Friday, March 7, 2008

If some idiot send dump file to you but don't know which build they installed....

0: kd> lm v m foo*
start    end        module name
a6fa9000 a6fbf080   foo (deferred)            
    Image path: \??\C:\Windows\system32\drivers\foo.sys
    Image name: foo.sys
    Timestamp:        Mon Dec 10 13:50:02 2007 (475DB48A)
    CheckSum:         0001B348
    ImageSize:        00016080
    File version:     3.0.167.0
    Product version:  3.0.167.0
    File flags:       8 (Mask 3F) Private
    File OS:          40004 NT Win32
    File type:        3.7 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      foo Inc
    ProductName:      foo foo
    InternalName:     foo.sys
    OriginalFilename: foo.sys
    ProductVersion:   3.0.167
    FileVersion:      3.0.167
    FileDescription:  foo IPSec Driver
    LegalCopyright:   2003-2006 foo Inc. All rights reserved.
...

...

...

Posted by Hannibal at 3:10 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)