lpus-driver/first_proc_chunk.txt

00000001	0.00000000	[NAK] :: [ ] Hello from Kernel, setup a few things
00000002	0.00001790	[NAK] :: [+] Setup completed, GO GO GO !!!!
00000003	0.00003500	[NAK] :: [ ] Windows version        : 10.0.19564
00000004	0.00003650	[NAK] :: [ ] Detected windows       : 2020 Fast Ring
00000005	0.00003880	[NAK] :: [ ] eprocess               : 0xFFFFB0078D8BE040, [         System]
00000006	0.00004050	[NAK] :: [ ] PsActiveProcessHead    : 0xFFFFF80465E1F970
00000007	0.00004200	[NAK] :: [ ] ntoskrnl.exe           : 0xFFFFF80465200000
00000008	0.00004350	[NAK] :: [ ] nt!MiState             : 0xFFFFF80465E4F200
00000009	0.00004500	[NAK] :: [ ] &systemNonPageInfo     : 0xFFFFD10180016010
00000010	0.00004640	[NAK] :: [ ] &NonPagedPoolFirstVa   : 0xFFFFD10180016070
00000011	0.00004790	[NAK] :: [ ] &NonPagedPoolLastVa    : 0xFFFFD10180016078
00000012	0.00004970	[NAK] :: [+] nonPagedPoolStart      : 0xffffb00000000000
00000013	0.00005130	[NAK] :: [+] nonPagedPoolEnd        : 0xffffc00000000000
00000014	0.00005230	[NAK] :: [+] Scanning
00000015	0.08150540	[NAK] :: [+] ==== PoolStart 0xFFFFB0078D8BE000 ====
00000016	0.08150930	[NAK] :: [|]  PreviousSize  : 0x0
00000017	0.08151110	[NAK] :: [|]  PoolIndex     : 0xfb
00000018	0.08151260	[NAK] :: [|]  BlockSize     : 0xf00
00000019	0.08151400	[NAK] :: [|]  PoolType      : 0x2
00000020	0.08151630	[NAK] :: [|]  PoolTag       : 0x636f7250 [Proc]
00000021	0.08151850	[NAK] :: [+] ==== PoolEnd   0xFFFFB0078D8BE000 ====
00000022	0.08152020	[NAK] :: [+] HEY EPROCESS POOL CHUNK
00000023	0.08152160	[NAK] :: [+] Finish scanning
00000024	2.03572369	[NAK] :: [+] Goodbye from Kernel
find proc chunk successfully 2020-02-20 03:40:25 +07:00			`00000001 0.00000000 [NAK] :: [ ] Hello from Kernel, setup a few things`
			`00000002 0.00001790 [NAK] :: [+] Setup completed, GO GO GO !!!!`
			`00000003 0.00003500 [NAK] :: [ ] Windows version : 10.0.19564`
			`00000004 0.00003650 [NAK] :: [ ] Detected windows : 2020 Fast Ring`
			`00000005 0.00003880 [NAK] :: [ ] eprocess : 0xFFFFB0078D8BE040, [ System]`
			`00000006 0.00004050 [NAK] :: [ ] PsActiveProcessHead : 0xFFFFF80465E1F970`
			`00000007 0.00004200 [NAK] :: [ ] ntoskrnl.exe : 0xFFFFF80465200000`
			`00000008 0.00004350 [NAK] :: [ ] nt!MiState : 0xFFFFF80465E4F200`
			`00000009 0.00004500 [NAK] :: [ ] &systemNonPageInfo : 0xFFFFD10180016010`
			`00000010 0.00004640 [NAK] :: [ ] &NonPagedPoolFirstVa : 0xFFFFD10180016070`
			`00000011 0.00004790 [NAK] :: [ ] &NonPagedPoolLastVa : 0xFFFFD10180016078`
			`00000012 0.00004970 [NAK] :: [+] nonPagedPoolStart : 0xffffb00000000000`
			`00000013 0.00005130 [NAK] :: [+] nonPagedPoolEnd : 0xffffc00000000000`
			`00000014 0.00005230 [NAK] :: [+] Scanning`
			`00000015 0.08150540 [NAK] :: [+] ==== PoolStart 0xFFFFB0078D8BE000 ====`
			`00000016 0.08150930 [NAK] :: [\|] PreviousSize : 0x0`
			`00000017 0.08151110 [NAK] :: [\|] PoolIndex : 0xfb`
			`00000018 0.08151260 [NAK] :: [\|] BlockSize : 0xf00`
			`00000019 0.08151400 [NAK] :: [\|] PoolType : 0x2`
			`00000020 0.08151630 [NAK] :: [\|] PoolTag : 0x636f7250 [Proc]`
			`00000021 0.08151850 [NAK] :: [+] ==== PoolEnd 0xFFFFB0078D8BE000 ====`
			`00000022 0.08152020 [NAK] :: [+] HEY EPROCESS POOL CHUNK`
			`00000023 0.08152160 [NAK] :: [+] Finish scanning`
			`00000024 2.03572369 [NAK] :: [+] Goodbye from Kernel`