PC World 2004 December

home *** CD-ROM | disk | FTP | other *** search
/ PC World 2004 December / PCWorld_2004-12_cd.bin / software / temacd / tiny / tf6pro-6[1].0.140.exe / Tiny Firewall Pro 6.0.msi / KmxAgent.sys / INIT next >
Unknown | 2004-08-06 | 4.1 KB
open in:
MacOS 8.1 |
Win98 |
DOS
view JSON data |
view as text

This file was not able to be converted.
This format is not currently supported by dexvert.
Confidence	Program	Detection	Match Type	Support
`100%`	file	data	default
`100%`	gt2	Kopftext: 'KmxAgent Driver - DriverEntry	default (weak)
hex view
+--------+-------------------------+-------------------------+--------+--------+
|00000000| 4b 6d 78 41 67 65 6e 74 | 20 44 72 69 76 65 72 20 |KmxAgent| Driver |
|00000010| 2d 20 44 72 69 76 65 72 | 45 6e 74 72 79 0a 43 6f |- Driver|Entry.Co|
|00000020| 6d 70 69 6c 65 64 20 61 | 74 20 31 34 3a 31 31 3a |mpiled a|t 14:11:|
|00000030| 34 30 20 6f 6e 20 41 75 | 67 20 20 36 20 32 30 30 |40 on Au|g  6 200|
|00000040| 34 0a 00 00 55 00 73 00 | 65 00 51 00 75 00 65 00 |4...U.s.|e.Q.u.e.|
|00000050| 72 00 79 00 44 00 6f 00 | 73 00 44 00 65 00 76 00 |r.y.D.o.|s.D.e.v.|
|00000060| 69 00 63 00 65 00 4e 00 | 61 00 6d 00 65 00 00 00 |i.c.e.N.|a.m.e...|
|00000070| 4b 00 6d 00 78 00 41 00 | 67 00 65 00 6e 00 74 00 |K.m.x.A.|g.e.n.t.|
|00000080| 4c 00 6f 00 67 00 00 00 | 4b 6d 78 41 67 65 6e 74 |L.o.g...|KmxAgent|
|00000090| 20 2d 20 44 72 69 76 65 | 72 45 6e 74 72 79 0a 00 | - Drive|rEntry..|
|000000a0| 5c 00 44 00 65 00 76 00 | 69 00 63 00 65 00 5c 00 |\.D.e.v.|i.c.e.\.|
|000000b0| 4b 00 6d 00 78 00 41 00 | 67 00 65 00 6e 00 74 00 |K.m.x.A.|g.e.n.t.|
|000000c0| 00 00 00 00 5c 00 44 00 | 6f 00 73 00 44 00 65 00 |....\.D.|o.s.D.e.|
|000000d0| 76 00 69 00 63 00 65 00 | 73 00 5c 00 4b 00 6d 00 |v.i.c.e.|s.\.K.m.|
|000000e0| 78 00 41 00 67 00 65 00 | 6e 00 74 00 00 00 00 00 |x.A.g.e.|n.t.....|
|000000f0| 44 72 69 76 65 72 45 6e | 74 72 79 20 2d 20 45 72 |DriverEn|try - Er|
|00000100| 72 6f 72 20 61 6c 6c 6f | 63 61 74 69 6e 67 20 62 |ror allo|cating b|
|00000110| 75 66 66 65 72 0a 00 00 | 50 00 61 00 72 00 61 00 |uffer...|P.a.r.a.|
|00000120| 6d 00 65 00 74 00 65 00 | 72 00 73 00 00 00 00 00 |m.e.t.e.|r.s.....|
|00000130| 53 00 65 00 74 00 74 00 | 69 00 6e 00 67 00 73 00 |S.e.t.t.|i.n.g.s.|
|00000140| 52 00 6f 00 6f 00 74 00 | 00 00 00 00 53 65 74 74 |R.o.o.t.|....Sett|
|00000150| 69 6e 67 73 52 6f 6f 74 | 20 6c 6f 61 64 65 64 20 |ingsRoot| loaded |
|00000160| 66 72 6f 6d 20 72 65 67 | 69 73 74 72 79 2c 20 72 |from reg|istry, r|
|00000170| 65 73 75 6c 74 69 6e 67 | 20 76 61 6c 75 65 3a 20 |esulting| value: |
|00000180| 5b 00 00 00 5d 0a 00 00 | 45 00 6e 00 61 00 62 00 |[...]...|E.n.a.b.|
|00000190| 6c 00 65 00 53 00 79 00 | 6e 00 63 00 47 00 6c 00 |l.e.S.y.|n.c.G.l.|
|000001a0| 6f 00 62 00 61 00 6c 00 | 4d 00 65 00 73 00 73 00 |o.b.a.l.|M.e.s.s.|
|000001b0| 61 00 67 00 65 00 73 00 | 00 00 00 00 4d 00 61 00 |a.g.e.s.|....M.a.|
|000001c0| 78 00 43 00 61 00 6c 00 | 63 00 43 00 68 00 6b 00 |x.C.a.l.|c.C.h.k.|
|000001d0| 73 00 6d 00 42 00 79 00 | 74 00 65 00 73 00 00 00 |s.m.B.y.|t.e.s...|
|000001e0| 44 72 69 76 65 72 45 6e | 74 72 79 20 2d 20 45 72 |DriverEn|try - Er|
|000001f0| 72 6f 72 20 6c 6f 61 64 | 69 6e 67 20 4b 6d 78 41 |ror load|ing KmxA|
|00000200| 67 65 6e 74 0a 00 00 00 | 45 72 72 6f 72 20 49 6f |gent....|Error Io|
|00000210| 52 65 67 69 73 74 65 72 | 46 73 52 65 67 69 73 74 |Register|FsRegist|
|00000220| 72 61 74 69 6f 6e 43 68 | 61 6e 67 65 20 63 61 6c |rationCh|ange cal|
|00000230| 6c 0a 00 cc cc cc cc cc | cc cc cc cc cc cc cc cc |l.......|........|
|00000240| 81 ec 88 00 00 00 56 68 | 80 ca 01 00 e8 21 f6 ff |......Vh|.....!..|
|00000250| ff 83 c4 04 e8 b5 f3 ff | ff 8b f0 85 f6 74 11 e8 |........|.....t..|
|00000260| 0e f3 ff ff 8b c6 5e 81 | c4 88 00 00 00 c2 08 00 |......^.|........|
|00000270| 53 8b 9c 24 98 00 00 00 | 55 8b ac 24 98 00 00 00 |S..$....|U..$....|
|00000280| 6a 40 68 19 00 02 00 6a | 00 6a 00 6a 00 53 8d 4c |j@h....j|.j.j.S.L|
|00000290| 24 44 89 2d 2c c4 01 00 | e8 07 fc ff ff 8b 44 24 |$D.-,...|......D$|
|000002a0| 34 85 c0 7c 47 8d 44 24 | 0c 50 68 c4 ca 01 00 8d |4..|G.D$|.Ph.....|
|000002b0| 4c 24 34 c7 44 24 14 00 | 00 00 00 e8 7c fb ff ff |L$4.D$..|....|...|
|000002c0| 8b 44 24 0c 85 c0 74 07 | c6 05 31 c4 01 00 01 8b |.D$...t.|..1.....|
|000002d0| 0d a0 03 01 00 8b 11 81 | e2 ff ff ff 0f 81 fa 28 |........|.......(|
|000002e0| 0a 00 00 73 07 c6 05 31 | c4 01 00 00 57 68 f0 ca |...s...1|....Wh..|
|000002f0| 01 00 68 38 c4 01 00 53 | e8 d3 e2 ff ff a1 50 c4 |..h8...S|......P.|
|00000300| 01 00 68 08 cb 01 00 68 | e4 04 01 00 50 68 38 c4 |..h....h|....Ph8.|
|00000310| 01 00 e8 69 e0 ff ff 8b | 3d 44 03 01 00 83 c4 10 |...i....|=D......|
|00000320| 68 20 cb 01 00 8d 4c 24 | 2c 51 ff d7 68 28 c4 01 |h ....L$|,Q..h(..|
|00000330| 00 6a 00 6a 00 6a 22 8d | 54 24 38 52 6a 00 55 ff |.j.j.j".|T$8Rj.U.|
|00000340| 15 9c 03 01 00 8b f0 85 | f6 7c 4b 68 44 cb 01 00 |........|.|KhD...|
|00000350| 8d 44 24 24 50 ff d7 8b | 35 98 03 01 00 8d 4c 24 |.D$$P...|5.....L$|
|00000360| 28 51 8d 54 24 24 52 ff | d6 85 c0 7d 46 8d 44 24 |(Q.T$$R.|...}F.D$|
|00000370| 20 50 ff 15 94 03 01 00 | 8d 4c 24 28 51 8d 54 24 | P......|.L$(Q.T$|
|00000380| 24 52 ff d6 8b f0 85 f6 | 7d 29 a1 28 c4 01 00 50 |$R......|}).(...P|
|00000390| ff 15 88 03 01 00 e8 d7 | f1 ff ff 8d 4c 24 30 e8 |........|....L$0.|
|000003a0| 0c 46 ff ff 5f 5d 5b 8b | c6 5e 81 c4 88 00 00 00 |.F.._][.|.^......|
|000003b0| c2 08 00 8a 0d 31 c4 01 | 00 84 c9 b8 b0 28 01 00 |.....1..|.....(..|
|000003c0| 75 72 89 45 38 89 45 3c | 89 45 40 89 45 44 89 45 |ur.E8.E<|.E@.ED.E|
|000003d0| 48 89 45 4c 89 45 50 89 | 45 54 89 45 58 89 45 5c |H.EL.EP.|ET.EX.E\|
|000003e0| 89 45 60 89 45 64 89 45 | 68 89 45 6c 89 45 70 89 |.E`.Ed.E|h.El.Ep.|
|000003f0| 45 74 89 45 78 89 45 7c | 89 85 80 00 00 00 89 85 |Et.Ex.E||........|
|00000400| 84 00 00 00 89 85 88 00 | 00 00 89 85 8c 00 00 00 |........|........|
|00000410| 89 85 90 00 00 00 89 85 | 94 00 00 00 89 85 98 00 |........|........|
|00000420| 00 00 89 85 9c 00 00 00 | 89 85 a0 00 00 00 89 85 |........|........|
|00000430| a4 00 00 00 89 45 70 89 | 45 74 89 45 38 89 45 40 |.....Ep.|Et.E8.E@|
|00000440| 89 85 80 00 00 00 66 8b | 4b 02 0f b7 c1 d1 e8 66 |......f.|K......f|
|00000450| 89 0d 22 c4 01 00 66 8b | 13 d1 e0 85 c0 66 89 15 |.."...f.|.....f..|
|00000460| 20 c4 01 00 74 17 68 44 | 64 6b 20 50 6a 00 ff 15 | ...t.hD|dk Pj...|
|00000470| 48 03 01 00 66 8b 0d 22 | c4 01 00 eb 02 33 c0 85 |H...f.."|.....3..|
|00000480| c0 a3 24 c4 01 00 75 4a | a1 50 c4 01 00 68 70 cb |..$...uJ|.P...hp.|
|00000490| 01 00 68 e4 04 01 00 50 | 68 38 c4 01 00 e8 de de |..h....P|h8......|
|000004a0| ff ff 8b 0d 28 c4 01 00 | 83 c4 10 51 ff 15 88 03 |....(...|...Q....|
|000004b0| 01 00 e8 bb f0 ff ff 8d | 4c 24 30 e8 f0 44 ff ff |........|L$0..D..|
|000004c0| 5f 5d 5b b8 9a 00 00 c0 | 5e 81 c4 88 00 00 00 c2 |_][.....|^.......|
|000004d0| 08 00 8b 73 04 0f b7 c9 | 8b d1 c1 e9 02 8b f8 f3 |...s....|........|
|000004e0| a5 6a 40 8b ca 83 e1 03 | 68 19 00 02 00 f3 a4 33 |.j@.....|h......3|
|000004f0| f6 56 56 68 98 cb 01 00 | 53 8d 4c 24 7c e8 a2 f9 |.VVh....|S.L$|...|
|00000500| ff ff 39 74 24 6c 56 0f | 8c e6 00 00 00 8d 44 24 |..9t$lV.|......D$|
|00000510| 20 50 8d 4c 24 18 51 68 | b0 cb 01 00 8d 4c 24 74 | P.L$.Qh|.....L$t|
|00000520| 89 74 24 2c 89 74 24 20 | e8 23 fa ff ff 85 c0 74 |.t$,.t$ |.#.....t|
|00000530| 06 89 74 24 10 eb 54 8b | 15 50 c4 01 00 68 cc cb |..t$..T.|.P...h..|
|00000540| 01 00 68 e4 04 01 00 52 | 68 38 c4 01 00 e8 2e de |..h....R|h8......|
|00000550| ff ff 8b 44 24 20 8b 0d | 50 c4 01 00 50 68 f8 04 |...D$ ..|P...Ph..|
|00000560| 01 00 51 68 38 c4 01 00 | e8 13 de ff ff 8b 15 50 |..Qh8...|.......P|
|00000570| c4 01 00 68 04 cc 01 00 | 68 e4 04 01 00 52 68 38 |...h....|h....Rh8|
|00000580| c4 01 00 e8 f8 dd ff ff | 83 c4 30 8b 44 24 10 50 |........|..0.D$.P|
|00000590| e8 4b 63 ff ff 8b f8 8b | 44 24 10 3b c6 74 07 50 |.Kc.....|D$.;.t.P|
|000005a0| ff 15 4c 03 01 00 8d 4c | 24 14 51 68 08 cc 01 00 |..L....L|$.Qh....|
|000005b0| 8d 4c 24 6c 89 74 24 1c | e8 7f f8 ff ff 39 74 24 |.L$l.t$.|.....9t$|
|000005c0| 14 74 07 c6 05 30 c4 01 | 00 01 8d 54 24 18 52 68 |.t...0..|...T$.Rh|
|000005d0| 3c cc 01 00 8d 4c 24 6c | 89 74 24 20 e8 5b f8 ff |<....L$l|.t$ .[..|
|000005e0| ff 8b 44 24 18 3d 00 00 | 10 00 72 0e a3 e4 c3 01 |..D$.=..|..r.....|
|000005f0| 00 eb 07 e8 e8 62 ff ff | 8b f8 3b fe 7d 31 a1 50 |.....b..|..;.}1.P|
|00000600| c4 01 00 68 60 cc 01 00 | 68 e4 04 01 00 50 68 38 |...h`...|h....Ph8|
|00000610| c4 01 00 e8 68 dd ff ff | 8b 0d 28 c4 01 00 83 c4 |....h...|..(.....|
|00000620| 10 51 ff 15 88 03 01 00 | e8 45 ef ff ff eb 54 a0 |.Q......|.E....T.|
|00000630| 31 c4 01 00 84 c0 75 46 | 68 c0 5d 01 00 55 ff 15 |1.....uF|h.]..U..|
|00000640| 90 03 01 00 8b f8 3b fe | 7d 0f 68 88 cc 01 00 b9 |......;.|}.h.....|
|00000650| 38 c4 01 00 e8 87 39 ff | ff 8b 15 a0 03 01 00 8b |8.....9.|........|
|00000660| 02 25 ff ff ff 0f 3d 28 | 0a 00 00 73 11 be 02 00 |.%....=(|...s....|
|00000670| 00 00 56 e8 38 89 ff ff | 46 83 fe 1a 72 f4 e8 ed |..V.8...|F...r...|
|00000680| c6 ff ff 8d 4c 24 64 e8 | 24 43 ff ff 8d 4c 24 30 |....L$d.|$C...L$0|
|00000690| e8 1b 43 ff ff 8b c7 5f | 5d 5b 5e 81 c4 88 00 00 |..C...._|][^.....|
|000006a0| 00 c2 08 00 70 d1 00 00 | 00 00 00 00 00 00 00 00 |....p...|........|
|000006b0| 9a da 00 00 30 03 00 00 | 60 d1 00 00 00 00 00 00 |....0...|`.......|
|000006c0| 00 00 00 00 e8 da 00 00 | 20 03 00 00 00 00 00 00 |........| .......|
|000006d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006e0| bc da 00 00 a8 da 00 00 | d2 da 00 00 00 00 00 00 |........|........|
|000006f0| 1e d3 00 00 3c d3 00 00 | 50 d3 00 00 60 d3 00 00 |....<...|P...`...|
|00000700| 7c d3 00 00 9c d3 00 00 | b4 d3 00 00 cc d3 00 00 ||.......|........|
|00000710| da d3 00 00 e8 d3 00 00 | 04 d4 00 00 0e d4 00 00 |........|........|
|00000720| 26 d4 00 00 3e d4 00 00 | 52 d4 00 00 64 d4 00 00 |&...>...|R...d...|
|00000730| 7a d4 00 00 84 d4 00 00 | 8e d4 00 00 a6 d4 00 00 |z.......|........|
|00000740| c2 d4 00 00 e2 d4 00 00 | f2 d4 00 00 04 d5 00 00 |........|........|
|00000750| 1a d5 00 00 3c d5 00 00 | 54 d5 00 00 6c d5 00 00 |....<...|T...l...|
|00000760| 7e d5 00 00 8e d5 00 00 | 9a d5 00 00 aa d5 00 00 |~.......|........|
|00000770| c6 d5 00 00 de d5 00 00 | fa d5 00 00 16 d6 00 00 |........|........|
|00000780| 26 d6 00 00 3a d6 00 00 | 56 d6 00 00 74 d6 00 00 |&...:...|V...t...|
|00000790| 8a d6 00 00 98 d6 00 00 | a8 d6 00 00 c4 d6 00 00 |........|........|
|000007a0| e2 d6 00 00 f4 d6 00 00 | 04 d7 00 00 1e d7 00 00 |........|........|
|000007b0| 38 d7 00 00 54 d7 00 00 | 60 d7 00 00 78 d7 00 00 |8...T...|`...x...|
|000007c0| 94 d7 00 00 14 d3 00 00 | b8 d7 00 00 da d7 00 00 |........|........|
|000007d0| e6 d7 00 00 00 d8 00 00 | 0a d8 00 00 20 d8 00 00 |........|.... ...|
|000007e0| 3e d8 00 00 5c d8 00 00 | 6e d8 00 00 90 d8 00 00 |>...\...|n.......|
|000007f0| a4 d8 00 00 c2 d8 00 00 | cc d8 00 00 d6 d8 00 00 |........|........|
|00000800| e4 d8 00 00 fc d8 00 00 | 14 d9 00 00 34 d9 00 00 |........|....4...|
|00000810| 50 d9 00 00 64 d9 00 00 | 80 d9 00 00 98 d9 00 00 |P...d...|........|
|00000820| a6 d9 00 00 b4 d9 00 00 | ca d9 00 00 d8 d9 00 00 |........|........|
|00000830| e8 d9 00 00 f4 d9 00 00 | 06 da 00 00 22 da 00 00 |........|...."...|
|00000840| 2e da 00 00 44 da 00 00 | 54 da 00 00 6c da 00 00 |....D...|T...l...|
|00000850| 7a da 00 00 8e da 00 00 | 00 d3 00 00 e8 d2 00 00 |z.......|........|
|00000860| a4 d7 00 00 00 00 00 00 | bc 02 4f 62 66 44 65 72 |........|..ObfDer|
|00000870| 65 66 65 72 65 6e 63 65 | 4f 62 6a 65 63 74 00 00 |eference|Object..|
|00000880| dd 01 4b 65 51 75 65 72 | 79 53 79 73 74 65 6d 54 |..KeQuer|ySystemT|
|00000890| 69 6d 65 00 1d 04 5a 77 | 43 6c 6f 73 65 00 b9 02 |ime...Zw|Close...|
|000008a0| 4f 62 52 65 66 65 72 65 | 6e 63 65 4f 62 6a 65 63 |ObRefere|nceObjec|
|000008b0| 74 42 79 50 6f 69 6e 74 | 65 72 00 00 45 00 45 78 |tByPoint|er..E.Ex|
|000008c0| 45 76 65 6e 74 4f 62 6a | 65 63 74 54 79 70 65 00 |EventObj|ectType.|
|000008d0| a8 01 4b 65 43 6c 65 61 | 72 45 76 65 6e 74 00 00 |..KeClea|rEvent..|
|000008e0| 1e 01 49 6f 43 72 65 61 | 74 65 4e 6f 74 69 66 69 |..IoCrea|teNotifi|
|000008f0| 63 61 74 69 6f 6e 45 76 | 65 6e 74 00 22 01 49 6f |cationEv|ent.".Io|
|00000900| 43 72 65 61 74 65 53 79 | 6e 63 68 72 6f 6e 69 7a |CreateSy|nchroniz|
|00000910| 61 74 69 6f 6e 45 76 65 | 6e 74 00 00 66 03 52 74 |ationEve|nt..f.Rt|
|00000920| 6c 49 6e 69 74 55 6e 69 | 63 6f 64 65 53 74 72 69 |lInitUni|codeStri|
|00000930| 6e 67 00 00 3a 00 45 78 | 41 6c 6c 6f 63 61 74 65 |ng..:.Ex|Allocate|
|00000940| 50 6f 6f 6c 57 69 74 68 | 54 61 67 00 47 00 45 78 |PoolWith|Tag.G.Ex|
|00000950| 46 72 65 65 50 6f 6f 6c | 00 00 fb 01 4b 65 53 65 |FreePool|....KeSe|
|00000960| 74 45 76 65 6e 74 00 00 | 70 03 52 74 6c 49 6e 74 |tEvent..|p.RtlInt|
|00000970| 65 67 65 72 54 6f 55 6e | 69 63 6f 64 65 53 74 72 |egerToUn|icodeStr|
|00000980| 69 6e 67 00 b8 04 77 63 | 73 63 61 74 00 00 d6 02 |ing...wc|scat....|
|00000990| 50 73 47 65 74 43 75 72 | 72 65 6e 74 50 72 6f 63 |PsGetCur|rentProc|
|000009a0| 65 73 73 49 64 00 d7 02 | 50 73 47 65 74 43 75 72 |essId...|PsGetCur|
|000009b0| 72 65 6e 74 54 68 72 65 | 61 64 49 64 00 00 c4 01 |rentThre|adId....|
|000009c0| 4b 65 49 6e 69 74 69 61 | 6c 69 7a 65 45 76 65 6e |KeInitia|lizeEven|
|000009d0| 74 00 68 00 45 78 51 75 | 65 75 65 57 6f 72 6b 49 |t.h.ExQu|eueWorkI|
|000009e0| 74 65 6d 00 3a 01 49 6f | 47 65 74 43 75 72 72 65 |tem.:.Io|GetCurre|
|000009f0| 6e 74 50 72 6f 63 65 73 | 73 00 bb 04 77 63 73 63 |ntProces|s...wcsc|
|00000a00| 70 79 00 00 bd 04 77 63 | 73 6c 65 6e 00 00 14 02 |py....wc|slen....|
|00000a10| 4b 65 57 61 69 74 46 6f | 72 53 69 6e 67 6c 65 4f |KeWaitFo|rSingleO|
|00000a20| 62 6a 65 63 74 00 12 02 | 4b 65 57 61 69 74 46 6f |bject...|KeWaitFo|
|00000a30| 72 4d 75 6c 74 69 70 6c | 65 4f 62 6a 65 63 74 73 |rMultipl|eObjects|
|00000a40| 00 00 12 03 52 74 6c 43 | 6f 6e 76 65 72 74 4c 6f |....RtlC|onvertLo|
|00000a50| 6e 67 54 6f 4c 61 72 67 | 65 49 6e 74 65 67 65 72 |ngToLarg|eInteger|
|00000a60| 00 00 43 04 5a 77 4f 70 | 65 6e 54 68 72 65 61 64 |..C.ZwOp|enThread|
|00000a70| 00 00 25 01 49 6f 44 65 | 6c 65 74 65 44 65 76 69 |..%.IoDe|leteDevi|
|00000a80| 63 65 00 00 97 01 49 6f | 66 43 6f 6d 70 6c 65 74 |ce....Io|fComplet|
|00000a90| 65 52 65 71 75 65 73 74 | 00 00 66 01 49 6f 52 65 |eRequest|..f.IoRe|
|00000aa0| 67 69 73 74 65 72 46 73 | 52 65 67 69 73 74 72 61 |gisterFs|Registra|
|00000ab0| 74 69 6f 6e 43 68 61 6e | 67 65 00 00 27 01 49 6f |tionChan|ge..'.Io|
|00000ac0| 44 65 6c 65 74 65 53 79 | 6d 62 6f 6c 69 63 4c 69 |DeleteSy|mbolicLi|
|00000ad0| 6e 6b 00 00 21 01 49 6f | 43 72 65 61 74 65 53 79 |nk..!.Io|CreateSy|
|00000ae0| 6d 62 6f 6c 69 63 4c 69 | 6e 6b 00 00 1b 01 49 6f |mbolicLi|nk....Io|
|00000af0| 43 72 65 61 74 65 44 65 | 76 69 63 65 00 00 7b 02 |CreateDe|vice..{.|
|00000b00| 4e 74 42 75 69 6c 64 4e | 75 6d 62 65 72 00 2d 00 |NtBuildN|umber.-.|
|00000b10| 44 62 67 50 72 69 6e 74 | 00 00 36 04 5a 77 4c 6f |DbgPrint|..6.ZwLo|
|00000b20| 61 64 44 72 69 76 65 72 | 00 00 43 02 4d 6d 47 65 |adDriver|..C.MmGe|
|00000b30| 74 53 79 73 74 65 6d 52 | 6f 75 74 69 6e 65 41 64 |tSystemR|outineAd|
|00000b40| 64 72 65 73 73 00 19 03 | 52 74 6c 43 6f 70 79 55 |dress...|RtlCopyU|
|00000b50| 6e 69 63 6f 64 65 53 74 | 72 69 6e 67 00 00 d8 03 |nicodeSt|ring....|
|00000b60| 52 74 6c 56 6f 6c 75 6d | 65 44 65 76 69 63 65 54 |RtlVolum|eDeviceT|
|00000b70| 6f 44 6f 73 4e 61 6d 65 | 00 00 b7 02 4f 62 52 65 |oDosName|....ObRe|
|00000b80| 66 65 72 65 6e 63 65 4f | 62 6a 65 63 74 42 79 48 |ferenceO|bjectByH|
|00000b90| 61 6e 64 6c 65 00 ed 02 | 50 73 54 68 72 65 61 64 |andle...|PsThread|
|00000ba0| 54 79 70 65 00 00 88 01 | 49 6f 54 68 72 65 61 64 |Type....|IoThread|
|00000bb0| 54 6f 50 72 6f 63 65 73 | 73 00 e0 02 50 73 4c 6f |ToProces|s...PsLo|
|00000bc0| 6f 6b 75 70 54 68 72 65 | 61 64 42 79 54 68 72 65 |okupThre|adByThre|
|00000bd0| 61 64 49 64 00 00 de 02 | 50 73 4c 6f 6f 6b 75 70 |adId....|PsLookup|
|00000be0| 50 72 6f 63 65 73 73 42 | 79 50 72 6f 63 65 73 73 |ProcessB|yProcess|
|00000bf0| 49 64 00 00 64 02 4d 6d | 53 79 73 74 65 6d 52 61 |Id..d.Mm|SystemRa|
|00000c00| 6e 67 65 53 74 61 72 74 | 00 00 59 04 5a 77 52 65 |ngeStart|..Y.ZwRe|
|00000c10| 61 64 46 69 6c 65 00 00 | 22 04 5a 77 43 72 65 61 |adFile..|".ZwCrea|
|00000c20| 74 65 46 69 6c 65 00 00 | 00 03 52 74 6c 41 70 70 |teFile..|..RtlApp|
|00000c30| 65 6e 64 55 6e 69 63 6f | 64 65 54 6f 53 74 72 69 |endUnico|deToStri|
|00000c40| 6e 67 00 00 09 01 49 6f | 41 74 74 61 63 68 44 65 |ng....Io|AttachDe|
|00000c50| 76 69 63 65 54 6f 44 65 | 76 69 63 65 53 74 61 63 |viceToDe|viceStac|
|00000c60| 6b 00 28 01 49 6f 44 65 | 74 61 63 68 44 65 76 69 |k.(.IoDe|tachDevi|
|00000c70| 63 65 00 00 96 01 49 6f | 66 43 61 6c 6c 44 72 69 |ce....Io|fCallDri|
|00000c80| 76 65 72 00 95 03 52 74 | 6c 50 72 65 66 69 78 55 |ver...Rt|lPrefixU|
|00000c90| 6e 69 63 6f 64 65 53 74 | 72 69 6e 67 00 00 0f 03 |nicodeSt|ring....|
|00000ca0| 52 74 6c 43 6f 6d 70 61 | 72 65 55 6e 69 63 6f 64 |RtlCompa|reUnicod|
|00000cb0| 65 53 74 72 69 6e 67 00 | 44 01 49 6f 47 65 74 52 |eString.|D.IoGetR|
|00000cc0| 65 6c 61 74 65 64 44 65 | 76 69 63 65 4f 62 6a 65 |elatedDe|viceObje|
|00000cd0| 63 74 00 00 8f 04 5f 77 | 63 73 69 63 6d 70 00 00 |ct...._w|csicmp..|
|00000ce0| 46 02 4d 6d 48 69 67 68 | 65 73 74 55 73 65 72 41 |F.MmHigh|estUserA|
|00000cf0| 64 64 72 65 73 73 00 00 | f7 01 4b 65 53 65 72 76 |ddress..|..KeServ|
|00000d00| 69 63 65 44 65 73 63 72 | 69 70 74 6f 72 54 61 62 |iceDescr|iptorTab|
|00000d10| 6c 65 00 00 7f 03 52 74 | 6c 4c 65 6e 67 74 68 53 |le....Rt|lLengthS|
|00000d20| 69 64 00 00 6a 03 52 74 | 6c 49 6e 69 74 69 61 6c |id..j.Rt|lInitial|
|00000d30| 69 7a 65 53 69 64 00 00 | ff 02 52 74 6c 41 70 70 |izeSid..|..RtlApp|
|00000d40| 65 6e 64 55 6e 69 63 6f | 64 65 53 74 72 69 6e 67 |endUnico|deString|
|00000d50| 54 6f 53 74 72 69 6e 67 | 00 00 91 04 5f 77 63 73 |ToString|...._wcs|
|00000d60| 6e 69 63 6d 70 00 4f 04 | 5a 77 51 75 65 72 79 49 |nicmp.O.|ZwQueryI|
|00000d70| 6e 66 6f 72 6d 61 74 69 | 6f 6e 54 6f 6b 65 6e 00 |nformati|onToken.|
|00000d80| c0 04 77 63 73 6e 63 70 | 79 00 6f 02 4d 6d 55 73 |..wcsncp|y.o.MmUs|
|00000d90| 65 72 50 72 6f 62 65 41 | 64 64 72 65 73 73 00 00 |erProbeA|ddress..|
|00000da0| 5e 00 45 78 49 6e 74 65 | 72 6c 6f 63 6b 65 64 50 |^.ExInte|rlockedP|
|00000db0| 6f 70 45 6e 74 72 79 53 | 4c 69 73 74 00 00 60 00 |opEntryS|List..`.|
|00000dc0| 45 78 49 6e 74 65 72 6c | 6f 63 6b 65 64 50 75 73 |ExInterl|ockedPus|
|00000dd0| 68 45 6e 74 72 79 53 4c | 69 73 74 00 e9 01 4b 65 |hEntrySL|ist...Ke|
|00000de0| 52 65 6c 65 61 73 65 4d | 75 74 65 78 00 00 4d 00 |ReleaseM|utex..M.|
|00000df0| 45 78 49 6e 69 74 69 61 | 6c 69 7a 65 4e 50 61 67 |ExInitia|lizeNPag|
|00000e00| 65 64 4c 6f 6f 6b 61 73 | 69 64 65 4c 69 73 74 00 |edLookas|ideList.|
|00000e10| 63 03 52 74 6c 49 6e 69 | 74 41 6e 73 69 53 74 72 |c.RtlIni|tAnsiStr|
|00000e20| 69 6e 67 00 3e 00 45 78 | 44 65 6c 65 74 65 4e 50 |ing.>.Ex|DeleteNP|
|00000e30| 61 67 65 64 4c 6f 6f 6b | 61 73 69 64 65 4c 69 73 |agedLook|asideLis|
|00000e40| 74 00 a1 04 6d 65 6d 6d | 6f 76 65 00 a8 04 73 74 |t...memm|ove...st|
|00000e50| 72 63 68 72 00 00 8e 04 | 5f 76 73 6e 70 72 69 6e |rchr....|_vsnprin|
|00000e60| 74 66 00 00 fa 00 49 6e | 74 65 72 6c 6f 63 6b 65 |tf....In|terlocke|
|00000e70| 64 49 6e 63 72 65 6d 65 | 6e 74 00 00 f7 00 49 6e |dIncreme|nt....In|
|00000e80| 74 65 72 6c 6f 63 6b 65 | 64 44 65 63 72 65 6d 65 |terlocke|dDecreme|
|00000e90| 6e 74 00 00 0b 01 49 6f | 42 75 69 6c 64 44 65 76 |nt....Io|BuildDev|
|00000ea0| 69 63 65 49 6f 43 6f 6e | 74 72 6f 6c 52 65 71 75 |iceIoCon|trolRequ|
|00000eb0| 65 73 74 00 3d 01 49 6f | 47 65 74 44 65 76 69 63 |est.=.Io|GetDevic|
|00000ec0| 65 4f 62 6a 65 63 74 50 | 6f 69 6e 74 65 72 00 00 |eObjectP|ointer..|
|00000ed0| b5 02 4f 62 51 75 65 72 | 79 4e 61 6d 65 53 74 72 |..ObQuer|yNameStr|
|00000ee0| 69 6e 67 00 4e 04 5a 77 | 51 75 65 72 79 49 6e 66 |ing.N.Zw|QueryInf|
|00000ef0| 6f 72 6d 61 74 69 6f 6e | 50 72 6f 63 65 73 73 00 |ormation|Process.|
|00000f00| b4 02 4f 62 4f 70 65 6e | 4f 62 6a 65 63 74 42 79 |..ObOpen|ObjectBy|
|00000f10| 50 6f 69 6e 74 65 72 00 | 17 03 52 74 6c 43 6f 70 |Pointer.|..RtlCop|
|00000f20| 79 53 69 64 00 00 37 03 | 52 74 6c 45 71 75 61 6c |ySid..7.|RtlEqual|
|00000f30| 53 69 64 00 40 04 5a 77 | 4f 70 65 6e 50 72 6f 63 |Sid.@.Zw|OpenProc|
|00000f40| 65 73 73 54 6f 6b 65 6e | 00 00 23 04 5a 77 43 72 |essToken|..#.ZwCr|
|00000f50| 65 61 74 65 4b 65 79 00 | 6b 04 5a 77 53 65 74 56 |eateKey.|k.ZwSetV|
|00000f60| 61 6c 75 65 4b 65 79 00 | 3e 04 5a 77 4f 70 65 6e |alueKey.|>.ZwOpen|
|00000f70| 4b 65 79 00 57 04 5a 77 | 51 75 65 72 79 56 61 6c |Key.W.Zw|QueryVal|
|00000f80| 75 65 4b 65 79 00 56 04 | 5a 77 51 75 65 72 79 53 |ueKey.V.|ZwQueryS|
|00000f90| 79 73 74 65 6d 49 6e 66 | 6f 72 6d 61 74 69 6f 6e |ystemInf|ormation|
|00000fa0| 00 00 32 01 49 6f 46 72 | 65 65 49 72 70 00 b4 01 |..2.IoFr|eeIrp...|
|00000fb0| 4b 65 47 65 74 43 75 72 | 72 65 6e 74 54 68 72 65 |KeGetCur|rentThre|
|00000fc0| 61 64 00 00 03 01 49 6f | 41 6c 6c 6f 63 61 74 65 |ad....Io|Allocate|
|00000fd0| 49 72 70 00 4a 04 5a 77 | 51 75 65 72 79 44 69 72 |Irp.J.Zw|QueryDir|
|00000fe0| 65 63 74 6f 72 79 46 69 | 6c 65 00 00 73 04 5a 77 |ectoryFi|le..s.Zw|
|00000ff0| 57 72 69 74 65 46 69 6c | 65 00 c7 01 4b 65 49 6e |WriteFil|e...KeIn|
|00001000| 69 74 69 61 6c 69 7a 65 | 4d 75 74 65 78 00 c9 03 |itialize|Mutex...|
|00001010| 52 74 6c 55 6e 77 69 6e | 64 00 6e 74 6f 73 6b 72 |RtlUnwin|d.ntoskr|
|00001020| 6e 6c 2e 65 78 65 00 00 | 44 00 4b 65 47 65 74 43 |nl.exe..|D.KeGetC|
|00001030| 75 72 72 65 6e 74 49 72 | 71 6c 00 00 00 00 45 78 |urrentIr|ql....Ex|
|00001040| 41 63 71 75 69 72 65 46 | 61 73 74 4d 75 74 65 78 |AcquireF|astMutex|
|00001050| 00 00 01 00 45 78 52 65 | 6c 65 61 73 65 46 61 73 |....ExRe|leaseFas|
|00001060| 74 4d 75 74 65 78 00 00 | 48 41 4c 2e 64 6c 6c 00 |tMutex..|HAL.dll.|
|00001070| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
+--------+-------------------------+-------------------------+--------+--------+