Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error upon bootup


  • This topic is locked This topic is locked
11 replies to this topic

#1 chris_in_cal

chris_in_cal

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 04:02 PM

Upon boot up, these error boxes popped up.

Windows XP home, w/ SP3

------------------------------------------
Generic Host Process for Win32 Services

Generic Host Process for Win32 Services has encountered a
Problem and needs to close. We are sorry for the ....

For more information about this error click here
------------------------------------------------

After "click here"
------------------------------
Error signature
szAppName svchost.exe szAppVer 5.1.2600.5512 szModName:msi.dll
szModVer 4.5.6001.22159 offset:00117177

To view technical information......click here
--------------------------------------------------

After "click here"
------------------------------------
Error Report Content
The follinw titles will be included in this error report
C:\DOCUME~1\Dell\LOCALS~1\Temp\WER7cd9.dir00\svchost.exe.mdmp
C:\DOCUME~1\Dell\LOCALS~1\Temp\WER7cd9.dir00\appcompat.txt
-------------------------------------------------------------------------

Here are the two files svchost.exe.mdmp, and appcompat.txt
---------------------------------------------------
Oops, apparently svchost.exe.mdmp is a binary, I don't know how to
view it properly
------------------------------

Here is appcompat.txt
---------------------------
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="SYSTEM INFO" FILTER="GRABMI_FILTER_SYSTEM">
<MATCHING_FILE NAME="advapi32.dll" SIZE="617472" CHECKSUM="0xA0887D0D" BIN_FILE_VERSION="5.1.2600.5755" BIN_PRODUCT_VERSION="5.1.2600.5755" PRODUCT_VERSION="5.1.2600.5755" FILE_DESCRIPTION="Advanced Windows 32 Base API" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)" ORIGINAL_FILENAME="advapi32.dll" INTERNAL_NAME="advapi32.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA5BB8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5755" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5755" LINK_DATE="02/09/2009 12:10:48" UPTO_LINK_DATE="02/09/2009 12:10:48" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="gdi32.dll" SIZE="286720" CHECKSUM="0x98314A3F" BIN_FILE_VERSION="5.1.2600.5698" BIN_PRODUCT_VERSION="5.1.2600.5698" PRODUCT_VERSION="5.1.2600.5698" FILE_DESCRIPTION="GDI Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)" ORIGINAL_FILENAME="gdi32" INTERNAL_NAME="gdi32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4CE95" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5698" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5698" LINK_DATE="10/23/2008 12:36:14" UPTO_LINK_DATE="10/23/2008 12:36:14" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="kernel32.dll" SIZE="989696" CHECKSUM="0x2D998938" BIN_FILE_VERSION="5.1.2600.5781" BIN_PRODUCT_VERSION="5.1.2600.5781" PRODUCT_VERSION="5.1.2600.5781" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFE572" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5781" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5781" LINK_DATE="03/21/2009 14:06:58" UPTO_LINK_DATE="03/21/2009 14:06:58" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="ntdll.dll" SIZE="714752" CHECKSUM="0xC695BA95" BIN_FILE_VERSION="5.1.2600.5755" BIN_PRODUCT_VERSION="5.1.2600.5755" PRODUCT_VERSION="5.1.2600.5755" FILE_DESCRIPTION="NT Layer DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)" ORIGINAL_FILENAME="ntdll.dll" INTERNAL_NAME="ntdll.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBC674" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5755" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5755" LINK_DATE="02/09/2009 12:10:48" UPTO_LINK_DATE="02/09/2009 12:10:48" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="ole32.dll" SIZE="1287168" CHECKSUM="0xB764FEEA" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="Microsoft OLE for Windows" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2108)" ORIGINAL_FILENAME="OLE32.DLL" INTERNAL_NAME="OLE32.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x14744B" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 00:10:57" UPTO_LINK_DATE="04/14/2008 00:10:57" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="oleaut32.dll" SIZE="551936" CHECKSUM="0xE8E0E87" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" COMPANY_NAME="Microsoft Corporation" FILE_VERSION="5.1.2600.5512" INTERNAL_NAME="OLEAUT32.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft Corp. 1993-2001." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x8D4E3" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 00:10:58" UPTO_LINK_DATE="04/14/2008 00:10:58" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="shell32.dll" SIZE="8462336" CHECKSUM="0xFF3C2DF9" BIN_FILE_VERSION="6.0.2900.6018" BIN_PRODUCT_VERSION="6.0.2900.6018" PRODUCT_VERSION="6.00.2900.6018" FILE_DESCRIPTION="Windows Shell Common Dll" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.6018 (xpsp_sp3_gdr.100726-1746)" ORIGINAL_FILENAME="SHELL32.DLL" INTERNAL_NAME="SHELL32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x813ADA" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.6018" UPTO_BIN_PRODUCT_VERSION="6.0.2900.6018" LINK_DATE="07/27/2010 06:30:34" UPTO_LINK_DATE="07/27/2010 06:30:34" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="user32.dll" SIZE="578560" CHECKSUM="0x6280E825" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="Windows XP USER API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="user32" INTERNAL_NAME="user32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x8FC76" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 00:11:07" UPTO_LINK_DATE="04/14/2008 00:11:07" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="wininet.dll" SIZE="916480" CHECKSUM="0x4EE7F213" BIN_FILE_VERSION="8.0.6001.18939" BIN_PRODUCT_VERSION="8.0.6001.18939" PRODUCT_VERSION="8.00.6001.18939" FILE_DESCRIPTION="Internet Extensions for Win32" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows® Internet Explorer" FILE_VERSION="8.00.6001.18939 (longhorn_ie8_gdr.100616-1700)" ORIGINAL_FILENAME="wininet.dll" INTERNAL_NAME="wininet.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEF2E9" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="8.0.6001.18939" UPTO_BIN_PRODUCT_VERSION="8.0.6001.18939" LINK_DATE="06/24/2010 12:22:02" UPTO_LINK_DATE="06/24/2010 12:22:02" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="winsock.dll" SIZE="2864" CHECKSUM="0x73AE8088" BIN_FILE_VERSION="3.10.0.103" BIN_PRODUCT_VERSION="3.10.0.103" PRODUCT_VERSION="3.10" FILE_DESCRIPTION="Windows Socket 16-Bit DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows™ Operating System" FILE_VERSION="3.10" ORIGINAL_FILENAME="WINSOCK.DLL" INTERNAL_NAME="WINSOCK" LEGAL_COPYRIGHT="Copyright © Microsoft Corp. 1981-1996" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001" VERFILETYPE="0x2" MODULE_TYPE="WIN16" S16BIT_DESCRIPTION="BSD Socket API for Windows" S16BIT_MODULE_NAME="WINSOCK" UPTO_BIN_FILE_VERSION="3.10.0.103" UPTO_BIN_PRODUCT_VERSION="3.10.0.103" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
</DATABASE>

Edited by hamluis, 25 September 2010 - 08:47 PM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:30 AM

Posted 25 September 2010 - 04:21 PM

Let's try to take the easy way...to see what's going on :thumbsup:.

Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html.

Double-click BlueScreenView.exe file.

When scanning is done, Edit/Select All...then File/Save Selected Items.

Save the report as BSOD.txt.

Open BSOD.txt in Notepad, copy all content and paste it into your next reply.

Louis

#3 Eraser23

Eraser23

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 25 September 2010 - 04:21 PM

I've seen Generic Host process for win32 services errors fixed with virus and malware scans, then removing malware that is found. For some people at least, that has solved the problem.

In the past, I've also seen Service Pack 2 users solve the problem with a patch released by Microsoft, but as you're on SP3, I don't know whether this would be an issue.

This was the patch that was released.

If you installed security update 873333 (MS05-012), you may experience one or more of the following problems:

You may receive the following error message after you start the computer:
Generic Host Process for Win32 Services Error

Note: This problem only occurs in Microsoft Windows XP Service Pack 2 (SP2).


As you can see from the bottom in bold, Microsoft state the problem only occurs with SP2, SP3 isn't specified.

When did you install SP3 by the way, is it a recent installation?

Don't apply that hotfix unless others recommend it also (it may cause more harm than good - not 100%) - it was more of a heads up more than anything, showing you how such problems were fixed on older service packs. IT MAY NOT APPLY TO SP3.

Edited by Eraser23, 25 September 2010 - 04:26 PM.


#4 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 05:49 PM

Thanks Louis,

Let's try to take the easy way...to see what's going on :thumbsup:.

Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html.

Double-click BlueScreenView.exe file.


I downloaded the program, when it opened it didn't display anything.
I read the "How to make sure your XP does a minidump upon a BSOD," and it looked fine.
Looking in the c:\windows\minidump folder it is empty.

I guess I'll check it immediately after my next BSOD, and then post it as you suggested.

chris_in_cal

#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:30 AM

Posted 25 September 2010 - 05:57 PM

Hmm...you can also do a search for any *.dmp files and see if they are just being stored in another partition location. When doing the search, ensure that all files (including system files) are included and that all file extensions are viewable.

If you find any, you can move them to the appropriate folder.

Louis

#6 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 06:24 PM

Eraser32,

When did you install SP3 by the way, is it a recent installation?


Under "My Computer" properties, it list my OS as Window XP, Home Edition, version 2002, SP3

I've just used Microsoft Update, I'm not sure exactly when SP3 was installed, it has been
a long time though. Long, long, before these most recent problems.

#7 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 08:00 PM

Well, my next BSOD didn't take long. I went ahead and D/L and ran a boot up Avast Scan.
Many corrupt archives, but no suspicious files.
Below is the BSOD.txt from a few minutes ago.
-------------------------------------------------------------
==================================================
Dump File : Mini092510-01.dmp
Crash Time : 9/25/2010 5:56:38 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805861f5
Parameter 3 : 0xa88838e0
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+af1f5
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini092510-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

#8 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 08:03 PM

I think you may have wanted this
-------------------------------------------------
==================================================
Filename : ntoskrnl.exe
Address In Stack : ntoskrnl.exe+af1f5
From Address : 0x804d7000
To Address : 0x806ff000
Size : 0x00228000
Time Stamp : 0x4bd6eda6
Time String : 4/27/2010 6:59:02 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Kernel & System
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\ntoskrnl.exe
==================================================

==================================================
Filename : hal.dll
Address In Stack :
From Address : 0x806ff000
To Address : 0x8071fd00
Size : 0x00020d00
Time Stamp : 0x4802517f
Time String : 4/13/2008 11:31:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hardware Abstraction Layer DLL
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\hal.dll
==================================================

==================================================
Filename : kdcom.dll
Address In Stack :
From Address : 0xf7ccd000
To Address : 0xf7cceb80
Size : 0x00001b80
Time Stamp : 0x3b7d8346
Time String : 8/17/2001 1:49:10 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Debugger HW Extension DLL
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\kdcom.dll
==================================================

==================================================
Filename : BOOTVID.dll
Address In Stack :
From Address : 0xf7bdd000
To Address : 0xf7be0000
Size : 0x00003000
Time Stamp : 0x3b7d8345
Time String : 8/17/2001 1:49:09 PM
Product Name : Microsoft® Windows® Operating System
File Description : VGA Boot Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\BOOTVID.dll
==================================================

==================================================
Filename : ACPI.sys
Address In Stack :
From Address : 0xf777e000
To Address : 0xf77abd80
Size : 0x0002dd80
Time Stamp : 0x480252b1
Time String : 4/13/2008 11:36:33 AM
Product Name : Microsoft® Windows® Operating System
File Description : ACPI Driver for NT
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ACPI.sys
==================================================

==================================================
Filename : WMILIB.SYS
Address In Stack :
From Address : 0xf7ccf000
To Address : 0xf7cd0100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name : Microsoft® Windows® Operating System
File Description : WMILIB WMI support library Dll
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WMILIB.SYS
==================================================

==================================================
Filename : pci.sys
Address In Stack :
From Address : 0xf776d000
To Address : 0xf777da80
Size : 0x00010a80
Time Stamp : 0x480252bb
Time String : 4/13/2008 11:36:43 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Plug and Play PCI Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\pci.sys
==================================================

==================================================
Filename : isapnp.sys
Address In Stack :
From Address : 0xf77cd000
To Address : 0xf77d6180
Size : 0x00009180
Time Stamp : 0x480252b8
Time String : 4/13/2008 11:36:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : PNP ISA Bus Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\isapnp.sys
==================================================

==================================================
Filename : PCIIde.sys
Address In Stack :
From Address : 0xf7d95000
To Address : 0xf7d95d00
Size : 0x00000d00
Time Stamp : 0x3b7d83e5
Time String : 8/17/2001 1:51:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : Generic PCI IDE Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIde.sys
==================================================

==================================================
Filename : PCIIDEX.SYS
Address In Stack :
From Address : 0xf7a4d000
To Address : 0xf7a53180
Size : 0x00006180
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : PCI IDE Bus Driver Extension
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIDEX.SYS
==================================================

==================================================
Filename : intelide.sys
Address In Stack :
From Address : 0xf7cd1000
To Address : 0xf7cd2580
Size : 0x00001580
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : Intel PCI IDE Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelide.sys
==================================================

==================================================
Filename : MountMgr.sys
Address In Stack :
From Address : 0xf77dd000
To Address : 0xf77e7580
Size : 0x0000a580
Time Stamp : 0x48025371
Time String : 4/13/2008 11:39:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mount Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\MountMgr.sys
==================================================

==================================================
Filename : ftdisk.sys
Address In Stack :
From Address : 0xf774e000
To Address : 0xf776c880
Size : 0x0001e880
Time Stamp : 0x3b7d8419
Time String : 8/17/2001 1:52:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : FT Disk Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ftdisk.sys
==================================================

==================================================
Filename : PartMgr.sys
Address In Stack :
From Address : 0xf7a55000
To Address : 0xf7a59d00
Size : 0x00004d00
Time Stamp : 0x480253b0
Time String : 4/13/2008 11:40:48 AM
Product Name : Microsoft® Windows® Operating System
File Description : Partition Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PartMgr.sys
==================================================

==================================================
Filename : VolSnap.sys
Address In Stack :
From Address : 0xf77ed000
To Address : 0xf77f9c80
Size : 0x0000cc80
Time Stamp : 0x480253bc
Time String : 4/13/2008 11:41:00 AM
Product Name : Microsoft® Windows® Operating System
File Description : Volume Shadow Copy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VolSnap.sys
==================================================

==================================================
Filename : atapi.sys
Address In Stack :
From Address : 0xf7736000
To Address : 0xf774d900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : IDE/ATAPI Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\atapi.sys
==================================================

==================================================
Filename : disk.sys
Address In Stack :
From Address : 0xf77fd000
To Address : 0xf7805e00
Size : 0x00008e00
Time Stamp : 0x480253ae
Time String : 4/13/2008 11:40:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : PnP Disk Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\disk.sys
==================================================

==================================================
Filename : CLASSPNP.SYS
Address In Stack :
From Address : 0xf780d000
To Address : 0xf7819180
Size : 0x0000c180
Time Stamp : 0x48025c05
Time String : 4/13/2008 12:16:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI Class System Dll
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\CLASSPNP.SYS
==================================================

==================================================
Filename : fltmgr.sys
Address In Stack :
From Address : 0xf7716000
To Address : 0xf7735b00
Size : 0x0001fb00
Time Stamp : 0x480251da
Time String : 4/13/2008 11:32:58 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Filesystem Filter Manager
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fltmgr.sys
==================================================

==================================================
Filename : sr.sys
Address In Stack :
From Address : 0xf7704000
To Address : 0xf7715f00
Size : 0x00011f00
Time Stamp : 0x480252c2
Time String : 4/13/2008 11:36:50 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Restore Filesystem Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sr.sys
==================================================

==================================================
Filename : KSecDD.sys
Address In Stack :
From Address : 0xf76ed000
To Address : 0xf7703b00
Size : 0x00016b00
Time Stamp : 0x4a420b90
Time String : 6/24/2009 4:18:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Security Support Provider Interface
File Version : 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\KSecDD.sys
==================================================

==================================================
Filename : WudfPf.sys
Address In Stack :
From Address : 0xf76da000
To Address : 0xf76ecf00
Size : 0x00012f00
Time Stamp : 0x451c7d1f
Time String : 9/28/2006 6:55:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : Windows Driver Foundation - User-mode Driver Framework Platform Driver
File Version : 6.0.5716.32 (winmain(wmbla).060928-1756)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WudfPf.sys
==================================================

==================================================
Filename : Ntfs.sys
Address In Stack :
From Address : 0xf764d000
To Address : 0xf76d9600
Size : 0x0008c600
Time Stamp : 0x48025be5
Time String : 4/13/2008 12:15:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : NT File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Ntfs.sys
==================================================

==================================================
Filename : NDIS.sys
Address In Stack :
From Address : 0xf7620000
To Address : 0xf764c980
Size : 0x0002c980
Time Stamp : 0x48025d03
Time String : 4/13/2008 12:20:35 PM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 5.1 wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDIS.sys
==================================================

==================================================
Filename : Mup.sys
Address In Stack :
From Address : 0xf7606000
To Address : 0xf761fb80
Size : 0x00019b80
Time Stamp : 0x48025c31
Time String : 4/13/2008 12:17:05 PM
Product Name : Microsoft® Windows® Operating System
File Description : Multiple UNC Provider driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Mup.sys
==================================================

==================================================
Filename : intelppm.sys
Address In Stack :
From Address : 0xf7a3d000
To Address : 0xf7a45e00
Size : 0x00008e00
Time Stamp : 0x48025183
Time String : 4/13/2008 11:31:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : Processor Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelppm.sys
==================================================

==================================================
Filename : ialmnt5.sys
Address In Stack :
From Address : 0xf746e000
To Address : 0xf75ac0a0
Size : 0x0013e0a0
Time Stamp : 0x43503c04
Time String : 10/14/2005 4:15:16 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Intel Graphics Miniport Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\ialmnt5.sys
==================================================

==================================================
Filename : VIDEOPRT.SYS
Address In Stack :
From Address : 0xf745a000
To Address : 0xf746df00
Size : 0x00013f00
Time Stamp : 0x48025497
Time String : 4/13/2008 11:44:39 AM
Product Name : Microsoft® Windows® Operating System
File Description : Video Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VIDEOPRT.SYS
==================================================

==================================================
Filename : usbuhci.sys
Address In Stack :
From Address : 0xf7b1d000
To Address : 0xf7b22080
Size : 0x00005080
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : UHCI USB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbuhci.sys
==================================================

==================================================
Filename : USBPORT.SYS
Address In Stack :
From Address : 0xf7436000
To Address : 0xf7459200
Size : 0x00023200
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB 1.1 & 2.0 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBPORT.SYS
==================================================

==================================================
Filename : usbehci.sys
Address In Stack :
From Address : 0xf7b25000
To Address : 0xf7b2c600
Size : 0x00007600
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : EHCI eUSB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbehci.sys
==================================================

==================================================
Filename : HSFHWBS2.sys
Address In Stack :
From Address : 0xf7402000
To Address : 0xf7435d00
Size : 0x00033d00
Time Stamp : 0x3fb8d436
Time String : 11/17/2003 6:59:18 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_HWB2 WDM driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSFHWBS2.sys
==================================================

==================================================
Filename : ks.sys
Address In Stack :
From Address : 0xf73df000
To Address : 0xf7401700
Size : 0x00022700
Time Stamp : 0x48025c12
Time String : 4/13/2008 12:16:34 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel CSA Library
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ks.sys
==================================================

==================================================
Filename : HSF_DP.sys
Address In Stack :
From Address : 0xf72e0000
To Address : 0xf73de800
Size : 0x000fe800
Time Stamp : 0x3fb8d37d
Time String : 11/17/2003 6:56:13 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_DP driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_DP.sys
==================================================

==================================================
Filename : HSF_CNXT.sys
Address In Stack :
From Address : 0xf7239000
To Address : 0xf72df300
Size : 0x000a6300
Time Stamp : 0x3fb8d3e8
Time String : 11/17/2003 6:58:00 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_CNXT driver
File Version : 7.06.00 built by: WinDDK
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_CNXT.sys
==================================================

==================================================
Filename : Modem.SYS
Address In Stack :
From Address : 0xf7b2d000
To Address : 0xf7b34580
Size : 0x00007580
Time Stamp : 0x48025842
Time String : 4/13/2008 12:00:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : Modem Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Modem.SYS
==================================================

==================================================
Filename : e100b325.sys
Address In Stack :
From Address : 0xf7211000
To Address : 0xf7238c00
Size : 0x00027c00
Time Stamp : 0x42adf359
Time String : 6/13/2005 1:58:01 PM
Product Name : Intel® PRO/100 Adapter
File Description : Intel® PRO/100 Adapter NDIS 5.1 driver
File Version : 8.0.21.0 built by: WinDDK
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\e100b325.sys
==================================================

==================================================
Filename : smwdm.sys
Address In Stack :
From Address : 0xf71d1000
To Address : 0xf7210900
Size : 0x0003f900
Time Stamp : 0x41f94f88
Time String : 1/27/2005 1:31:04 PM
Product Name : SoundMAX Digital Audio Driver
File Description : SoundMAX Integrated Digital Audio
File Version : 5.12.01.5246
Company : Analog Devices, Inc.
Full Path : C:\WINDOWS\system32\drivers\smwdm.sys
==================================================

==================================================
Filename : portcls.sys
Address In Stack :
From Address : 0xf71ad000
To Address : 0xf71d0a80
Size : 0x00023a80
Time Stamp : 0x48025ccc
Time String : 4/13/2008 12:19:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : Port Class (Class Driver for Port/Miniport Devices)
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\portcls.sys
==================================================

==================================================
Filename : drmk.sys
Address In Stack :
From Address : 0xf782d000
To Address : 0xf783bb00
Size : 0x0000eb00
Time Stamp : 0x480254b8
Time String : 4/13/2008 11:45:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Kernel DRM Descrambler Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\drmk.sys
==================================================

==================================================
Filename : senfilt.sys
Address In Stack :
From Address : 0xf70fa000
To Address : 0xf71acf00
Size : 0x000b2f00
Time Stamp : 0x414a45cc
Time String : 9/16/2004 7:02:52 PM
Product Name :
File Description : Creative WDM Audio Driver
File Version : 5.10.00.3614
Company : Creative Technology Ltd.
Full Path : C:\WINDOWS\system32\drivers\senfilt.sys
==================================================

==================================================
Filename : fdc.sys
Address In Stack :
From Address : 0xf7b35000
To Address : 0xf7b35000
Size : 0x00000000
Time Stamp : 0x00000000
Time String :
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Disk Controller Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fdc.sys
==================================================

==================================================
Filename : i8042prt.sys
Address In Stack :
From Address : 0xf783d000
To Address : 0xf7849d00
Size : 0x0000cd00
Time Stamp : 0x48025c67
Time String : 4/13/2008 12:17:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : i8042 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\i8042prt.sys
==================================================

==================================================
Filename : L8042pr2.Sys
Address In Stack :
From Address : 0xf784d000
To Address : 0xf7858880
Size : 0x0000b880
Time Stamp : 0x3fe0b0a2
Time String : 12/17/2003 12:38:10 PM
Product Name : Logitech MouseWare™
File Description : Logitech PS/2 Mouse Filter Driver.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\L8042pr2.Sys
==================================================

==================================================
Filename : LMouFlt2.Sys
Address In Stack :
From Address : 0xf785d000
To Address : 0xf786c760
Size : 0x0000f760
Time Stamp : 0x3fe0b0b3
Time String : 12/17/2003 12:38:27 PM
Product Name : Logitech MouseWare™
File Description : Logitech Filter Driver for Mouse Class.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\LMouFlt2.Sys
==================================================

==================================================
Filename : mouclass.sys
Address In Stack :
From Address : 0xf7b3d000
To Address : 0xf7b42a00
Size : 0x00005a00
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mouse Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mouclass.sys
==================================================

==================================================
Filename : parport.sys
Address In Stack :
From Address : 0xf70e6000
To Address : 0xf70f9900
Size : 0x00013900
Time Stamp : 0x48025389
Time String : 4/13/2008 11:40:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\parport.sys
==================================================

==================================================
Filename : serial.sys
Address In Stack :
From Address : 0xf786d000
To Address : 0xf787cc00
Size : 0x0000fc00
Time Stamp : 0x48025be0
Time String : 4/13/2008 12:15:44 PM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serial.sys
==================================================

==================================================
Filename : serenum.sys
Address In Stack :
From Address : 0xf7c89000
To Address : 0xf7c8cd80
Size : 0x00003d80
Time Stamp : 0x4802538c
Time String : 4/13/2008 11:40:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Port Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serenum.sys
==================================================

==================================================
Filename : imapi.sys
Address In Stack :
From Address : 0xf787d000
To Address : 0xf7887480
Size : 0x0000a480
Time Stamp : 0x480253b9
Time String : 4/13/2008 11:40:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : IMAPI Kernel Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\imapi.sys
==================================================

==================================================
Filename : cdrom.sys
Address In Stack :
From Address : 0xf788d000
To Address : 0xf789c600
Size : 0x0000f600
Time Stamp : 0x480253ad
Time String : 4/13/2008 11:40:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI CD-ROM Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\cdrom.sys
==================================================

==================================================
Filename : redbook.sys
Address In Stack :
From Address : 0xf789d000
To Address : 0xf78ab100
Size : 0x0000e100
Time Stamp : 0x4802539b
Time String : 4/13/2008 11:40:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Redbook Audio Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\redbook.sys
==================================================

==================================================
Filename : GEARAspiWDM.sys
Address In Stack :
From Address : 0xf7b45000
To Address : 0xf7b4a280
Size : 0x00005280
Time Stamp : 0x4a1151b5
Time String : 5/18/2009 5:16:53 AM
Product Name : CD DVD Filter
File Description : CD DVD Filter
File Version : 2.02.00.01
Company : GEAR Software Inc.
Full Path : C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
==================================================

==================================================
Filename : audstub.sys
Address In Stack :
From Address : 0xf7deb000
To Address : 0xf7debc00
Size : 0x00000c00
Time Stamp : 0x3b7d85bc
Time String : 8/17/2001 1:59:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : AudStub Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\audstub.sys
==================================================

==================================================
Filename : rasl2tp.sys
Address In Stack :
From Address : 0xf78ad000
To Address : 0xf78b9880
Size : 0x0000c880
Time Stamp : 0x48025ccf
Time String : 4/13/2008 12:19:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS L2TP mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasl2tp.sys
==================================================

==================================================
Filename : ndistapi.sys
Address In Stack :
From Address : 0xf7c91000
To Address : 0xf7c93780
Size : 0x00002780
Time Stamp : 0x48025797
Time String : 4/13/2008 11:57:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 3.0 connection wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndistapi.sys
==================================================

==================================================
Filename : ndiswan.sys
Address In Stack :
From Address : 0xf70cf000
To Address : 0xf70e5580
Size : 0x00016580
Time Stamp : 0x48025d09
Time String : 4/13/2008 12:20:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : MS PPP Framing Driver (Strong Encryption)
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndiswan.sys
==================================================

==================================================
Filename : raspppoe.sys
Address In Stack :
From Address : 0xf78bd000
To Address : 0xf78c7200
Size : 0x0000a200
Time Stamp : 0x4802579b
Time String : 4/13/2008 11:57:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : RAS PPPoE mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspppoe.sys
==================================================

==================================================
Filename : raspptp.sys
Address In Stack :
From Address : 0xf78cd000
To Address : 0xf78d8d00
Size : 0x0000bd00
Time Stamp : 0x48025cd3
Time String : 4/13/2008 12:19:47 PM
Product Name : Microsoft® Windows® Operating System
File Description : Peer-to-Peer Tunneling Protocol
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspptp.sys
==================================================

==================================================
Filename : TDI.SYS
Address In Stack :
From Address : 0xf7b4d000
To Address : 0xf7b51a80
Size : 0x00004a80
Time Stamp : 0x48025834
Time String : 4/13/2008 12:00:04 PM
Product Name : Microsoft® Windows® Operating System
File Description : TDI Wrapper
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\TDI.SYS
==================================================

==================================================
Filename : psched.sys
Address In Stack :
From Address : 0xf70be000
To Address : 0xf70cee00
Size : 0x00010e00
Time Stamp : 0x48025764
Time String : 4/13/2008 11:56:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS QoS Packet Scheduler
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\psched.sys
==================================================

==================================================
Filename : msgpc.sys
Address In Stack :
From Address : 0xf78dd000
To Address : 0xf78e5900
Size : 0x00008900
Time Stamp : 0x48025760
Time String : 4/13/2008 11:56:32 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS General Packet Classifier
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\msgpc.sys
==================================================

==================================================
Filename : ptilink.sys
Address In Stack :
From Address : 0xf7b55000
To Address : 0xf7b59580
Size : 0x00004580
Time Stamp : 0x3b7d8371
Time String : 8/17/2001 1:49:53 PM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Technologies DirectParallel IO Library
File Version : 1.10 (XPClient.010817-1148)
Company : Parallel Technologies, Inc.
Full Path : C:\WINDOWS\system32\drivers\ptilink.sys
==================================================

==================================================
Filename : raspti.sys
Address In Stack :
From Address : 0xf7b5d000
To Address : 0xf7b61080
Size : 0x00004080
Time Stamp : 0x3b7d84c4
Time String : 8/17/2001 1:55:32 PM
Product Name : Microsoft® Windows® Operating System
File Description : PTI DirectParallel® mini-port/call-manager driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspti.sys
==================================================

==================================================
Filename : termdd.sys
Address In Stack :
From Address : 0xf78ed000
To Address : 0xf78f6f00
Size : 0x00009f00
Time Stamp : 0x4802532c
Time String : 4/13/2008 11:38:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Terminal Server Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\termdd.sys
==================================================

==================================================
Filename : kbdclass.sys
Address In Stack :
From Address : 0xf7b65000
To Address : 0xf7b6b000
Size : 0x00006000
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Keyboard Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdclass.sys
==================================================

==================================================
Filename : swenum.sys
Address In Stack :
From Address : 0xf7cf3000
To Address : 0xf7cf4100
Size : 0x00001100
Time Stamp : 0x48025378
Time String : 4/13/2008 11:39:52 AM
Product Name : Microsoft® Windows® Operating System
File Description : Plug and Play Software Device Enumerator
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\swenum.sys
==================================================

==================================================
Filename : update.sys
Address In Stack :
From Address : 0xf7060000
To Address : 0xf70bdf00
Size : 0x0005df00
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Update Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\update.sys
==================================================

==================================================
Filename : mssmbios.sys
Address In Stack :
From Address : 0xf7c9d000
To Address : 0xf7ca0c80
Size : 0x00003c80
Time Stamp : 0x480252bd
Time String : 4/13/2008 11:36:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Management BIOS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mssmbios.sys
==================================================

==================================================
Filename : NDProxy.SYS
Address In Stack :
From Address : 0xf791d000
To Address : 0xf7926e80
Size : 0x00009e80
Time Stamp : 0x48025798
Time String : 4/13/2008 11:57:28 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS Proxy
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDProxy.SYS
==================================================

==================================================
Filename : usbhub.sys
Address In Stack :
From Address : 0xf792d000
To Address : 0xf793b880
Size : 0x0000e880
Time Stamp : 0x480254d0
Time String : 4/13/2008 11:45:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Default Hub Driver for USB
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbhub.sys
==================================================

==================================================
Filename : USBD.SYS
Address In Stack :
From Address : 0xf7cf5000
To Address : 0xf7cf6280
Size : 0x00001280
Time Stamp : 0x3b7d8682
Time String : 8/17/2001 2:02:58 PM
Product Name : Microsoft® Windows® Operating System
File Description : Universal Serial Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBD.SYS
==================================================

==================================================
Filename : flpydisk.sys
Address In Stack :
From Address : 0xf7b6d000
To Address : 0xf7b72000
Size : 0x00005000
Time Stamp : 0x48025398
Time String : 4/13/2008 11:40:24 AM
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\flpydisk.sys
==================================================

==================================================
Filename : MpFilter.sys
Address In Stack :
From Address : 0xa9968000
To Address : 0xa998b000
Size : 0x00023000
Time Stamp : 0x4ba4490e
Time String : 3/19/2010 9:03:26 PM
Product Name : Microsoft Malware Protection
File Description : Microsoft antimalware file system filter driver
File Version : 2.1.6804.0
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\MpFilter.sys
==================================================

==================================================
Filename : hidusb.sys
Address In Stack :
From Address : 0xf75b5000
To Address : 0xf75b7880
Size : 0x00002880
Time Stamp : 0x480254c7
Time String : 4/13/2008 11:45:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB Miniport Driver for Input Devices
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\hidusb.sys
==================================================

==================================================
Filename : HIDCLASS.SYS
Address In Stack :
From Address : 0xf796d000
To Address : 0xf7976000
Size : 0x00009000
Time Stamp : 0x480254c5
Time String : 4/13/2008 11:45:25 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Class Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDCLASS.SYS
==================================================

==================================================
Filename : HIDPARSE.SYS
Address In Stack :
From Address : 0xf7b85000
To Address : 0xf7b8b180
Size : 0x00006180
Time Stamp : 0x480254c2
Time String : 4/13/2008 11:45:22 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Parsing Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDPARSE.SYS
==================================================

==================================================
Filename : Fs_Rec.SYS
Address In Stack :
From Address : 0xf7d25000
To Address : 0xf7d26f00
Size : 0x00001f00
Time Stamp : 0x3b7d8361
Time String : 8/17/2001 1:49:37 PM
Product Name : Microsoft® Windows® Operating System
File Description : File System Recognizer Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fs_Rec.SYS
==================================================

==================================================
Filename : Null.SYS
Address In Stack :
From Address : 0xf7ed4000
To Address : 0xf7ed4b80
Size : 0x00000b80
Time Stamp : 0x3b7d82eb
Time String : 8/17/2001 1:47:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : NULL Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Null.SYS
==================================================

==================================================
Filename : Beep.SYS
Address In Stack :
From Address : 0xf7d27000
To Address : 0xf7d28080
Size : 0x00001080
Time Stamp : 0x3b7d82e5
Time String : 8/17/2001 1:47:33 PM
Product Name : Microsoft® Windows® Operating System
File Description : BEEP Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Beep.SYS
==================================================

==================================================
Filename : vga.sys
Address In Stack :
From Address : 0xf7b95000
To Address : 0xf7b9a200
Size : 0x00005200
Time Stamp : 0x48025498
Time String : 4/13/2008 11:44:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : VGA/Super VGA Video Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\vga.sys
==================================================

==================================================
Filename : mnmdd.SYS
Address In Stack :
From Address : 0xf7d29000
To Address : 0xf7d2a080
Size : 0x00001080
Time Stamp : 0x3b7d8538
Time String : 8/17/2001 1:57:28 PM
Product Name : Microsoft® Windows® Operating System
File Description : Frame buffer simulator
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mnmdd.SYS
==================================================

==================================================
Filename : RDPCDD.sys
Address In Stack :
From Address : 0xf7d2b000
To Address : 0xf7d2c080
Size : 0x00001080
Time Stamp : 0x3b7d82c0
Time String : 8/17/2001 1:46:56 PM
Product Name : Microsoft® Windows® Operating System
File Description : RDP Miniport
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\RDPCDD.sys
==================================================

==================================================
Filename : Msfs.SYS
Address In Stack :
From Address : 0xf7b9d000
To Address : 0xf7ba1a80
Size : 0x00004a80
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mailslot driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Msfs.SYS
==================================================

==================================================
Filename : Npfs.SYS
Address In Stack :
From Address : 0xf7ba5000
To Address : 0xf7bac880
Size : 0x00007880
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : NPFS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Npfs.SYS
==================================================

==================================================
Filename : rasacd.sys
Address In Stack :
From Address : 0xf75ad000
To Address : 0xf75af280
Size : 0x00002280
Time Stamp : 0x3b7d84cb
Time String : 8/17/2001 1:55:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS Automatic Connection Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasacd.sys
==================================================

==================================================
Filename : ipsec.sys
Address In Stack :
From Address : 0xa990d000
To Address : 0xa991f600
Size : 0x00012600
Time Stamp : 0x48025cce
Time String : 4/13/2008 12:19:42 PM
Product Name : Microsoft® Windows® Operating System
File Description : IPSec Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipsec.sys
==================================================

==================================================
Filename : tcpip.sys
Address In Stack :
From Address : 0xa98b4000
To Address : 0xa990c480
Size : 0x00058480
Time Stamp : 0x485b99ad
Time String : 6/20/2008 4:51:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : TCP/IP Protocol Driver
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\tcpip.sys
==================================================

==================================================
Filename : aswTdi.SYS
Address In Stack :
From Address : 0xf797d000
To Address : 0xf7986c00
Size : 0x00009c00
Time Stamp : 0x4c8651a7
Time String : 9/7/2010 7:52:23 AM
Product Name : avast! Antivirus System
File Description : avast! TDI Filter Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswTdi.SYS
==================================================

==================================================
Filename : ipnat.sys
Address In Stack :
From Address : 0xa988e000
To Address : 0xa98b3500
Size : 0x00025500
Time Stamp : 0x48025786
Time String : 4/13/2008 11:57:10 AM
Product Name : Microsoft® Windows® Operating System
File Description : IP Network Address Translator
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipnat.sys
==================================================

==================================================
Filename : wanarp.sys
Address In Stack :
From Address : 0xf798d000
To Address : 0xf7995700
Size : 0x00008700
Time Stamp : 0x48025790
Time String : 4/13/2008 11:57:20 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS Remote Access and Routing ARP Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wanarp.sys
==================================================

==================================================
Filename : netbt.sys
Address In Stack :
From Address : 0xa9866000
To Address : 0xa988dc00
Size : 0x00027c00
Time Stamp : 0x48025d1b
Time String : 4/13/2008 12:20:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : MBT Transport driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbt.sys
==================================================

==================================================
Filename : afd.sys
Address In Stack :
From Address : 0xa9844000
To Address : 0xa9865d00
Size : 0x00021d00
Time Stamp : 0x48a40333
Time String : 8/14/2008 3:04:35 AM
Product Name : Microsoft® Windows® Operating System
File Description : Ancillary Function Driver for WinSock
File Version : 5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\afd.sys
==================================================

==================================================
Filename : netbios.sys
Address In Stack :
From Address : 0xf799d000
To Address : 0xf79a5780
Size : 0x00008780
Time Stamp : 0x48025741
Time String : 4/13/2008 11:56:01 AM
Product Name : Microsoft® Windows® Operating System
File Description : NetBIOS interface driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbios.sys
==================================================

==================================================
Filename : rdbss.sys
Address In Stack :
From Address : 0xa9819000
To Address : 0xa9843e80
Size : 0x0002ae80
Time Stamp : 0x48025ee6
Time String : 4/13/2008 12:28:38 PM
Product Name : Microsoft® Windows® Operating System
File Description : Redirected Drive Buffering SubSystem Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rdbss.sys
==================================================

==================================================
Filename : OMCI.SYS
Address In Stack :
From Address : 0xf7c7d000
To Address : 0xf7c80240
Size : 0x00003240
Time Stamp : 0x3b83e111
Time String : 8/22/2001 9:42:57 AM
Product Name : OMCI Driver
File Description : OMCI Device Driver
File Version : 6, 1, 0, 242
Company : Dell Computer Corporation
Full Path : C:\WINDOWS\system32\drivers\OMCI.SYS
==================================================

==================================================
Filename : mrxsmb.sys
Address In Stack :
From Address : 0xa97a9000
To Address : 0xa9818400
Size : 0x0006f400
Time Stamp : 0x4b852569
Time String : 2/24/2010 6:11:05 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT SMB Minirdr
File Version : 5.1.2600.5944 (xpsp_sp3_gdr.100224-1415)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxsmb.sys
==================================================

==================================================
Filename : Fips.SYS
Address In Stack :
From Address : 0xf79bd000
To Address : 0xf79c7e00
Size : 0x0000ae00
Time Stamp : 0x480251f7
Time String : 4/13/2008 11:33:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : FIPS Crypto Driver
File Version : 5.1.2600.5512 (xpsp.080413-2113)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fips.SYS
==================================================

==================================================
Filename : kbdhid.sys
Address In Stack :
From Address : 0xaa6d5000
To Address : 0xaa6d8900
Size : 0x00003900
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : HID Mouse Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdhid.sys
==================================================

==================================================
Filename : aswSP.SYS
Address In Stack :
From Address : 0xa96ba000
To Address : 0xa96e0c80
Size : 0x00026c80
Time Stamp : 0x4c865191
Time String : 9/7/2010 7:52:01 AM
Product Name : avast! Antivirus System
File Description : avast! self protection module
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswSP.SYS
==================================================

==================================================
Filename : Aavmker4.SYS
Address In Stack :
From Address : 0xf7bbd000
To Address : 0xf7bc2680
Size : 0x00005680
Time Stamp : 0x4c865059
Time String : 9/7/2010 7:46:49 AM
Product Name : avast! Antivirus System
File Description : avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\Aavmker4.SYS
==================================================

==================================================
Filename : Cdfs.SYS
Address In Stack :
From Address : 0xf79ed000
To Address : 0xf79fc900
Size : 0x0000f900
Time Stamp : 0x48025b8d
Time String : 4/13/2008 12:14:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : CD-ROM File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Cdfs.SYS
==================================================

==================================================
Filename : dump_atapi.sys
Address In Stack :
From Address : 0xa96a2000
To Address : 0xa96b9900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : dump_WMILIB.SYS
Address In Stack :
From Address : 0xf7d33000
To Address : 0xf7d34100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : win32k.sys
Address In Stack :
From Address : 0xbf800000
To Address : 0xbf9c4200
Size : 0x001c4200
Time Stamp : 0x4c220f9a
Time String : 6/23/2010 6:43:54 AM
Product Name : Microsoft® Windows® Operating System
File Description : Multi-User Win32 Driver
File Version : 5.1.2600.6003 (xpsp_sp3_gdr.100623-1635)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\win32k.sys
==================================================

==================================================
Filename : Dxapi.sys
Address In Stack :
From Address : 0xf75d1000
To Address : 0xf75d3900
Size : 0x00002900
Time Stamp : 0x3b7d843f
Time String : 8/17/2001 1:53:19 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX API Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Dxapi.sys
==================================================

==================================================
Filename : watchdog.sys
Address In Stack :
From Address : 0xf7bc5000
To Address : 0xf7bc9500
Size : 0x00004500
Time Stamp : 0x480254ab
Time String : 4/13/2008 11:44:59 AM
Product Name : Microsoft® Windows® Operating System
File Description : Watchdog Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\watchdog.sys
==================================================

==================================================
Filename : dxg.sys
Address In Stack :
From Address : 0xbf000000
To Address : 0xbf011600
Size : 0x00011600
Time Stamp : 0x48025323
Time String : 4/13/2008 11:38:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver
File Version : 5.1.2600.5512 (xpsp.080413-2105)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxg.sys
==================================================

==================================================
Filename : dxgthk.sys
Address In Stack :
From Address : 0xf7dd1000
To Address : 0xf7dd1d00
Size : 0x00000d00
Time Stamp : 0x3b7d8438
Time String : 8/17/2001 1:53:12 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver Thunk
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxgthk.sys
==================================================

==================================================
Filename : ialmdnt5.dll
Address In Stack :
From Address : 0xbf020000
To Address : 0xbf042000
Size : 0x00022000
Time Stamp : 0x43503a0a
Time String : 10/14/2005 4:06:50 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdnt5.dll
==================================================

==================================================
Filename : ialmrnt5.dll
Address In Stack :
From Address : 0xbf012000
To Address : 0xbf020000
Size : 0x0000e000
Time Stamp : 0x43503a10
Time String : 10/14/2005 4:06:56 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmrnt5.dll
==================================================

==================================================
Filename : ialmdev5.DLL
Address In Stack :
From Address : 0xbf042000
To Address : 0xbf0760a0
Size : 0x000340a0
Time Stamp : 0x435039fe
Time String : 10/14/2005 4:06:38 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Component GHAL Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdev5.DLL
==================================================

==================================================
Filename : ialmdd5.DLL
Address In Stack :
From Address : 0xbf077000
To Address : 0xbf15a000
Size : 0x000e3000
Time Stamp : 0x43503bc6
Time String : 10/14/2005 4:14:14 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : DirectDraw® Driver for Intel® Graphics Technology
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdd5.DLL
==================================================

==================================================
Filename : ATMFD.DLL
Address In Stack :
From Address : 0xbffa0000
To Address : 0xbffe5c00
Size : 0x00045c00
Time Stamp : 0x4bcd3bdf
Time String : 4/19/2010 10:30:07 PM
Product Name : Adobe Type Manager
File Description : Windows NT OpenType/Type 1 Font Driver
File Version : 5.1 Build 228
Company : Adobe Systems Incorporated
Full Path : C:\WINDOWS\system32\ATMFD.DLL
==================================================

==================================================
Filename : aswFsBlk.SYS
Address In Stack :
From Address : 0xa969a000
To Address : 0xa969cb00
Size : 0x00002b00
Time Stamp : 0x4c865069
Time String : 9/7/2010 7:47:05 AM
Product Name : avast! Antivirus System
File Description : avast! File System Access Blocking Driver
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswFsBlk.SYS
==================================================

==================================================
Filename : ndisuio.sys
Address In Stack :
From Address : 0xa9546000
To Address : 0xa9549900
Size : 0x00003900
Time Stamp : 0x4802573d
Time String : 4/13/2008 11:55:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS User mode I/O Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndisuio.sys
==================================================

==================================================
Filename : aswMon2.SYS
Address In Stack :
From Address : 0xa936b000
To Address : 0xa9381d00
Size : 0x00016d00
Time Stamp : 0x4c865075
Time String : 9/7/2010 7:47:17 AM
Product Name : avast! Antivirus System
File Description : avast! File System Filter Driver for Windows XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswMon2.SYS
==================================================

==================================================
Filename : wdmaud.sys
Address In Stack :
From Address : 0xa8ea6000
To Address : 0xa8eba480
Size : 0x00014480
Time Stamp : 0x48025c3e
Time String : 4/13/2008 12:17:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : MMSYSTEM Wave/Midi API mapper
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wdmaud.sys
==================================================

==================================================
Filename : sysaudio.sys
Address In Stack :
From Address : 0xa8fe3000
To Address : 0xa8ff1d80
Size : 0x0000ed80
Time Stamp : 0x48025beb
Time String : 4/13/2008 12:15:55 PM
Product Name : Microsoft® Windows® Operating System
File Description : System Audio WDM Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sysaudio.sys
==================================================

==================================================
Filename : mrxdav.sys
Address In Stack :
From Address : 0xa8d33000
To Address : 0xa8d5f180
Size : 0x0002c180
Time Stamp : 0x480251ca
Time String : 4/13/2008 11:32:42 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT WebDav Minirdr
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxdav.sys
==================================================

==================================================
Filename : ParVdm.SYS
Address In Stack :
From Address : 0xf7cf9000
To Address : 0xf7cfaa80
Size : 0x00001a80
Time Stamp : 0x3b7d836d
Time String : 8/17/2001 1:49:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : VDM Parallel Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ParVdm.SYS
==================================================

==================================================
Filename : srv.sys
Address In Stack :
From Address : 0xa8c14000
To Address : 0xa8c6a800
Size : 0x00056800
Time Stamp : 0x4c1f84cd
Time String : 6/21/2010 8:27:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Server driver
File Version : 5.1.2600.6002 (xpsp_sp3_gdr.100621-1828)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\srv.sys
==================================================

==================================================
Filename : mdmxsdk.sys
Address In Stack :
From Address : 0xa8ec3000
To Address : 0xa8ec56c0
Size : 0x000026c0
Time Stamp : 0x3e948735
Time String : 4/9/2003 1:48:53 PM
Product Name : Diagnostic Interface
File Description : Diagnostic Interface DRIVER
File Version : 1.0.2.002
Company : Conexant
Full Path : C:\WINDOWS\system32\drivers\mdmxsdk.sys
==================================================

==================================================
Filename : NIOC.SYS
Address In Stack :
From Address : 0xf7a7d000
To Address : 0xf7a82980
Size : 0x00005980
Time Stamp : 0x3d942196
Time String : 9/27/2002 2:15:02 AM
Product Name : NIOC (NT5) Driver
File Description : NIOC (NT5) Driver
File Version : 2.0.0.20927
Company : D-Link Corporation
Full Path : C:\WINDOWS\system32\NIOC.SYS
==================================================

==================================================
Filename : aswRdr.SYS
Address In Stack :
From Address : 0xf7afd000
To Address : 0xf7b01100
Size : 0x00004100
Time Stamp : 0x4c865090
Time String : 9/7/2010 7:47:44 AM
Product Name : avast! Antivirus System
File Description : avast! TDI RDR Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswRdr.SYS
==================================================

#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:30 AM

Posted 25 September 2010 - 08:46 PM

Well...my unprofessional, amateurish guess...from looking at the 2010 BSOD data...is that your system is infected.

You have a variety of BSODs noted, with Avast being a repeat offender several times, along with srv.sys being mentioned...I would think it's worth a look in the Am I Infected forum. If nothing else, it will eliminate one item from consideration.

I'll move this to AII so that someone with more knowledge can take a look.

Louis

#10 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 09:29 PM

You may be right, but I have feeling it is not an infection.

Regarding Avast. I had just downloaded it earlier today, it had never been on the machine before.
I ran an Avast Boot up scan. which came back with no infected files.

After it finished and booted up, I opened Avast and clicked the "Update engine and virus descriptions"
button when it BSOD'd.

It has BSOD many times before in the last week, before I had Avast on the machine.

#11 chris_in_cal

chris_in_cal
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 25 September 2010 - 09:43 PM

Here is a second BSOD, a couple hours later.
-----------------------------------------------------
==================================================
Filename : ntoskrnl.exe
Address In Stack : ntoskrnl.exe+af1f5
From Address : 0x804d7000
To Address : 0x806ff000
Size : 0x00228000
Time Stamp : 0x4bd6eda6
Time String : 4/27/2010 6:59:02 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Kernel & System
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\ntoskrnl.exe
==================================================

==================================================
Filename : hal.dll
Address In Stack :
From Address : 0x806ff000
To Address : 0x8071fd00
Size : 0x00020d00
Time Stamp : 0x4802517f
Time String : 4/13/2008 11:31:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hardware Abstraction Layer DLL
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\hal.dll
==================================================

==================================================
Filename : kdcom.dll
Address In Stack :
From Address : 0xf7ccd000
To Address : 0xf7cceb80
Size : 0x00001b80
Time Stamp : 0x3b7d8346
Time String : 8/17/2001 1:49:10 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Debugger HW Extension DLL
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\kdcom.dll
==================================================

==================================================
Filename : BOOTVID.dll
Address In Stack :
From Address : 0xf7bdd000
To Address : 0xf7be0000
Size : 0x00003000
Time Stamp : 0x3b7d8345
Time String : 8/17/2001 1:49:09 PM
Product Name : Microsoft® Windows® Operating System
File Description : VGA Boot Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\BOOTVID.dll
==================================================

==================================================
Filename : ACPI.sys
Address In Stack :
From Address : 0xf777e000
To Address : 0xf77abd80
Size : 0x0002dd80
Time Stamp : 0x480252b1
Time String : 4/13/2008 11:36:33 AM
Product Name : Microsoft® Windows® Operating System
File Description : ACPI Driver for NT
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ACPI.sys
==================================================

==================================================
Filename : WMILIB.SYS
Address In Stack :
From Address : 0xf7ccf000
To Address : 0xf7cd0100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name : Microsoft® Windows® Operating System
File Description : WMILIB WMI support library Dll
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WMILIB.SYS
==================================================

==================================================
Filename : pci.sys
Address In Stack :
From Address : 0xf776d000
To Address : 0xf777da80
Size : 0x00010a80
Time Stamp : 0x480252bb
Time String : 4/13/2008 11:36:43 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Plug and Play PCI Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\pci.sys
==================================================

==================================================
Filename : isapnp.sys
Address In Stack :
From Address : 0xf77cd000
To Address : 0xf77d6180
Size : 0x00009180
Time Stamp : 0x480252b8
Time String : 4/13/2008 11:36:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : PNP ISA Bus Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\isapnp.sys
==================================================

==================================================
Filename : PCIIde.sys
Address In Stack :
From Address : 0xf7d95000
To Address : 0xf7d95d00
Size : 0x00000d00
Time Stamp : 0x3b7d83e5
Time String : 8/17/2001 1:51:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : Generic PCI IDE Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIde.sys
==================================================

==================================================
Filename : PCIIDEX.SYS
Address In Stack :
From Address : 0xf7a4d000
To Address : 0xf7a53180
Size : 0x00006180
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : PCI IDE Bus Driver Extension
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIDEX.SYS
==================================================

==================================================
Filename : intelide.sys
Address In Stack :
From Address : 0xf7cd1000
To Address : 0xf7cd2580
Size : 0x00001580
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : Intel PCI IDE Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelide.sys
==================================================

==================================================
Filename : MountMgr.sys
Address In Stack :
From Address : 0xf77dd000
To Address : 0xf77e7580
Size : 0x0000a580
Time Stamp : 0x48025371
Time String : 4/13/2008 11:39:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mount Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\MountMgr.sys
==================================================

==================================================
Filename : ftdisk.sys
Address In Stack :
From Address : 0xf774e000
To Address : 0xf776c880
Size : 0x0001e880
Time Stamp : 0x3b7d8419
Time String : 8/17/2001 1:52:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : FT Disk Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ftdisk.sys
==================================================

==================================================
Filename : PartMgr.sys
Address In Stack :
From Address : 0xf7a55000
To Address : 0xf7a59d00
Size : 0x00004d00
Time Stamp : 0x480253b0
Time String : 4/13/2008 11:40:48 AM
Product Name : Microsoft® Windows® Operating System
File Description : Partition Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PartMgr.sys
==================================================

==================================================
Filename : VolSnap.sys
Address In Stack :
From Address : 0xf77ed000
To Address : 0xf77f9c80
Size : 0x0000cc80
Time Stamp : 0x480253bc
Time String : 4/13/2008 11:41:00 AM
Product Name : Microsoft® Windows® Operating System
File Description : Volume Shadow Copy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VolSnap.sys
==================================================

==================================================
Filename : atapi.sys
Address In Stack :
From Address : 0xf7736000
To Address : 0xf774d900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : IDE/ATAPI Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\atapi.sys
==================================================

==================================================
Filename : disk.sys
Address In Stack :
From Address : 0xf77fd000
To Address : 0xf7805e00
Size : 0x00008e00
Time Stamp : 0x480253ae
Time String : 4/13/2008 11:40:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : PnP Disk Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\disk.sys
==================================================

==================================================
Filename : CLASSPNP.SYS
Address In Stack :
From Address : 0xf780d000
To Address : 0xf7819180
Size : 0x0000c180
Time Stamp : 0x48025c05
Time String : 4/13/2008 12:16:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI Class System Dll
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\CLASSPNP.SYS
==================================================

==================================================
Filename : fltmgr.sys
Address In Stack :
From Address : 0xf7716000
To Address : 0xf7735b00
Size : 0x0001fb00
Time Stamp : 0x480251da
Time String : 4/13/2008 11:32:58 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Filesystem Filter Manager
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fltmgr.sys
==================================================

==================================================
Filename : sr.sys
Address In Stack :
From Address : 0xf7704000
To Address : 0xf7715f00
Size : 0x00011f00
Time Stamp : 0x480252c2
Time String : 4/13/2008 11:36:50 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Restore Filesystem Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sr.sys
==================================================

==================================================
Filename : KSecDD.sys
Address In Stack :
From Address : 0xf76ed000
To Address : 0xf7703b00
Size : 0x00016b00
Time Stamp : 0x4a420b90
Time String : 6/24/2009 4:18:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Security Support Provider Interface
File Version : 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\KSecDD.sys
==================================================

==================================================
Filename : WudfPf.sys
Address In Stack :
From Address : 0xf76da000
To Address : 0xf76ecf00
Size : 0x00012f00
Time Stamp : 0x451c7d1f
Time String : 9/28/2006 6:55:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : Windows Driver Foundation - User-mode Driver Framework Platform Driver
File Version : 6.0.5716.32 (winmain(wmbla).060928-1756)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WudfPf.sys
==================================================

==================================================
Filename : Ntfs.sys
Address In Stack :
From Address : 0xf764d000
To Address : 0xf76d9600
Size : 0x0008c600
Time Stamp : 0x48025be5
Time String : 4/13/2008 12:15:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : NT File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Ntfs.sys
==================================================

==================================================
Filename : NDIS.sys
Address In Stack :
From Address : 0xf7620000
To Address : 0xf764c980
Size : 0x0002c980
Time Stamp : 0x48025d03
Time String : 4/13/2008 12:20:35 PM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 5.1 wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDIS.sys
==================================================

==================================================
Filename : Mup.sys
Address In Stack :
From Address : 0xf7606000
To Address : 0xf761fb80
Size : 0x00019b80
Time Stamp : 0x48025c31
Time String : 4/13/2008 12:17:05 PM
Product Name : Microsoft® Windows® Operating System
File Description : Multiple UNC Provider driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Mup.sys
==================================================

==================================================
Filename : intelppm.sys
Address In Stack :
From Address : 0xf7a3d000
To Address : 0xf7a45e00
Size : 0x00008e00
Time Stamp : 0x48025183
Time String : 4/13/2008 11:31:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : Processor Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelppm.sys
==================================================

==================================================
Filename : ialmnt5.sys
Address In Stack :
From Address : 0xf746e000
To Address : 0xf75ac0a0
Size : 0x0013e0a0
Time Stamp : 0x43503c04
Time String : 10/14/2005 4:15:16 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Intel Graphics Miniport Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\ialmnt5.sys
==================================================

==================================================
Filename : VIDEOPRT.SYS
Address In Stack :
From Address : 0xf745a000
To Address : 0xf746df00
Size : 0x00013f00
Time Stamp : 0x48025497
Time String : 4/13/2008 11:44:39 AM
Product Name : Microsoft® Windows® Operating System
File Description : Video Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VIDEOPRT.SYS
==================================================

==================================================
Filename : usbuhci.sys
Address In Stack :
From Address : 0xf7b1d000
To Address : 0xf7b22080
Size : 0x00005080
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : UHCI USB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbuhci.sys
==================================================

==================================================
Filename : USBPORT.SYS
Address In Stack :
From Address : 0xf7436000
To Address : 0xf7459200
Size : 0x00023200
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB 1.1 & 2.0 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBPORT.SYS
==================================================

==================================================
Filename : usbehci.sys
Address In Stack :
From Address : 0xf7b25000
To Address : 0xf7b2c600
Size : 0x00007600
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : EHCI eUSB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbehci.sys
==================================================

==================================================
Filename : HSFHWBS2.sys
Address In Stack :
From Address : 0xf7402000
To Address : 0xf7435d00
Size : 0x00033d00
Time Stamp : 0x3fb8d436
Time String : 11/17/2003 6:59:18 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_HWB2 WDM driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSFHWBS2.sys
==================================================

==================================================
Filename : ks.sys
Address In Stack :
From Address : 0xf73df000
To Address : 0xf7401700
Size : 0x00022700
Time Stamp : 0x48025c12
Time String : 4/13/2008 12:16:34 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel CSA Library
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ks.sys
==================================================

==================================================
Filename : HSF_DP.sys
Address In Stack :
From Address : 0xf72e0000
To Address : 0xf73de800
Size : 0x000fe800
Time Stamp : 0x3fb8d37d
Time String : 11/17/2003 6:56:13 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_DP driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_DP.sys
==================================================

==================================================
Filename : HSF_CNXT.sys
Address In Stack :
From Address : 0xf7239000
To Address : 0xf72df300
Size : 0x000a6300
Time Stamp : 0x3fb8d3e8
Time String : 11/17/2003 6:58:00 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_CNXT driver
File Version : 7.06.00 built by: WinDDK
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_CNXT.sys
==================================================

==================================================
Filename : Modem.SYS
Address In Stack :
From Address : 0xf7b2d000
To Address : 0xf7b34580
Size : 0x00007580
Time Stamp : 0x48025842
Time String : 4/13/2008 12:00:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : Modem Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Modem.SYS
==================================================

==================================================
Filename : e100b325.sys
Address In Stack :
From Address : 0xf7211000
To Address : 0xf7238c00
Size : 0x00027c00
Time Stamp : 0x42adf359
Time String : 6/13/2005 1:58:01 PM
Product Name : Intel® PRO/100 Adapter
File Description : Intel® PRO/100 Adapter NDIS 5.1 driver
File Version : 8.0.21.0 built by: WinDDK
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\e100b325.sys
==================================================

==================================================
Filename : smwdm.sys
Address In Stack :
From Address : 0xf71d1000
To Address : 0xf7210900
Size : 0x0003f900
Time Stamp : 0x41f94f88
Time String : 1/27/2005 1:31:04 PM
Product Name : SoundMAX Digital Audio Driver
File Description : SoundMAX Integrated Digital Audio
File Version : 5.12.01.5246
Company : Analog Devices, Inc.
Full Path : C:\WINDOWS\system32\drivers\smwdm.sys
==================================================

==================================================
Filename : portcls.sys
Address In Stack :
From Address : 0xf71ad000
To Address : 0xf71d0a80
Size : 0x00023a80
Time Stamp : 0x48025ccc
Time String : 4/13/2008 12:19:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : Port Class (Class Driver for Port/Miniport Devices)
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\portcls.sys
==================================================

==================================================
Filename : drmk.sys
Address In Stack :
From Address : 0xf782d000
To Address : 0xf783bb00
Size : 0x0000eb00
Time Stamp : 0x480254b8
Time String : 4/13/2008 11:45:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Kernel DRM Descrambler Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\drmk.sys
==================================================

==================================================
Filename : senfilt.sys
Address In Stack :
From Address : 0xf70fa000
To Address : 0xf71acf00
Size : 0x000b2f00
Time Stamp : 0x414a45cc
Time String : 9/16/2004 7:02:52 PM
Product Name :
File Description : Creative WDM Audio Driver
File Version : 5.10.00.3614
Company : Creative Technology Ltd.
Full Path : C:\WINDOWS\system32\drivers\senfilt.sys
==================================================

==================================================
Filename : fdc.sys
Address In Stack :
From Address : 0xf7b35000
To Address : 0xf7b35000
Size : 0x00000000
Time Stamp : 0x00000000
Time String :
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Disk Controller Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fdc.sys
==================================================

==================================================
Filename : i8042prt.sys
Address In Stack :
From Address : 0xf783d000
To Address : 0xf7849d00
Size : 0x0000cd00
Time Stamp : 0x48025c67
Time String : 4/13/2008 12:17:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : i8042 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\i8042prt.sys
==================================================

==================================================
Filename : L8042pr2.Sys
Address In Stack :
From Address : 0xf784d000
To Address : 0xf7858880
Size : 0x0000b880
Time Stamp : 0x3fe0b0a2
Time String : 12/17/2003 12:38:10 PM
Product Name : Logitech MouseWare™
File Description : Logitech PS/2 Mouse Filter Driver.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\L8042pr2.Sys
==================================================

==================================================
Filename : LMouFlt2.Sys
Address In Stack :
From Address : 0xf785d000
To Address : 0xf786c760
Size : 0x0000f760
Time Stamp : 0x3fe0b0b3
Time String : 12/17/2003 12:38:27 PM
Product Name : Logitech MouseWare™
File Description : Logitech Filter Driver for Mouse Class.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\LMouFlt2.Sys
==================================================

==================================================
Filename : mouclass.sys
Address In Stack :
From Address : 0xf7b3d000
To Address : 0xf7b42a00
Size : 0x00005a00
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mouse Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mouclass.sys
==================================================

==================================================
Filename : parport.sys
Address In Stack :
From Address : 0xf70e6000
To Address : 0xf70f9900
Size : 0x00013900
Time Stamp : 0x48025389
Time String : 4/13/2008 11:40:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\parport.sys
==================================================

==================================================
Filename : serial.sys
Address In Stack :
From Address : 0xf786d000
To Address : 0xf787cc00
Size : 0x0000fc00
Time Stamp : 0x48025be0
Time String : 4/13/2008 12:15:44 PM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serial.sys
==================================================

==================================================
Filename : serenum.sys
Address In Stack :
From Address : 0xf7c89000
To Address : 0xf7c8cd80
Size : 0x00003d80
Time Stamp : 0x4802538c
Time String : 4/13/2008 11:40:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Port Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serenum.sys
==================================================

==================================================
Filename : imapi.sys
Address In Stack :
From Address : 0xf787d000
To Address : 0xf7887480
Size : 0x0000a480
Time Stamp : 0x480253b9
Time String : 4/13/2008 11:40:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : IMAPI Kernel Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\imapi.sys
==================================================

==================================================
Filename : cdrom.sys
Address In Stack :
From Address : 0xf788d000
To Address : 0xf789c600
Size : 0x0000f600
Time Stamp : 0x480253ad
Time String : 4/13/2008 11:40:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI CD-ROM Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\cdrom.sys
==================================================

==================================================
Filename : redbook.sys
Address In Stack :
From Address : 0xf789d000
To Address : 0xf78ab100
Size : 0x0000e100
Time Stamp : 0x4802539b
Time String : 4/13/2008 11:40:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Redbook Audio Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\redbook.sys
==================================================

==================================================
Filename : GEARAspiWDM.sys
Address In Stack :
From Address : 0xf7b45000
To Address : 0xf7b4a280
Size : 0x00005280
Time Stamp : 0x4a1151b5
Time String : 5/18/2009 5:16:53 AM
Product Name : CD DVD Filter
File Description : CD DVD Filter
File Version : 2.02.00.01
Company : GEAR Software Inc.
Full Path : C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
==================================================

==================================================
Filename : audstub.sys
Address In Stack :
From Address : 0xf7deb000
To Address : 0xf7debc00
Size : 0x00000c00
Time Stamp : 0x3b7d85bc
Time String : 8/17/2001 1:59:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : AudStub Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\audstub.sys
==================================================

==================================================
Filename : rasl2tp.sys
Address In Stack :
From Address : 0xf78ad000
To Address : 0xf78b9880
Size : 0x0000c880
Time Stamp : 0x48025ccf
Time String : 4/13/2008 12:19:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS L2TP mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasl2tp.sys
==================================================

==================================================
Filename : ndistapi.sys
Address In Stack :
From Address : 0xf7c91000
To Address : 0xf7c93780
Size : 0x00002780
Time Stamp : 0x48025797
Time String : 4/13/2008 11:57:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 3.0 connection wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndistapi.sys
==================================================

==================================================
Filename : ndiswan.sys
Address In Stack :
From Address : 0xf70cf000
To Address : 0xf70e5580
Size : 0x00016580
Time Stamp : 0x48025d09
Time String : 4/13/2008 12:20:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : MS PPP Framing Driver (Strong Encryption)
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndiswan.sys
==================================================

==================================================
Filename : raspppoe.sys
Address In Stack :
From Address : 0xf78bd000
To Address : 0xf78c7200
Size : 0x0000a200
Time Stamp : 0x4802579b
Time String : 4/13/2008 11:57:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : RAS PPPoE mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspppoe.sys
==================================================

==================================================
Filename : raspptp.sys
Address In Stack :
From Address : 0xf78cd000
To Address : 0xf78d8d00
Size : 0x0000bd00
Time Stamp : 0x48025cd3
Time String : 4/13/2008 12:19:47 PM
Product Name : Microsoft® Windows® Operating System
File Description : Peer-to-Peer Tunneling Protocol
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspptp.sys
==================================================

==================================================
Filename : TDI.SYS
Address In Stack :
From Address : 0xf7b4d000
To Address : 0xf7b51a80
Size : 0x00004a80
Time Stamp : 0x48025834
Time String : 4/13/2008 12:00:04 PM
Product Name : Microsoft® Windows® Operating System
File Description : TDI Wrapper
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\TDI.SYS
==================================================

==================================================
Filename : psched.sys
Address In Stack :
From Address : 0xf70be000
To Address : 0xf70cee00
Size : 0x00010e00
Time Stamp : 0x48025764
Time String : 4/13/2008 11:56:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS QoS Packet Scheduler
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\psched.sys
==================================================

==================================================
Filename : msgpc.sys
Address In Stack :
From Address : 0xf78dd000
To Address : 0xf78e5900
Size : 0x00008900
Time Stamp : 0x48025760
Time String : 4/13/2008 11:56:32 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS General Packet Classifier
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\msgpc.sys
==================================================

==================================================
Filename : ptilink.sys
Address In Stack :
From Address : 0xf7b55000
To Address : 0xf7b59580
Size : 0x00004580
Time Stamp : 0x3b7d8371
Time String : 8/17/2001 1:49:53 PM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Technologies DirectParallel IO Library
File Version : 1.10 (XPClient.010817-1148)
Company : Parallel Technologies, Inc.
Full Path : C:\WINDOWS\system32\drivers\ptilink.sys
==================================================

==================================================
Filename : raspti.sys
Address In Stack :
From Address : 0xf7b5d000
To Address : 0xf7b61080
Size : 0x00004080
Time Stamp : 0x3b7d84c4
Time String : 8/17/2001 1:55:32 PM
Product Name : Microsoft® Windows® Operating System
File Description : PTI DirectParallel® mini-port/call-manager driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspti.sys
==================================================

==================================================
Filename : termdd.sys
Address In Stack :
From Address : 0xf78ed000
To Address : 0xf78f6f00
Size : 0x00009f00
Time Stamp : 0x4802532c
Time String : 4/13/2008 11:38:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Terminal Server Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\termdd.sys
==================================================

==================================================
Filename : kbdclass.sys
Address In Stack :
From Address : 0xf7b65000
To Address : 0xf7b6b000
Size : 0x00006000
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Keyboard Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdclass.sys
==================================================

==================================================
Filename : swenum.sys
Address In Stack :
From Address : 0xf7cf3000
To Address : 0xf7cf4100
Size : 0x00001100
Time Stamp : 0x48025378
Time String : 4/13/2008 11:39:52 AM
Product Name : Microsoft® Windows® Operating System
File Description : Plug and Play Software Device Enumerator
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\swenum.sys
==================================================

==================================================
Filename : update.sys
Address In Stack :
From Address : 0xf7060000
To Address : 0xf70bdf00
Size : 0x0005df00
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Update Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\update.sys
==================================================

==================================================
Filename : mssmbios.sys
Address In Stack :
From Address : 0xf7c9d000
To Address : 0xf7ca0c80
Size : 0x00003c80
Time Stamp : 0x480252bd
Time String : 4/13/2008 11:36:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Management BIOS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mssmbios.sys
==================================================

==================================================
Filename : NDProxy.SYS
Address In Stack :
From Address : 0xf791d000
To Address : 0xf7926e80
Size : 0x00009e80
Time Stamp : 0x48025798
Time String : 4/13/2008 11:57:28 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS Proxy
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDProxy.SYS
==================================================

==================================================
Filename : usbhub.sys
Address In Stack :
From Address : 0xf792d000
To Address : 0xf793b880
Size : 0x0000e880
Time Stamp : 0x480254d0
Time String : 4/13/2008 11:45:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Default Hub Driver for USB
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbhub.sys
==================================================

==================================================
Filename : USBD.SYS
Address In Stack :
From Address : 0xf7cf5000
To Address : 0xf7cf6280
Size : 0x00001280
Time Stamp : 0x3b7d8682
Time String : 8/17/2001 2:02:58 PM
Product Name : Microsoft® Windows® Operating System
File Description : Universal Serial Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBD.SYS
==================================================

==================================================
Filename : flpydisk.sys
Address In Stack :
From Address : 0xf7b6d000
To Address : 0xf7b72000
Size : 0x00005000
Time Stamp : 0x48025398
Time String : 4/13/2008 11:40:24 AM
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\flpydisk.sys
==================================================

==================================================
Filename : MpFilter.sys
Address In Stack :
From Address : 0xa9968000
To Address : 0xa998b000
Size : 0x00023000
Time Stamp : 0x4ba4490e
Time String : 3/19/2010 9:03:26 PM
Product Name : Microsoft Malware Protection
File Description : Microsoft antimalware file system filter driver
File Version : 2.1.6804.0
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\MpFilter.sys
==================================================

==================================================
Filename : hidusb.sys
Address In Stack :
From Address : 0xf75b5000
To Address : 0xf75b7880
Size : 0x00002880
Time Stamp : 0x480254c7
Time String : 4/13/2008 11:45:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB Miniport Driver for Input Devices
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\hidusb.sys
==================================================

==================================================
Filename : HIDCLASS.SYS
Address In Stack :
From Address : 0xf796d000
To Address : 0xf7976000
Size : 0x00009000
Time Stamp : 0x480254c5
Time String : 4/13/2008 11:45:25 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Class Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDCLASS.SYS
==================================================

==================================================
Filename : HIDPARSE.SYS
Address In Stack :
From Address : 0xf7b85000
To Address : 0xf7b8b180
Size : 0x00006180
Time Stamp : 0x480254c2
Time String : 4/13/2008 11:45:22 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Parsing Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDPARSE.SYS
==================================================

==================================================
Filename : Fs_Rec.SYS
Address In Stack :
From Address : 0xf7d25000
To Address : 0xf7d26f00
Size : 0x00001f00
Time Stamp : 0x3b7d8361
Time String : 8/17/2001 1:49:37 PM
Product Name : Microsoft® Windows® Operating System
File Description : File System Recognizer Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fs_Rec.SYS
==================================================

==================================================
Filename : Null.SYS
Address In Stack :
From Address : 0xf7ed4000
To Address : 0xf7ed4b80
Size : 0x00000b80
Time Stamp : 0x3b7d82eb
Time String : 8/17/2001 1:47:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : NULL Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Null.SYS
==================================================

==================================================
Filename : Beep.SYS
Address In Stack :
From Address : 0xf7d27000
To Address : 0xf7d28080
Size : 0x00001080
Time Stamp : 0x3b7d82e5
Time String : 8/17/2001 1:47:33 PM
Product Name : Microsoft® Windows® Operating System
File Description : BEEP Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Beep.SYS
==================================================

==================================================
Filename : vga.sys
Address In Stack :
From Address : 0xf7b95000
To Address : 0xf7b9a200
Size : 0x00005200
Time Stamp : 0x48025498
Time String : 4/13/2008 11:44:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : VGA/Super VGA Video Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\vga.sys
==================================================

==================================================
Filename : mnmdd.SYS
Address In Stack :
From Address : 0xf7d29000
To Address : 0xf7d2a080
Size : 0x00001080
Time Stamp : 0x3b7d8538
Time String : 8/17/2001 1:57:28 PM
Product Name : Microsoft® Windows® Operating System
File Description : Frame buffer simulator
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mnmdd.SYS
==================================================

==================================================
Filename : RDPCDD.sys
Address In Stack :
From Address : 0xf7d2b000
To Address : 0xf7d2c080
Size : 0x00001080
Time Stamp : 0x3b7d82c0
Time String : 8/17/2001 1:46:56 PM
Product Name : Microsoft® Windows® Operating System
File Description : RDP Miniport
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\RDPCDD.sys
==================================================

==================================================
Filename : Msfs.SYS
Address In Stack :
From Address : 0xf7b9d000
To Address : 0xf7ba1a80
Size : 0x00004a80
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mailslot driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Msfs.SYS
==================================================

==================================================
Filename : Npfs.SYS
Address In Stack :
From Address : 0xf7ba5000
To Address : 0xf7bac880
Size : 0x00007880
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : NPFS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Npfs.SYS
==================================================

==================================================
Filename : rasacd.sys
Address In Stack :
From Address : 0xf75ad000
To Address : 0xf75af280
Size : 0x00002280
Time Stamp : 0x3b7d84cb
Time String : 8/17/2001 1:55:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS Automatic Connection Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasacd.sys
==================================================

==================================================
Filename : ipsec.sys
Address In Stack :
From Address : 0xa990d000
To Address : 0xa991f600
Size : 0x00012600
Time Stamp : 0x48025cce
Time String : 4/13/2008 12:19:42 PM
Product Name : Microsoft® Windows® Operating System
File Description : IPSec Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipsec.sys
==================================================

==================================================
Filename : tcpip.sys
Address In Stack :
From Address : 0xa98b4000
To Address : 0xa990c480
Size : 0x00058480
Time Stamp : 0x485b99ad
Time String : 6/20/2008 4:51:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : TCP/IP Protocol Driver
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\tcpip.sys
==================================================

==================================================
Filename : aswTdi.SYS
Address In Stack :
From Address : 0xf797d000
To Address : 0xf7986c00
Size : 0x00009c00
Time Stamp : 0x4c8651a7
Time String : 9/7/2010 7:52:23 AM
Product Name : avast! Antivirus System
File Description : avast! TDI Filter Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswTdi.SYS
==================================================

==================================================
Filename : ipnat.sys
Address In Stack :
From Address : 0xa988e000
To Address : 0xa98b3500
Size : 0x00025500
Time Stamp : 0x48025786
Time String : 4/13/2008 11:57:10 AM
Product Name : Microsoft® Windows® Operating System
File Description : IP Network Address Translator
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipnat.sys
==================================================

==================================================
Filename : wanarp.sys
Address In Stack :
From Address : 0xf798d000
To Address : 0xf7995700
Size : 0x00008700
Time Stamp : 0x48025790
Time String : 4/13/2008 11:57:20 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS Remote Access and Routing ARP Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wanarp.sys
==================================================

==================================================
Filename : netbt.sys
Address In Stack :
From Address : 0xa9866000
To Address : 0xa988dc00
Size : 0x00027c00
Time Stamp : 0x48025d1b
Time String : 4/13/2008 12:20:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : MBT Transport driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbt.sys
==================================================

==================================================
Filename : afd.sys
Address In Stack :
From Address : 0xa9844000
To Address : 0xa9865d00
Size : 0x00021d00
Time Stamp : 0x48a40333
Time String : 8/14/2008 3:04:35 AM
Product Name : Microsoft® Windows® Operating System
File Description : Ancillary Function Driver for WinSock
File Version : 5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\afd.sys
==================================================

==================================================
Filename : netbios.sys
Address In Stack :
From Address : 0xf799d000
To Address : 0xf79a5780
Size : 0x00008780
Time Stamp : 0x48025741
Time String : 4/13/2008 11:56:01 AM
Product Name : Microsoft® Windows® Operating System
File Description : NetBIOS interface driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbios.sys
==================================================

==================================================
Filename : rdbss.sys
Address In Stack :
From Address : 0xa9819000
To Address : 0xa9843e80
Size : 0x0002ae80
Time Stamp : 0x48025ee6
Time String : 4/13/2008 12:28:38 PM
Product Name : Microsoft® Windows® Operating System
File Description : Redirected Drive Buffering SubSystem Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rdbss.sys
==================================================

==================================================
Filename : OMCI.SYS
Address In Stack :
From Address : 0xf7c7d000
To Address : 0xf7c80240
Size : 0x00003240
Time Stamp : 0x3b83e111
Time String : 8/22/2001 9:42:57 AM
Product Name : OMCI Driver
File Description : OMCI Device Driver
File Version : 6, 1, 0, 242
Company : Dell Computer Corporation
Full Path : C:\WINDOWS\system32\drivers\OMCI.SYS
==================================================

==================================================
Filename : mrxsmb.sys
Address In Stack :
From Address : 0xa97a9000
To Address : 0xa9818400
Size : 0x0006f400
Time Stamp : 0x4b852569
Time String : 2/24/2010 6:11:05 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT SMB Minirdr
File Version : 5.1.2600.5944 (xpsp_sp3_gdr.100224-1415)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxsmb.sys
==================================================

==================================================
Filename : Fips.SYS
Address In Stack :
From Address : 0xf79bd000
To Address : 0xf79c7e00
Size : 0x0000ae00
Time Stamp : 0x480251f7
Time String : 4/13/2008 11:33:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : FIPS Crypto Driver
File Version : 5.1.2600.5512 (xpsp.080413-2113)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fips.SYS
==================================================

==================================================
Filename : kbdhid.sys
Address In Stack :
From Address : 0xaa6d5000
To Address : 0xaa6d8900
Size : 0x00003900
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : HID Mouse Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdhid.sys
==================================================

==================================================
Filename : aswSP.SYS
Address In Stack :
From Address : 0xa96ba000
To Address : 0xa96e0c80
Size : 0x00026c80
Time Stamp : 0x4c865191
Time String : 9/7/2010 7:52:01 AM
Product Name : avast! Antivirus System
File Description : avast! self protection module
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswSP.SYS
==================================================

==================================================
Filename : Aavmker4.SYS
Address In Stack :
From Address : 0xf7bbd000
To Address : 0xf7bc2680
Size : 0x00005680
Time Stamp : 0x4c865059
Time String : 9/7/2010 7:46:49 AM
Product Name : avast! Antivirus System
File Description : avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\Aavmker4.SYS
==================================================

==================================================
Filename : Cdfs.SYS
Address In Stack :
From Address : 0xf79ed000
To Address : 0xf79fc900
Size : 0x0000f900
Time Stamp : 0x48025b8d
Time String : 4/13/2008 12:14:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : CD-ROM File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Cdfs.SYS
==================================================

==================================================
Filename : dump_atapi.sys
Address In Stack :
From Address : 0xa96a2000
To Address : 0xa96b9900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : dump_WMILIB.SYS
Address In Stack :
From Address : 0xf7d33000
To Address : 0xf7d34100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : win32k.sys
Address In Stack :
From Address : 0xbf800000
To Address : 0xbf9c4200
Size : 0x001c4200
Time Stamp : 0x4c220f9a
Time String : 6/23/2010 6:43:54 AM
Product Name : Microsoft® Windows® Operating System
File Description : Multi-User Win32 Driver
File Version : 5.1.2600.6003 (xpsp_sp3_gdr.100623-1635)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\win32k.sys
==================================================

==================================================
Filename : Dxapi.sys
Address In Stack :
From Address : 0xf75d1000
To Address : 0xf75d3900
Size : 0x00002900
Time Stamp : 0x3b7d843f
Time String : 8/17/2001 1:53:19 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX API Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Dxapi.sys
==================================================

==================================================
Filename : watchdog.sys
Address In Stack :
From Address : 0xf7bc5000
To Address : 0xf7bc9500
Size : 0x00004500
Time Stamp : 0x480254ab
Time String : 4/13/2008 11:44:59 AM
Product Name : Microsoft® Windows® Operating System
File Description : Watchdog Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\watchdog.sys
==================================================

==================================================
Filename : dxg.sys
Address In Stack :
From Address : 0xbf000000
To Address : 0xbf011600
Size : 0x00011600
Time Stamp : 0x48025323
Time String : 4/13/2008 11:38:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver
File Version : 5.1.2600.5512 (xpsp.080413-2105)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxg.sys
==================================================

==================================================
Filename : dxgthk.sys
Address In Stack :
From Address : 0xf7dd1000
To Address : 0xf7dd1d00
Size : 0x00000d00
Time Stamp : 0x3b7d8438
Time String : 8/17/2001 1:53:12 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver Thunk
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxgthk.sys
==================================================

==================================================
Filename : ialmdnt5.dll
Address In Stack :
From Address : 0xbf020000
To Address : 0xbf042000
Size : 0x00022000
Time Stamp : 0x43503a0a
Time String : 10/14/2005 4:06:50 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdnt5.dll
==================================================

==================================================
Filename : ialmrnt5.dll
Address In Stack :
From Address : 0xbf012000
To Address : 0xbf020000
Size : 0x0000e000
Time Stamp : 0x43503a10
Time String : 10/14/2005 4:06:56 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmrnt5.dll
==================================================

==================================================
Filename : ialmdev5.DLL
Address In Stack :
From Address : 0xbf042000
To Address : 0xbf0760a0
Size : 0x000340a0
Time Stamp : 0x435039fe
Time String : 10/14/2005 4:06:38 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Component GHAL Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdev5.DLL
==================================================

==================================================
Filename : ialmdd5.DLL
Address In Stack :
From Address : 0xbf077000
To Address : 0xbf15a000
Size : 0x000e3000
Time Stamp : 0x43503bc6
Time String : 10/14/2005 4:14:14 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : DirectDraw® Driver for Intel® Graphics Technology
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdd5.DLL
==================================================

==================================================
Filename : ATMFD.DLL
Address In Stack :
From Address : 0xbffa0000
To Address : 0xbffe5c00
Size : 0x00045c00
Time Stamp : 0x4bcd3bdf
Time String : 4/19/2010 10:30:07 PM
Product Name : Adobe Type Manager
File Description : Windows NT OpenType/Type 1 Font Driver
File Version : 5.1 Build 228
Company : Adobe Systems Incorporated
Full Path : C:\WINDOWS\system32\ATMFD.DLL
==================================================

==================================================
Filename : aswFsBlk.SYS
Address In Stack :
From Address : 0xa969a000
To Address : 0xa969cb00
Size : 0x00002b00
Time Stamp : 0x4c865069
Time String : 9/7/2010 7:47:05 AM
Product Name : avast! Antivirus System
File Description : avast! File System Access Blocking Driver
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswFsBlk.SYS
==================================================

==================================================
Filename : ndisuio.sys
Address In Stack :
From Address : 0xa9546000
To Address : 0xa9549900
Size : 0x00003900
Time Stamp : 0x4802573d
Time String : 4/13/2008 11:55:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS User mode I/O Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndisuio.sys
==================================================

==================================================
Filename : aswMon2.SYS
Address In Stack :
From Address : 0xa936b000
To Address : 0xa9381d00
Size : 0x00016d00
Time Stamp : 0x4c865075
Time String : 9/7/2010 7:47:17 AM
Product Name : avast! Antivirus System
File Description : avast! File System Filter Driver for Windows XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswMon2.SYS
==================================================

==================================================
Filename : wdmaud.sys
Address In Stack :
From Address : 0xa8ea6000
To Address : 0xa8eba480
Size : 0x00014480
Time Stamp : 0x48025c3e
Time String : 4/13/2008 12:17:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : MMSYSTEM Wave/Midi API mapper
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wdmaud.sys
==================================================

==================================================
Filename : sysaudio.sys
Address In Stack :
From Address : 0xa8fe3000
To Address : 0xa8ff1d80
Size : 0x0000ed80
Time Stamp : 0x48025beb
Time String : 4/13/2008 12:15:55 PM
Product Name : Microsoft® Windows® Operating System
File Description : System Audio WDM Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sysaudio.sys
==================================================

==================================================
Filename : mrxdav.sys
Address In Stack :
From Address : 0xa8d33000
To Address : 0xa8d5f180
Size : 0x0002c180
Time Stamp : 0x480251ca
Time String : 4/13/2008 11:32:42 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT WebDav Minirdr
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxdav.sys
==================================================

==================================================
Filename : ParVdm.SYS
Address In Stack :
From Address : 0xf7cf9000
To Address : 0xf7cfaa80
Size : 0x00001a80
Time Stamp : 0x3b7d836d
Time String : 8/17/2001 1:49:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : VDM Parallel Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ParVdm.SYS
==================================================

==================================================
Filename : srv.sys
Address In Stack :
From Address : 0xa8c14000
To Address : 0xa8c6a800
Size : 0x00056800
Time Stamp : 0x4c1f84cd
Time String : 6/21/2010 8:27:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Server driver
File Version : 5.1.2600.6002 (xpsp_sp3_gdr.100621-1828)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\srv.sys
==================================================

==================================================
Filename : mdmxsdk.sys
Address In Stack :
From Address : 0xa8ec3000
To Address : 0xa8ec56c0
Size : 0x000026c0
Time Stamp : 0x3e948735
Time String : 4/9/2003 1:48:53 PM
Product Name : Diagnostic Interface
File Description : Diagnostic Interface DRIVER
File Version : 1.0.2.002
Company : Conexant
Full Path : C:\WINDOWS\system32\drivers\mdmxsdk.sys
==================================================

==================================================
Filename : NIOC.SYS
Address In Stack :
From Address : 0xf7a7d000
To Address : 0xf7a82980
Size : 0x00005980
Time Stamp : 0x3d942196
Time String : 9/27/2002 2:15:02 AM
Product Name : NIOC (NT5) Driver
File Description : NIOC (NT5) Driver
File Version : 2.0.0.20927
Company : D-Link Corporation
Full Path : C:\WINDOWS\system32\NIOC.SYS
==================================================

==================================================
Filename : aswRdr.SYS
Address In Stack :
From Address : 0xf7afd000
To Address : 0xf7b01100
Size : 0x00004100
Time Stamp : 0x4c865090
Time String : 9/7/2010 7:47:44 AM
Product Name : avast! Antivirus System
File Description : avast! TDI RDR Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswRdr.SYS
==================================================

Edited by chris_in_cal, 25 September 2010 - 09:46 PM.


#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:30 AM

Posted 27 September 2010 - 01:35 AM

As there is an open logs topic here: http://www.bleepingcomputer.com/forums/topic349915.html I am closing this topic.

Edited by Budapest, 27 September 2010 - 01:35 AM.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users