Question about OS listed in dump files

[usasma]

I have an infected system at work that gets dumps that state:

Windows 7 Kernel Version 9200 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 9200.16581.amd64fre.win8_gdr.130410-1505

System is a legitimate Dell Inspiron One with Win8x64
It had the FBI/DOJ virus; scans by the malware folks at work say it's clean now.

Any thoughts on why the OS states Windows 7 rather than Windows 8?


Also, just FYI - our work computer uses this symbol path:

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols;srv*c:\SymcachePublic*http://ctxsym.citrix.com/symbolsad/symbols

It seems that Citrix has a public symbol server also - maybe we should use it?

 

[writhziden]

What version of WinDbg?

My experience with Windows 7 showing up in the .dmps on a Windows 8 machine was due to an older version of WinDbg that existed prior to the release of Windows 8.

 

[usasma]

Thanks Mike! I'll check it out when I get to work today.