Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected? sr.sys - BSOD


  • This topic is locked This topic is locked
2 replies to this topic

#1 chris_in_cal

chris_in_cal

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 26 September 2010 - 10:26 PM

Windows XP, w/SP3, I've run boot up scans with Avast, and malwarebytes, and MSE
Something is wrong. Can you tell from this BSOD if there is an infection?
Or does it look like something else?
-----------------------------------------------------------------------
==================================================
Filename : hal.dll
Address In Stack : hal.dll+2940
From Address : 0x806ff000
To Address : 0x8071fd00
Size : 0x00020d00
Time Stamp : 0x4802517f
Time String : 4/13/2008 11:31:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hardware Abstraction Layer DLL
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\hal.dll
==================================================

==================================================
Filename : Ntfs.sys
Address In Stack : Ntfs.sys+3f163
From Address : 0xf764d000
To Address : 0xf76d9600
Size : 0x0008c600
Time Stamp : 0x48025be5
Time String : 4/13/2008 12:15:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : NT File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Ntfs.sys
==================================================

==================================================
Filename : ntoskrnl.exe
Address In Stack : ntoskrnl.exe+ade88
From Address : 0x804d7000
To Address : 0x806ff000
Size : 0x00228000
Time Stamp : 0x4bd6eda6
Time String : 4/27/2010 6:59:02 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Kernel & System
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\ntoskrnl.exe
==================================================

==================================================
Filename : sr.sys
Address In Stack : sr.sys+3898
From Address : 0xf7704000
To Address : 0xf7715f00
Size : 0x00011f00
Time Stamp : 0x480252c2
Time String : 4/13/2008 11:36:50 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Restore Filesystem Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sr.sys
==================================================

==================================================
Filename : kdcom.dll
Address In Stack :
From Address : 0xf7ccd000
To Address : 0xf7cceb80
Size : 0x00001b80
Time Stamp : 0x3b7d8346
Time String : 8/17/2001 1:49:10 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Debugger HW Extension DLL
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\kdcom.dll
==================================================

==================================================
Filename : BOOTVID.dll
Address In Stack :
From Address : 0xf7bdd000
To Address : 0xf7be0000
Size : 0x00003000
Time Stamp : 0x3b7d8345
Time String : 8/17/2001 1:49:09 PM
Product Name : Microsoft® Windows® Operating System
File Description : VGA Boot Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\BOOTVID.dll
==================================================

==================================================
Filename : ACPI.sys
Address In Stack :
From Address : 0xf777e000
To Address : 0xf77abd80
Size : 0x0002dd80
Time Stamp : 0x480252b1
Time String : 4/13/2008 11:36:33 AM
Product Name : Microsoft® Windows® Operating System
File Description : ACPI Driver for NT
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ACPI.sys
==================================================

==================================================
Filename : WMILIB.SYS
Address In Stack :
From Address : 0xf7ccf000
To Address : 0xf7cd0100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name : Microsoft® Windows® Operating System
File Description : WMILIB WMI support library Dll
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WMILIB.SYS
==================================================

==================================================
Filename : pci.sys
Address In Stack :
From Address : 0xf776d000
To Address : 0xf777da80
Size : 0x00010a80
Time Stamp : 0x480252bb
Time String : 4/13/2008 11:36:43 AM
Product Name : Microsoft® Windows® Operating System
File Description : NT Plug and Play PCI Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\pci.sys
==================================================

==================================================
Filename : isapnp.sys
Address In Stack :
From Address : 0xf77cd000
To Address : 0xf77d6180
Size : 0x00009180
Time Stamp : 0x480252b8
Time String : 4/13/2008 11:36:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : PNP ISA Bus Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\isapnp.sys
==================================================

==================================================
Filename : PCIIde.sys
Address In Stack :
From Address : 0xf7d95000
To Address : 0xf7d95d00
Size : 0x00000d00
Time Stamp : 0x3b7d83e5
Time String : 8/17/2001 1:51:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : Generic PCI IDE Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIde.sys
==================================================

==================================================
Filename : PCIIDEX.SYS
Address In Stack :
From Address : 0xf7a4d000
To Address : 0xf7a53180
Size : 0x00006180
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : PCI IDE Bus Driver Extension
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PCIIDEX.SYS
==================================================

==================================================
Filename : intelide.sys
Address In Stack :
From Address : 0xf7cd1000
To Address : 0xf7cd2580
Size : 0x00001580
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : Intel PCI IDE Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelide.sys
==================================================

==================================================
Filename : MountMgr.sys
Address In Stack :
From Address : 0xf77dd000
To Address : 0xf77e7580
Size : 0x0000a580
Time Stamp : 0x48025371
Time String : 4/13/2008 11:39:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mount Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\MountMgr.sys
==================================================

==================================================
Filename : ftdisk.sys
Address In Stack :
From Address : 0xf774e000
To Address : 0xf776c880
Size : 0x0001e880
Time Stamp : 0x3b7d8419
Time String : 8/17/2001 1:52:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : FT Disk Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ftdisk.sys
==================================================

==================================================
Filename : PartMgr.sys
Address In Stack :
From Address : 0xf7a55000
To Address : 0xf7a59d00
Size : 0x00004d00
Time Stamp : 0x480253b0
Time String : 4/13/2008 11:40:48 AM
Product Name : Microsoft® Windows® Operating System
File Description : Partition Manager
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\PartMgr.sys
==================================================

==================================================
Filename : VolSnap.sys
Address In Stack :
From Address : 0xf77ed000
To Address : 0xf77f9c80
Size : 0x0000cc80
Time Stamp : 0x480253bc
Time String : 4/13/2008 11:41:00 AM
Product Name : Microsoft® Windows® Operating System
File Description : Volume Shadow Copy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VolSnap.sys
==================================================

==================================================
Filename : atapi.sys
Address In Stack :
From Address : 0xf7736000
To Address : 0xf774d900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name : Microsoft® Windows® Operating System
File Description : IDE/ATAPI Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\atapi.sys
==================================================

==================================================
Filename : disk.sys
Address In Stack :
From Address : 0xf77fd000
To Address : 0xf7805e00
Size : 0x00008e00
Time Stamp : 0x480253ae
Time String : 4/13/2008 11:40:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : PnP Disk Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\disk.sys
==================================================

==================================================
Filename : CLASSPNP.SYS
Address In Stack :
From Address : 0xf780d000
To Address : 0xf7819180
Size : 0x0000c180
Time Stamp : 0x48025c05
Time String : 4/13/2008 12:16:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI Class System Dll
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\CLASSPNP.SYS
==================================================

==================================================
Filename : fltmgr.sys
Address In Stack :
From Address : 0xf7716000
To Address : 0xf7735b00
Size : 0x0001fb00
Time Stamp : 0x480251da
Time String : 4/13/2008 11:32:58 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Filesystem Filter Manager
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fltmgr.sys
==================================================

==================================================
Filename : KSecDD.sys
Address In Stack :
From Address : 0xf76ed000
To Address : 0xf7703b00
Size : 0x00016b00
Time Stamp : 0x4a420b90
Time String : 6/24/2009 4:18:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel Security Support Provider Interface
File Version : 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\KSecDD.sys
==================================================

==================================================
Filename : WudfPf.sys
Address In Stack :
From Address : 0xf76da000
To Address : 0xf76ecf00
Size : 0x00012f00
Time Stamp : 0x451c7d1f
Time String : 9/28/2006 6:55:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : Windows Driver Foundation - User-mode Driver Framework Platform Driver
File Version : 6.0.5716.32 (winmain(wmbla).060928-1756)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\WudfPf.sys
==================================================

==================================================
Filename : NDIS.sys
Address In Stack :
From Address : 0xf7620000
To Address : 0xf764c980
Size : 0x0002c980
Time Stamp : 0x48025d03
Time String : 4/13/2008 12:20:35 PM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 5.1 wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDIS.sys
==================================================

==================================================
Filename : Mup.sys
Address In Stack :
From Address : 0xf7606000
To Address : 0xf761fb80
Size : 0x00019b80
Time Stamp : 0x48025c31
Time String : 4/13/2008 12:17:05 PM
Product Name : Microsoft® Windows® Operating System
File Description : Multiple UNC Provider driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Mup.sys
==================================================

==================================================
Filename : intelppm.sys
Address In Stack :
From Address : 0xf795d000
To Address : 0xf7965e00
Size : 0x00008e00
Time Stamp : 0x48025183
Time String : 4/13/2008 11:31:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : Processor Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\intelppm.sys
==================================================

==================================================
Filename : ialmnt5.sys
Address In Stack :
From Address : 0xf746e000
To Address : 0xf75ac0a0
Size : 0x0013e0a0
Time Stamp : 0x43503c04
Time String : 10/14/2005 4:15:16 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Intel Graphics Miniport Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\ialmnt5.sys
==================================================

==================================================
Filename : VIDEOPRT.SYS
Address In Stack :
From Address : 0xf745a000
To Address : 0xf746df00
Size : 0x00013f00
Time Stamp : 0x48025497
Time String : 4/13/2008 11:44:39 AM
Product Name : Microsoft® Windows® Operating System
File Description : Video Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\VIDEOPRT.SYS
==================================================

==================================================
Filename : usbuhci.sys
Address In Stack :
From Address : 0xf7b0d000
To Address : 0xf7b12080
Size : 0x00005080
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : UHCI USB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbuhci.sys
==================================================

==================================================
Filename : USBPORT.SYS
Address In Stack :
From Address : 0xf7436000
To Address : 0xf7459200
Size : 0x00023200
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB 1.1 & 2.0 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBPORT.SYS
==================================================

==================================================
Filename : usbehci.sys
Address In Stack :
From Address : 0xf7b15000
To Address : 0xf7b1c600
Size : 0x00007600
Time Stamp : 0x480254ce
Time String : 4/13/2008 11:45:34 AM
Product Name : Microsoft® Windows® Operating System
File Description : EHCI eUSB Miniport Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbehci.sys
==================================================

==================================================
Filename : HSFHWBS2.sys
Address In Stack :
From Address : 0xf7402000
To Address : 0xf7435d00
Size : 0x00033d00
Time Stamp : 0x3fb8d436
Time String : 11/17/2003 6:59:18 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_HWB2 WDM driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSFHWBS2.sys
==================================================

==================================================
Filename : ks.sys
Address In Stack :
From Address : 0xf73df000
To Address : 0xf7401700
Size : 0x00022700
Time Stamp : 0x48025c12
Time String : 4/13/2008 12:16:34 PM
Product Name : Microsoft® Windows® Operating System
File Description : Kernel CSA Library
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ks.sys
==================================================

==================================================
Filename : HSF_DP.sys
Address In Stack :
From Address : 0xf72e0000
To Address : 0xf73de800
Size : 0x000fe800
Time Stamp : 0x3fb8d37d
Time String : 11/17/2003 6:56:13 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_DP driver
File Version : 7.06.00
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_DP.sys
==================================================

==================================================
Filename : HSF_CNXT.sys
Address In Stack :
From Address : 0xf7239000
To Address : 0xf72df300
Size : 0x000a6300
Time Stamp : 0x3fb8d3e8
Time String : 11/17/2003 6:58:00 AM
Product Name : SoftK56 Modem Driver
File Description : HSF_CNXT driver
File Version : 7.06.00 built by: WinDDK
Company : Conexant Systems, Inc.
Full Path : C:\WINDOWS\system32\drivers\HSF_CNXT.sys
==================================================

==================================================
Filename : Modem.SYS
Address In Stack :
From Address : 0xf7b1d000
To Address : 0xf7b24580
Size : 0x00007580
Time Stamp : 0x48025842
Time String : 4/13/2008 12:00:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : Modem Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Modem.SYS
==================================================

==================================================
Filename : e100b325.sys
Address In Stack :
From Address : 0xf7211000
To Address : 0xf7238c00
Size : 0x00027c00
Time Stamp : 0x42adf359
Time String : 6/13/2005 1:58:01 PM
Product Name : Intel® PRO/100 Adapter
File Description : Intel® PRO/100 Adapter NDIS 5.1 driver
File Version : 8.0.21.0 built by: WinDDK
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\drivers\e100b325.sys
==================================================

==================================================
Filename : smwdm.sys
Address In Stack :
From Address : 0xf71d1000
To Address : 0xf7210900
Size : 0x0003f900
Time Stamp : 0x41f94f88
Time String : 1/27/2005 1:31:04 PM
Product Name : SoundMAX Digital Audio Driver
File Description : SoundMAX Integrated Digital Audio
File Version : 5.12.01.5246
Company : Analog Devices, Inc.
Full Path : C:\WINDOWS\system32\drivers\smwdm.sys
==================================================

==================================================
Filename : portcls.sys
Address In Stack :
From Address : 0xf71ad000
To Address : 0xf71d0a80
Size : 0x00023a80
Time Stamp : 0x48025ccc
Time String : 4/13/2008 12:19:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : Port Class (Class Driver for Port/Miniport Devices)
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\portcls.sys
==================================================

==================================================
Filename : drmk.sys
Address In Stack :
From Address : 0xf796d000
To Address : 0xf797bb00
Size : 0x0000eb00
Time Stamp : 0x480254b8
Time String : 4/13/2008 11:45:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Microsoft Kernel DRM Descrambler Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\drmk.sys
==================================================

==================================================
Filename : senfilt.sys
Address In Stack :
From Address : 0xf70fa000
To Address : 0xf71acf00
Size : 0x000b2f00
Time Stamp : 0x414a45cc
Time String : 9/16/2004 7:02:52 PM
Product Name :
File Description : Creative WDM Audio Driver
File Version : 5.10.00.3614
Company : Creative Technology Ltd.
Full Path : C:\WINDOWS\system32\drivers\senfilt.sys
==================================================

==================================================
Filename : fdc.sys
Address In Stack :
From Address : 0xf7b25000
To Address : 0xf7b25000
Size : 0x00000000
Time Stamp : 0x00000000
Time String :
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Disk Controller Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\fdc.sys
==================================================

==================================================
Filename : i8042prt.sys
Address In Stack :
From Address : 0xf797d000
To Address : 0xf7989d00
Size : 0x0000cd00
Time Stamp : 0x48025c67
Time String : 4/13/2008 12:17:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : i8042 Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\i8042prt.sys
==================================================

==================================================
Filename : L8042pr2.Sys
Address In Stack :
From Address : 0xf798d000
To Address : 0xf7998880
Size : 0x0000b880
Time Stamp : 0x3fe0b0a2
Time String : 12/17/2003 12:38:10 PM
Product Name : Logitech MouseWare™
File Description : Logitech PS/2 Mouse Filter Driver.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\L8042pr2.Sys
==================================================

==================================================
Filename : LMouFlt2.Sys
Address In Stack :
From Address : 0xf799d000
To Address : 0xf79ac760
Size : 0x0000f760
Time Stamp : 0x3fe0b0b3
Time String : 12/17/2003 12:38:27 PM
Product Name : Logitech MouseWare™
File Description : Logitech Filter Driver for Mouse Class.
File Version : 9.79.24.0
Company : Logitech, Inc.
Full Path : C:\WINDOWS\system32\drivers\LMouFlt2.Sys
==================================================

==================================================
Filename : mouclass.sys
Address In Stack :
From Address : 0xf7b2d000
To Address : 0xf7b32a00
Size : 0x00005a00
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mouse Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mouclass.sys
==================================================

==================================================
Filename : parport.sys
Address In Stack :
From Address : 0xf70e6000
To Address : 0xf70f9900
Size : 0x00013900
Time Stamp : 0x48025389
Time String : 4/13/2008 11:40:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Port Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\parport.sys
==================================================

==================================================
Filename : serial.sys
Address In Stack :
From Address : 0xf79ad000
To Address : 0xf79bcc00
Size : 0x0000fc00
Time Stamp : 0x48025be0
Time String : 4/13/2008 12:15:44 PM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Device Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serial.sys
==================================================

==================================================
Filename : serenum.sys
Address In Stack :
From Address : 0xf7c8d000
To Address : 0xf7c90d80
Size : 0x00003d80
Time Stamp : 0x4802538c
Time String : 4/13/2008 11:40:12 AM
Product Name : Microsoft® Windows® Operating System
File Description : Serial Port Enumerator
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\serenum.sys
==================================================

==================================================
Filename : imapi.sys
Address In Stack :
From Address : 0xf79bd000
To Address : 0xf79c7480
Size : 0x0000a480
Time Stamp : 0x480253b9
Time String : 4/13/2008 11:40:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : IMAPI Kernel Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\imapi.sys
==================================================

==================================================
Filename : cdrom.sys
Address In Stack :
From Address : 0xf79cd000
To Address : 0xf79dc600
Size : 0x0000f600
Time Stamp : 0x480253ad
Time String : 4/13/2008 11:40:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : SCSI CD-ROM Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\cdrom.sys
==================================================

==================================================
Filename : redbook.sys
Address In Stack :
From Address : 0xf79dd000
To Address : 0xf79eb100
Size : 0x0000e100
Time Stamp : 0x4802539b
Time String : 4/13/2008 11:40:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : Redbook Audio Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\redbook.sys
==================================================

==================================================
Filename : GEARAspiWDM.sys
Address In Stack :
From Address : 0xf7b35000
To Address : 0xf7b3a280
Size : 0x00005280
Time Stamp : 0x4a1151b5
Time String : 5/18/2009 5:16:53 AM
Product Name : CD DVD Filter
File Description : CD DVD Filter
File Version : 2.02.00.01
Company : GEAR Software Inc.
Full Path : C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
==================================================

==================================================
Filename : audstub.sys
Address In Stack :
From Address : 0xf7e09000
To Address : 0xf7e09c00
Size : 0x00000c00
Time Stamp : 0x3b7d85bc
Time String : 8/17/2001 1:59:40 PM
Product Name : Microsoft® Windows® Operating System
File Description : AudStub Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\audstub.sys
==================================================

==================================================
Filename : rasl2tp.sys
Address In Stack :
From Address : 0xf79ed000
To Address : 0xf79f9880
Size : 0x0000c880
Time Stamp : 0x48025ccf
Time String : 4/13/2008 12:19:43 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS L2TP mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasl2tp.sys
==================================================

==================================================
Filename : ndistapi.sys
Address In Stack :
From Address : 0xf7c95000
To Address : 0xf7c97780
Size : 0x00002780
Time Stamp : 0x48025797
Time String : 4/13/2008 11:57:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS 3.0 connection wrapper driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndistapi.sys
==================================================

==================================================
Filename : ndiswan.sys
Address In Stack :
From Address : 0xf70cf000
To Address : 0xf70e5580
Size : 0x00016580
Time Stamp : 0x48025d09
Time String : 4/13/2008 12:20:41 PM
Product Name : Microsoft® Windows® Operating System
File Description : MS PPP Framing Driver (Strong Encryption)
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndiswan.sys
==================================================

==================================================
Filename : raspppoe.sys
Address In Stack :
From Address : 0xf79fd000
To Address : 0xf7a07200
Size : 0x0000a200
Time Stamp : 0x4802579b
Time String : 4/13/2008 11:57:31 AM
Product Name : Microsoft® Windows® Operating System
File Description : RAS PPPoE mini-port/call-manager driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspppoe.sys
==================================================

==================================================
Filename : raspptp.sys
Address In Stack :
From Address : 0xf7a0d000
To Address : 0xf7a18d00
Size : 0x0000bd00
Time Stamp : 0x48025cd3
Time String : 4/13/2008 12:19:47 PM
Product Name : Microsoft® Windows® Operating System
File Description : Peer-to-Peer Tunneling Protocol
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspptp.sys
==================================================

==================================================
Filename : TDI.SYS
Address In Stack :
From Address : 0xf7b3d000
To Address : 0xf7b41a80
Size : 0x00004a80
Time Stamp : 0x48025834
Time String : 4/13/2008 12:00:04 PM
Product Name : Microsoft® Windows® Operating System
File Description : TDI Wrapper
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\TDI.SYS
==================================================

==================================================
Filename : psched.sys
Address In Stack :
From Address : 0xf70be000
To Address : 0xf70cee00
Size : 0x00010e00
Time Stamp : 0x48025764
Time String : 4/13/2008 11:56:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS QoS Packet Scheduler
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\psched.sys
==================================================

==================================================
Filename : msgpc.sys
Address In Stack :
From Address : 0xf7a1d000
To Address : 0xf7a25900
Size : 0x00008900
Time Stamp : 0x48025760
Time String : 4/13/2008 11:56:32 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS General Packet Classifier
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\msgpc.sys
==================================================

==================================================
Filename : ptilink.sys
Address In Stack :
From Address : 0xf7b45000
To Address : 0xf7b49580
Size : 0x00004580
Time Stamp : 0x3b7d8371
Time String : 8/17/2001 1:49:53 PM
Product Name : Microsoft® Windows® Operating System
File Description : Parallel Technologies DirectParallel IO Library
File Version : 1.10 (XPClient.010817-1148)
Company : Parallel Technologies, Inc.
Full Path : C:\WINDOWS\system32\drivers\ptilink.sys
==================================================

==================================================
Filename : raspti.sys
Address In Stack :
From Address : 0xf7b4d000
To Address : 0xf7b51080
Size : 0x00004080
Time Stamp : 0x3b7d84c4
Time String : 8/17/2001 1:55:32 PM
Product Name : Microsoft® Windows® Operating System
File Description : PTI DirectParallel® mini-port/call-manager driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\raspti.sys
==================================================

==================================================
Filename : termdd.sys
Address In Stack :
From Address : 0xf7a2d000
To Address : 0xf7a36f00
Size : 0x00009f00
Time Stamp : 0x4802532c
Time String : 4/13/2008 11:38:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Terminal Server Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\termdd.sys
==================================================

==================================================
Filename : kbdclass.sys
Address In Stack :
From Address : 0xf7b55000
To Address : 0xf7b5b000
Size : 0x00006000
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Keyboard Class Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdclass.sys
==================================================

==================================================
Filename : swenum.sys
Address In Stack :
From Address : 0xf7ced000
To Address : 0xf7cee100
Size : 0x00001100
Time Stamp : 0x48025378
Time String : 4/13/2008 11:39:52 AM
Product Name : Microsoft® Windows® Operating System
File Description : Plug and Play Software Device Enumerator
File Version : 5.3.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\swenum.sys
==================================================

==================================================
Filename : update.sys
Address In Stack :
From Address : 0xf7060000
To Address : 0xf70bdf00
Size : 0x0005df00
Time Stamp : 0x48025372
Time String : 4/13/2008 11:39:46 AM
Product Name : Microsoft® Windows® Operating System
File Description : Update Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\update.sys
==================================================

==================================================
Filename : mssmbios.sys
Address In Stack :
From Address : 0xf7ca1000
To Address : 0xf7ca4c80
Size : 0x00003c80
Time Stamp : 0x480252bd
Time String : 4/13/2008 11:36:45 AM
Product Name : Microsoft® Windows® Operating System
File Description : System Management BIOS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mssmbios.sys
==================================================

==================================================
Filename : NDProxy.SYS
Address In Stack :
From Address : 0xf782d000
To Address : 0xf7836e80
Size : 0x00009e80
Time Stamp : 0x48025798
Time String : 4/13/2008 11:57:28 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS Proxy
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\NDProxy.SYS
==================================================

==================================================
Filename : usbhub.sys
Address In Stack :
From Address : 0xf783d000
To Address : 0xf784b880
Size : 0x0000e880
Time Stamp : 0x480254d0
Time String : 4/13/2008 11:45:36 AM
Product Name : Microsoft® Windows® Operating System
File Description : Default Hub Driver for USB
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\usbhub.sys
==================================================

==================================================
Filename : USBD.SYS
Address In Stack :
From Address : 0xf7cf1000
To Address : 0xf7cf2280
Size : 0x00001280
Time Stamp : 0x3b7d8682
Time String : 8/17/2001 2:02:58 PM
Product Name : Microsoft® Windows® Operating System
File Description : Universal Serial Bus Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\USBD.SYS
==================================================

==================================================
Filename : flpydisk.sys
Address In Stack :
From Address : 0xf7b5d000
To Address : 0xf7b62000
Size : 0x00005000
Time Stamp : 0x48025398
Time String : 4/13/2008 11:40:24 AM
Product Name : Microsoft® Windows® Operating System
File Description : Floppy Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\flpydisk.sys
==================================================

==================================================
Filename : Fs_Rec.SYS
Address In Stack :
From Address : 0xf7cf3000
To Address : 0xf7cf4f00
Size : 0x00001f00
Time Stamp : 0x3b7d8361
Time String : 8/17/2001 1:49:37 PM
Product Name : Microsoft® Windows® Operating System
File Description : File System Recognizer Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fs_Rec.SYS
==================================================

==================================================
Filename : Null.SYS
Address In Stack :
From Address : 0xf7e26000
To Address : 0xf7e26b80
Size : 0x00000b80
Time Stamp : 0x3b7d82eb
Time String : 8/17/2001 1:47:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : NULL Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Null.SYS
==================================================

==================================================
Filename : Beep.SYS
Address In Stack :
From Address : 0xf7cf5000
To Address : 0xf7cf6080
Size : 0x00001080
Time Stamp : 0x3b7d82e5
Time String : 8/17/2001 1:47:33 PM
Product Name : Microsoft® Windows® Operating System
File Description : BEEP Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Beep.SYS
==================================================

==================================================
Filename : HIDPARSE.SYS
Address In Stack :
From Address : 0xf7b6d000
To Address : 0xf7b73180
Size : 0x00006180
Time Stamp : 0x480254c2
Time String : 4/13/2008 11:45:22 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Parsing Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDPARSE.SYS
==================================================

==================================================
Filename : vga.sys
Address In Stack :
From Address : 0xf7b75000
To Address : 0xf7b7a200
Size : 0x00005200
Time Stamp : 0x48025498
Time String : 4/13/2008 11:44:40 AM
Product Name : Microsoft® Windows® Operating System
File Description : VGA/Super VGA Video Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\vga.sys
==================================================

==================================================
Filename : mnmdd.SYS
Address In Stack :
From Address : 0xf7cf7000
To Address : 0xf7cf8080
Size : 0x00001080
Time Stamp : 0x3b7d8538
Time String : 8/17/2001 1:57:28 PM
Product Name : Microsoft® Windows® Operating System
File Description : Frame buffer simulator
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mnmdd.SYS
==================================================

==================================================
Filename : RDPCDD.sys
Address In Stack :
From Address : 0xf7cf9000
To Address : 0xf7cfa080
Size : 0x00001080
Time Stamp : 0x3b7d82c0
Time String : 8/17/2001 1:46:56 PM
Product Name : Microsoft® Windows® Operating System
File Description : RDP Miniport
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\RDPCDD.sys
==================================================

==================================================
Filename : Msfs.SYS
Address In Stack :
From Address : 0xf7b7d000
To Address : 0xf7b81a80
Size : 0x00004a80
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : Mailslot driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Msfs.SYS
==================================================

==================================================
Filename : Npfs.SYS
Address In Stack :
From Address : 0xf7b85000
To Address : 0xf7b8c880
Size : 0x00007880
Time Stamp : 0x480251c6
Time String : 4/13/2008 11:32:38 AM
Product Name : Microsoft® Windows® Operating System
File Description : NPFS Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Npfs.SYS
==================================================

==================================================
Filename : rasacd.sys
Address In Stack :
From Address : 0xf75c5000
To Address : 0xf75c7280
Size : 0x00002280
Time Stamp : 0x3b7d84cb
Time String : 8/17/2001 1:55:39 PM
Product Name : Microsoft® Windows® Operating System
File Description : RAS Automatic Connection Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rasacd.sys
==================================================

==================================================
Filename : ipsec.sys
Address In Stack :
From Address : 0xa9a05000
To Address : 0xa9a17600
Size : 0x00012600
Time Stamp : 0x48025cce
Time String : 4/13/2008 12:19:42 PM
Product Name : Microsoft® Windows® Operating System
File Description : IPSec Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipsec.sys
==================================================

==================================================
Filename : tcpip.sys
Address In Stack :
From Address : 0xa99ac000
To Address : 0xa9a04480
Size : 0x00058480
Time Stamp : 0x485b99ad
Time String : 6/20/2008 4:51:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : TCP/IP Protocol Driver
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\tcpip.sys
==================================================

==================================================
Filename : aswTdi.SYS
Address In Stack :
From Address : 0xf786d000
To Address : 0xf7876c00
Size : 0x00009c00
Time Stamp : 0x4c8651a7
Time String : 9/7/2010 7:52:23 AM
Product Name : avast! Antivirus System
File Description : avast! TDI Filter Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswTdi.SYS
==================================================

==================================================
Filename : ipnat.sys
Address In Stack :
From Address : 0xa995e000
To Address : 0xa9983500
Size : 0x00025500
Time Stamp : 0x48025786
Time String : 4/13/2008 11:57:10 AM
Product Name : Microsoft® Windows® Operating System
File Description : IP Network Address Translator
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ipnat.sys
==================================================

==================================================
Filename : netbt.sys
Address In Stack :
From Address : 0xa9936000
To Address : 0xa995dc00
Size : 0x00027c00
Time Stamp : 0x48025d1b
Time String : 4/13/2008 12:20:59 PM
Product Name : Microsoft® Windows® Operating System
File Description : MBT Transport driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbt.sys
==================================================

==================================================
Filename : wanarp.sys
Address In Stack :
From Address : 0xf787d000
To Address : 0xf7885700
Size : 0x00008700
Time Stamp : 0x48025790
Time String : 4/13/2008 11:57:20 AM
Product Name : Microsoft® Windows® Operating System
File Description : MS Remote Access and Routing ARP Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wanarp.sys
==================================================

==================================================
Filename : afd.sys
Address In Stack :
From Address : 0xa9914000
To Address : 0xa9935d00
Size : 0x00021d00
Time Stamp : 0x48a40333
Time String : 8/14/2008 3:04:35 AM
Product Name : Microsoft® Windows® Operating System
File Description : Ancillary Function Driver for WinSock
File Version : 5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\afd.sys
==================================================

==================================================
Filename : netbios.sys
Address In Stack :
From Address : 0xf788d000
To Address : 0xf7895780
Size : 0x00008780
Time Stamp : 0x48025741
Time String : 4/13/2008 11:56:01 AM
Product Name : Microsoft® Windows® Operating System
File Description : NetBIOS interface driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\netbios.sys
==================================================

==================================================
Filename : rdbss.sys
Address In Stack :
From Address : 0xa98e9000
To Address : 0xa9913e80
Size : 0x0002ae80
Time Stamp : 0x48025ee6
Time String : 4/13/2008 12:28:38 PM
Product Name : Microsoft® Windows® Operating System
File Description : Redirected Drive Buffering SubSystem Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\rdbss.sys
==================================================

==================================================
Filename : OMCI.SYS
Address In Stack :
From Address : 0xf7c5d000
To Address : 0xf7c60240
Size : 0x00003240
Time Stamp : 0x3b83e111
Time String : 8/22/2001 9:42:57 AM
Product Name : OMCI Driver
File Description : OMCI Device Driver
File Version : 6, 1, 0, 242
Company : Dell Computer Corporation
Full Path : C:\WINDOWS\system32\drivers\OMCI.SYS
==================================================

==================================================
Filename : mrxsmb.sys
Address In Stack :
From Address : 0xa9879000
To Address : 0xa98e8400
Size : 0x0006f400
Time Stamp : 0x4b852569
Time String : 2/24/2010 6:11:05 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT SMB Minirdr
File Version : 5.1.2600.5944 (xpsp_sp3_gdr.100224-1415)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxsmb.sys
==================================================

==================================================
Filename : Fips.SYS
Address In Stack :
From Address : 0xf78ad000
To Address : 0xf78b7e00
Size : 0x0000ae00
Time Stamp : 0x480251f7
Time String : 4/13/2008 11:33:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : FIPS Crypto Driver
File Version : 5.1.2600.5512 (xpsp.080413-2113)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Fips.SYS
==================================================

==================================================
Filename : aswSP.SYS
Address In Stack :
From Address : 0xa9852000
To Address : 0xa9878c80
Size : 0x00026c80
Time Stamp : 0x4c865191
Time String : 9/7/2010 7:52:01 AM
Product Name : avast! Antivirus System
File Description : avast! self protection module
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswSP.SYS
==================================================

==================================================
Filename : Aavmker4.SYS
Address In Stack :
From Address : 0xf7b95000
To Address : 0xf7b9a680
Size : 0x00005680
Time Stamp : 0x4c865059
Time String : 9/7/2010 7:46:49 AM
Product Name : avast! Antivirus System
File Description : avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\Aavmker4.SYS
==================================================

==================================================
Filename : hidusb.sys
Address In Stack :
From Address : 0xf7c61000
To Address : 0xf7c63880
Size : 0x00002880
Time Stamp : 0x480254c7
Time String : 4/13/2008 11:45:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : USB Miniport Driver for Input Devices
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\hidusb.sys
==================================================

==================================================
Filename : HIDCLASS.SYS
Address In Stack :
From Address : 0xf78bd000
To Address : 0xf78c6000
Size : 0x00009000
Time Stamp : 0x480254c5
Time String : 4/13/2008 11:45:25 AM
Product Name : Microsoft® Windows® Operating System
File Description : Hid Class Library
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\HIDCLASS.SYS
==================================================

==================================================
Filename : kbdhid.sys
Address In Stack :
From Address : 0xf7c69000
To Address : 0xf7c6c900
Size : 0x00003900
Time Stamp : 0x48025373
Time String : 4/13/2008 11:39:47 AM
Product Name : Microsoft® Windows® Operating System
File Description : HID Mouse Filter Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\kbdhid.sys
==================================================

==================================================
Filename : Cdfs.SYS
Address In Stack :
From Address : 0xf78dd000
To Address : 0xf78ec900
Size : 0x0000f900
Time Stamp : 0x48025b8d
Time String : 4/13/2008 12:14:21 PM
Product Name : Microsoft® Windows® Operating System
File Description : CD-ROM File System Driver
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Cdfs.SYS
==================================================

==================================================
Filename : dump_atapi.sys
Address In Stack :
From Address : 0xa9772000
To Address : 0xa9789900
Size : 0x00017900
Time Stamp : 0x4802539d
Time String : 4/13/2008 11:40:29 AM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : dump_WMILIB.SYS
Address In Stack :
From Address : 0xf7cff000
To Address : 0xf7d00100
Size : 0x00001100
Time Stamp : 0x3b7d878b
Time String : 8/17/2001 2:07:23 PM
Product Name :
File Description :
File Version :
Company :
Full Path :
==================================================

==================================================
Filename : win32k.sys
Address In Stack :
From Address : 0xbf800000
To Address : 0xbf9c4200
Size : 0x001c4200
Time Stamp : 0x4c220f9a
Time String : 6/23/2010 6:43:54 AM
Product Name : Microsoft® Windows® Operating System
File Description : Multi-User Win32 Driver
File Version : 5.1.2600.6003 (xpsp_sp3_gdr.100623-1635)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\win32k.sys
==================================================

==================================================
Filename : Dxapi.sys
Address In Stack :
From Address : 0xa9a58000
To Address : 0xa9a5a900
Size : 0x00002900
Time Stamp : 0x3b7d843f
Time String : 8/17/2001 1:53:19 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX API Driver
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\Dxapi.sys
==================================================

==================================================
Filename : watchdog.sys
Address In Stack :
From Address : 0xf7ba5000
To Address : 0xf7ba9500
Size : 0x00004500
Time Stamp : 0x480254ab
Time String : 4/13/2008 11:44:59 AM
Product Name : Microsoft® Windows® Operating System
File Description : Watchdog Driver
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\watchdog.sys
==================================================

==================================================
Filename : dxg.sys
Address In Stack :
From Address : 0xbf000000
To Address : 0xbf011600
Size : 0x00011600
Time Stamp : 0x48025323
Time String : 4/13/2008 11:38:27 AM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver
File Version : 5.1.2600.5512 (xpsp.080413-2105)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxg.sys
==================================================

==================================================
Filename : dxgthk.sys
Address In Stack :
From Address : 0xf7f20000
To Address : 0xf7f20d00
Size : 0x00000d00
Time Stamp : 0x3b7d8438
Time String : 8/17/2001 1:53:12 PM
Product Name : Microsoft® Windows® Operating System
File Description : DirectX Graphics Driver Thunk
File Version : 5.1.2600.0 (xpclient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\dxgthk.sys
==================================================

==================================================
Filename : ialmdnt5.dll
Address In Stack :
From Address : 0xbf020000
To Address : 0xbf042000
Size : 0x00022000
Time Stamp : 0x43503a0a
Time String : 10/14/2005 4:06:50 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdnt5.dll
==================================================

==================================================
Filename : ialmrnt5.dll
Address In Stack :
From Address : 0xbf012000
To Address : 0xbf020000
Size : 0x0000e000
Time Stamp : 0x43503a10
Time String : 10/14/2005 4:06:56 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Controller Hub for Intel Graphics Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmrnt5.dll
==================================================

==================================================
Filename : ialmdev5.DLL
Address In Stack :
From Address : 0xbf042000
To Address : 0xbf0760a0
Size : 0x000340a0
Time Stamp : 0x435039fe
Time String : 10/14/2005 4:06:38 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : Component GHAL Driver
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdev5.DLL
==================================================

==================================================
Filename : ialmdd5.DLL
Address In Stack :
From Address : 0xbf077000
To Address : 0xbf15a000
Size : 0x000e3000
Time Stamp : 0x43503bc6
Time String : 10/14/2005 4:14:14 PM
Product Name : Intel Graphics Accelerator Drivers for Windows NT®
File Description : DirectDraw® Driver for Intel® Graphics Technology
File Version : 6.14.10.4410
Company : Intel Corporation
Full Path : C:\WINDOWS\system32\ialmdd5.DLL
==================================================

==================================================
Filename : ATMFD.DLL
Address In Stack :
From Address : 0xbffa0000
To Address : 0xbffe5c00
Size : 0x00045c00
Time Stamp : 0x4bcd3bdf
Time String : 4/19/2010 10:30:07 PM
Product Name : Adobe Type Manager
File Description : Windows NT OpenType/Type 1 Font Driver
File Version : 5.1 Build 228
Company : Adobe Systems Incorporated
Full Path : C:\WINDOWS\system32\ATMFD.DLL
==================================================

==================================================
Filename : aswFsBlk.SYS
Address In Stack :
From Address : 0xa9762000
To Address : 0xa9764b00
Size : 0x00002b00
Time Stamp : 0x4c865069
Time String : 9/7/2010 7:47:05 AM
Product Name : avast! Antivirus System
File Description : avast! File System Access Blocking Driver
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswFsBlk.SYS
==================================================

==================================================
Filename : ndisuio.sys
Address In Stack :
From Address : 0xa9656000
To Address : 0xa9659900
Size : 0x00003900
Time Stamp : 0x4802573d
Time String : 4/13/2008 11:55:57 AM
Product Name : Microsoft® Windows® Operating System
File Description : NDIS User mode I/O Driver
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ndisuio.sys
==================================================

==================================================
Filename : aswMon2.SYS
Address In Stack :
From Address : 0xa957b000
To Address : 0xa9591d00
Size : 0x00016d00
Time Stamp : 0x4c865075
Time String : 9/7/2010 7:47:17 AM
Product Name : avast! Antivirus System
File Description : avast! File System Filter Driver for Windows XP
File Version : 5.0.677.0
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswMon2.SYS
==================================================

==================================================
Filename : wdmaud.sys
Address In Stack :
From Address : 0xa9246000
To Address : 0xa925a480
Size : 0x00014480
Time Stamp : 0x48025c3e
Time String : 4/13/2008 12:17:18 PM
Product Name : Microsoft® Windows® Operating System
File Description : MMSYSTEM Wave/Midi API mapper
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\wdmaud.sys
==================================================

==================================================
Filename : sysaudio.sys
Address In Stack :
From Address : 0xa941b000
To Address : 0xa9429d80
Size : 0x0000ed80
Time Stamp : 0x48025beb
Time String : 4/13/2008 12:15:55 PM
Product Name : Microsoft® Windows® Operating System
File Description : System Audio WDM Filter
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\sysaudio.sys
==================================================

==================================================
Filename : mrxdav.sys
Address In Stack :
From Address : 0xa8e29000
To Address : 0xa8e55180
Size : 0x0002c180
Time Stamp : 0x480251ca
Time String : 4/13/2008 11:32:42 AM
Product Name : Microsoft® Windows® Operating System
File Description : Windows NT WebDav Minirdr
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\mrxdav.sys
==================================================

==================================================
Filename : ParVdm.SYS
Address In Stack :
From Address : 0xf7d21000
To Address : 0xf7d22a80
Size : 0x00001a80
Time Stamp : 0x3b7d836d
Time String : 8/17/2001 1:49:49 PM
Product Name : Microsoft® Windows® Operating System
File Description : VDM Parallel Driver
File Version : 5.1.2600.0 (XPClient.010817-1148)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\ParVdm.SYS
==================================================

==================================================
Filename : srv.sys
Address In Stack :
From Address : 0xa8daa000
To Address : 0xa8e00800
Size : 0x00056800
Time Stamp : 0x4c1f84cd
Time String : 6/21/2010 8:27:09 AM
Product Name : Microsoft® Windows® Operating System
File Description : Server driver
File Version : 5.1.2600.6002 (xpsp_sp3_gdr.100621-1828)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\drivers\srv.sys
==================================================

==================================================
Filename : mdmxsdk.sys
Address In Stack :
From Address : 0xa8e5a000
To Address : 0xa8e5c6c0
Size : 0x000026c0
Time Stamp : 0x3e948735
Time String : 4/9/2003 1:48:53 PM
Product Name : Diagnostic Interface
File Description : Diagnostic Interface DRIVER
File Version : 1.0.2.002
Company : Conexant
Full Path : C:\WINDOWS\system32\drivers\mdmxsdk.sys
==================================================

==================================================
Filename : NIOC.SYS
Address In Stack :
From Address : 0xf7ae5000
To Address : 0xf7aea980
Size : 0x00005980
Time Stamp : 0x3d942196
Time String : 9/27/2002 2:15:02 AM
Product Name : NIOC (NT5) Driver
File Description : NIOC (NT5) Driver
File Version : 2.0.0.20927
Company : D-Link Corporation
Full Path : C:\WINDOWS\system32\NIOC.SYS
==================================================

==================================================
Filename : aswRdr.SYS
Address In Stack :
From Address : 0xf7b05000
To Address : 0xf7b09100
Size : 0x00004100
Time Stamp : 0x4c865090
Time String : 9/7/2010 7:47:44 AM
Product Name : avast! Antivirus System
File Description : avast! TDI RDR Driver
File Version : 5.0.677.0 built by: WinDDK
Company : AVAST Software
Full Path : C:\WINDOWS\system32\drivers\aswRdr.SYS
==================================================

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 26 September 2010 - 10:55 PM

I can only suspecta n MBR or atapi Rootkit .. Tho' I do not see it. So..... Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:00 AM

Posted 27 September 2010 - 01:37 AM

Refer: http://www.bleepingcomputer.com/forums/topic349915.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users