Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD after Antivrius Action infection


  • Please log in to reply
63 replies to this topic

#1 buddycraigg

buddycraigg

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 16 November 2010 - 11:11 PM

I had a friend house-sit while I was gone over the weekend.
I came home Monday night to discover that I had been infected by Antivirus Action.
I didn't have time to mess with it and just shut it down.

so tonight I tried to follow the steps on this site
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-action
but I got a BSOD when I tried safemode with network.

I tried normal winXP and got the BSOD again.
says, UNMOUNTABLE_BOOT_VOLUME

I booted up using a USB with Kaspersky recovery 10.
ran it and still have a broken computer.

I can boot into Ubuntu 10.04, but I wouldn't know what to do to try to fix winblows from there.

TIA

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 17 November 2010 - 04:51 AM

Hi, do you have an XP CD at hand?

Do you remember if Kaspersky detected anything, if so, what?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 17 November 2010 - 12:04 PM

My copy of XP-pro is too scuffed up to read.

Kaspersky found 8 problems
3 were trojans in some adobe folder
2 or 3 were trojans in a temp folder
I dont recall what the rest were, but I think they were also in a temp folder.

(if it's any help,I have a working laptop with win7 and a USB-IDE cable)

Edited by buddycraigg, 17 November 2010 - 12:08 PM.


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 17 November 2010 - 12:25 PM

If you attempt to boot in safe mode, what is the last driver you see on the screen?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 17 November 2010 - 03:06 PM

I'll be able to answer your question 8 hours from now.
look forward to your response tomorrow.

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 17 November 2010 - 03:48 PM

Okay, please take all time you need. :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#7 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 17 November 2010 - 11:25 PM

AVGIDSEH.Sys
notice the first letter in sys is in caps. I thought that was odd.

full path if you need it.
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 18 November 2010 - 04:30 AM

Please try this:

Please download ARCDC from Artellos.com.
  • Double click ARCDC.exe
  • Follow the dialog until you see 6 options. Please pick: Windows Professional SP2 & SP3
  • You will be prompted with a Terms of Use by Microsoft, please accept.
  • You will see a few dos screens flash by, this is normal.
  • Next you will be able to choose to add extra files. Select the Default Files.
  • The last window will allow you to burn the disk using BurnCDCC
Your ISO is located on your desktop.

  • Insert the CD-ROM into the CD-ROM drive, and then restart the computer.

  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
  • Your PC should now boot from your XP-CD.
    Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

  • When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
  • When prompted to choose a windows installation, type 1 and press enter.
  • When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.

  • A command prompt will open
Type the following lines and press enter after each line:

fixmbr

exit


Let me know if you can reboot normally now.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#9 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 18 November 2010 - 07:48 PM

still have the same problem after that driver tries to load
(but now I no longer have the option to start up my Ubuntu OS)

Edited by buddycraigg, 18 November 2010 - 09:37 PM.


#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 19 November 2010 - 05:38 AM

Sorry, I assumed you had ubuntu on an usb since you mentioned that too in your first post. I didn't realize you had a dual boot.

Please let me know if you want to restore the dual boot (we'll have to reinstall grub2 bootloader, which can be done with an ubuntu live CD), or if your only goal is to get windows back in working order.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#11 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 19 November 2010 - 12:43 PM

No worries. I hardly ever use ubuntu, I always find myself needing to do something that I only know how to do in windows.

first order is to get windows working again.
then either fix the dual boot, or recover the disk space so windows can use all of it.

Edited by buddycraigg, 19 November 2010 - 12:44 PM.


#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 19 November 2010 - 02:29 PM

Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download http://noahdfear.net/downloads/driver.sh to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Remove the USB drive and insert back in your working computer and navigate to report.txt

    Please note - all text entries are case sensitive
Copy and paste the report.txt for my review

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#13 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 19 November 2010 - 08:13 PM

Click on the folder that represents your USB drive (sdb1 ?)

that is where i'm stuck.
sda1 looks like my windows partition
sda2 is empty
sda5 looks like an old version of ubuntu
sda6 is empty
sda7 looks like my current version of ubuntu
sda8 is empty

there isn't any other folders in mnt

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:44 AM

Posted 20 November 2010 - 04:18 AM

After xPUD boots, take out your usb drive and plug it back in. See if it shows up now.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#15 buddycraigg

buddycraigg
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 20 November 2010 - 05:19 PM

that worked.

man, this is a lot of doo-doo to read through.

Sat Nov 20 16:09:03 UTC 2010
Driver report for /mnt/sda1/WINDOWS/system32/drivers
619b6e08a97ee2dd72f3d0da44435d1f nvidesm.sys has NO Company Name!

9859c0f6936e723e4892d7141b1327d5 acpiec.sys
Microsoft Corporation

a10c7534f7223f4a73a948967d00e69b acpi.sys
Microsoft Corporation

1ee7b434ba961ef845de136224c30fec aec.sys
Microsoft Corporation

55e6e1c51b6d30e54335750955453702 afd.sys
Microsoft Corporation

2c428fa0c3e3a01ed93c9b2a27d8d4bb agp440.sys
Microsoft Corporation

67288b07d6aba6c1267b626e67bc56fd agpcpq.sys
Microsoft Corporation

f312b7cef21eff52fa23056b9d815fad alim1541.sys
Microsoft Corporation

f6af59d6eee5e1c304f7f73706ad11d8 Ambfilt.sys
tH`HHVS_VERSION_INFOnn?StringFileInfobtCompanyNameCreativebFileDescriptionCreativeWDMDAudioDriver:rFileVersion...XLegalCopyrightCopyrightCreative>rProductVersion...DVarFileInfo$Translationtb*

675c16a3c1f8482f85ee4a97fc0dde3d amdagp.sys
Advanced Micro Devices

6e58654cb25730b2579e45e1fd116a47 amdide.sys
Advanced Micro Devices

dad16a9d5c873e7219e6b43802ed316a amdk6.sys
Microsoft Corporation

680ad1c1bb16239e28d8f33a54a7a3c7 amdk7.sys
Microsoft Corporation

033448d435e65c4bd72e70521fd05c76 AmdPPM.sys
Advanced Micro Devices

f0d692b0bffb46e30eb3cea168bbc49f arp1394.sys
Microsoft Corporation

02000abf34af4c218c35d257024807d6 asyncmac.sys
Microsoft Corporation

cdfe4411a69c224bd1d11b2da92dac51 atapi.sys
Microsoft Corporation

d649c57da6fa762c64013747e5d7d2d6 ati1btxx.sys
ATI Technologies

60b6aa2dc1521da343f781b70eb7895a ati1mdxx.sys
ATI Technologies

6fdc61e8e8e17f6ecc2d9a10fa8df347 ati1pdxx.sys
ATI Technologies

9d318099bf3876a4af4bc75966d27603 ati1raxx.sys
ATI Technologies

bcaf267b10620f8c93f6e87ab726e145 ati1rvxx.sys
ATI Technologies

dac7d785cf62f5bd41441e9d6f5a6efe ati1snxx.sys
ATI Technologies

f7706dae7d101f1b19ce552d772ebfce ati1ttxx.sys
ATI Technologies

6f714b4720dd80ffa9f8d2731594ea4c ati1tuxx.sys
ATI Technologies

67ffbc158dd4d27ba3fc92c6acd87f73 ati1xbxx.sys
ATI Technologies

0d8cab1f08f7d3c4de228b49e12e596a ati1xsxx.sys
ATI Technologies

2d030c2f6b036ca0bc243e1b16d924d1 ati2mtaa.sys
ATI Technologies

81c3e6674d0609aa84c07681bca252de ati2mtag.sys
ATI Technologies

993e7bd6438fe989e328c6b4bca246a9 atinbtxx.sys
ATI Technologies

ed4c2bf8403f4437987c0ba09cf48716 atinmdxx.sys
ATI Technologies

e90ac2b14e98f1a4372e5891b4278784 atinpdxx.sys
ATI Technologies

da36687d701c833430605a298731410b atinraxx.sys
ATI Technologies

a7a01b907db63898d40b0a14248ff9a2 atinrvxx.sys
ATI Technologies

ceddee2e0591894d19654d458fd3b9be atinsnxx.sys
ATI Technologies

d80a8f6c0a717446496c3a06d33b0d9c atinttxx.sys
ATI Technologies

edd66332608d27f4fd5069bcd0bc5164 atintuxx.sys
ATI Technologies

3e7d485cbd0b0d9f6ea2ad9442411831 atinxbxx.sys
ATI Technologies

77b575d7aab35d5908ae6ce681608d62 atinxsxx.sys
ATI Technologies

ec88da854ab7d7752ec8be11a741bb7f atmarpc.sys
Microsoft Corporation

39a0a59180f19946374275745b21aeba atmepvc.sys
Microsoft Corporation

0128e78fe835f074e469f03db681ca9e atmlane.sys
Microsoft Corporation

e7ef69b38d17ba01f914ae8f66216a38 atmuni.sys
Microsoft Corporation

d9f724aa26c010a217c97606b160ed68 audstub.sys
Microsoft Corporation

0c61f066f4d94bd67063dc6691935143 AVGIDSDriver.sys
AVG Technologies

84853f800cd69252c3c764fe50d0346f AVGIDSEH.sys
AVG Technologies

28d6adcd03e10f3838488b9b5d407dd4 AVGIDSFilter.sys
AVG Technologies

0eb16f4dbbb946360af30d2b13a52d1d AVGIDSShim.sys
AVG Technologies

1119e5bec6e749e0d292f0f84d48edba avgldx86.sys
AVG Technologies

54f1a9b4c9b540c2d8ac4baa171696b1 avgmfx86.sys
AVG Technologies

14fe36d8f2c6a2435275338d061a0b66 avgntflt.sys
Avira Gmb

8da3b77993c5f354cc2977b7ea06d03a avgrkx86.sys
AVG Technologies

2fd3e3a57fb90679a3a83eeed0360cfd avgtdix.sys
AVG Technologies

da1f27d85e0d1525f6621372e7b685e9 beep.sys
Microsoft Corporation

be5d50529799b9bab6be879ec768b6cf BIOS.sys
tH`/VS_VERSION_INFO?StringFileInfobComments<CompanyNameBIOSTARGroupFileDescriptionI/OInterfacedriverfilevFileVersion,,,vInternalNameI/Odriverp&LegalCopyrightCopyright©-BIOSTARGroup(LegalTrademarks:tOriginalFilenameBIOS.sysPrivateBuildNProductNameBIOSTARI/Odriverfle:vProductVersion,,,SpecialBuildDVarFileInfo$TranslationtAJO

e4e6a0922e3d983728c9ad4e8d466954 bridge.sys
Microsoft Corporation

d24b8d1784c68a25060fffbe8ed34b76 bthenum.sys
Microsoft Corporation

9df0adf74ce1d6371ed60cf92eb1d9a6 bthmodem.sys
Microsoft Corporation

10355270be12641b9764235da39dcf0f bthpan.sys
Microsoft Corporation

95ef6f3f386d93ee1e4d9ca45a50252a bthport.sys
Microsoft Corporation

275bef3567b48225b0836e138325430c bthprint.sys
Microsoft Corporation

f06d4cb9918b462a84d9ac00027efc30 bthusb.sys
Microsoft Corporation

90a673fc8e12a79afbed2576f6a7aaf9 cbidf2k.sys
Microsoft Corporation

c1b486a7658353d33a10cc15211a873b cdaudio.sys
Microsoft Corporation

cd7d5152df32b47f4e36f710b35aae02 cdfs.sys
Microsoft Corporation

837eef65af62d4e8a37c41d3879f7274 cdr4_xp.sys
Sonic Solutions

579da2f9f5401f55dae2cf8779d61dfc cdralw2k.sys
Sonic Solutions

af9c19b3100fe010496b1a27181fbf72 cdrom.sys
Microsoft Corporation

b562592b7f5759c99e179ca467ecfb4c cinemst2.sys
Ravisent Technologies

d86173b401470f06d9810f7962969ddf classpnp.sys
Microsoft Corporation

9624293e55ad405415862b504ca95b73 cpqdap01.sys
Compaq Computer Corp

6af1684ccaac3f7ef4ee9ba65eb0677a crusoe.sys
Microsoft Corporation

d16c81677a9be399c63cd2ea486472a5 diskdump.sys
Microsoft Corporation

00ca44e4534865f8a3b64f7c0984bff0 disk.sys
Microsoft Corporation

c0fbb516e06e243f0cf31f597e7ebf7d dmboot.sys
Microsoft Corp

f5e7b358a732d09f4bcf2824b88b9e28 dmio.sys
Microsoft Corp

e9317282a63ca4d188c0df5e09c6ac5f dmload.sys
Microsoft Corp

a6f881284ac1150e37d9ae47ff601267 dmusic.sys
Microsoft Corporation

1ed4dbbae9f5d558dbba4cc450e3eb2e drmkaud.sys
Microsoft Corporation

ff86422268de771d571e123eb7092c6a drmk.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87 dxapi.sys
Microsoft Corporation

d3dac8432110aad0b02a58b4459ab835 dxg.sys
Microsoft Corporation

a73f5d6705b1d820c19b18782e176efd dxgthk.sys
Microsoft Corporation

ee236706228a5df709ddd9bc1c6dafd0 EIO.sys
tHVS_VERSION_INFOaaaa?StringFileInfobCommentsLCompanyNameASUSTeKComputerInc.hFileDescriptionASUSKernelModeDriverforNT*FileVersion.bInternalNameEIO.sysn%LegalCopyrightCopyrightASUSTeKComputerInc.(LegalTrademarksbOriginalFilenameEIO.sysPrivateBuild`ProductNameASUSKernelModeDriverforNT.ProductVersion.SpecialBuildDVarFileInfo$Translationt!

3117f595e9615e04f05a54fc15a03b20 fastfat.sys
Microsoft Corporation

ced2e8396a8838e59d8fd529c680e02c fdc.sys
Microsoft Corporation

e153ab8a11de5452bcf5ac7652dbf3ed fips.sys
Microsoft Corporation

0dd1de43115b93f4d85e889d7a86f548 flpydisk.sys
Microsoft Corporation

3d234fb6d6ee875eb009864a299bea29 fltmgr.sys
Microsoft Corporation

3e1e2bd4f39b0e2b7dc4f4d2bcc2779a fs_rec.sys
Microsoft Corporation

455f778ee14368468560bd7cb8c854d0 fsvga.sys
Microsoft Corporation

6ac26732762483366c3969c9e4d2259d ftdisk.sys
Microsoft Corporation

4216cd545e5c30807b560c5dcaa812e6 gagp30kx.sys
Microsoft Corporation

5f92fd09e5610a5995da7d775eadcd12 gameenum.sys
Microsoft Corporation

1a3997bc30d8553d0303c2a13af8d476 HCW848NT.sys
Hauppauge Computer Works

3fcc124b6e08ee0e9351f717dd136939 Hdaudbus.sys
Windows Server DDK provider

2a013e7530beab6e569faa83f517e836 Hdaudio.sys
Windows Server DDK provider

cda7c5208286249ba83aca396ce84cf7 hidbth.sys
Microsoft Corporation

378055ab8dda86228683c697c4e11685 hidclass.sys
Microsoft Corporation

442915553e99782fa5713b04c3eeb94a hidir.sys
Microsoft Corporation

5fff41cd5108e9051d255c37825af697 hidparse.sys
Microsoft Corporation

1de6783b918f540149aa69943bdfeba8 hidusb.sys
Microsoft Corporation

970178e8e003eb1481293830069624b9 hsfbs2s2.sys
Conexant

1225ebea76aac3c84df6c54fe5e5d8be hsfcxts2.sys
Conexant

ebb354438a4c5a3327fb97306260714a hsfdpsp2.sys
Conexant

9f8b0f4276f618964fd118be4289b7cd http.sys
Microsoft Corporation

5502b58eef7486ee6f93f3f164dcb808 i8042prt.sys
Microsoft Corporation

f8aa320c6a0409c0380e5d8a99d76ec6 imapi.sys
Microsoft Corporation

279fb78702454dff2bb445f238c048d2 intelppm.sys
Microsoft Corporation

4448006b6bc60e6c027932cfc38d6855 ip6fw.sys
Microsoft Corporation

731f22ba402ee4b62748adaf6363c182 ipfltdrv.sys
Microsoft Corporation

e1ec7f5da720b640cd8fb8424f1b14bb ipinip.sys
Microsoft Corporation

e2168cbc7098ffe963c6f23f472a3593 ipnat.sys
Microsoft Corporation

64537aa5c003a6afeee1df819062d0d1 ipsec.sys
Microsoft Corporation

9d0f94e4feb6dcddaef975def0a32949 irbus.sys
Microsoft Corporation

50708daa1b1cbb7d6ac1cf8f56a24410 irenum.sys
Microsoft Corporation

e504f706ccb699c2596e9a3da1596e87 isapnp.sys
Microsoft Corporation

ebdee8a2ee5393890a1acee971c4c246 kbdclass.sys
Microsoft Corporation

ba5deda4d934e6288c2f66caf58d2562 kmixer.sys
Microsoft Corporation

674d3e5a593475915dc6643317192403 ksecdd.sys
Microsoft Corporation

b9540e258f952650de8dec68719a5c97 ks.sys
Microsoft Corporation

c7dd7d9739785bd3a6b8499eec1dee7e mbamswissarmy.sys
Malwarebytes Corporation

67b48a903430c6d4fb58cbaca1866601 mbam.sys
Malwarebytes Corporation

d1f8be91ed4ddb671d42e473e3fe71ab mcd.sys
Microsoft Corporation

195741aee20369980796b557358cd774 mdmxsdk.sys
Conexant

729d83e56c29c510258a6e9e79ffddc3 mf.sys
Microsoft Corporation

4ae068242760a1fb6e1a44bf4e16afa6 mnmdd.sys
Microsoft Corporation

6fc6f9d7acc36dca9b914565a3aeda05 modem.sys
Microsoft Corporation

9fa7207d1b1adead88ae8eed9cdbbaa5 Monfilt.sys
Creative Technology

34e1f0031153e491910e12551400192c mouclass.sys
Microsoft Corporation

b1c303e17fb9d46e87a98e4ba6769685 mouhid.sys
Microsoft Corporation

65653f3b4477f3c63e68a9659f85ee2e mountmgr.sys
Microsoft Corporation

eee50bf24caeedb515a8f3b22756d3bb mqac.sys
Microsoft Corporation

29414447eb5bde2f8397dc965dbb3156 mrxdav.sys
Microsoft Corporation

fb6c89bb3ce282b08bdb1e3c179e1c39 mrxsmb.sys
Microsoft Corporation

561b3a4333ca2dbdba28b5b956822519 msfs.sys
Microsoft Corporation

c0f1d4a21de5a415df8170616703debf msgpc.sys
Microsoft Corporation

ae431a8dd3c1d0d0610cdbac16057ad0 mskssrv.sys
Microsoft Corporation

ca3e22598f411199adc2dfee76cd0ae0 msmpu401.sys
Microsoft Corporation

13e75fef9dfeb08eeded9d0246e1f448 mspclock.sys
Microsoft Corporation

1988a33ff19242576c3d0ef9ce785da7 mspqm.sys
Microsoft Corporation

469541f8bfd2b32659d5d463a6714bce mssmbios.sys
Microsoft Corporation

c53775780148884ac87c455489a0c070 mtlmnt5.sys
Smart Link

54886a652bf5685192141df304e923fd mtlstrm.sys
Smart Link

6dda78a0be692b61b668fab860f276cf mtxparhm.sys
Matrox Graphics

82035e0f41c2dd05ae41d27fe6cf7de1 mup.sys
Microsoft Corporation

94af9d9d9e9a562b43d573a82fb5ab60 mutohpen.sys
Microsoft Corporation

558635d3af1c7546d26067d5d9b6959e ndis.sys
Microsoft Corporation

08d43bbdacdf23f34d79e44ed35c1b4c ndistapi.sys
Microsoft Corporation

34d6cd56409da9a7ed573e1c90a308bf ndisuio.sys
Microsoft Corporation

0b90e255a9490166ab368cd55a529893 ndiswan.sys
Microsoft Corporation

59fc3fb44d2669bc144fd87826bb571f ndproxy.sys
Microsoft Corporation

3a2aca8fc1d7786902ca434998d7ceb4 netbios.sys
Microsoft Corporation

0c80e410cd2f47134407ee7dd19cc86b netbt.sys
Microsoft Corporation

5c5c53db4fef16cf87b9911c7e8c6fbc nic1394.sys
Microsoft Corporation

be984d604d91c217355cdd3737aad25d nikedrv.sys
Diamond Multimedia Systems

60cf8c7192b3614f240838ddbaa4a245 nmnt.sys
Microsoft Corporation

4f601bcb8f64ea3ac0994f98fed03f8e npfs.sys
Microsoft Corporation

19a811ef5f1ed5c926a028ce107ff1af ntfs.sys
Microsoft Corporation

576b34ceae5b7e5d9fd2775e93b3db53 ntmtlfax.sys
Smart Link

73c1e1f395918bc2c6dd67af7591a3ad null.sys
Microsoft Corporation

5950e6cc9fb3fabb61604d395dbc8550 nv4_mini.sys
NVIDIA Corporation

db36442c20793c53b4128eb85f9a3d32 nv_agp.SYS
NVIDIA Corporation

710f4e92ab23169aed02c27e638f82ae nvapu.sys
NVIDIA Corporation

620ce28d6ecb82b46fd5b782f6b3eb9d nvarm.sys
NVIDIA Corporation

02dbd44ed783d6e4d6ba74814c261d08 nvax.sys
NVIDIA Corporation

c8400ca70bf8a30156487bf887886432 NVENET.sys
NVIDIA Corporation

619b6e08a97ee2dd72f3d0da44435d1f nvidesm.sys

64a3e493595ea2cc3cda304d3c0f190e nvmcp.sys
NVIDIA Corporation

b305f3fad35083837ef46a0bbce2fc57 nwlnkflt.sys
Microsoft Corporation

c99b3415198d1aab7227f2c88fd664b9 nwlnkfwd.sys
Microsoft Corporation

79ea3fcda7067977625b3363a2657c80 nwlnkipx.sys
Microsoft Corporation

56d34a67c05e94e16377c60609741ff8 nwlnknb.sys
Microsoft Corporation

c0bb7d1615e1acbdc99757f6ceaf8cf0 nwlnkspx.sys
Microsoft Corporation

3f18d9365be71c7b2e43b7cf4a0c1a10 nwrdr.sys
Microsoft Corporation

4bb30ddc53ebc76895e38694580cdfe9 oprghdlr.sys
Microsoft Corporation

3e16eff2a6fed2d8d7f5a66dfe65d183 p3.sys
Microsoft Corporation

29744eb4ce659dfe3b4122deb45bc478 parport.sys
Microsoft Corporation

3334430c29dc338092f79c38ef7b4cd0 partmgr.sys
Microsoft Corporation

70e98b3fd8e963a6a46a2e6247e0bea1 parvdm.sys
Microsoft Corporation

ccf5f451bb1a5a2a522a76e670000ff0 pciide.sys
Microsoft Corporation

520b91ab011456b940d9b05fc91108ff pciidex.sys
Microsoft Corporation

8086d9979234b603ad5bc2f5d890b234 pci.sys
Microsoft Corporation

82a087207decec8456fbe8537947d579 pcmcia.sys
Microsoft Corporation

b4f59a953ef9e507f0d00c3a68580b8b point32.sys
Microsoft Corporation

bc6b2bc69c1e009443e8b1fe2db96101 portcls.sys
Microsoft Corporation

0d97d88720a4087ec93af7dbb303b30a processr.sys
Microsoft Corporation

82c9072333d76bddaa6c57289264e5bb pscaudio.sys
HiVS_VERSION_INFObrbr?ttStringFileInfobbCommentsRCompanyNamePhilipsComponents(PSS)ZFileDescriptionPhilipsAudioWDMDriver:rFileVersion...:rInternalNamepscaudio.sysp&LegalCopyrightCopyright©PhilipsComponents(LegalTrademarksBrOriginalFilenamepscaudio.sysPrivateBuildVProductNamePhilipsAudioDriver(WDM)>rProductVersion...SpecialBuildDVarFileInfo$Translationt

48671f327553dcf1d27f6197f622a668 psched.sys
Microsoft Corporation

80d317bd1c3dbc5d4fe7b1678c60cadd ptilink.sys
Parallel Technologies

d86b4a68565e444d76457f14172c875a PxHelp20.sys
Sonic Solutions

fe0d99d6f31e4fad8159f690d68ded9c rasacd.sys
Microsoft Corporation

98faeb4a4dcf812ba1c6fca4aa3e115c rasl2tp.sys
Microsoft Corporation

7306eeed8895454cbed4669be9f79faa raspppoe.sys
Microsoft Corporation

1c5cc65aac0783c344f16353e60b72ac raspptp.sys
Microsoft Corporation

fdbb1d60066fcfbb7452fd8f9829b242 raspti.sys
Microsoft Corporation

01524cd237223b18adbb48f70083f101 rawwan.sys
Microsoft Corporation

03b965b1ca47f6ef60eb5e51cb50e0af rdbss.sys
Microsoft Corporation

4912d5b403614ce99c28420f75353332 rdpcdd.sys
Microsoft Corporation

a2cae2c60bc37e0751ef9dda7ceaf4ad rdpdr.sys
Microsoft Corporation

b54cd38a9ebfbf2b3561426e3fe26f62 rdpwd.sys
Microsoft Corporation

e9aaa0092d74a9d371659c4c38882e12 recagent.sys
Smart Link

b31b4588e4086d8d84adbf9845c2402b redbook.sys
Microsoft Corporation

99c4b74981a1413f142a3903130088cb rfcomm.sys
Microsoft Corporation

a56fe08ec7473e8580a390bb1081cdd7 rio8drv.sys
Diamond Multimedia Systems

0a854df84c77a0be205bfeab2ae4f0ec riodrv.sys
Diamond Multimedia Systems

d18208ed6c768663b08c972eaa7a8b60 rmcast.sys
Microsoft Corporation

7ce8b277f3207ea82d7d22ad348befc6 rndismp.sys
Microsoft Corporation

a82a06278b29004d5da49965565ac2fd rndismpx.sys
Microsoft Corporation

d8b0b4ade32574b2d9c5cc34dc0dbbe7 rootmdm.sys
Microsoft Corporation

839141088ad7ee90f5b441b2d1afd22c Rtenicxp.sys
Realtek Semiconductor

3fa02c6e3e9ebe8523a2d4e51d0ece1f RtkHDAud.sys
Realtek Semiconductor

3cf6631543c743c29a369287ea67ffe6 RtKHDMI.sys
Realtek Semiconductor

0dbcc071a268e0340a2ba6bdd98bace4 s3gnbm.sys
SGraphics

d7fd0ff761e28ac0ea35ad71e0cd67e9 scsiport.sys
Microsoft Corporation

02fc71b020ec8700ee8a46c58bc6f276 sdbus.sys
Microsoft Corporation

90a3935d05b494a5a39d37e71f09a677 secdrv.sys
Macrovision Corporation

a2d868aeeff612e70e213c451a70cafb serenum.sys
Microsoft Corporation

cd9404d115a00d249f70a371b46d5a26 serial.sys
Microsoft Corporation

1d9f1bec651815741f088a8fb88e17ee sffdisk.sys
Microsoft Corporation

586499fd312ffd7f78553f408e71682e sffp_sd.sys
Microsoft Corporation

0d13b6df6e9e101013a7afb0ce629fe0 sfloppy.sys
Microsoft Corporation

732d859b286da692119f286b21a2a114 sisagp.sys
Silicon Integrated Systems

d9673011648a71ed1e1f77b831bc85e6 slnt7554.sys
Smart Link

2c1779c0feb1f4a6033600305eba623a slntamr.sys
Smart Link

f9b8e30e82ee95cf3e1d3e495599b99c slnthal.sys
Smart Link

db56bb2c55723815cf549d7fc50cfceb slwdmsup.sys
Smart Link

654dd37334fb4621043003188c48d582 smbali.sys
Microsoft Corporation

017daecf0ed3aa731313433601ec40fa smclib.sys
Microsoft Corporation

addc9e4757a68ab60562ad3cb9c288d6 sonydcam.sys
Microsoft Corporation

a1eceeaa5c5e74b2499eb51d38185b84 SONYPVU1.SYS
Sony Corporation

0ce218578fff5f4f7e4201539c45c78f splitter.sys
Microsoft Corporation

e41b6d037d6cd08461470af04500dc24 sr.sys
Microsoft Corporation

7a4f147cc6b133f905f6e65e2f8669fb srv.sys
Microsoft Corporation

c43356072eb3e88cd62958db10cead47 stream.sys
Microsoft Corporation

03c1bae4766e2450219d20b993d6e046 swenum.sys
Microsoft Corporation

94abc808fc4b6d7d2bbf42b85e25bb4d swmidi.sys
Microsoft Corporation

650ad082d46bac0e64c9c0e0928492fd sysaudio.sys
Microsoft Corporation

a2a9ca0d1a9ac1ff54220aa0789fe5cf tape.sys
Microsoft Corporation

be4007ab8c9b62e3688fc2f469b98190 tcpip6.sys
Microsoft Corporation

2a5554fc5b1e04e131230e3ce035c3f9 tcpip.sys
Microsoft Corporation

6891b74ab9a016064e82a419388d0601 tdi.sys
Microsoft Corporation

38d437cf2d98965f239b0abcd66dcb0f tdpipe.sys
Microsoft Corporation

ed0580af02502d00ad8c4c066b156be9 tdtcp.sys
Microsoft Corporation

a540a99c281d933f3d69d55e48727f47 termdd.sys
Microsoft Corporation

699450901c5ccfd82357cbc531cedd23 tosdvd.sys
Microsoft Corporation

d74a8ec75305f1d3cfde7c7fc1bd62a9 tsbvcap.sys
Toshiba Corporation

87a0e9e18c10a9e454238e3330e2a26d tunmp.sys
Microsoft Corporation

49c805d42d75eddc9b6a7130999c9054 uagp35.sys
Microsoft Corporation

12f70256f140cd7d52c58c7048fde657 udfs.sys
Microsoft Corporation

aff2e5045961bbc0a602bb6f95eb1345 update.sys
Microsoft Corporation

af090265ec388bab320f1ff7e7a7d5ea usb8023.sys
Microsoft Corporation

ee37e5c79d6c788711296075b2bc95f4 usb8023x.sys
Microsoft Corporation

61018ba9df6b63e51d9753c980e73ec2 usbcamd2.sys
Microsoft Corporation

2654eecc6fb13603ebddcd5c8ea943d1 usbcamd.sys
Microsoft Corporation

596eb39b50d6ebd9b734dc4ae0544693 usbd.sys
Microsoft Corporation

15e993ba2f6946b2bfbbfcd30398621e usbehci.sys
Microsoft Corporation

c72f40947f92cea56a8fb532edf025f1 usbhub.sys
Microsoft Corporation

2853fd4c4489e0f8bfcf78efcdb7e998 usbintel.sys
Microsoft Corporation

bdfe799a8531bad8a5a985821fe78760 usbohci.sys
Microsoft Corporation

2034ca78f9c6e787b4b76d81ac888351 usbport.sys
Microsoft Corporation

a42369b7cd8886cd7c70f33da6fcbcf5 usbprint.sys
Microsoft Corporation

6cd7b22193718f1d17a47a1cd6d37e75 USBSTOR.SYS
Microsoft Corporation

8968ff3973a883c49e8b564200f565b9 usbvideo.sys
Microsoft Corporation

55e01061c74a8cefff58dc36114a8d3f vdmindvd.sys
Ravisent Technologies

8a60edd72b4ea5aea8202daf0e427925 vga.sys
Microsoft Corporation

d92e7c8a30cfd14d8e15b5f7f032151b viaagp.sys
Microsoft Corporation

d5a9d123f5ed7c9965a481bd20cf66d8 videoprt.sys
Microsoft Corporation

ee4660083deba849ff6c485d944b379b volsnap.sys
Microsoft Corporation

497f6cdb901ef8de81bd501e2aefb0d0 wacompen.sys
Microsoft Corporation

0308aef61941e4af478fa1a0f83812f5 wadv07nt.sys
Intel Corporation

714038a8aa5de08e12062202cd7eaeb5 wadv08nt.sys
Intel Corporation

7bb3aa595e4507a788de1cdc63f4c8c4 wadv09nt.sys
Intel Corporation

36e6c405b6143d09687f4056fd9a0d10 wadv11nt.sys
Intel Corporation

984ef0b9788abf89974cfed4bfbaacbc wanarp.sys
Microsoft Corporation

352fa0e98bc461ce1ce5d41f64db558d watv06nt.sys
Intel Corporation

791cc45de6e50445be72e8ad6401ff45 watv10nt.sys
Intel Corporation

efd235ca22b57c81118c1aeb4798f1c1 wdmaud.sys
Microsoft Corporation

ae2c8544e747c20062db27456ea2d67a wmiacpi.sys
Microsoft Corporation

2f31b7f954bed437f2c75026c65caf7b wmilib.sys
Microsoft Corporation

cf4def1bf66f06964dc0d91844239104 wpdusb.sys
Microsoft Corporation

6abe6e225adb5a751622a9cc3bc19ce8 ws2ifsl.sys
Microsoft Corporation

f15feafffbb3644ccc80c5da584e6311 WudfPf.sys
Microsoft Corporation

28b524262bce6de1f7ef9f510ba3985b WudfRd.sys
Microsoft Corporation




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users