWWT 8 8 _WDF_IO_QUEUE_DISPATCH_TYPEWT ÿÿÿÿ 0ÓñWdfIoQueueDispatchSequentialT Ô 0¯MWdfIoQueueDispatchParallelWWT
0 aWdfIoQueueDispatchManualT ¼ 0œ9WdfIoQueueDispatchMaximumWWW° 0
ÓCreateIoQueueWWWÿÿÿÿà ²½pCallbackInterfaceWWÿÿÿÿ¼
¿bDefaultQueueWWWÿÿÿÿÿÿÿÿ Û–DispatchTypeÿÿÿÿÿÿÿÿ
ãùbPowerManagedWWWÿÿÿÿ
bAllowZeroLengthRequestsÿÿÿÿ üÞppIoQueueWWW° ÿÿÿÿ #CreateDeviceInterfaceWWWÿÿÿÿø €=pDeviceInterfaceGuidÿÿÿÿ¼ ÊÿpReferenceString° H É{AssignDeviceInterfaceStateWWÿÿÿÿÿÿÿÿ î EnableWW° ×ÝRetrieveDeviceNameWWÿÿÿÿ” a pDeviceNameWÿÿÿÿ@ íâpdwDeviceNameLengthW¸ ¼ 8>a_WDF_EVENT_TYPEW¸ $ 00™WdfEventReserved¸ à 0vAWdfEventBroadcastWWW¸ ÿÿÿÿ 0*èWdfEventMaximumW° «PostEventWWWÿÿÿÿP awEventGuidWWWÿÿÿÿ, (‚EventTypeWWWÿÿÿÿ´ ‚pbDataWWÿÿÿÿˆ
>äcbDataSizeWWÿÿÿÿH SpQueueWW H 8R¹_WDF_PNP_STATEWW Ä
0<øWdfPnpStateInvalidWW 0 0×cWdfPnpStateDisabledW ¨ 0Ž WdfPnpStateFailedWWW ü 0ùDWdfPnpStateRemovedWW ð
0 ²WdfPnpStateResourcesChangedW 0õŸWdfPnpStateDontDisplayInUIWW ´ 0û WdfPnpStateNotDisableableWWW ÿÿÿÿ 0h(WdfPnpStateMaximumWW° Ø È°SetPnpStateW° ¤ ÜGetPnpStateW° ¢WCommitPnpStateWW° `
ÑÔCreateRequestWWWÿÿÿÿÿÿÿÿ
sppParentObjectWWW° ÿÿÿÿ xCreateSymbolicLinkWWÿÿÿÿÔ
GpSymbolicLinkWWWÈ ˆ CreateDeviceÿÿÿÿ rpDeviceInitWÿÿÿÿØ ppDeviceÈ Ð ÞmCreateWdfObjectWÿÿÿÿ ppWdfObjectWÈ ô 8 CreatePreallocatedWdfMemoryWÿÿÿÿØ 'ÔpBuffWWWÈ \
Ú~CreateWdfMemoryW€ 4 8›¸UMDF_VERSION_DATAWWW€ ¸ €JMajorNumberW€ ÿÿÿÿ €MinorNumberW€ ÿÿÿÿ
¹DServiceNumberWWWÈ à
IsVersionAvailableWWÿÿÿÿÀ ´ pMinimumVersionWÈ „ RÂRetrieveVersionStringWWWÿÿÿÿÀ w±pVersionÿÿÿÿp ݶpdwVersionLengthd ¸ º OnInitializeÿÿÿÿÿÿÿÿ
¤ÓpWdfDriverWWd Ð ¤OnDeviceAddWÿÿÿÿÿÿÿÿ ?upWdfDeviceInitWWd @ Ë_OnDeinitializeWW- WPD FileSystem Volume Driver 1.0 Type LibraryW WpdFs ClassWWW IDriverEntry Interface IWDFDriver InterfaceWW IWDFObject InterfaceWW IObjectCleanup InterfaceWW IWDFDeviceInitialize Interface IWDFDevice InterfaceWW IWDFIoTarget Interface IWDFFile Interface IWDFIoRequest InterfaceWWW+ IRequestCallbackRequestCompletion InterfaceWWW% IWDFRequestCompletionParams InterfaceW IWDFMemory InterfaceWW IRequestCallbackCancel InterfaceWW IWDFIoQueue InterfaceW# IQueueCallbackStateChange InterfaceWWW IImpersonateCallback Interface IWDFDriverCreatedFile InterfaceWWW ÿ, ÿ ÿ ÿ @ € þ X @ € þ þÿ @ € ¼ ÿ ÿX ÿ`
( HKCR
{
NoRemove CLSID
{
ForceRemove {112DE495-AC4C-46F8-B663-6A4266C53313} = s 'WpdFs Class'
{
InprocServer32 = s '%MODULE%'
{
val ThreadingModel = s 'Free'
}
}
-------------------------------------------filetrace-----------------------------------------------------------
ÌÌÌÌÌÌÿ% 1 2 7 D 4 6 A F - 4 A D 3 - 4 8 9 f - 9 1 6 5 - F 0 0 B A 6 4 D 5 4 6 7 7 D A 1 3 8 5 C - F 8 F 5 - 4 1 c c - B 9 D 0 - 0 2 F C A 0 9 0 F 1 E C 0 5 8 D D 9 5 1 - 7 6 0 4 - 4 1 4 d - A 5 D 6 - A 5 6 D 3 5 3 6 7 A 4 6 D 7 5 D 8 3 0 3 - 6 C 2 1 - 4 b d e - 9 C 9 8 - E C C 6 3 2 0 F 9 2 9 1 ƒé- LÒ ¥2 `— Z H xP C RSDS‚#â FY O’ÇÍ©HUæ filetrace.pdb ˆ
FileTrace!DetachFromDrives: END
Ì Keeping attachment to 0x%x
Ì Detaching from 0x%x
NOTHING!!!
Ì
FileTrace!DetachFromDrives: Start, kept drives 0x%x
Ì->FAIL
->PASS
Bad volume name ÌBit mask 0x%x ÌDrive letter '%c' ÌBad device object ->FAIL
Local drive mask Network drive mask All drives mask Ì Checking Volume: ÌFileTrace!AttachToRequestedDrives: End
FileTrace!AttachToRequestedDrives:
Start
Refcount now %d
ÌTargetIndex = %d, ÌNo matching guid
logger = %I64X, ÌIRP_MN_ENABLE_EVENTS: Ìactive session flags 0x%x
ÌSESSION NOT FOUND!
target session %d, lh %I64X, ÌFileTrace!DisableSession: j h C èž—ÿÿ3ö‰uühä† EÜPÿ A EÜPÿ A £ÀU ‰5|U ‰5V Ç ”V ‹E £àU ¸˜V £œV £˜V 3À@£ V
ÿÿ 8 t† @ƒ ly îy ²v ¼v K e A r e A l l A p c s D i s a b l e d F l a g s S t a r t % w s W M I \ G l o b a l L o g g e r \ ÌÌ$ˆ üŒ €@ ˆ V p@ ¤‡ à @ ´ ž Š r V @ $ òŽ ÞŽ ÄŽ ¨Ž ŽŽ tŽ VŽ <Ž &Ž Ž ò à Æ ´ œ ˆ t ^ Ê , B ò‹ Œ (Œ :Œ \Œ Þ‹ ¢Œ ¾Œ ÞŒ ìŒ
‹ ‹ h‹ †‹ J‹ *‹ ‹ öŠ ÔŠ ¸Š Š –Š ‚Š fŠ JŠ 0Š Š ú‰ ≠ʉ ¼‰ ²‰ š‰ ~‰ j‰ \‰ D‰ (‰ ‰ èˆ €Œ Ôˆ KeInitializeEvent x ExDeleteNPagedLookasideList ” ExInitializeNPagedLookasideList æ MmGetSystemRoutineAddress î RtlInitUnicodeString 0 _vsnwprintf ‹
ExFreePoolWithTag IoWMIRegistrationControl s ExAllocatePoolWithTag O memset @ DbgPrintEx ¯ ObfDereferenceObject ‘ RtlUpcaseUnicodeChar £ IoVolumeDeviceToDosName . WmiQueryTraceInformation M RtlQueryRegistryValues » InterlockedPopEntrySList ¼ InterlockedPushEntrySList ê MmIsAddressValid K memcpy
PsGetProcessSessionId ç PsDereferencePrimaryToken æ PsDereferenceImpersonationToken Ý SeQueryInformationToken ( PsReferencePrimaryToken ' PsReferenceImpersonationToken N RtlAbsoluteToSelfRelativeSD % RtlLengthSecurityDescriptor ¬ ZwQueryInformationFile Z RtlAppendUnicodeStringToString [ RtlAppendUnicodeToString P KeQuerySystemTime
PsGetProcessWin32WindowStation 7 IoGetTopLevelIrp ² IoWMIWriteEvent ý PsGetProcessCreateTimeQuadPart › IoUnregisterPlugPlayNotification _ IoRegisterPlugPlayNotification " IoGetDeviceObjectPointer å ExfInterlockedInsertHeadList œ KeTickCount Ý KeBugCheckEx ntoskrnl.exe RtlUnwind ExReleaseFastMutex ExAcquireFastMutex T KeGetCurrentIrql HAL.dll Ú FltUnregisterFilter Ñ FltStartFiltering ² FltRegisterFilter – FltObjectDereference ? FltDetachVolume Q FltFreeGenericWorkItem FltAttachVolume Y FltGetDiskDeviceObject FltGetVolumeProperties I FltEnumerateVolumes ® FltQueueGenericWorkItem FltAllocateGenericWorkItem © FltQueryInformationFile l FltGetRequestorProcess « FltQueryVolumeInformation ª FltQuerySecurityObject ´ FltReleaseContext ¶ FltReleaseFileNameInformation ‰ FltIsDirectory \ FltGetFileNameInformation x FltGetVolumeContext m FltGetRequestorProcessId } FltGetVolumeGuidName € FltGetVolumeName Ï FltSetVolumeContext FltAllocateContext — FltObjectReference FLTMGR.SYS è €( € @ € X € p € r ˆ € € ¸ È Ø ð” È ” \ ð M U I 4 V S _ V E R S I O N _ I N F O ½ ïþ @° @° ? þ S t r i n g F i l e I n f o Ú 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n Z F i l e D e s c r i p t i o n F i l e T r a c e F i l t e r D r i v e r l & F i l e V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 ( w i n 7 _ r t m . 0 9 0 7 1 3 - 1 2 5 5 ) < I n t e r n a l N a m e f i l e t r a c e . s y s € . L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . D O r i g i n a l F i l e n a m e f i l e t r a c e . s y s j % P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m B P r o d u c t V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 D V a r F i l e I n f o $ T r a n s l a t i o n ° E T W F i l e T r a c e F i l t e r F i l e T r a c e ÍþÍþÈ “,›Ó' g;c
@–žÃ’Í~³{o ÉŠ\ ÓŸû¹8Ù ˆ ˜ ° ¸ M U I M U I e n - U S
-----------------------------monitor.sys----------------------------------
‹Ñ¸x0 ;Ðs'VW+Áj H3ÒY÷ñ¿ˆ0 ‹ðF‹ …Àt ÿЉGüƒÇ Nuï_^ÃÌÌÌÌÌÌÿ% ÌÌÌÌÌÌÿ% ÌÌÌÌÌÌÿ% ÌÌÌÌÌÌÿ% \ P o w e r M o n i t o r P o r t monitor.pdb \ D o s D e v i c e s \ L C D M i n i m u m S t e p P e r c e n t a g e \ R E G I S T R Y \ M A C H I N E \ S Y S T E M \ C U R R E N T C O N T R O L S E T \ S E R V I C E S \ M o n i t o r \ P a r a m e t e r s E t w U n r e g i s t e r E t w R e g i s t e r C l a s s i c P r o v i d e r W m i Q u e r y T r a c e I n f o r m a t i o n W m i T r a c e M e s s a g e P s G e t V e r s i o n M o n i t o r W M I Ù PoUnregisterPowerSettingCallback ÿ KeGetCurrentThread O memset Ë PoRegisterPowerSettingCallback M ZwClose þ IoDeleteSymbolicLink M RtlQueryRegistryValues Y ZwCreateKey î RtlInitUnicodeString ñ IoCreateSymbolicLink # IoGetDeviceProperty š ZwPowerInformation ² IoWMIWriteEvent K memcpy æ MmGetSystemRoutineAddress k RtlCompareMemory IoWMIRegistrationControl ¹ IofCallDriver ¥ KeWaitForSingleObject Ò IoBuildDeviceIoControlRequest KeInitializeEvent · ExRaiseStatus ; ZwAlpcConnectPort G ZwAlpcSendWaitReceivePort œ KeTickCount Ý KeBugCheckEx ntoskrnl.exe } RtlCopyUnicodeString WdfVersionUnbind WdfVersionBind WdfVersionBindClass WdfVersionUnbindClass WDFLDR.SYS € 0 € H ` „ „ 4 V S _ V E R S I O N _ I N F O ½ ïþ @° @° ? â S t r i n g F i l e I n f o ¾ 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n F F i l e D e s c r i p t i o n M o n i t o r D r i v e r l & F i l e V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 ( w i n 7 _ r t m . 0 9 0 7 1 3 - 1 2 5 5 ) 8 I n t e r n a l N a m e m o n i t o r . s y s € . L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . @ O r i g i n a l F i l e n a m e m o n i t o r . s y s j % P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m B P r o d u c t V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 D V a r F i l e I n f o $
-------------------------------------------blbdrive.sys---------------------------------------------------------------------
N U L L < N U L L > W r i t e R e a d vsim Ìconectix Ìcxsparse Ì\ D e v i c e \ H a r d d i s k V o l u m e F i l e % d \ ? ? \ U N C R O O T \ B L B D R I V E 0 0 0 0 S T O R A G E \ V o l u m e H a r d d i s k V o l u m e F i l e % d Blbdrive Remove called deviceobject (%p) Ì\ D e v i c e \ B l b C o n t r o l $ àø$ ÃInvalid partition table Error loading operating system Missing operating system bz™ Uª ’ ÿÿÿÿNæ@»± ¿D
ÌE t w U n r e g i s t e r E t w R e g i s t e r C l a s s i c P r o v i d e r W m i Q u e r y T r a c e I n f o r m a t i o n W m i T r a c e M e s s a g e P s G e t V e r s i o n
†¶ ”¶ ´± f´ ˜± £ ObReferenceObjectByHandle þ _allmul ‹ ExFreePoolWithTag ² IoWMIWriteEvent s ExAllocatePoolWithTag K memcpy O memset æ MmGetSystemRoutineAddress î RtlInitUnicodeString k RtlCompareMemory IoWMIRegistrationControl º IofCompleteRequest ¹ IofCallDriver „ KeSetEvent M ZwClose t ZwFsControlFile ‡ ZwOpenFile ¥ KeWaitForSingleObject Ò IoBuildDeviceIoControlRequest KeInitializeEvent ¯ ObfDereferenceObject IoGetAttachedDeviceReference IoFileObjectType ZwMapViewOfSection \ ZwCreateSection ø RtlInsertElementGenericTableAvl À ZwQueryVolumeInformationFile ó RtlInitializeGenericTableAvl ó ZwUnmapViewOfSection , RtlLookupElementGenericTableAvl Ô MmBuildMdlForNonPagedPool IoFreeMdl Æ IoAllocateIrp Ç IoAllocateMdl IoFreeIrp Á ZwReadFile ÷ MmMapLockedPagesSpecifyCache Ó IoBuildPartialMdl ü _alldiv _allrem _allshr ^ NtQueryInformationFile = IoInvalidateDeviceRelations ü IoDeleteDevice ç IoCreateDevice i swprintf_s : NtDuplicateObject ì PsGetCurrentProcess ž ObOpenObjectByPointer IoFreeWorkItem N IoQueueWorkItem Ê IoAllocateWorkItem ± ObfReferenceObject ? DbgPrint ÿ IoDetachDevice ¾ PoCallDriver Ø PoStartNextPowerIrp t KeResetEvent å PsCreateSystemThread Ð IoAttachDeviceToDeviceStackSafe i IoReportDetectedDevice œ KeTickCount Ý KeBugCheckEx ntoskrnl.exe c KfReleaseSpinLock ` KfAcquireSpinLock HAL.dll € 0 € H `À 4 V S _ V E R S I O N _ I N F O ½ ïþ @° @° ? î S t r i n g F i l e I n f o Ê 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n J F i l e D e s c r i p t i o n B L B D r i v e D r i v e r l & F i l e V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 ( w i n 7 _ r t m . 0 9 0 7 1 3 - 1 2 5 5 ) :
I n t e r n a l N a m e b l b d r i v e . s y s € . L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . B
O r i g i n a l F i l e n a m e b l b d r i v e . s y s j % P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m B P r o d u c t V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 D V a r F i l e I n f o $ T r a n s l a t i o n °
-------------------------------------------------------------------------------------parvdm.sys paralell device
Ì$ V D M L P T P a r a l l e l V d m P a r a l l e l P o r t \ D o s D e v i c e s \ \ D e v i c e \
ÌÌÐE |H ¼E ÜH ¶H H ŠH ÊH ²F ÆF èF G G 4G >G VG fG †G ˜F œG ²G ÈG ÚG òG
H ,H >H ^H lH €F hF LF 8F KeInitializeEvent " IoGetDeviceObjectPointer ¯ ObfDereferenceObject ´ IoWriteErrorLogEntry Å IoAllocateErrorLogEntry ‹ ExFreePoolWithTag Z RtlAppendUnicodeStringToString s ExAllocatePoolWithTag RtlIntegerToUnicodeString î RtlInitUnicodeString O memset ¥ KeWaitForSingleObject ¹ IofCallDriver Ò IoBuildDeviceIoControlRequest º IofCompleteRequest MmResetDriverPaging MmPageEntireDriver ü IoDeleteDevice Ë RtlFreeUnicodeString þ IoDeleteSymbolicLink ó IoCreateUnprotectedSymbolicLink ç IoCreateDevice IoGetConfigurationInformation œ KeTickCount Ý KeBugCheckEx ntoskrnl.exe ExReleaseFastMutex ExAcquireFastMutex m WRITE_PORT_UCHAR g READ_PORT_UCHAR HAL.dll è €( € @ € X € p € ˆ € € ¸ È Ø àV È €T \ ðP Œ M U I Œ 4 V S _ V E R S I O N _ I N F O ½ ïþ @° @° ? ê S t r i n g F i l e I n f o Æ 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t C o r p o r a t i o n P F i l e D e s c r i p t i o n V D M P a r a l l e l D r i v e r l & F i l e V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 ( w i n 7 _ r t m . 0 9 0 7 1 3 - 1 2 5 5 ) 6 I n t e r n a l N a m e p a r v d m . s y s € . L e g a l C o p y r i g h t © M i c r o s o f t C o r p o r a t i o n . A l l r i g h t s r e s e r v e d . > O r i g i n a l F i l e n a m e p a r v d m . s y s j % P r o d u c t N a m e M i c r o s o f t ® W i n d o w s ® O p e r a t i n g S y s t e m B P r o d u c t V e r s i o n 6 . 1 . 7 6 0 0 . 1 6 3 8 5 D V a r F i l e I n f o $ T r a n s l a t i o n ° € € À À0 `
U n a b l e t o c r e a t e t h e s y m b o l i c l i n k f o r % 1 .
d U n a b l e t o i n i t i a l i z e i n t e r r u p t o b j e c t f o r % 1 .
P I n t e r r u p t c o n f l i c t d e t e c t e d f o r % 1 .
¸
N o t e n o u g h m e m o r y w a s a v a i l a b l e t o a l l o c a t e i n t e r n a l s t o r a g e n e e d e d f o r t h e d e v i c e % 1 .
t U n a b l e t o g e t d e v i c e o b j e c t p o i n t e r f o r p o r t o b j e c t .
ÍþÍþÈ »7пðÏ$"L l™è† çT» Lƒ¶iÃßû¤ˆ ¤ë ˆ ˜ ° ¸ M U I M U I e n - U S | !
No comments:
Post a Comment