Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop boot BSOD after rootkit removal using Hitman pro.

Started by uzerfriendly , Apr 14 2011 08:53 AM

  • Please log in to reply

#1
uzerfriendly
Posted 14 April 2011 - 08:53 AM

uzerfriendly

    New Member

  • Member
  • Pip
  • 1 posts
Hello,

I tried to repair my brothers' Acer Vista (32bit) laptop from the TDSS redirection rootkit using hitman pro, and now (as many others) I get a BSOD on bootup (0x0000008e).

The laptop will boot into safe mode but I'm unable to use system restore. I have backed everything up to a separate drive.....
I have tried to take a peek at a minidump but none are being created on the BSOD. I have also tried with kernel dumps with the same result… nothing is created. I've also tried to boot in normal mode with all unnecessary startup programs and services stopped, and have removed AVG and malwareantibytes just in case!

I tried OTLPE following the instructions in this post and was told that my disk was not Windows 2000 or later.
http://www.geekstogo...rom-booting-up/

Eventually I found this newer post (http://www.geekstogo...uter-wont-boot/) so I've followed the instructions there and attached the relevant files.

I wondered if you could help me with this issue to save re-installing the whole machine.
Many thanks for your help and time
Doug



Thu Apr 14 20:23:22 UTC 2011
Driver report for /mnt/sda4/WINDOWS/LastGood/system32/drivers

e82c5ae309ab903d1019a240e5e469a9 BdaSup.sys
Microsoft Corporation

ff86422268de771d571e123eb7092c6a drmk.sys
Microsoft Corporation

b9540e258f952650de8dec68719a5c97 ks.sys
Microsoft Corporation

55a9a7e6bb297bf0f5b144029dcb79cc MPE.sys
Microsoft Corporation

bc6b2bc69c1e009443e8b1fe2db96101 portcls.sys
Microsoft Corporation

c43356072eb3e88cd62958db10cead47 stream.sys
Microsoft Corporation

Driver report for /mnt/sda4/WINDOWS/LastGood.Tmp/system32/drivers

e82c5ae309ab903d1019a240e5e469a9 bdasup.sys
Microsoft Corporation

6163ed60b684bab19d3352ab22fc48b2 ccdecode.sys
Microsoft Corporation

8a252d42cc836b949f226a08cb36323e clsupper.sys
Windows DDK provider

ff86422268de771d571e123eb7092c6a drmk.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87 dxapi.sys
Microsoft Corporation

38ab3fd05ac2146eede3704a22c785c6 hidshim.sys
?baLStringFileInfo(Bv+CompanyNameWindows®CodenameLonghornDDKproviderp$FileDescriptionSHIMfilterforKMDFHIDMINIdriverFileVersion...buildversionbuiltby:WinDDKbInternalNameHIDSHIM.SYS.LegalCopyrightMicrosoftCorporation.Allrightsreserved.@bOriginalFilenameHIDSHIM.SYSr)ProductNameWindows®CodenameLonghornDDKdriver<bProductVersion...DVarFileInfo$Translationt*

8b998e6c0aebbaecd6da33df947695d3 igxpmp32.sys
Intel Corporation

e504f706ccb699c2596e9a3da1596e87 isapnp.sys
Microsoft Corporation

b9540e258f952650de8dec68719a5c97 ks.sys
Microsoft Corporation

55a9a7e6bb297bf0f5b144029dcb79cc mpe.sys
Microsoft Corporation

ae431a8dd3c1d0d0610cdbac16057ad0 mskssrv.sys
Microsoft Corporation

13e75fef9dfeb08eeded9d0246e1f448 mspclock.sys
Microsoft Corporation

1988a33ff19242576c3d0ef9ce785da7 mspqm.sys
Microsoft Corporation

bf13612142995096ab084f2db7f40f77 mstee.sys
Microsoft Corporation

5c8dc6429c43dc6177c1fa5b76290d1a nabtsfec.sys
Microsoft Corporation

520ce427a8b298f54112857bcf6bde15 ndisip.sys
Microsoft Corporation

8086d9979234b603ad5bc2f5d890b234 pci.sys
Microsoft Corporation

bc6b2bc69c1e009443e8b1fe2db96101 portcls.sys
Microsoft Corporation

5caeed86821fa2c6139e32e9e05ccdc9 slip.sys
Microsoft Corporation

284c57df5dc7abca656bc2b96a667afb streamip.sys
Microsoft Corporation

c43356072eb3e88cd62958db10cead47 stream.sys
Microsoft Corporation

03c1bae4766e2450219d20b993d6e046 swenum.sys
Microsoft Corporation

15e993ba2f6946b2bfbbfcd30398621e usbehci.sys
Microsoft Corporation

c72f40947f92cea56a8fb532edf025f1 usbhub.sys
Microsoft Corporation

2034ca78f9c6e787b4b76d81ac888351 usbport.sys
Microsoft Corporation

f8fd1400092e23c8f2f31406ef06167b usbuhci.sys
Microsoft Corporation

1792a8661b3139b11d773e8a4ee50894 winbondhidcir.sys
Winbond Electronics

d5842484f05e12121c511aa93f6439ec wstcodec.sys
Microsoft Corporation

Driver report for /mnt/sda4/WINDOWS/system32/drivers

009927db8019c54477dabf6f9d795053 1394bus.sys
Microsoft Corporation

9859c0f6936e723e4892d7141b1327d5 acpiec.sys
Microsoft Corporation

a10c7534f7223f4a73a948967d00e69b acpi.sys
Microsoft Corporation

841f385c6cfaf66b58fbd898722bb4f0 aec.sys
Microsoft Corporation

5ac495f4cb807b2b98ad2ad591e6d92e afd.sys
Microsoft Corporation

f0d692b0bffb46e30eb3cea168bbc49f arp1394.sys
Microsoft Corporation

02000abf34af4c218c35d257024807d6 asyncmac.sys
Microsoft Corporation

d9f724aa26c010a217c97606b160ed68 audstub.sys
Microsoft Corporation

20be361d9b33dd5b36c91c9711434396 AVerA310Cap.sys
HVS_VERSION_INFO?bStringFileInfobZCompanyNameAVerMediaTECHNOLOGIES,Inc.^FileDescriptionAVerMediaDVB-TBDAdriverbFileVersion,,,@InternalNameAVerACap.sysTLegalCopyrightCopyright©AVerMediaHOriginalFilenameAVerACap.syst*ProductNameAVerMediaDVB-TUSB.adapterBDAdriver<bProductVersion,,,DVarFileInfo$Translationt*

c80ca966ddee3924d5b31a31c84808db AVerA310USB.sys
tH`@@VS_VERSION_INFO?StringFileInfo|bZCompanyNameAVerMediaTECHNOLOGIES,Inc.RFileDescriptionAVerMediaUSBdriverbFileVersion,,,@InternalNameAVerAUSB.sysTLegalCopyrightCopyright©AVerMediaHOriginalFilenameAVerAUSB.sysd"ProductNameAVerMediaUSBClassDeviceDriver<bProductVersion,,,DVarFileInfo$Translationt

d99b2c8c5f2f6ef05590198b0fb4fa1a AVerAF15.sys
H`VS_VERSION_INFO..?bxStringFileInfoTbCommentsZCompanyNameAVerMediaTECHNOLOGIES,Inc.bFileDescriptionAVerAFDriverbFileVersion,,,VInternalNameAVerAF.sysTLegalCopyrightCopyright©AVerMedia(LegalTrademarks^OriginalFilenameAVerAF.sysPrivateBuildz-ProductNameAVerAFDriverforUSBDevice<bProductVersion,,,SpecialBuildDVarFileInfo$Translationt

ea22edadf90c0aba8319454b2a07b700 battc.sys
Microsoft Corporation

61f8f3126d39a7eb2775fb1505469ee3 BdaSup.sys
Microsoft Corporation

6163ed60b684bab19d3352ab22fc48b2 ccdecode.sys
Microsoft Corporation

cd7d5152df32b47f4e36f710b35aae02 cdfs.sys
Microsoft Corporation

af9c19b3100fe010496b1a27181fbf72 cdrom.sys
Microsoft Corporation

d86173b401470f06d9810f7962969ddf classpnp.sys
Microsoft Corporation

8a252d42cc836b949f226a08cb36323e clsupper.sys
Windows DDK provider

4266be808f85826aedf3c64c1e240203 CmBatt.sys
Microsoft Corporation

df1b1a24bf52d0ebc01ed4ece8979f50 compbatt.sys
Microsoft Corporation

d16c81677a9be399c63cd2ea486472a5 diskdump.sys
Microsoft Corporation

00ca44e4534865f8a3b64f7c0984bff0 disk.sys
Microsoft Corporation

08d30af92c270f2e76787c81589dbad6 DKbFltr.SYS
tH`;VS_VERSION_INFObva?a(StringFileInfobCommentsFCompanyNameDritekSystemInc.l"FileDescriptionDritekPSKeyboardFilterDrivervFileVersion,,,bInternalNameDKbFltr.Sysz+LegalCopyrightCopyright©-DritekSystemInc.(LegalTrademarks@bOriginalFilenameDKbFltr.SysPrivateBuildNProductNameDritekKeyboardFilter:vProductVersion,,,SpecialBuildDVarFileInfo$Translationt*

c0fbb516e06e243f0cf31f597e7ebf7d dmboot.sys
Microsoft Corp

f5e7b358a732d09f4bcf2824b88b9e28 dmio.sys
Microsoft Corp

e9317282a63ca4d188c0df5e09c6ac5f dmload.sys
Microsoft Corp

a6f881284ac1150e37d9ae47ff601267 DMusic.sys
Microsoft Corporation

1ed4dbbae9f5d558dbba4cc450e3eb2e drmkaud.sys
Microsoft Corporation

ff86422268de771d571e123eb7092c6a drmk.sys
Microsoft Corporation

fe97d0343acfdebdd578fc67cc91fa87 dxapi.sys
Microsoft Corporation

d3dac8432110aad0b02a58b4459ab835 dxg.sys
Microsoft Corporation

a73f5d6705b1d820c19b18782e176efd dxgthk.sys
Microsoft Corporation

80d1b490b60e74e002dc116ec5d41748 enum1394.sys
Microsoft Corporation

3117f595e9615e04f05a54fc15a03b20 fastfat.sys
Microsoft Corporation

e153ab8a11de5452bcf5ac7652dbf3ed fips.sys
Microsoft Corporation

3e1e2bd4f39b0e2b7dc4f4d2bcc2779a fs_rec.sys
Microsoft Corporation

6ac26732762483366c3969c9e4d2259d ftdisk.sys
Microsoft Corporation

3fcc124b6e08ee0e9351f717dd136939 Hdaudbus.sys
Windows Server DDK provider

2a013e7530beab6e569faa83f517e836 Hdaudio.sys
Windows Server DDK provider

378055ab8dda86228683c697c4e11685 hidclass.sys
Microsoft Corporation

5fff41cd5108e9051d255c37825af697 hidparse.sys
Microsoft Corporation

5167a4f341f5cb0b6f38d76cf8dde8c9 hidshim.sys
?baLStringFileInfo(Bv+CompanyNameWindows®CodenameLonghornDDKproviderp$FileDescriptionSHIMfilterforKMDFHIDMINIdriverFileVersion...buildversionbuiltby:WinDDKbInternalNameHIDSHIM.SYS.LegalCopyrightMicrosoftCorporation.Allrightsreserved.@bOriginalFilenameHIDSHIM.SYSr)ProductNameWindows®CodenameLonghornDDKdriver<bProductVersion...DVarFileInfo$Translationt*

1de6783b918f540149aa69943bdfeba8 hidusb.sys
Microsoft Corporation

5502b58eef7486ee6f93f3f164dcb808 i8042prt.sys
Microsoft Corporation

9f1220113a3a7f4f08042c699324d073 iaStor.sys
Intel Corporation

b2768350bb50469aeb1afe694372b613 igxpmp32.sys
Intel Corporation

f8aa320c6a0409c0380e5d8a99d76ec6 imapi.sys
Microsoft Corporation

331244286fa249f2456e6d78fda4a93e IntcHdmi.sys
Intel Corporation

279fb78702454dff2bb445f238c048d2 intelppm.sys
Microsoft Corporation

4448006b6bc60e6c027932cfc38d6855 ip6fw.sys
Microsoft Corporation

e1ec7f5da720b640cd8fb8424f1b14bb ipinip.sys
Microsoft Corporation

b5a8e215ac29d24d60b4d1250ef05ace ipnat.sys
Microsoft Corporation

64537aa5c003a6afeee1df819062d0d1 ipsec.sys
Microsoft Corporation

e504f706ccb699c2596e9a3da1596e87 isapnp.sys
Microsoft Corporation

1969f1930ed587ce83fbcd78ce864f79 jmcr.sys
tH`!xxVS_VERSION_INFO?baStringFileInfoBRCompanyNameJMicronTechnologyCorp.z)FileDescriptionJMicronJMBXMemoryCardReaderDriverXFileVersion...builtby:WinDDKtInternalNameJMCR.SYSdLegalCopyrightCopyright©JMicron-:tOriginalFilenameJMCR.SYSb!ProductNameJMBXMemoryCardReaderDriver:vProductVersion...DVarFileInfo$Translationt*

ebdee8a2ee5393890a1acee971c4c246 kbdclass.sys
Microsoft Corporation

e182fa8e49e8ee41b4adc53093f3c7e6 kbdhid.sys
Microsoft Corporation

d93cad07c5683db066b0b2d2d3790ead kmixer.sys
Microsoft Corporation

eb7ffe87fd367ea8fca0506f74a87fbb ksecdd.sys
Microsoft Corporation

dc197a88746a55ae60d1c81d45cd1b4a ks.sys
Microsoft Corporation

4ae068242760a1fb6e1a44bf4e16afa6 mnmdd.sys
Microsoft Corporation

1992e0d143b09653ab0f9c5e04b0fd65 modemcsa.sys
Microsoft Corporation

34e1f0031153e491910e12551400192c mouclass.sys
Microsoft Corporation

b1c303e17fb9d46e87a98e4ba6769685 mouhid.sys
Microsoft Corporation

65653f3b4477f3c63e68a9659f85ee2e mountmgr.sys
Microsoft Corporation

83eff7b976ae24f1a496ca94a8a19919 MPE.sys
Microsoft Corporation

1fd607fc67f7f7c633c3da65bfc53d18 mrxsmb.sys
Microsoft Corporation

8575d788395c4d6378d98d1ed7cdadb9 msdv.sys
Microsoft Corporation

561b3a4333ca2dbdba28b5b956822519 msfs.sys
Microsoft Corporation

c0f1d4a21de5a415df8170616703debf msgpc.sys
Microsoft Corporation

ae431a8dd3c1d0d0610cdbac16057ad0 MSKSSRV.sys
Microsoft Corporation

13e75fef9dfeb08eeded9d0246e1f448 MSPCLOCK.sys
Microsoft Corporation

1988a33ff19242576c3d0ef9ce785da7 MSPQM.sys
Microsoft Corporation

469541f8bfd2b32659d5d463a6714bce mssmbios.sys
Microsoft Corporation

bf13612142995096ab084f2db7f40f77 mstee.sys
Microsoft Corporation

82035e0f41c2dd05ae41d27fe6cf7de1 mup.sys
Microsoft Corporation

5c8dc6429c43dc6177c1fa5b76290d1a nabtsfec.sys
Microsoft Corporation

520ce427a8b298f54112857bcf6bde15 ndisip.sys
Microsoft Corporation

558635d3af1c7546d26067d5d9b6959e ndis.sys
Microsoft Corporation

08d43bbdacdf23f34d79e44ed35c1b4c ndistapi.sys
Microsoft Corporation

34d6cd56409da9a7ed573e1c90a308bf ndisuio.sys
Microsoft Corporation

0b90e255a9490166ab368cd55a529893 ndiswan.sys
Microsoft Corporation

59fc3fb44d2669bc144fd87826bb571f ndproxy.sys
Microsoft Corporation

3a2aca8fc1d7786902ca434998d7ceb4 netbios.sys
Microsoft Corporation

0c80e410cd2f47134407ee7dd19cc86b netbt.sys
Microsoft Corporation

5c5c53db4fef16cf87b9911c7e8c6fbc nic1394.sys
Microsoft Corporation

4f601bcb8f64ea3ac0994f98fed03f8e npfs.sys
Microsoft Corporation

b78be402c3f63dd55521f73876951cdd ntfs.sys
Microsoft Corporation

3de17fbc295d1c996890ed1315b7d42e nv4_mini.sys
NVIDIA Corporation

95e0273dab227e9b2613f256ea024793 nvhda32.sys
NVIDIA Corporation

0951db8e5823ea366b0e408d71e1ba2a ohci1394.sys
Microsoft Corporation

4bb30ddc53ebc76895e38694580cdfe9 oprghdlr.sys
Microsoft Corporation

3334430c29dc338092f79c38ef7b4cd0 partmgr.sys
Microsoft Corporation

8086d9979234b603ad5bc2f5d890b234 pci.sys
Microsoft Corporation

bc6b2bc69c1e009443e8b1fe2db96101 portcls.sys
Microsoft Corporation

48671f327553dcf1d27f6197f622a668 psched.sys
Microsoft Corporation

80d317bd1c3dbc5d4fe7b1678c60cadd ptilink.sys
Parallel Technologies

fe0d99d6f31e4fad8159f690d68ded9c rasacd.sys
Microsoft Corporation

98faeb4a4dcf812ba1c6fca4aa3e115c rasl2tp.sys
Microsoft Corporation

7306eeed8895454cbed4669be9f79faa raspppoe.sys
Microsoft Corporation

1c5cc65aac0783c344f16353e60b72ac raspptp.sys
Microsoft Corporation

fdbb1d60066fcfbb7452fd8f9829b242 raspti.sys
Microsoft Corporation

29d66245adba878fff574cd66abd2884 rdbss.sys
Microsoft Corporation

4912d5b403614ce99c28420f75353332 rdpcdd.sys
Microsoft Corporation

a2cae2c60bc37e0751ef9dda7ceaf4ad rdpdr.sys
Microsoft Corporation

d4f5643d7714ef499ae9527fdcd50894 rdpwd.sys
Microsoft Corporation

b31b4588e4086d8d84adbf9845c2402b redbook.sys
Microsoft Corporation

d8b0b4ade32574b2d9c5cc34dc0dbbe7 rootmdm.sys
Microsoft Corporation

12cd9f66b64b25cbe18f1bb2c6f54832 RtkHDAud.sys
Realtek Semiconductor

e3939d5d17e3798e52d1c24a81fd70cc RTSTOR.sys
Realtek Semiconductor

d7fd0ff761e28ac0ea35ad71e0cd67e9 scsiport.sys
Microsoft Corporation

4acfb25ecc8dd21707f747b28216cea1 scsiscan.sys
Microsoft Corporation

a2d868aeeff612e70e213c451a70cafb serenum.sys
Microsoft Corporation

cd9404d115a00d249f70a371b46d5a26 serial.sys
Microsoft Corporation

0d13b6df6e9e101013a7afb0ce629fe0 sfloppy.sys
Microsoft Corporation

5caeed86821fa2c6139e32e9e05ccdc9 slip.sys
Microsoft Corporation

8e186b8f23295d1e42c573b82b80d548 splitter.sys
Microsoft Corporation

20b7e396720353e4117d64d9dcb926ca srv.sys
Microsoft Corporation

284c57df5dc7abca656bc2b96a667afb streamip.sys
Microsoft Corporation

d5ecbe98cceda4507fa9168e8d932088 stream.sys
Microsoft Corporation

03c1bae4766e2450219d20b993d6e046 swenum.sys
Microsoft Corporation

94abc808fc4b6d7d2bbf42b85e25bb4d swmidi.sys
Microsoft Corporation

650ad082d46bac0e64c9c0e0928492fd sysaudio.sys
Microsoft Corporation

4d58bb1ae8841aafd8790ad7e1e3b8ea tcpip6.sys
Microsoft Corporation

9f4b36614a0fc234525ba224957de55c tcpip.sys
Microsoft Corporation

3fc234c9e20918ce856ffa42c421e678 tdasync.sys
Microsoft Corporation

182a77eecbdea330472a9a7a6f1457ce tdipx.sys
Microsoft Corporation

6891b74ab9a016064e82a419388d0601 tdi.sys
Microsoft Corporation

38d437cf2d98965f239b0abcd66dcb0f tdpipe.sys
Microsoft Corporation

5fb281f720939cbe9961d1808cc270e9 tdspx.sys
Microsoft Corporation

ed0580af02502d00ad8c4c066b156be9 tdtcp.sys
Microsoft Corporation

a540a99c281d933f3d69d55e48727f47 termdd.sys
Microsoft Corporation

87a0e9e18c10a9e454238e3330e2a26d tunmp.sys
Microsoft Corporation

12f70256f140cd7d52c58c7048fde657 udfs.sys
Microsoft Corporation

aff2e5045961bbc0a602bb6f95eb1345 update.sys
Microsoft Corporation

bffd9f120cc63bcbaa3d840f3eef9f79 usbccgp.sys
Microsoft Corporation

596eb39b50d6ebd9b734dc4ae0544693 usbd.sys
Microsoft Corporation

15e993ba2f6946b2bfbbfcd30398621e usbehci.sys
Microsoft Corporation

c72f40947f92cea56a8fb532edf025f1 usbhub.sys
Microsoft Corporation

2034ca78f9c6e787b4b76d81ac888351 usbport.sys
Microsoft Corporation

a6bc71402f4f7dd5b77fd7f4a8ddba85 usbscan.sys
Microsoft Corporation

6cd7b22193718f1d17a47a1cd6d37e75 USBSTOR.SYS
Microsoft Corporation

f8fd1400092e23c8f2f31406ef06167b usbuhci.sys
Microsoft Corporation

8968ff3973a883c49e8b564200f565b9 usbvideo.sys
Microsoft Corporation

8a60edd72b4ea5aea8202daf0e427925 vga.sys
Microsoft Corporation

d5a9d123f5ed7c9965a481bd20cf66d8 videoprt.sys
Microsoft Corporation

ee4660083deba849ff6c485d944b379b volsnap.sys
Microsoft Corporation

984ef0b9788abf89974cfed4bfbaacbc wanarp.sys
Microsoft Corporation

fd47474bd21794508af449d9d91af6e6 wdf01000.sys
Microsoft Corporation

ded98a3e466251ccab93d579144b048c wdfldr.sys
Microsoft Corporation

2797f33ebf50466020c430ee4f037933 wdmaud.sys
Microsoft Corporation

ef2c4a63eada9f72c21ef79f73936296 winbondcir.sys
Winbond Electronics

0bf8bbf4585d57925bfe6563e4745545 winbondhidcir.sys
Winbond Electronics

ae2c8544e747c20062db27456ea2d67a wmiacpi.sys
Microsoft Corporation

2f31b7f954bed437f2c75026c65caf7b wmilib.sys
Microsoft Corporation

1385e5aa9c9821790d33a9563b8d2dd0 wpdusb.sys
Microsoft Corporation

6abe6e225adb5a751622a9cc3bc19ce8 ws2ifsl.sys
Microsoft Corporation

d5842484f05e12121c511aa93f6439ec wstcodec.sys
Microsoft Corporation

Driver report for /mnt/sda2/Windows/System32/drivers

b46aa621e7bd4fe150bcc140daceda1b 1394bus.sys
Microsoft Corporation

82b296ae1892fe3dbee00c9cf92f8ac7 acpi.sys
Microsoft Corporation

04f0fcac69c7c71a3ac4eb97fafc8303 adp94xx.sys
Adaptec

60505e0041f7751bdbb80f88bf45c2ce adpahci.sys
Adaptec

8a42779b02aec986eab64ecfc98f8bd7 adpu160m.sys
Adaptec

241c9e37f8ce45ef51c3de27515ca4e5 adpu320.sys
Adaptec

a201207363aa900abf1a388468688570 afd.sys
Microsoft Corporation

13f9e33747e6b41a3ff305c37db0d360 AGP440.sys
Microsoft Corporation

9eaef5fc9b8e351afa7e78a6fae91f91 aliide.sys
Acer Laboratories

c47344bc706e5f0b9dce369516661578 AMDAGP.SYS
Microsoft Corporation

9b78a39a4c173fdbc1321e0dd659b34c amdide.sys
Microsoft Corporation

18f29b49ad23ecee3d2a826c725c8d48 amdk7.sys
Microsoft Corporation

93ae7f7dd54ab986a6f1a1b37be7442d amdk8.sys
Microsoft Corporation

5e2a321bd7c8b3624e41fdec3e244945 arcsas.sys
Adaptec

5d2888182fb46632511acee92fdad522 arc.sys
Adaptec

53b202abee6455406254444303e87be1 asyncmac.sys
Microsoft Corporation

2d9c903dc76a66813d350a562de40ed9 atapi.sys
Microsoft Corporation

d1c03ae69c29e239fc8000c5c0dea709 ataport.sys
Microsoft Corporation

2b8a5a8879238c3ba9a89a8e3ac4e45d battc.sys
Microsoft Corporation

9f5f8f2318dfa3974a6f6a5602733929 bdasup.sys
Microsoft Corporation

67e506b75bd5326a3ec7b70bd014dfb6 beep.sys
Microsoft Corporation

d4df28447741fd3d953526e33a617397 blbdrive.sys
Microsoft Corporation

74b442b2be1260b7588c136177ceac66 bowser.sys
Microsoft Corporation

9f9acc7f7ccde8a15c282d3f88b43309 BrFiltLo.sys
Brother Industries

56801ad62213a41f6497f96dee83755a BrFiltUp.sys
Brother Industries

b1564976d98e91fc764d5dc28a0297da bridge.sys
Microsoft Corporation

b304e75cff293029eddf094246747113 BrSerId.sys
Brother Industries

203f0b1e73adadbbb7b7b1fabd901f6b BrSerWdm.sys
Brother Industries

bd456606156ba17e60a04e18016ae54b BrUsbMdm.sys
Brother Industries

af72ed54503f717a43268b3cc5faec2e BrUsbSer.sys
Brother Industries

ad07c1ec6665b8b35741ab91200c6b68 bthmodem.sys
Microsoft Corporation

7add03e75beb9e6dd102c3081d29840a cdfs.sys
Microsoft Corporation

6b4bffb9becd728097024276430db314 cdrom.sys
Microsoft Corporation

e5d4133f37219dbcfe102bc61072589d circlass.sys
Microsoft Corporation

0767b09c74d935a590b4879d14463b64 Classpnp.sys
Microsoft Corporation

99afc3795b58cc478fbbbcdc658fcb56 CmBatt.sys
Microsoft Corporation

0ca25e686a4928484e9fdabd168ab629 cmdide.sys
CMD Technology

6afef0b60fa25de07c0968983ee4f60a compbatt.sys
Microsoft Corporation

36975327ef03949cc378ab01e316b574 crashdmp.sys
Microsoft Corporation

741e9dff4f42d2d8477d0fc1dc0df871 crcdisk.sys
Microsoft Corporation

1f07becdca750766a96cda811ba86410 crusoe.sys
Microsoft Corporation

218d8ae46c88e82014f5d73d0236d9b2 dfsc.sys
Microsoft Corporation

494075282e23d838f43a4c9fb7143959 Diskdump.sys
Microsoft Corporation

5d4aefc3386920236a548271f8f1af6a disk.sys
Microsoft Corporation

ae1fdf7bf7bb6c6a70f67699d880592a djsvs.sys
Adaptec

73baf270d24fe726b9cd7f80bb17a23d DKbFltr.sys
tH`VS_VERSION_INFOww?a<StringFileInfobCommentsFCompanyNameDritekSystemInc.l"FileDescriptionDritekPSKeyboardFilterDriver:rFileVersion,,,bInternalNameDKbFltr.Sysz+LegalCopyrightCopyright©-DritekSystemInc.(LegalTrademarks@bOriginalFilenameDKbFltr.SysPrivateBuildProductNameDritekKeyboardFilterDriver>rProductVersion,,,SpecialBuildDVarFileInfo$Translationt*

97fef831ab90bee128c9af390e243f80 drmkaud.sys
Microsoft Corporation

7be5a3c671a2cb56e94403bfc2020a0d drmk.sys
Microsoft Corporation

c67ebf9c05531c406e1e079ff669a2e6 Dumpata.sys
Microsoft Corporation

eaaafef04fbb45665c9576e525d45a12 dxapi.sys
Microsoft Corporation

fb85f7f69e9b109820409243f578cc4d dxgkrnl.sys
Microsoft Corporation

c8d5369bfe193b5fb53337dce77ce314 dxg.sys
Microsoft Corporation

5425f74ac0c1dbd96a1e04f17d63f94c E1G60I32.sys
Intel Corporation

7f64ea048dcfac7acf8b4d7b4e6fe371 ecache.sys
Microsoft Corporation

23b62471681a124889978f6295b3f4c6 elxstor.sys
Emulex

3db974f3935483555d7148663f726c61 errdev.sys
Microsoft Corporation

22b408651f9123527bcee54b4f6c5cae exfat.sys
Microsoft Corporation

1e9b9a70d332103c52995e957dc09ef8 fastfat.sys
Microsoft Corporation

afe1e8b9782a0dd7fb46bbd88e43f89a fdc.sys
Microsoft Corporation

a8c0139a884861e3aae9cfe73b208a9f fileinfo.sys
Microsoft Corporation

0ae429a696aecbc5970e3cf2c62635ae filetrace.sys
Microsoft Corporation

85b7cf99d532820495d68d747fda9ebd flpydisk.sys
Microsoft Corporation

01334f9ea68e6877c4ef05d3ea8abb05 fltMgr.sys
Microsoft Corporation

65ea8b77b5851854f0c55c43fa51a198 fs_rec.sys
Microsoft Corporation

73594dbc99e22958150192ee99bc48ce FWPKCLNT.SYS
Microsoft Corporation

34582a6e6573d54a07ece5fe24a126b5 GAGP30KX.SYS
Microsoft Corporation

8182ff89c65e4d38b2de4bb0fb18564e GEARAspiWDM.sys
GEAR Software

062452b7ffd68c8c042a6261fe8dff4a hdaudbus.sys
Microsoft Corporation

cb04c744be0a61b1d648faed182c3b59 HdAudio.sys
Microsoft Corporation

1338520e78d90154ed6be8f84de5fceb hidbth.sys
Microsoft Corporation

5961cadb7cad938368d2028725ef771d hidclass.sys
Microsoft Corporation

d8df3722d5e961baa1292aa2f12827e2 hidir.sys
Microsoft Corporation

175444d3a01ca45d0e1c5dc5f48df7cd hidparse.sys
Microsoft Corporation

cca4b519b17e23a00b826c55716809cc hidusb.sys
Microsoft Corporation

16ee7b23a009e00d835cdb79574a91a6 HpCISSs.sys
Hewlett-Packard

bb9cbaf6ac20452b245c324f1f50ee81 HSX_CNXT.sys
Conexant

fadd7095163cb3cb4073793ebb50fe75 HSX_DPV.sys
Conexant

058783bedd17615d1fece09f77960436 HSXHWAZL.sys
Conexant

f870aa3e254628ebeafe754108d664de http.sys
Microsoft Corporation

95bd3ea81ebe6b8cacafdb6cdab3586c i2omgmt.sys
Microsoft Corporation

c6b032d69650985468160fc9937cf5b4 i2omp.sys
Microsoft Corporation

22d56c8184586b7a1f6fa60be5f5a2bd i8042prt.sys
Microsoft Corporation

707c1692214b1c290271067197f075f6 iaStor.sys
Intel Corporation

54155ea1b0df185878e0fc9ec3ac3a14 iaStorV.sys
Intel Corporation

2d077bf86e843f901d8db709c95b49a5 iirsp.sys
Intel Corp

8c7fa71cb1ebcd3ede8958d27b1bf0b4 int15_64.sys
tH`pVS_VERSION_INFO?taStringFileInfoBvCompanyNameAcer,Inc.FileDescriptionint`FileVersion..,builtby:WinDDK,InternalNameintZLegalCopyrightCopyRight@AcersolutionsOriginalFilenameint,ProductNameintBProductVersion..,DVarFileInfo$Translationt*

c6e5276c00ebdeb096bb5ef4b797d1b6 int15.sys
tH`PVS_VERSION_INFO?taStringFileInfoBvCompanyNameAcer,Inc.FileDescriptionint`FileVersion..,builtby:WinDDK,InternalNameintZLegalCopyrightCopyRight@AcersolutionsOriginalFilenameint,ProductNameintBProductVersion..,DVarFileInfo$Translationt*

83aa759f3189e6370c30de5dc5590718 intelide.sys
Microsoft Corporation

224191001e78c89dfa78924c3ea595ff intelppm.sys
Microsoft Corporation

62c265c38769b864cb25b4bcf62df6c3 ipfltdrv.sys
Microsoft Corporation

b25aaf203552b7b3491139d582b39ad1 IPMIDrv.sys
Microsoft Corporation

8793643a67b42cec66490b2a0cf92d68 ipnat.sys
Microsoft Corporation

e50a95179211b12946f7e035d60af560 irda.sys
Microsoft Corporation

109c0dfb82c3632fbd11949b73aeeac9 irenum.sys
Microsoft Corporation

6c70698a3e5c4376c6ab5c7c17fb0614 isapnp.sys
Microsoft Corporation

bced60d16156e428f8df8cf27b0df150 iteatapi.sys
Integrated Technology Express

06fa654504a498c30adca8bec4e87e7e iteraid.sys
Integrated Technology Express

37605e0a8cf00cbba538e753e4344c6e kbdclass.sys
Microsoft Corporation

ede59ec70e25c24581add1fbec7325f7 kbdhid.sys
Microsoft Corporation

86165728af9bf72d6442a894fdfb4f8b ksecdd.sys
Microsoft Corporation

ef73c1e29fbe7b0fd0274bf4394e346a ks.sys
Microsoft Corporation

86d7f66ac2c0123ed81b2f3e835845c2 L1E60x86.sys
Atheros Communications

d1c5883087a0c3f1344d9d55a44901f6 lltdio.sys
Microsoft Corporation

c7e15e82879bf3235b559563d4185365 lsi_fc.sys
LSI Logic

ee01ebae8c9bf0fa072e0ff68718920a lsi_sas.sys
LSI Logic

912a04696e9ca30146a62afa1463dd5c lsi_scsi.sys
LSI Logic

8f5c7426567798e62a3b3614965d62cc luafv.sys
Microsoft Corporation

b271ec02e71271a2da28b3b7bc4e4f15 mcd.sys
Microsoft Corporation

0cea2d0d3fa284b85ed5b68365114f76 mdmxsdk.sys
Conexant

0001ce609d66632fa17b84705f658879 megasas.sys
LSI Corporation

c252f32cd9a49dbfc25ecf26ebd51a99 MegaSR.sys
LSI Corporation

e13b5ea0f51ba5b1512ec671393d09ba modem.sys
Microsoft Corporation

0a9bb33b56e294f686abb7c1e4e2d8a8 monitor.sys
Microsoft Corporation

5bf6a1326a335c5298477754a506d263 mouclass.sys
Microsoft Corporation

93b8d4869e12cfbe663915502900876f mouhid.sys
Microsoft Corporation

bdafc88aa6b92f7842416ea6a48e1600 mountmgr.sys
Microsoft Corporation

511d011289755dd9f9a7579fb0b064e6 mpio.sys
Microsoft Corporation

22241feba9b2defa669c8cb0a8dd7d2e mpsdrv.sys
Microsoft Corporation

4fbbb70d30fd20ec51f80061703b001e Mraid35x.sys
LSI Logic

82cea0395524aacfeb58ba1448e8325c mrxdav.sys
Microsoft Corporation

2a4901aff069944fa945ed5bbf4dcde3 mrxsmb10.sys
Microsoft Corporation

28b3f1ab44bdd4432c041581412f17d9 mrxsmb20.sys
Microsoft Corporation

454341e652bdf5e01b0f2140232b073e mrxsmb.sys
Microsoft Corporation

28023e86f17001f7cd9b15a5bc9ae07d msahci.sys
Microsoft Corporation

4468b0f385a86ecddaf8d3ca662ec0e7 msdsm.sys
Microsoft Corporation

a9927f4a46b816c92f461acb90cf8515 msfs.sys
Microsoft Corporation

0f400e306f385c56317357d6dea56f62 msisadrv.sys
Microsoft Corporation

232fa340531d940aac623b121a595034 msiscsi.sys
Microsoft Corporation

d8c63d34d9c9e56c059e24ec7185cc07 mskssrv.sys
Microsoft Corporation

1d373c90d62ddb641d50e55b9e78d65e mspclock.sys
Microsoft Corporation

b572da05bf4e098d4bba3a4734fb505b mspqm.sys
Microsoft Corporation

b49456d70555de905c311bcda6ec6adb msrpc.sys
Microsoft Corporation

e384487cb84be41d09711c30ca79646c mssmbios.sys
Microsoft Corporation

7199c1eec1e4993caf96b8c0a26bd58a mstee.sys
Microsoft Corporation

6a57b5733d4cb702c8ea4542e836b96c mup.sys
Microsoft Corporation

1357274d1883f68300aeadd15d7bbb42 ndis.sys
Microsoft Corporation

0e186e90404980569fb449ba7519ae61 ndistapi.sys
Microsoft Corporation

d6973aa34c4d5d76c0430b181c3cd389 ndisuio.sys
Microsoft Corporation

818f648618ae34f729fdb47ec68345c3 ndiswan.sys
Microsoft Corporation

71dab552b41936358f3b541ae5997fb3 ndproxy.sys
Microsoft Corporation

bcd093a5a6777cf626434568dc7dba78 netbios.sys
Microsoft Corporation

ecd64230a59cbd93c85f1cd1cab9f3f6 netbt.sys
Microsoft Corporation

063ee4d3cb88a14eab9901875cee98b1 netio.sys
Microsoft Corporation

ba420e8ebfcad35581fe8e4c64f71469 NETw5v32.sys
Intel Corporation

2e7fb731d4790a1bc6270accefacb36e nfrd960.sys
IBM Corp

d36f239d7cce1931598e8fb90a0dbc26 npfs.sys
Microsoft Corporation

609773e344a97410ce4ebf74a8914fcf nsiproxy.sys
Microsoft Corporation

6a4a98cee84cf9e99564510dda4baa47 ntfs.sys
Microsoft Corporation

2757d2ba59aee155209e24942ab127c9 NTIDrvr.sys
NewTech Infosystems

e875c093aec0c978a90f30c9e0dfbb72 ntrigdigi.sys
N-trig Innovative Technologies

c5dbbcda07d780bda9b685df333bb41e null.sys
Microsoft Corporation

18bbdf913916b71bd54575bdb6eeac0b NV_AGP.SYS
Microsoft Corporation

2c7ac27710e8d41c1eb7d1599187d237 nvhda32v.sys
NVIDIA Corporation

cb0d6f8f65b8766ff2aaaa78881fd9f8 nvlddmkm.sys
NVIDIA Corporation

2edf9e7751554b42cbb60116de727101 nvraid.sys
NVIDIA Corporation

abed0c09758d1d97db0042dbb2688177 nvstor.sys
NVIDIA Corporation

85c44fdff9cf7e72a40dcb7ec06a4416 nwifi.sys
Microsoft Corporation

be32da025a0be1878f0ee8d6d9386cd5 ohci1394.sys
Microsoft Corporation

99514faa8df93d34b5589187db3aa0ba pacer.sys
Microsoft Corporation

0fa9b5055484649d63c303fe404e5f4d parport.sys
Microsoft Corporation

57389fa59a36d96b3eb09d0cb91e9cdc partmgr.sys
Microsoft Corporation

4f9a6a8a31413180d0fcb279ad5d8112 parvdm.sys
Microsoft Corporation

fc175f5ddab666d7f4d17449a547626f pciide.sys
Microsoft Corporation

46ed71afe2c872931e87ab958be133fa pciidex.sys
Microsoft Corporation

941dc1d19e7e8620f40bbc206981efdb pci.sys
Microsoft Corporation

e6f3fb1b86aa519e7698ad05e58b04e5 pcmcia.sys
Microsoft Corporation

6349f6ed9c623b44b52ea3c63c831a92 PEAuth.sys
Microsoft Corporation

218286724ec530ff252648369e05b090 portcls.sys
Microsoft Corporation

2027293619dd0f047c584cf2e7df4ffd processr.sys
Microsoft Corporation

628321c8dd76ad369b362b202e655a68 psdfilter.sys
H`pllVS_VERSION_INFO?baStringFileInfobDCompanyNameEgisIncorporatedFileDescriptionAcereDataSecurityManagementPSDFilterDrivervFileVersion,,,nInternalNamePSDFilterz+LegalCopyright©EgisIncorporated.AllrightsreservedDOriginalFilenamepsdfilter.sysProductNameAcereDataSecurityManagement:vProductVersion,,,DVarFileInfo$Translationt*

79d7117e62709c7690cf3dd55acead37 PSDNServ.sys
H`p||VS_VERSION_INFO?baStringFileInfobDCompanyNameEgisIncorporatedFileDescriptionAcereDataSecurityManagementPSDNamedPipeDrivervFileVersion,,,vInternalNamePSDNServerz+LegalCopyright©EgisIncorporated.AllrightsreservedFOriginalFilenamePSDNServer.sysProductNameAcereDataSecurityManagement:vProductVersion,,,DVarFileInfo$Translationt*

cae5e82827990cf4bd4a49576bde3a43 PSDVdisk.sys
H`xxVS_VERSION_INFO?baStringFileInfobDCompanyNameEgisIncorporatedFileDescriptionAcereDataSecurityManagementPSDVirtualDiskDrivervFileVersion,,,tInternalNamePSDVDiskz+LegalCopyright©EgisIncorporated.AllrightsreservedBrOriginalFilenamepsdvdisk.sysProductNameAcereDataSecurityManagement:vProductVersion,,,DVarFileInfo$Translationt*

0a6db55afb7820c99aa1f3a1d270f4f6 ql2300.sys
QLogic Corporation

81a7e5c076e59995d54bc1ed3a16e60b ql40xx.sys
QLogic Corporation

9f5e0e1926014d17486901c88eca2db7 qwavedrv.sys
Microsoft Corporation

147d7f9c556d259924351feb0de606c3 rasacd.sys
Microsoft Corporation

a214adbaf4cb47dd2728859ef31f26b0 rasl2tp.sys
Microsoft Corporation

509a98dd18af4375e1fc40bc175f1def raspppoe.sys
Microsoft Corporation

ecfffaec0c1ecd8dbc77f39070ea1db1 raspptp.sys
Microsoft Corporation

2005f4a1e05fa09389ac85840f0a9e4d rassstp.sys
Microsoft Corporation

b14c9d5b9add2f84f70570bbbfaa7935 rdbss.sys
Microsoft Corporation

89e59be9a564262a3fb6c4f4f1cd9899 RDPCDD.sys
Microsoft Corporation

fbc0bacd9c3d7f6956853f64a66e252d rdpdr.sys
Microsoft Corporation

9d91fe5286f748862ecffa05f8a0710c RDPENCDD.sys
Microsoft Corporation

30bfbdfb7f95559ede971f9ddb9a00ba rdpwd.sys
Microsoft Corporation

eec7ee5675294b03e88aa868540007c1 rmcast.sys
Microsoft Corporation

d9225d107e40d0fa5c5069446759c8e9 RNDISMP.sys
Microsoft Corporation

75e8a6bfa7374aba833ae92bf41ae4e6 rootmdm.sys
Microsoft Corporation

9c508f4074a39e8b4b31d27198146fad rspndr.sys
Microsoft Corporation

b8716d9677b04b82fa405c8c54954728 RTKVHDA.sys
Realtek Semiconductor

7a4f79df3793160b280cde152b61fe33 RTSTOR.sys
Realtek Semiconductor

3ce8f073a557e172b330109436984e30 sbp2port.sys
Microsoft Corporation

6f5ca34ae885645acf8a20d564db976c scsiport.sys
Microsoft Corporation

90a3935d05b494a5a39d37e71f09a677 secdrv.sys
Macrovision Corporation

68e44e331d46f0fb38f0863a84cd1a31 serenum.sys
Microsoft Corporation

c70d69a918b178d3c3b06339b40c2e1b serial.sys
Microsoft Corporation

8af3d28a879bf75db53a0ee7a4289624 sermouse.sys
Microsoft Corporation

3efa810bdca87f6ecc24f9832243fe86 sffdisk.sys
Microsoft Corporation

e95d451f7ea3e583aec75f3b3ee42dc5 sffp_mmc.sys
Microsoft Corporation

3d0ea348784b7ac9ea9bd9f317980979 sffp_sd.sys
Microsoft Corporation

46ed8e91793b2e6f848015445a0ac188 sfloppy.sys
Microsoft Corporation

1d76624a09a054f682d746b924e2dbc3 SISAGP.SYS
Microsoft Corporation

43cb7aa756c7db280d01da9b676cfde2 sisraid2.sys
Microsoft Corporation

a99c6c8b0baa970d8aa59ddc50b57f94 sisraid4.sys
Silicon Integrated Systems

7b75299a4d201d6a6533603d6914ab04 smb.sys
Microsoft Corporation

a7d7ea1771d2ed6f39a8063e79b6c3e8 smclib.sys
Microsoft Corporation

7aebdeef071fe28b0eef2cdd69102bff spldr.sys
Microsoft Corporation

a7f8bad9590addc425b4003e94780dfa spsys.sys
Microsoft Corporation

d15959d9f69f0d39a0153e9c244f20dd srv2.sys
Microsoft Corporation

faa0d553a49e85008c6bb3781987c574 srvnet.sys
Microsoft Corporation

ff3cbc13db84d81f56931bc922cc37c4 srv.sys
Microsoft Corporation

47e55afe1ed1d5aff09690db226f4a7a Storport.sys
Microsoft Corporation

70a92e46a2f459cdede3ca558cb26b6a stream.sys
Microsoft Corporation

7ba58ecf0c0a9a69d44b3dca62becf56 swenum.sys
Microsoft Corporation

192aa3ac01df071b541094f251deed10 symc8xx.sys
LSI Logic

8c8eb8c76736ebaf3b13b633b2e64125 sym_hi.sys
LSI Logic

8072af52b5fd103bbba387a1e49f62cb sym_u3.sys
LSI Logic

4c9bb4b3b9eac26211484c30b914c6dc SynTP.sys
Synaptics

1239fd18895040d97b7cdbc19bc2075e tape.sys
Microsoft Corporation

608c345a255d82a6289c2d468eb41fd7 tcpipreg.sys
Microsoft Corporation

a474879afa4a596b3a531f3e69730dbf tcpip.sys
Microsoft Corporation

72b9e77565da5fa564581976e000d29b tcusb.sys
tHVS_VERSION_INFOtotobStringFileInfoenCompanyNameUPEKInc.`FileDescriptionTouchChipUSBKernelDrivernFileVersion...,InternalNametcusbh"LegalCopyrightCopyright©-UPEKInc.<nLegalTrademarksTouchChip<nOriginalFilenametcusb.sysXProductNameTouchChipUSBKernelDriverProductVersion..NSpecialBuildwin.x-rel(_wxp)DVarFileInfo$Translationt

77937eff009ac696b90e09f671f9d0a4 tdi.sys
Microsoft Corporation

5dcf5e267be67a1ae926f2df77fbcc56 tdpipe.sys
Microsoft Corporation

389c63e32b3cefed425b61ed92d3f021 tdtcp.sys
Microsoft Corporation

76b06eb8a01fc8624d699e7045303e54 tdx.sys
Microsoft Corporation

3cad38910468eab9a6479e2f01db43c7 termdd.sys
Microsoft Corporation

dcf0f056a2e4f52287264f5ab29cf206 tssecsrv.sys
Microsoft Corporation

caecc0120ac49e3d2f758b9169872d38 TUNMP.SYS
Microsoft Corporation

119b8184e106baedc83fce5ddf3950da tunnel.sys
Microsoft Corporation

97dd70feca64fb4f63de7bb7e66a80b1 TVicPort.sys
tH&VS_VERSION_INFO?adStringFileInfo@bComments<CompanyNameEnTechTaiwanv'FileDescriptionTVicPortDriverforWindowsNT//XP(FileVersion.:rInternalNameTVicPort.sysVLegalCopyrightEnTechTaiwan,-:tLegalTrademarksTVicPortBrOriginalFilenameTVicPort.sysPrivateBuildIProductNameTVicPortGenericDeviceDriverforWindows//ME/NT///XP/XP,ProductVersion.SpecialBuildDVarFileInfo$Translationt

7d33c4db2ce363c8518d2dfcf533941f UAGP35.SYS
Microsoft Corporation

d9728af68c4c7693cb100b8441cbdec6 udfs.sys
Microsoft Corporation

b0acfdc9e4af279e9116c03e014b2b27 ULIAGPKX.SYS
Microsoft Corporation

9224bb254f591de4ca8d572a5f0d635c uliahci.sys
ULi Electronics

38c3c6e62b157a6bc46594fada45c62b ulsata2.sys
Promise Technology

8514d0e5cd0534467c5fc61be94a569f ulsata.sys
Promise Technology

32cff9f809ae9aed85464492bf3e32d2 umbus.sys
Microsoft Corporation

88bd96a1baeed33ee8bdf9499c07a841 umpass.sys
Microsoft Corporation

830d5d8456b822c1247c1e59b4c464fa usb8023.sys
Microsoft Corporation

d4fb6ecc60a428564ba8768b0e23c0fc usbaapl.sys
Apple

eae017d3aa298374a1967b96c379c5ab USBCAMD2.sys
Microsoft Corporation

d06f193f3e9cc3b356df97f6a43c054a USBCAMD.sys
Microsoft Corporation

caf811ae4c147ffcd5b51750c7f09142 usbccgp.sys
Microsoft Corporation

e9476e6c486e76bc4898074768fb7131 usbcir.sys
Microsoft Corporation

790fdac6d0c762df9047c3c625a6ff6c usbd.sys
Microsoft Corporation

79e96c23a97ce7b8f14d310da2db0c9b usbehci.sys
Microsoft Corporation

4673bbcb006af60e7abddbe7a130ba42 usbhub.sys
Microsoft Corporation

38dbc7dd6cc5a72011f187425384388b usbohci.sys
Microsoft Corporation

a1c100a87d981ad0774fbc0b4b82e913 usbport.sys
Microsoft Corporation

b51e52acf758be00ef3a58ea452fe360 usbprint.sys
Microsoft Corporation

be3da31c191bc222d9ad503c5224f2ad USBSTOR.SYS
Microsoft Corporation

814d653efc4d48be3b04a307eceff56f usbuhci.sys
Microsoft Corporation

e67998e8f14cb0627a769f6530bcb352 usbvideo.sys
Microsoft Corporation

87b06e1f30b749a114f74622d013f8d4 vgapnp.sys
Microsoft Corporation

2e93ac0a1d8c79d019db6c51f036636c vga.sys
Microsoft Corporation

5d7159def58a800d5781ba3a879627bc VIAAGP.SYS
Microsoft Corporation

c4f3a691b5bad343e6249bd8c2d45dee viac7.sys
Microsoft Corporation

aadf5587a4063f52c2c3fed7887426fc viaide.sys
VIA Technologies

c048d2c33d27441a0cdcaae2651eb03d videoprt.sys
Microsoft Corporation

69503668ac66c77c6cd7af86fbdf8c43 volmgr.sys
Microsoft Corporation

23e41b834759917bfd6b9a0d625d0c28 volmgrx.sys
Microsoft Corporation

147281c01fcb1df9252de2a10d5e7093 volsnap.sys
Microsoft Corporation

587253e09325e6bf226b299774b728a9 vsmraid.sys
VIA Technologies

46d67209550973257601a533e2ac5785 VSTAZL3.SYS
Conexant

5c7bdcf5864db00323fe2d90fa26a8a2 VSTCNXT3.SYS
Conexant

ec36f1d542ed4252390d446bf6d4dfd0 VSTDPV3.SYS
Conexant

48dfee8f1af7c8235d4e626f0c4fe031 wacompen.sys
Microsoft Corporation

55201897378cca7af8b5efd874374a26 wanarp.sys
Microsoft Corporation

4a5c31e2c1646034e6a60eba4c747ff6 watchdog.sys
Microsoft Corporation

b6f0a7ad6d4bd325fbcd8bac96cd8d96 Wdf01000.sys
Microsoft Corporation

b4fc6dd9167b058e6dbe6cb14acfa2cb WdfLdr.sys
Microsoft Corporation

78fe9542363f297b18c027b2d7e7c07f wd.sys
Microsoft Corporation

3fa87d56769838aac82fafc3e78fc732 winbondcir.sys
Winbond Electronics

2e7255d172df0b8283cdfb7b433b864e wmiacpi.sys
Microsoft Corporation

c546864eed786304762d030febf6b411 wmilib.sys
Microsoft Corporation

0cec23084b51b8288099eb710224e955 WpdUsb.sys
Microsoft Corporation

e3a3cb253c0ec2494d4a61f5e43a389c ws2ifsl.sys
Microsoft Corporation

13b5f255e90624a5ba0441d39cfb6be2 WUDFPf.sys
Microsoft Corporation

ac13cb789d93412106b0fb6c7eb2bcb6 WUDFRd.sys
Microsoft Corporation

dab33cfa9dd24251aaa389ff36b64d4b XAudio.sys
Conexant

40ac8590cc9006dbb99ffcb37879d4c6 zntport.sys
tH`nVS_VERSION_INFO?ZStringFileInfob@CompanyNameZealSoftStudiobFileDescriptionzntportvFileVersion,,,bInternalNamezntport/LegalCopyrightCopyright-HaiLi,[email protected]>ProductNameNTPortLibrary:vProductVersion,,,DVarFileInfo$TranslationtTDTb

Driver report for /mnt/sda1/Windows/System32/drivers

b46aa621e7bd4fe150bcc140daceda1b 1394bus.sys
Microsoft Corporation

192bdbd1540645c4a2aa69f24cce197f acpi.sys
Microsoft Corporation

2edc5bbac6c651ece337bde8ed97c9fb adp94xx.sys
Adaptec

b84088ca3cdca97da44a984c6ce1ccad adpahci.sys
Adaptec

7880c67bccc27c86fd05aa2afb5ea469 adpu160m.sys
Adaptec

9ae713f8e30efc2abccd84904333df4d adpu320.sys
Adaptec

5d24caf8efd924a875698ff28384db8b afd.sys
Microsoft Corporation

ef23439cdd587f64c2c1b8825cead7d8 AGP440.sys
Microsoft Corporation

90395b64600ebb4552e26e178c94b2e4 aliide.sys
Acer Laboratories

2b13e304c9dfdfa5eb582f6a149fa2c7 AMDAGP.SYS
Microsoft Corporation

0577df1d323fe75a739c787893d300ea amdide.sys
Microsoft Corporation

dc487885bcef9f28eece6fac0e5ddfc5 amdk7.sys
Microsoft Corporation

0ca0071da4315b00fc1328ca86b425da amdk8.sys
Microsoft Corporation

957f7540b5e7f602e44648c7de5a1c05 arcsas.sys
Adaptec

5f673180268bb1fdb69c99b6619fe379 arc.sys
Adaptec

e86cf7ce67d5de898f27ef884dc357d8 asyncmac.sys
Microsoft Corporation

4f4fcb8b6ea06784fb6d475b7ec7300f atapi.sys
Microsoft Corporation

bf1dc83332edfdcfacb1be080e119655 ataport.sys
Microsoft Corporation

87d8e49d1615d419efceddefe02161cc battc.sys
Microsoft Corporation

913cd06fbe9105ce6077e90fd4418561 bowser.sys
Microsoft Corporation

9f9acc7f7ccde8a15c282d3f88b43309 BrFiltLo.sys
Brother Industries

56801ad62213a41f6497f96dee83755a BrFiltUp.sys
Brother Industries

b304e75cff293029eddf094246747113 BrSerId.sys
Brother Industries

203f0b1e73adadbbb7b7b1fabd901f6b BrSerWdm.sys
Brother Industries

bd456606156ba17e60a04e18016ae54b BrUsbMdm.sys
Brother Industries

af72ed54503f717a43268b3cc5faec2e BrUsbSer.sys
Brother Industries

ad07c1ec6665b8b35741ab91200c6b68 bthmodem.sys
Microsoft Corporation

6c3a437fc873c6f6a4fc620b6888cb86 cdfs.sys
Microsoft Corporation

8d1866e61af096ae8b582454f5e4d303 cdrom.sys
Microsoft Corporation

d1d2b10698d97df0fc95bc8c108f09c1 Classpnp.sys
Microsoft Corporation

45201046c776ffdaf3fc8a0029c581c8 cmdide.sys
CMD Technology

82b8c91d327cfecf76cb58716f7d4997 compbatt.sys
Microsoft Corporation

22a7f883508176489f559ee745b5bf5d crusoe.sys
Microsoft Corporation

a7179de59ae269ab70345527894ccd7c dfsc.sys
Microsoft Corporation

841af4c4d41d3e3b2f244e976b0f7963 disk.sys
Microsoft Corporation

ae1fdf7bf7bb6c6a70f67699d880592a djsvs.sys
Adaptec

c4a6c98628b8f697c743b2e0b55ca8e7 dumpfve.sys
Microsoft Corporation

a253aa14ca560a4b8ba6e9d1f78ef10e dxapi.sys
Microsoft Corporation

61d4d58d09357f0598a04d1192a4b76c dxg.sys
Microsoft Corporation

e8f3f21a71720c84bcf423b80028359f elxstor.sys
Emulex

84a317cb0b3954d3768cdcd018dbf670 fastfat.sys
Microsoft Corporation

190643bef74c8b30c8276d5979f5d62b fbwf.sys
Microsoft Corporation

63bdada84951b9c03e641800e176898a fdc.sys
Microsoft Corporation

6603957eff5ec62d25075ea8ac27de68 flpydisk.sys
Microsoft Corporation

a6a8da7ae4d53394ab22ac3ab6d3f5d3 fltMgr.sys
Microsoft Corporation

1ed8599e1e08ba40f2b7301f0b83583a fs_rec.sys
Microsoft Corporation

06a1cf72fbe3b50035fbff428c8d84b4 fvevol.sys
Microsoft Corporation

e216cf8c8605e546981098484b78d08b FWPKCLNT.SYS
Microsoft Corporation

4e1cd0a45c50a8882616cae5bf82f3c5 GAGP30KX.SYS
Microsoft Corporation

5fd053f305b77ebe97f284b20d89dc1c hdaudbus.sys
Microsoft Corporation

1338520e78d90154ed6be8f84de5fceb hidbth.sys
Microsoft Corporation

081655939fa6c09eec56da090f461ecc hidclass.sys
Microsoft Corporation

ff3160c3a2445128c5a6d9b076da519e hidir.sys
Microsoft Corporation

451a4d76448cee21407fb0a9a362c057 hidparse.sys
Microsoft Corporation

3c64042b95e583b366ba4e5d2450235e hidusb.sys
Microsoft Corporation

df353b401001246853763c4b7aaa6f50 HpCISSs.sys
Hewlett-Packard

8420bf9ad8ae0b4a96f30bd7c8fb9adf i2omgmt.sys
Microsoft Corporation

324c2152ff2c61abae92d09f3cca4d63 i2omp.sys
Microsoft Corporation

1060f1377f395a242e27719440ece602 i8042prt.sys
Microsoft Corporation

c957bf4b5d80b46c5017bf0101e6c906 iaStorV.sys
Intel Corporation

2d077bf86e843f901d8db709c95b49a5 iirsp.sys
Intel Corp

97469037714070e45194ed318d636401 intelide.sys
Microsoft Corporation

ce44cc04262f28216dd4341e9e36a16f intelppm.sys
Microsoft Corporation

40f34f8aba2a015d780e4b09138b6c17 IPMIDrv.sys
Microsoft Corporation

350fca7e73cf65bcef43fae1e4e91293 isapnp.sys
Microsoft Corporation

bced60d16156e428f8df8cf27b0df150 iteatapi.sys
Integrated Technology Express

06fa654504a498c30adca8bec4e87e7e iteraid.sys
Integrated Technology Express

1a48765f92ba1a88445fc25c9c9d94fc kbdclass.sys
Microsoft Corporation

d2600cb17b7408b4a83f231dc9a11ac3 kbdhid.sys
Microsoft Corporation

11d0bc1f2afd8abbb5a3dc47a042de54 ksecdd.sys
Microsoft Corporation

48314cdd79ce94b8f36bd6243323a310 ks.sys
Microsoft Corporation

a2262fb9f28935e862b4db46438c80d2 lsi_fc.sys
LSI Logic

30d73327d390f72a62f32c103daf1d6d lsi_sas.sys
LSI Logic

e1e36fefd45849a95f1ab81de0159fe3 lsi_scsi.sys
LSI Logic

0447888a6feb655068bd1696d1c16a5b mcd.sys
Microsoft Corporation

d153b14fc6598eae8422a2037553adce megasas.sys
LSI Logic

3c9469dfb3440555dab070716d768b1e mouclass.sys
Microsoft Corporation

a3a6dff7e9e757db3df51a833bc28885 mouhid.sys
Microsoft Corporation

01f1e5a3e4877c931cbb31613fec16a6 mountmgr.sys
Microsoft Corporation

8d326e8b321685d4784afa1c55169d73 mpsdrv.sys
Microsoft Corporation

4fbbb70d30fd20ec51f80061703b001e Mraid35x.sys
LSI Logic

58a9ab5754fa4cabede7401283b5a771 mrxsmb10.sys
Microsoft Corporation

79b09504e4a790104683722cd04f76b4 mrxsmb20.sys
Microsoft Corporation

fca7563d87f71c6db0182ca67cc19aa7 mrxsmb.sys
Microsoft Corporation

742aed7939e734c36b7e8d6228ce26b7 msahci.sys
Microsoft Corporation

729eafefd4e7417165f353a18dbe947d msfs.sys
Microsoft Corporation

5f454a16a5146cd91a176d70f0cfa3ec msisadrv.sys
Microsoft Corporation

4dca456d4d5723f8fa9c6760d240b0df msiscsi.sys
Microsoft Corporation

892cedefa7e0ffe7be8da651b651d047 mskssrv.sys
Microsoft Corporation

ae2cb1da69b2676b4cee2a501af5871c mspclock.sys
Microsoft Corporation

f910da84fa90c44a3addb7cd874463fd mspqm.sys
Microsoft Corporation

84571c0ae07647ba38d493f5f0015df7 msrpc.sys
Microsoft Corporation

4385c80ede885e25492d408cad91bd6f mssmbios.sys
Microsoft Corporation

c826dd1373f38afd9ca46ec3c436a14e mstee.sys
Microsoft Corporation

fa7aa70050cf5e2d15de00941e5665e5 mup.sys
Microsoft Corporation

227c11e1e7cf6ef8afb2a238d209760c ndis.sys
Microsoft Corporation

7584f1794b23b83d63cc124a8c56d103 ndistapi.sys
Microsoft Corporation

397402adcbb8946223a1950101f6cd94 ndiswan.sys
Microsoft Corporation

874c12e3ad1431cabc854697d302c563 ndproxy.sys
Microsoft Corporation

356dbb9f98e8dc1028dd3092fceeb877 netbios.sys
Microsoft Corporation

e3a168912e7eefc3bd3b814720d68b41 netbt.sys
Microsoft Corporation

f4d83b4bf1613ca1dd3887089b648247 netio.sys
Microsoft Corporation

2e7fb731d4790a1bc6270accefacb36e nfrd960.sys
IBM Corp

4f9832beb9fafd8ceb0e541f1323b26e npfs.sys
Microsoft Corporation

b488dfec274de1fc9d653870ef2587be nsiproxy.sys
Microsoft Corporation

3f379380a4a2637f559444e338cf1b51 ntfs.sys
Microsoft Corporation

e875c093aec0c978a90f30c9e0dfbb72 ntrigdigi.sys
N-trig Innovative Technologies

ec5efb3c60f1b624648344a328bce596 null.sys
Microsoft Corporation

07c186427eb8fcc3d8d7927187f260f7 NV_AGP.SYS
Microsoft Corporation

e69e946f80c1c31c53003bfbf50cbb7c nvraid.sys
NVIDIA Corporation

9e0ba19a28c498a6d323d065db76dffc nvstor.sys
NVIDIA Corporation

be32da025a0be1878f0ee8d6d9386cd5 ohci1394.sys
Microsoft Corporation

0fa9b5055484649d63c303fe404e5f4d parport.sys
Microsoft Corporation

555a5b2c8022983bc7467bc925b222ee partmgr.sys
Microsoft Corporation

4f9a6a8a31413180d0fcb279ad5d8112 parvdm.sys
Microsoft Corporation

3b1901e401473e03eb8c874271e50c26 pciide.sys
Microsoft Corporation

12149268080ddfe98fd1fb4a83c857d7 pciidex.sys
Microsoft Corporation

1085d75657807e0e8b32f9e19a1647c3 pci.sys
Microsoft Corporation

e6f3fb1b86aa519e7698ad05e58b04e5 pcmcia.sys
Microsoft Corporation

0e3cef5d28b40cf273281d620c50700a processr.sys
Microsoft Corporation

ccdac889326317792480c0a67156a1ec ql2300.sys
QLogic Corporation

81a7e5c076e59995d54bc1ed3a16e60b ql40xx.sys
QLogic Corporation

50e80f018d1617211d64be8bca7399be ramdisk.sys
Microsoft Corporation

bd7b30f55b3649506dd8b3d38f571d2a rasacd.sys
Microsoft Corporation

88587dd843e2059848995b407b67f6cf rasl2tp.sys
Microsoft Corporation

ccf4e9c6cbbac81437f88cb2ae0b6c96 raspppoe.sys
Microsoft Corporation

6c359ac71d7b550a0d41f9db4563ce05 raspptp.sys
Microsoft Corporation

54129c5d9581bbec8bd1ebd3ba813f47 rdbss.sys
Microsoft Corporation

e8bd98d46f2ed77132ba927fccb47d8b rdpdr.sys
Microsoft Corporation

880b90551bf438fe970b24ee228907d5 sacdrv.sys
Microsoft Corporation

3ce8f073a557e172b330109436984e30 sbp2port.sys
Microsoft Corporation

f5dbd29fbdb39bf49af7bb81a4d9561d scsiport.sys
Microsoft Corporation

68e44e331d46f0fb38f0863a84cd1a31 serenum.sys
Microsoft Corporation

c70d69a918b178d3c3b06339b40c2e1b serial.sys
Microsoft Corporation

fd06895f55c0bec3cbd84bda14e1c6b7 sermouse.sys
Microsoft Corporation

46ed8e91793b2e6f848015445a0ac188 sfloppy.sys
Microsoft Corporation

d2a595d6eebeeaf4334f8e50efbc9931 SISAGP.SYS
Microsoft Corporation

cedd6f4e7d84e9f98b34b3fe988373aa sisraid2.sys
Silicon Integrated Systems

df843c528c4f69d12ce41ce462e973a7 sisraid4.sys
Silicon Integrated Systems

ac0d90738adb51a6fd12ff00874a2162 smb.sys
Microsoft Corporation

4e7bb783f21efba4b563f1b8f79e5c98 smclib.sys
Microsoft Corporation

ed386e31d263448b2ed36d4839f2ca04 Storport.sys
Microsoft Corporation

c13b3688451d86e8557ba9486ddbb2d1 stream.sys
Microsoft Corporation

1379bdb336f8158c176a465e30759f57 swenum.sys
Microsoft Corporation

192aa3ac01df071b541094f251deed10 symc8xx.sys
LSI Logic

8c8eb8c76736ebaf3b13b633b2e64125 sym_hi.sys
LSI Logic

8072af52b5fd103bbba387a1e49f62cb sym_u3.sys
LSI Logic

c92e9f3e4154415ceebeb80250e32d19 tape.sys
Microsoft Corporation

d944522b048a5feb7700b5170d3d9423 tcpip.sys
Microsoft Corporation

bbe07d2766fb165bdf1f49107dabce85 tdi.sys
Microsoft Corporation

ab4fde8af4a0270a46a001c08cbce1c2 tdx.sys
Microsoft Corporation

2c549bd9dd091fbfaa0a2a48e82ec2fb termdd.sys
Microsoft Corporation

c3ade15414120033a36c0f293d4a4121 UAGP35.SYS
Microsoft Corporation

6348da98707ceda8a0dfb05820e17732 udfs.sys
Microsoft Corporation

75e6890ebfce0841d3291b02e7a8bdb0 ULIAGPKX.SYS
Microsoft Corporation

3cd4ea35a6221b85dcc25daa46313f8d uliahci.sys
ULi Electronics

38c3c6e62b157a6bc46594fada45c62b ulsata2.sys
Promise Technology

8514d0e5cd0534467c5fc61be94a569f ulsata.sys
Promise Technology

3fb78f1d1dd86d87bececd9dffa24dd9 umbus.sys
Microsoft Corporation

d2f0639163b12f791f81b52dc1155863 USBCAMD2.sys
Microsoft Corporation

391e74f5c8c5b3c41c360b71798e2801 USBCAMD.sys
Microsoft Corporation

8bd3ae150d97ba4e633c6c5c51b41ae1 usbccgp.sys
Microsoft Corporation

e5350a6599d84f73da3dc87183c40bd7 usbd.sys
Microsoft Corporation

63fe924d8a1113c3ba6750693fbec7d3 usbehci.sys
Microsoft Corporation

5edec5510592c905e91817707dce62a2 usbhub.sys
Microsoft Corporation

38dbc7dd6cc5a72011f187425384388b usbohci.sys
Microsoft Corporation

7f510748487d3d67c70fe5fb061fe55a usbport.sys
Microsoft Corporation

b51e52acf758be00ef3a58ea452fe360 usbprint.sys
Microsoft Corporation

fdbaabf07244c60b0f4e0a6e71a107c6 USBSTOR.SYS
Microsoft Corporation

325dbbacb8a36af9988ccf40eac228cc usbuhci.sys
Microsoft Corporation

17a8f877314e4067f8c8172cc6d9101c vga.sys
Microsoft Corporation

045d9961e591cf0674a920b6ba3ba5cb VIAAGP.SYS
Microsoft Corporation

56a4de5f02f2e88182b0981119b4dd98 viac7.sys
Microsoft Corporation

fd2e3175fcada350c7ab4521dca187ec viaide.sys
VIA Technologies

d1fa901e4878b7011fe8a8c2890e90c7 videoprt.sys
Microsoft Corporation

103e84c95832d0ed93507997cc7b54e8 volmgr.sys
Microsoft Corporation

294da8d3f965f6a8db934a83c7b461ff volmgrx.sys
Microsoft Corporation

11ef6c1caef76b685233450a126125d6 volsnap.sys
Microsoft Corporation

d984439746d42b30fc65a4c3546c6829 vsmraid.sys
VIA Technologies

48dfee8f1af7c8235d4e626f0c4fe031 wacompen.sys
Microsoft Corporation

6e1a5be9a0605f3d932ff35fba2b22b3 wanarp.sys
Microsoft Corporation

3a1f38a6fb749fc7a57a2826f6f8fb01 watchdog.sys
Microsoft Corporation

5dfdbd5ef13e4d95be6fc108e2ed4a67 Wdf01000.sys
Microsoft Corporation

2ad694d25fdfda2abaa19fd297a59b47 WdfLdr.sys
Microsoft Corporation

afc5ad65b991c1e205cf25cfdbf7a6f4 wd.sys
Microsoft Corporation

536040650698a73629b7ba5d3586c714 wimfsf.sys
Microsoft Corporation

701a9f884a294327e9141d73746ee279 wmiacpi.sys
Microsoft Corporation

20b05e362bb678cf51d610673c9a12e7 wmilib.sys
Microsoft Corporation

84620aecdcfd2a7a14e6263927d8c0ed ws2ifsl.sys
Microsoft Corporation



Remote Registry Report

Hive </mnt/sda4/WINDOWS/system32/config/SOFTWARE>
\Microsoft\Windows NT\CurrentVersion> Value <ProductName> of type REG_SZ, data length 42 [0x2a]
Microsoft Windows XP
\Microsoft\Windows NT\CurrentVersion> Value <CSDVersion> of type REG_SZ, data length 30 [0x1e]
Service Pack 2
\Microsoft\Windows NT\CurrentVersion> Value <SystemRoot> of type REG_SZ, data length 22 [0x16]
C:\WINDOWS
\Microsoft\Windows NT\CurrentVersion\Windows> Value <AppInit_DLLs> of type REG_SZ, data length 2 [0x2]
(...)\Windows NT\CurrentVersion\Winlogon> Value <Shell> of type REG_SZ, data length 36 [0x24]
C:\CLLauncher.exe
(...)\Windows NT\CurrentVersion\Winlogon> Value <Userinit> of type REG_SZ, data length 56 [0x38]
C:\WINDOWS\FBA\FBA.EXE -run
(...)\Windows NT\CurrentVersion\Winlogon\Notify> Node has 7 subkeys and 0 values
<crypt32chain>
<cryptnet>
<EFS>
<igfxcui>
<ScCertProp>
<sclgntfy>
<termsrv>
\Microsoft\Windows\CurrentVersion\Run> Node has 0 subkeys and 11 values
size type value name [value if type DWORD]
24 REG_SZ <RTHDCPL>
22 REG_SZ <Alcmtr>
120 REG_SZ <AzMixerSel>
68 REG_SZ <LManager>
66 REG_SZ <IgfxTray>
60 REG_SZ <HotKeysCmds>
66 REG_SZ <Persistence>
140 REG_SZ <BGDismount>
106 REG_SZ <NvCplDaemon>
36 REG_SZ <nwiz>
120 REG_SZ <NvMediaCenter>


Hive </mnt/sda2/Windows/System32/config/SOFTWARE>
(...)\Microsoft\Windows NT\CurrentVersion> Value <ProductName> of type REG_SZ, data length 64 [0x40]
Windows Vista ™ Home Premium
(...)\Microsoft\Windows NT\CurrentVersion> Value <CSDVersion> of type REG_SZ, data length 30 [0x1e]
Service Pack 2
(...)\Microsoft\Windows NT\CurrentVersion> Value <SystemRoot> of type REG_SZ, data length 22 [0x16]
C:\Windows
(...)\Microsoft\Windows NT\CurrentVersion\Windows> Value <AppInit_DLLs> of type REG_SZ, data length 2 [0x2]
(...)\Windows NT\CurrentVersion\Winlogon> Value <Shell> of type REG_SZ, data length 26 [0x1a]
explorer.exe
(...)\Windows NT\CurrentVersion\Winlogon> Value <Userinit> of type REG_SZ, data length 68 [0x44]
C:\Windows\system32\userinit.exe,
(...)\Windows NT\CurrentVersion\Winlogon> Node has 1 subkeys and 21 values
<GPExtensions>
size type value name [value if type DWORD]
4 REG_SZ <ReportBootOk>
26 REG_SZ <Shell>
68 REG_SZ <Userinit>
88 REG_SZ <VmApplet>
4 REG_DWORD <AutoRestartShell> 1 [0x1]
2 REG_SZ <LegalNoticeCaption>
2 REG_SZ <LegalNoticeText>
4 REG_SZ <PowerdownAfterShutdown>
4 REG_SZ <ShutdownWithoutLogon>
6 REG_SZ <cachedlogonscount>
4 REG_DWORD <forceunlocklogon> 0 [0x0]
4 REG_DWORD <passwordexpirywarning> 14 [0xe]
12 REG_SZ <Background>
6 REG_SZ <DebugServerCommand>
4 REG_SZ <WinStationsDisabled>
4 REG_DWORD <DisableCAD> 1 [0x1]
4 REG_SZ <scremoveoption>
4 REG_DWORD <ShutdownFlags> 39 [0x27]
4 REG_DWORD <AutoLogonCount> 999 [0x3e7]
2 REG_SZ <System>
2 REG_SZ <Taskman>
(...)\Windows\CurrentVersion\Policies\System> Node has 1 subkeys and 16 values
<UIPI>
4 REG_DWORD <ConsentPromptBehaviorAdmin> 2 [0x2]
4 REG_DWORD <ConsentPromptBehaviorUser> 1 [0x1]
4 REG_DWORD <EnableInstallerDetection> 1 [0x1]
4 REG_DWORD <EnableLUA> 1 [0x1]
4 REG_DWORD <EnableSecureUIAPaths> 1 [0x1]
4 REG_DWORD <EnableVirtualization> 1 [0x1]
4 REG_DWORD <PromptOnSecureDesktop> 1 [0x1]
4 REG_DWORD <ValidateAdminCodeSignatures> 0 [0x0]
4 REG_DWORD <dontdisplaylastusername> 0 [0x0]
2 REG_SZ <legalnoticecaption>
6 REG_SZ <legalnoticetext>
4 REG_DWORD <scforceoption> 0 [0x0]
4 REG_DWORD <shutdownwithoutlogon> 1 [0x1]
4 REG_DWORD <undockwithoutlogon> 1 [0x1]
4 REG_DWORD <FilterAdministratorToken> 0 [0x0]
4 REG_DWORD <EnableUIADesktopToggle> 0 [0x0]


Hive </mnt/sda1/Windows/System32/config/SOFTWARE>
\Microsoft\Windows NT\CurrentVersion> Value <ProductName> of type REG_SZ, data length 124 [0x7c]
Windows ™ Code Name "Longhorn" Preinstallation Environment
\Microsoft\Windows NT\CurrentVersion> cat_vk: No such value <CSDVersion>
\Microsoft\Windows NT\CurrentVersion> Value <SystemRoot> of type REG_SZ, data length 22 [0x16]
F:\windows
\Microsoft\Windows NT\CurrentVersion\Windows> Value <AppInit_DLLs> of type REG_SZ, data length 2 [0x2]
(...)\Windows NT\CurrentVersion\Winlogon> Value <Shell> of type REG_SZ, data length 50 [0x32]
cmd.exe /k start cmd.exe
(...)\Windows NT\CurrentVersion\Winlogon> Value <Userinit> of type REG_SZ, data length 68 [0x44]
F:\windows\system32\userinit.exe,
(...)\Windows NT\CurrentVersion\Winlogon> Node has 1 subkeys and 16 values
<GPExtensions>
size type value name [value if type DWORD]
50 REG_SZ <Shell>
68 REG_SZ <Userinit>
88 REG_SZ <VmApplet>
4 REG_SZ <ReportBootOk>
4 REG_DWORD <AutoRestartShell> 1 [0x1]
2 REG_SZ <LegalNoticeCaption>
2 REG_SZ <LegalNoticeText>
4 REG_SZ <PowerdownAfterShutdown>
4 REG_SZ <ShutdownWithoutLogon>
6 REG_SZ <cachedlogonscount>
4 REG_DWORD <forceunlocklogon> 0 [0x0]
4 REG_DWORD <passwordexpirywarning> 14 [0xe]
12 REG_SZ <Background>
6 REG_SZ <DebugServerCommand>
4 REG_SZ <WinStationsDisabled>
4 REG_DWORD <ShutdownFlags> 39 [0x27]
(...)\Windows\CurrentVersion\Policies\System> Node has 1 subkeys and 2 values
<UIPI>
4 REG_DWORD <EnableMIC> 0 [0x0]
4 REG_DWORD <EnableUIPI> 0 [0x0]


Hive </mnt/sda2/Users/Anton/NTUSER.DAT>
(...)\Microsoft\Windows\CurrentVersion\Run> Node has 0 subkeys and 0 valuesSearch results for Winlogon.exe

ed9430f0bc57a33f5e4d746bf7a477e5 /mnt/sda4/WINDOWS/system32/winlogon.exe
17.0K Aug 31 2004

898e7c06a350d4a1a64a9ea264d55452 /mnt/sda2/Windows/System32/winlogon.exe
307.0K Apr 11 2009

c2610b6bdbefc053bbdab4f1b965cb24 /mnt/sda2/Windows/winsxs/x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5/winlogon.exe
307.5K Jan 21 2008

898e7c06a350d4a1a64a9ea264d55452 /mnt/sda2/Windows/winsxs/x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741/winlogon.exe
307.0K Apr 11 2009

9f75392b9128a91abafb044ea350baad /mnt/sda1/Windows/System32/winlogon.exe
301.0K Nov 2 2006

9f75392b9128a91abafb044ea350baad /mnt/sda1/Windows/winsxs/x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21/winlogon.exe
301.0K Nov 2 2006


Search results for explorer.exe

a0732187050030ae399b241436565e64 /mnt/sda4/WINDOWS/explorer.exe
1008.0K Aug 4 2004

d07d4c3038f3578ffce1c0237f2a1253 /mnt/sda2/Windows/explorer.exe
2.8M Apr 11 2009

37440d09deae0b672a04dccf7abf06be /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3/explorer.exe
2.8M Oct 29 2008

e7156b0b74762d9de0e66bdcde06e5fb /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b/explorer.exe
2.8M Oct 28 2008

4f554999d7d5f05daaebba7b5ba1089d /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8/explorer.exe
2.8M Oct 29 2008

50ba5850147410cde89c523ad3bc606e /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1/explorer.exe
2.8M Oct 30 2008

d07d4c3038f3578ffce1c0237f2a1253 /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b/explorer.exe
2.8M Apr 11 2009

ffa764631cb70a30065c12ef8e174f9f /mnt/sda2/Windows/winsxs/x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf/explorer.exe
2.8M Jan 21 2008


Search results for Userinit.exe

0e135526e9785d085bcd9aede6fbcbf9 /mnt/sda2/Windows/System32/userinit.exe
24.5K Jan 21 2008

0e135526e9785d085bcd9aede6fbcbf9 /mnt/sda2/Windows/winsxs/x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b/userinit.exe
24.5K Jan 21 2008

22027835939f86c3e47ad8e3fbde3d11 /mnt/sda1/Windows/System32/userinit.exe
24.0K Nov 2 2006

22027835939f86c3e47ad8e3fbde3d11 /mnt/sda1/Windows/winsxs/x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737/userinit.exe
24.0K Nov 2 2006


Search results for Exit

2.3K Jul 24 2008 __init__.kc

455 Jan 16 2008 __init__.kc




Hive </mnt/sda2/Users/Public/NTUSER.DAT>
> Node has 0 subkeys and 0 values

Edited by uzerfriendly, 14 April 2011 - 08:56 AM.

  • 0

Advertisements

Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP