Source: Yara match |
File source: 15.2.csrss.exe.400000.2.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 55.2.csrss.exe.3400e67.15.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 64.2.csrss.exe.3400e67.14.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 54.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 55.2.csrss.exe.400000.3.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 28.2.csrss.exe.400000.4.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 54.2.csrss.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 40.2.csrss.exe.400000.2.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 5.3.file.exe.3890000.3.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 5.2.file.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 15.3.csrss.exe.3cf0000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.3.file.exe.3760000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 60.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 15.2.csrss.exe.3400e67.11.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 41.2.csrss.exe.3400e67.11.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 60.2.csrss.exe.400000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 64.2.csrss.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 22.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.2.file.exe.400000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 40.2.csrss.exe.3400e67.15.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 28.2.csrss.exe.3400e67.10.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.2.file.exe.2e70e67.12.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000029.00000002.480076167.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000001C.00000002.599256866.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000028.00000002.475119649.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000029.00000002.517016941.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000003C.00000002.555538595.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000016.00000002.442933383.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000036.00000002.509180776.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000016.00000002.474423573.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000028.00000002.514590108.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000037.00000002.522989058.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000040.00000002.609271972.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000040.00000002.598741475.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000036.00000002.521380153.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000001C.00000002.566670417.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000002.615156234.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000037.00000002.553779043.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000003.401909888.0000000004131000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: Process Memory Space: file.exe PID: 6760, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: file.exe PID: 1488, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: csrss.exe PID: 768, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: csrss.exe PID: 4472, type: MEMORYSTR |
Source: Yara match |
File source: 15.2.csrss.exe.400000.2.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 55.2.csrss.exe.3400e67.15.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 64.2.csrss.exe.3400e67.14.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 54.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 55.2.csrss.exe.400000.3.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 28.2.csrss.exe.400000.4.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 54.2.csrss.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 40.2.csrss.exe.400000.2.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 5.3.file.exe.3890000.3.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 5.2.file.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 15.3.csrss.exe.3cf0000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.3.file.exe.3760000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 60.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 15.2.csrss.exe.3400e67.11.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 41.2.csrss.exe.3400e67.11.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 60.2.csrss.exe.400000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 64.2.csrss.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 22.2.csrss.exe.3400e67.9.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.2.file.exe.400000.1.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 40.2.csrss.exe.3400e67.15.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 28.2.csrss.exe.3400e67.10.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 0.2.file.exe.2e70e67.12.unpack, type: UNPACKEDPE |
Source: Yara match |
File source: 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000029.00000002.480076167.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000001C.00000002.599256866.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000028.00000002.475119649.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000029.00000002.517016941.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000003C.00000002.555538595.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000016.00000002.442933383.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000036.00000002.509180776.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000016.00000002.474423573.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000028.00000002.514590108.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000037.00000002.522989058.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000040.00000002.609271972.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000040.00000002.598741475.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000036.00000002.521380153.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000001C.00000002.566670417.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000002.615156234.0000000000843000.00000040.00000001.01000000.00000005.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000037.00000002.553779043.0000000003843000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: 0000000F.00000003.401909888.0000000004131000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match |
File source: Process Memory Space: file.exe PID: 6760, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: file.exe PID: 1488, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: csrss.exe PID: 768, type: MEMORYSTR |
Source: Yara match |
File source: Process Memory Space: csrss.exe PID: 4472, type: MEMORYSTR |
Source: |
Binary string: Loader.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: EfiGuardDxe.pdb7 source: file.exe, file.exe, 00000005.00000002.403769101.0000000002BA3000.00000040.00000020.00020000.00000000.sdmp |
Source: |
Binary string: Unrecognized pdb formatThis error indicates attempting to access a .pdb file with source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: A connection with the server could not be establishedAn extended error was returned from the WinHttp serverThe .pdb file is probably no longer indexed in the symbol server share location. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\rumez\pihipifa\zuyum_n.pdb source: file.exe, 00000000.00000001.340268872.0000000000401000.00000020.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000001.360817575.0000000000401000.00000020.00000001.01000000.00000003.sdmp |
Source: |
Binary string: Age does not matchThe module age and .pdb age do not match. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: symsrv.pdb source: file.exe, file.exe, 00000005.00000002.400548532.0000000000C79000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.0000000003819000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.615156234.0000000000C79000.00000040.00000001.01000000.00000005.sdmp |
Source: |
Binary string: Cvinfo is corruptThe .pdb file contains a corrupted debug codeview information. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Downloading symbols for [%s] %ssrv*symsrv*http://https://_bad_pdb_file.pdb source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: The symbol server has never indexed any version of this symbol fileNo version of the .pdb file with the given name has ever been registered. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: PDB not foundUnable to locate the .pdb file in any of the symbol search path locations. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\Release\Winmon.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\vbox\branch\w64-1.6\out\win.amd64\release\obj\src\VBox\HostDrivers\VBoxDrv\VBoxDrv.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\x64\Release\Winmon.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Drive not readyThis error indicates a .pdb file related failure. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Error while loading symbolsUnable to locate the .pdb file in any of the symbol search source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: zzz_AsmCodeRange_*FrameDatainvalid string positionstring too long.pdb source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Pdb read access deniedYou may be attempting to access a .pdb file with read-only attributes source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Unable to locate the .pdb file in this location source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: $BC:\rumez\pihipifa\zuyum_n.pdb source: file.exe, 00000000.00000001.340268872.0000000000401000.00000020.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000001.360817575.0000000000401000.00000020.00000001.01000000.00000003.sdmp |
Source: |
Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\x64\Release\WinmonFS.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: The module signature does not match with .pdb signature. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: .pdb.dbg source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: '(EfiGuardDxe.pdbx source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000003.362103364.0000000003F5B000.00000004.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: symsrv.pdbGCTL source: file.exe, 00000000.00000002.360923805.0000000000C79000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000003.342311330.0000000003FD8000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000036E9000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000C79000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.0000000003819000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.615156234.0000000000C79000.00000040.00000001.01000000.00000005.sdmp |
Source: |
Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\Release\WinmonProcessMonitor.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\Release\WinmonFS.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: or you do not have access permission to the .pdb location. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: An Exception happened while downloading the module .pdbPlease open a bug if this is a consistent repro. source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\x64\Release\WinmonProcessMonitor.pdb source: file.exe, 00000000.00000003.342311330.0000000003BA1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.360923805.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.400548532.0000000000843000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000003.362103364.0000000003CD1000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.414419556.00000000033E3000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003843000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000003C.00000002.570772687.0000000003843000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: EfiGuardDxe.pdb source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000003.362103364.0000000003F5B000.00000004.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: Signature does not matchThe module signature does not match with .pdb signature source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: dbghelp.pdb source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |
Source: |
Binary string: dbghelp.pdbGCTL source: file.exe, 00000000.00000003.342311330.0000000003E2B000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.364753333.000000000353B000.00000040.00001000.00020000.00000000.sdmp, file.exe, 00000005.00000002.400548532.0000000000ACC000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000005.00000002.414419556.000000000366B000.00000040.00001000.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.624848873.0000000003ACB000.00000040.00001000.00020000.00000000.sdmp |