> I am using the 2.1 Windows standalone exe.
>
> I have a dd image of memory from the subject operating system and when I try
> to use pslist with the Win2008SP1x86 profile I get the following errors:
>
> Traceback (most recent call last):
> File "<string>", line 185, in <module>
> File "<string>", line 176, in main
> File
> "C:\volatility\build\pyi.win32\pyinstaller\vol.pkz\volatility.commands",
> line 111, in execute
> File "C:\volatility\volatility\plugins\taskmods.py", line 138, in
> render_text
> File
> "C:\volatility\build\pyi.win32\pyinstaller\vol.pkz\volatility.win32.tasks",
> line 72, in pslist
> File "C:\volatility\volatility\plugins\overlays\windows\kdbg_vtypes.py",
> line 40, in processes
> AttributeError: Could not list tasks, please verify your --profile with
> kdbgscan
>
>
> When I try to verify my profile with kdbgscan I get the following for all
> profiles:
>
> **************************************************
> Instantiating KDBG using: Kernel AS Win2008SP1x86 (6.0.6001 32bit)
> Offset (V) : 0x8193ec90
> Offset (P) : 0x193ec90
> KDBG owner tag check : True
> Profile suggestion (KDBGHeader): Win2008SP1x86
> Version64 : 0x8193ec68 (Major: 15, Minor: 6001)
> Service Pack (CmNtCSDVersion) : 1
> Build string (NtBuildLab) : 6001.18000.x86fre.longhorn_rtm.0
> PsActiveProcessHead : 0x81954990 (0 processes)
> PsLoadedModuleList : 0x8195ec70 (0 modules)
> KernelBase : 0x81847000 (Matches MZ: True)
> Major (OptionalHeader) : 6
> Minor (OptionalHeader) : 0
> KPCR : 0x8193f800 (CPU 0)
> KPCR : 0x803d1000 (CPU 1)
>
> Any help would be greatly appreciated.
>
> Jon
>