Created
March 16, 2019 12:12
-
-
Save kozera2137/bec79b5533970713ee38c33a19abe9f2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| C:\Users\windows\Desktop\DTrace>DTrace.exe -y C:\symbols -Fn "fbt:nt:: {}" | |
| libdtrace DEBUG: failed to open C:\Windows\System32\Drivers\dump_diskdump.sys: 00000002 | |
| libdtrace DEBUG: failed to open C:\Windows\System32\drivers\dump_storvsc.sys: 00000002 | |
| libdtrace DEBUG: failed to open C:\Windows\System32\drivers\dump_vmbkmcl.sys: 00000002 | |
| libdtrace DEBUG: failed to open C:\Windows\System32\Drivers\dump_dumpfve.sys: 00000002 | |
| libdtrace DEBUG: created CTF container for C (000002E887686D80) | |
| libdtrace DEBUG: created CTF container for D (000002E887688200) | |
| libdtrace DEBUG: loaded CTF container for nt (000002E887689A10) | |
| libdtrace DEBUG: loaded CTF container for hal.dll (000002E88768A080) | |
| libdtrace DEBUG: loaded CTF container for kdnet.dll (000002E88768AB00) | |
| libdtrace DEBUG: loaded CTF container for kdstub.dll (000002E88768B170) | |
| libdtrace DEBUG: loaded CTF container for mcupdate_GenuineIntel.dll (000002E88768B7E0) | |
| libdtrace DEBUG: loaded CTF container for msrpc.sys (000002E88768BE50) | |
| libdtrace DEBUG: loaded CTF container for ksecdd.sys (000002E88768C4C0) | |
| libdtrace DEBUG: loaded CTF container for werkernel.sys (000002E88768CB30) | |
| libdtrace DEBUG: loaded CTF container for CLFS.SYS (000002E88768D1A0) | |
| libdtrace DEBUG: loaded CTF container for tm.sys (000002E88768D810) | |
| libdtrace DEBUG: loaded CTF container for PSHED.dll (000002E88768DE80) | |
| libdtrace DEBUG: loaded CTF container for BOOTVID.dll (000002E88768E4F0) | |
| libdtrace DEBUG: loaded CTF container for FLTMGR.SYS (000002E88768EB60) | |
| libdtrace DEBUG: loaded CTF container for clipsp.sys (000002E887692DD0) | |
| libdtrace DEBUG: loaded CTF container for cmimcext.sys (000002E887693030) | |
| libdtrace DEBUG: loaded CTF container for traceext.sys (000002E887693C60) | |
| libdtrace DEBUG: loaded CTF container for ntosext.sys (000002E887694120) | |
| libdtrace DEBUG: loaded CTF container for CI.dll (000002E887693EC0) | |
| libdtrace DEBUG: loaded CTF container for cng.sys (000002E8876937A0) | |
| libdtrace DEBUG: loaded CTF container for Wdf01000.sys (000002E887694380) | |
| libdtrace DEBUG: loaded CTF container for WDFLDR.SYS (000002E887694AA0) | |
| libdtrace DEBUG: loaded CTF container for WppRecorder.sys (000002E887693A00) | |
| libdtrace DEBUG: loaded CTF container for SleepStudyHelper.sys (000002E887693540) | |
| libdtrace DEBUG: loaded CTF container for acpiex.sys (000002E8876945E0) | |
| libdtrace DEBUG: loaded CTF container for mssecflt.sys (000002E887694840) | |
| libdtrace DEBUG: loaded CTF container for SgrmAgent.sys (000002E8876932E0) | |
| libdtrace DEBUG: loaded CTF container for ACPI.sys (000002E887694D00) | |
| libdtrace DEBUG: loaded CTF container for WMILIB.SYS (000002E887694F60) | |
| libdtrace DEBUG: loaded CTF container for intelpep.sys (000002E88769EAC0) | |
| libdtrace DEBUG: loaded CTF container for WindowsTrustedRT.sys (000002E88769F440) | |
| libdtrace DEBUG: loaded CTF container for WindowsTrustedRTProxy.sys (000002E88769E600) | |
| libdtrace DEBUG: loaded CTF container for pcw.sys (000002E88769D560) | |
| libdtrace DEBUG: loaded CTF container for vdrvroot.sys (000002E88769D7C0) | |
| libdtrace DEBUG: loaded CTF container for ucx01000.sys (000002E88769E860) | |
| libdtrace DEBUG: loaded CTF container for pdc.sys (000002E88769EF80) | |
| libdtrace DEBUG: loaded CTF container for CEA.sys (000002E88769DA20) | |
| libdtrace DEBUG: loaded CTF container for partmgr.sys (000002E88769FB60) | |
| libdtrace DEBUG: loaded CTF container for spaceport.sys (000002E88769DC80) | |
| libdtrace DEBUG: loaded CTF container for volmgr.sys (000002E88769F6A0) | |
| libdtrace DEBUG: loaded CTF container for sdbus.sys (000002E88769ED20) | |
| libdtrace DEBUG: loaded CTF container for volmgrx.sys (000002E88769DEE0) | |
| libdtrace DEBUG: loaded CTF container for vmbus.sys (000002E88769D300) | |
| libdtrace DEBUG: loaded CTF container for NDIS.SYS (000002E88769E3A0) | |
| libdtrace DEBUG: loaded CTF container for NETIO.SYS (000002E8876A04E0) | |
| libdtrace DEBUG: loaded CTF container for hvsocket.sys (000002E88769E140) | |
| libdtrace DEBUG: loaded CTF container for vmbkmcl.sys (000002E8876A0740) | |
| libdtrace DEBUG: loaded CTF container for winhv.sys (000002E88769F1E0) | |
| libdtrace DEBUG: loaded CTF container for urscx01000.sys (000002E88769FDC0) | |
| libdtrace DEBUG: loaded CTF container for mountmgr.sys (000002E8876A0C00) | |
| libdtrace DEBUG: loaded CTF container for EhStorClass.sys (000002E88769F900) | |
| libdtrace DEBUG: loaded CTF container for fileinfo.sys (000002E8876A09A0) | |
| libdtrace DEBUG: loaded CTF container for Wof.sys (000002E8876A0020) | |
| libdtrace DEBUG: loaded CTF container for WdFilter.sys (000002E8876A0280) | |
| libdtrace DEBUG: loaded CTF container for Ntfs.sys (000002E8876A0E60) | |
| libdtrace DEBUG: loaded CTF container for usbccgp.sys (000002E8876A3490) | |
| libdtrace DEBUG: loaded CTF container for USBD.SYS (000002E8876A2650) | |
| libdtrace DEBUG: loaded CTF container for urschipidea.sys (000002E8876A2B10) | |
| libdtrace DEBUG: loaded CTF container for storvsc.sys (000002E8876A3950) | |
| libdtrace DEBUG: loaded CTF container for storport.sys (000002E8876A3BB0) | |
| libdtrace DEBUG: loaded CTF container for usbehci.sys (000002E8876A36F0) | |
| libdtrace DEBUG: loaded CTF container for USBPORT.SYS (000002E8876A23F0) | |
| libdtrace DEBUG: loaded CTF container for usbhub.sys (000002E8876A2190) | |
| libdtrace DEBUG: loaded CTF container for UsbHub3.sys (000002E8876A3230) | |
| libdtrace DEBUG: loaded CTF container for Fs_Rec.sys (000002E8876A1F30) | |
| libdtrace DEBUG: loaded CTF container for ksecpkg.sys (000002E8876A3E10) | |
| libdtrace DEBUG: loaded CTF container for tcpip.sys (000002E8876A4070) | |
| libdtrace DEBUG: loaded CTF container for fwpkclnt.sys (000002E8876A28B0) | |
| libdtrace DEBUG: loaded CTF container for wfplwfs.sys (000002E8876A4790) | |
| libdtrace DEBUG: loaded CTF container for fvevol.sys (000002E8876A42D0) | |
| libdtrace DEBUG: loaded CTF container for volume.sys (000002E8876A5A90) | |
| libdtrace DEBUG: loaded CTF container for volsnap.sys (000002E8876A49F0) | |
| libdtrace DEBUG: loaded CTF container for USBXHCI.SYS (000002E8876A5830) | |
| libdtrace DEBUG: loaded CTF container for USBSTOR.SYS (000002E8876A4530) | |
| libdtrace DEBUG: loaded CTF container for uaspstor.sys (000002E8876A4C50) | |
| libdtrace DEBUG: loaded CTF container for sdstor.sys (000002E8876A4EB0) | |
| libdtrace DEBUG: loaded CTF container for rdyboost.sys (000002E8876A5110) | |
| libdtrace DEBUG: loaded CTF container for mup.sys (000002E8876A5370) | |
| libdtrace DEBUG: loaded CTF container for iorate.sys (000002E8876A2D70) | |
| libdtrace DEBUG: loaded CTF container for disk.sys (000002E8876A55D0) | |
| libdtrace DEBUG: loaded CTF container for CLASSPNP.SYS (000002E8876A2FD0) | |
| libdtrace DEBUG: loaded CTF container for crashdmp.sys (000002E8876AF5A0) | |
| libdtrace DEBUG: loaded CTF container for cdrom.sys (000002E8876B1220) | |
| libdtrace DEBUG: loaded CTF container for filecrypt.sys (000002E8876B1940) | |
| libdtrace DEBUG: loaded CTF container for tbs.sys (000002E8876B0B00) | |
| libdtrace DEBUG: loaded CTF container for Null.SYS (000002E8876B0D60) | |
| libdtrace DEBUG: loaded CTF container for Beep.SYS (000002E8876B1E00) | |
| libdtrace DEBUG: loaded CTF container for dxgkrnl.sys (000002E8876B22C0) | |
| libdtrace DEBUG: loaded CTF container for watchdog.sys (000002E8876B03E0) | |
| libdtrace DEBUG: loaded CTF container for BasicDisplay.sys (000002E8876B1BA0) | |
| libdtrace DEBUG: loaded CTF container for BasicRender.sys (000002E8876B2060) | |
| libdtrace DEBUG: loaded CTF container for Npfs.SYS (000002E8876AE760) | |
| libdtrace DEBUG: loaded CTF container for Msfs.SYS (000002E8876B0FC0) | |
| libdtrace DEBUG: loaded CTF container for tdx.sys (000002E8876B1480) | |
| libdtrace DEBUG: loaded CTF container for TDI.SYS (000002E8876AE9C0) | |
| libdtrace DEBUG: loaded CTF container for netbt.sys (000002E8876B0180) | |
| libdtrace DEBUG: loaded CTF container for afunix.sys (000002E8876AFCC0) | |
| libdtrace DEBUG: loaded CTF container for afd.sys (000002E8876AF800) | |
| libdtrace DEBUG: loaded CTF container for vwififlt.sys (000002E8876B16E0) | |
| libdtrace DEBUG: loaded CTF container for pacer.sys (000002E8876B0640) | |
| libdtrace DEBUG: loaded CTF container for netbios.sys (000002E8876AFA60) | |
| libdtrace DEBUG: loaded CTF container for rdbss.sys (000002E8876B08A0) | |
| libdtrace DEBUG: loaded CTF container for csc.sys (000002E8876AEC20) | |
| libdtrace DEBUG: loaded CTF container for nsiproxy.sys (000002E8876AEE80) | |
| libdtrace DEBUG: loaded CTF container for npsvctrig.sys (000002E8876AF0E0) | |
| libdtrace DEBUG: loaded CTF container for mssmbios.sys (000002E8876AFF20) | |
| libdtrace DEBUG: loaded CTF container for gpuenergydrv.sys (000002E8876AF340) | |
| libdtrace DEBUG: loaded CTF container for DTrace.sys (000002E8876BDFD0) | |
| libdtrace DEBUG: loaded CTF container for dfsc.sys (000002E8876BD650) | |
| libdtrace DEBUG: loaded CTF container for fastfat.SYS (000002E8876BC350) | |
| libdtrace DEBUG: loaded CTF container for bam.sys (000002E8876BDD70) | |
| libdtrace DEBUG: loaded CTF container for ahcache.sys (000002E8876BD8B0) | |
| libdtrace DEBUG: loaded CTF container for Vid.sys (000002E8876BE490) | |
| libdtrace DEBUG: loaded CTF container for winhvr.sys (000002E8876BAB90) | |
| libdtrace DEBUG: loaded CTF container for CompositeBus.sys (000002E8876BC5B0) | |
| libdtrace DEBUG: loaded CTF container for kdnic.sys (000002E8876BB9D0) | |
| libdtrace DEBUG: loaded CTF container for umbus.sys (000002E8876BE6F0) | |
| libdtrace DEBUG: loaded CTF container for dmvsc.sys (000002E8876BC810) | |
| libdtrace DEBUG: loaded CTF container for VMBusHID.sys (000002E8876BBC30) | |
| libdtrace DEBUG: loaded CTF container for HIDCLASS.SYS (000002E8876BDB10) | |
| libdtrace DEBUG: loaded CTF container for HIDPARSE.SYS (000002E8876BCA70) | |
| libdtrace DEBUG: loaded CTF container for hyperkbd.sys (000002E8876BCCD0) | |
| libdtrace DEBUG: loaded CTF container for kbdclass.sys (000002E8876BB050) | |
| libdtrace DEBUG: loaded CTF container for HyperVideo.sys (000002E8876BE230) | |
| libdtrace DEBUG: loaded CTF container for vmgencounter.sys (000002E8876BB510) | |
| libdtrace DEBUG: loaded CTF container for intelppm.sys (000002E8876BBE90) | |
| libdtrace DEBUG: loaded CTF container for NdisVirtualBus.sys (000002E8876BADF0) | |
| libdtrace DEBUG: loaded CTF container for swenum.sys (000002E8876BCF30) | |
| libdtrace DEBUG: loaded CTF container for ks.sys (000002E8876BB2B0) | |
| libdtrace DEBUG: loaded CTF container for rdpbus.sys (000002E8876BD190) | |
| libdtrace DEBUG: loaded CTF container for mouhid.sys (000002E8876BB770) | |
| libdtrace DEBUG: loaded CTF container for mouclass.sys (000002E8876BC0F0) | |
| libdtrace DEBUG: loaded CTF container for udfs.sys (000002E8876BD3F0) | |
| libdtrace DEBUG: loaded CTF container for win32k.sys (000002E8876C91F0) | |
| libdtrace DEBUG: loaded CTF container for win32kfull.sys (000002E8876C8AD0) | |
| libdtrace DEBUG: loaded CTF container for win32kbase.sys (000002E8876CB330) | |
| libdtrace DEBUG: loaded CTF container for dxgmms2.sys (000002E8876C8D30) | |
| libdtrace DEBUG: loaded CTF container for rdpvideominiport.sys (000002E8876C9450) | |
| libdtrace DEBUG: loaded CTF container for rdpdr.sys (000002E8876C9910) | |
| libdtrace DEBUG: loaded CTF container for tsusbhub.sys (000002E8876CAE70) | |
| libdtrace DEBUG: loaded CTF container for vmgid.sys (000002E8876CA4F0) | |
| libdtrace DEBUG: loaded CTF container for luafv.sys (000002E8876C9DD0) | |
| libdtrace DEBUG: loaded CTF container for wcifs.sys (000002E8876C7A30) | |
| libdtrace DEBUG: loaded CTF container for cldflt.sys (000002E8876CA9B0) | |
| libdtrace DEBUG: loaded CTF container for storqosflt.sys (000002E8876C7EF0) | |
| libdtrace DEBUG: loaded CTF container for bowser.sys (000002E8876C8610) | |
| libdtrace DEBUG: loaded CTF container for winquic.sys (000002E8876CB0D0) | |
| libdtrace DEBUG: loaded CTF container for mrxsmb.sys (000002E8876C8F90) | |
| libdtrace DEBUG: loaded CTF container for mrxsmb20.sys (000002E8876CA750) | |
| libdtrace DEBUG: loaded CTF container for lltdio.sys (000002E8876C8870) | |
| libdtrace DEBUG: loaded CTF container for mslldp.sys (000002E8876C77D0) | |
| libdtrace DEBUG: loaded CTF container for rspndr.sys (000002E8876C96B0) | |
| libdtrace DEBUG: loaded CTF container for wanarp.sys (000002E8876C9B70) | |
| libdtrace DEBUG: loaded CTF container for HTTP.sys (000002E8876CAC10) | |
| libdtrace DEBUG: loaded CTF container for mpsdrv.sys (000002E8876CA030) | |
| libdtrace DEBUG: loaded CTF container for srvnet.sys (000002E8876C8150) | |
| libdtrace DEBUG: loaded CTF container for mmcss.sys (000002E8876C7C90) | |
| libdtrace DEBUG: loaded CTF container for srv2.sys (000002E8876C83B0) | |
| libdtrace DEBUG: loaded CTF container for Ndu.sys (000002E8876CA290) | |
| libdtrace DEBUG: loaded CTF container for peauth.sys (000002E8876D40C0) | |
| libdtrace DEBUG: loaded CTF container for tcpipreg.sys (000002E8876D72A0) | |
| libdtrace DEBUG: loaded CTF container for rassstp.sys (000002E8876D4CA0) | |
| libdtrace DEBUG: loaded CTF container for NDProxy.sys (000002E8876D4A40) | |
| libdtrace DEBUG: loaded CTF container for AgileVpn.sys (000002E8876D6DE0) | |
| libdtrace DEBUG: loaded CTF container for rasl2tp.sys (000002E8876D5620) | |
| libdtrace DEBUG: loaded CTF container for raspptp.sys (000002E8876D7040) | |
| libdtrace DEBUG: loaded CTF container for raspppoe.sys (000002E8876D53C0) | |
| libdtrace DEBUG: loaded CTF container for ndistapi.sys (000002E8876D66C0) | |
| libdtrace DEBUG: loaded CTF container for ndiswan.sys (000002E8876D4580) | |
| libdtrace DEBUG: loaded CTF container for monitor.sys (000002E8876D4F00) | |
| libdtrace DEBUG: loaded CTF container for terminpt.sys (000002E8876D6460) | |
| libdtrace DEBUG: loaded CTF container for WdNisDrv.sys (000002E8876D47E0) | |
| libdtrace DEBUG: loaded CTF container for cdd.dll (000002E8876D5AE0) | |
| libdtrace DEBUG: loaded CTF container for WudfRd.sys (000002E8876D6920) | |
| libdtrace DEBUG: loaded CTF container for IndirectKmd.sys (000002E8876D7500) | |
| libdtrace DEBUG: loaded CTF container for condrv.sys (000002E8876D5160) | |
| libdtrace DEBUG: loaded printf conversion %a | |
| libdtrace DEBUG: loaded printf conversion %A | |
| libdtrace DEBUG: loaded printf conversion %c | |
| libdtrace DEBUG: loaded printf conversion %C | |
| libdtrace DEBUG: loaded printf conversion %d | |
| libdtrace DEBUG: loaded printf conversion %e | |
| libdtrace DEBUG: loaded printf conversion %E | |
| libdtrace DEBUG: loaded printf conversion %f | |
| libdtrace DEBUG: loaded printf conversion %g | |
| libdtrace DEBUG: loaded printf conversion %G | |
| libdtrace DEBUG: loaded printf conversion %hd | |
| libdtrace DEBUG: loaded printf conversion %hi | |
| libdtrace DEBUG: loaded printf conversion %ho | |
| libdtrace DEBUG: loaded printf conversion %hu | |
| libdtrace DEBUG: loaded printf conversion %hx | |
| libdtrace DEBUG: loaded printf conversion %hX | |
| libdtrace DEBUG: loaded printf conversion %i | |
| libdtrace DEBUG: loaded printf conversion %I | |
| libdtrace DEBUG: loaded printf conversion %k | |
| libdtrace DEBUG: loaded printf conversion %lc | |
| libdtrace DEBUG: loaded printf conversion %ld | |
| libdtrace DEBUG: loaded printf conversion %li | |
| libdtrace DEBUG: loaded printf conversion %lo | |
| libdtrace DEBUG: loaded printf conversion %lu | |
| libdtrace DEBUG: loaded printf conversion %ls | |
| libdtrace DEBUG: loaded printf conversion %lx | |
| libdtrace DEBUG: loaded printf conversion %lX | |
| libdtrace DEBUG: loaded printf conversion %lld | |
| libdtrace DEBUG: loaded printf conversion %lli | |
| libdtrace DEBUG: loaded printf conversion %llo | |
| libdtrace DEBUG: loaded printf conversion %llu | |
| libdtrace DEBUG: loaded printf conversion %llx | |
| libdtrace DEBUG: loaded printf conversion %llX | |
| libdtrace DEBUG: loaded printf conversion %Le | |
| libdtrace DEBUG: loaded printf conversion %LE | |
| libdtrace DEBUG: loaded printf conversion %Lf | |
| libdtrace DEBUG: loaded printf conversion %Lg | |
| libdtrace DEBUG: loaded printf conversion %LG | |
| libdtrace DEBUG: loaded printf conversion %o | |
| libdtrace DEBUG: loaded printf conversion %p | |
| libdtrace DEBUG: loaded printf conversion %P | |
| libdtrace DEBUG: loaded printf conversion %s | |
| libdtrace DEBUG: loaded printf conversion %S | |
| libdtrace DEBUG: loaded printf conversion %T | |
| libdtrace DEBUG: loaded printf conversion %u | |
| libdtrace DEBUG: loaded printf conversion %wc | |
| libdtrace DEBUG: loaded printf conversion %ws | |
| libdtrace DEBUG: loaded printf conversion %x | |
| libdtrace DEBUG: loaded printf conversion %X | |
| libdtrace DEBUG: loaded printf conversion %Y | |
| libdtrace DEBUG: loaded printf conversion %% | |
| libdtrace DEBUG: populating global idhash from 00007FFF6DC990B0 | |
| libdtrace DEBUG: DBGHELP: Symbol Search Path: C:\symbols | |
| libdtrace DEBUG: Execution policy: 'Bypass' from scope 'LocalMachine' | |
| libdtrace DEBUG: DBGHELP: No header for C:\Windows\system32\ntoskrnl.exe. Searching for image on disk | |
| libdtrace DEBUG: DBGHELP: C:\Windows\system32\ntoskrnl.exe - OK | |
| libdtrace DEBUG: SYMSRV: BYINDEX: 0x1 | |
| C:\symbols | |
| ntkrnlmp.pdb | |
| 4579EC1273FA778DBD18E806E414E7311 | |
| libdtrace DEBUG: SYMSRV: PATH: C:\symbols\ntkrnlmp.pdb\4579EC1273FA778DBD18E806E414E7311\ntkrnlmp.pdb | |
| libdtrace DEBUG: SYMSRV: RESULT: 0x00000000 | |
| libdtrace DEBUG: DBGHELP: ntoskrnl - public symbols | |
| C:\symbols\ntkrnlmp.pdb\4579EC1273FA778DBD18E806E414E7311\ntkrnlmp.pdb | |
| DTrace: invalid probe specifier fbt:nt:: {}: probe description fbt:nt:: does not match any probes | |
| libdtrace DEBUG: dt_buf_destroy(section headers): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(string table): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(loadable data): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(unloadable data): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(probe data): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(probe args): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(probe offs): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(probe is-enabled offs): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(probe rels): size=512 resizes=0 | |
| libdtrace DEBUG: dt_buf_destroy(xlate members): size=512 resizes=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment