Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected or losing my mind?


  • Please log in to reply
13 replies to this topic

#1 Lyssfrgr

Lyssfrgr

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 13 April 2011 - 11:03 PM

I have a Toshiba Satellite L455 Laptop running Win7. Not long ago, due to a trojan and malware, I had to restore my system back to it's factory settings using F12 since I don't have a disc. Something has been off ever since and I have a feeling I may have something floating around my system...or I could just be paranoid now since it happened to me before. I have Norton 360, Malwarebytes, Spybot and a few other programs on my system. I am familiar with the HijackThis and DDS logs. For all I know it's nothing, but I would rather someone who knows exactly what they are looking at tell me what it may be. Please let me know if anyone would take some time out of their schedule to ease my mind. Thank you so much!

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 20 April 2011 - 05:08 PM

Something has been off ever since and I have a feeling I may have something floating around my system...or I could just be paranoid now since it happened to me before.


Going to need some more specifics to be able to help you. Could you describe what exactly is "off"?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#3 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 20 April 2011 - 05:22 PM

I seem to be redirecting, but not every time I use a browser. I did have a p2p program, but it has since been deleted from my system. I'm not quite sure what I am clicking, but my son has ADHD and Autism and I have been doing a lot of research on the topics and Norton 360 has been blocking many Trojans lately. I don't download movies or anything and the system was restored around the 3rd or 4th of March I believe. Also to add, I had family e-mailing me asking me to stop sending them links to bogus sites (which obviously wasn't me). The off feeling is like I only have partial control over my system and would rather try to get help and see if it can be fixed before I have to lean towards recovery. Any help would be greatly appreciated

Edited by Lyssfrgr, 20 April 2011 - 05:23 PM.


#4 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 20 April 2011 - 07:08 PM

Hello.

Alright, let's see what we're dealing with here.

Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4
  • Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply
***************************************************

  • Make sure you are connected to the Internet.
  • Launch Malwarebytes' Anti-Malware
  • Click on the Update tab and click the button Check for Updates
  • If you encounter any problems while downloading the definition updates, manually download them from http://data.mbamupdates.com/tools/mbam-rules.exe'>here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

~Blade


In your next reply, please include the following:
Malwarebytes Log

Edited by Blade Zephon, 20 April 2011 - 07:09 PM.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#5 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 20 April 2011 - 08:24 PM

Rkill terminated 3 processes but i didn't post that log since it wasn't requested. Here is the Mbam log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6410

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

4/20/2011 9:16:50 PM
mbam-log-2011-04-20 (21-16-50).txt

Scan type: Quick scan
Objects scanned: 167183
Time elapsed: 3 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

This is where I get frustrated. Mbam has never detected anything malicious before, even when I had a known hijacking a couple of months ago. Any suggestions or further instructions?

#6 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 20 April 2011 - 09:36 PM

Do you recall which processes Rkill terminated?

Let's cross check those results with another scan.

Download TFC by OldTimer to your desktop.
(TFC only cleans temp folders. It will not clean URL history, prefetch, or cookies).
Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job.
Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean

NOTE:
It's normal after running TFC that the PC will be slower to boot the first time.

TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.


***************************************************

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (uncheck all others):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". When logging in, log in under the account that you normally use; do NOT log in under the account titled "Admin" or "Administrator" unless this account is the one used normally.

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

~Blade


In your next reply, please include the following:
SUPERAntiSpyware Log
How is the computer running now?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#7 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 20 April 2011 - 11:56 PM

I thought you first meant an OTL log, so I did one first by accident. I will include that as well since it was already done. Here are the requested logs:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/20/2011 at 21:10:33.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\windows\SysWOW64\InfDefaultInstall.exe
C:\windows\SysWOW64\runonce.exe
C:\Windows\SysWOW64\grpconv.exe


Rkill completed on 04/20/2011 at 21:10:51.





OTL logfile created on: 4/20/2011 10:59:55 PM - Run 2

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alyssa\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 222.43 Gb Total Space | 179.91 Gb Free Space | 80.88% Space Free | Partition Type: NTFS

Computer Name: INSANITY | User Name: Alyssa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/15 16:30:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alyssa\Downloads\OTL.exe
PRC - [2011/03/29 12:36:10 | 002,860,800 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (SafeList) ==========

MOD - [2011/04/15 16:30:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alyssa\Downloads\OTL.exe
MOD - [2011/04/11 14:26:52 | 000,213,696 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/09/17 15:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/08/21 12:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 19:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/03/29 12:36:10 | 002,860,800 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/12/21 01:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe -- (NIS)
SRV - [2009/08/13 15:09:08 | 000,297,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger)
SRV - [2009/08/10 22:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 22:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/04 02:18:34 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/05/06 00:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/29 01:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/21 23:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/21 22:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/21 22:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/02/25 20:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/08/29 20:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2009/08/27 11:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/20 19:04:06 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/07/31 00:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 20:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/24 18:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/20 20:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/23 01:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/04/20 00:35:12 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\windows\system32\drivers\ylokgt.sys -- (yqcj)
DRV - [2011/04/15 16:29:04 | 001,127,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110419.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/04/04 19:29:12 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110420.020\EX64.SYS -- (NAVEX15)
DRV - [2011/04/04 19:29:12 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/04/04 19:29:12 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/04/04 19:29:12 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110420.020\ENG64.SYS -- (NAVENG)
DRV - [2011/03/30 02:34:54 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110419.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/02/20 21:30:06 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2010/09/05 12:25:22 | 000,048,216 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011/04/06 16:46:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2011/04/05 15:56:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/05 01:38:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/04/04 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alyssa\AppData\Roaming\Mozilla\Extensions
[2011/04/04 19:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
[2011/04/06 16:46:43 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/04/20 01:32:07 | 000,152,512 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 abcsearch.com
O1 - Hosts: 127.0.0.1 admin.abcsearch.com
O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid]
O1 - Hosts: 127.0.0.1 www.abcsearch.com #[Restricted Zone site]
O1 - Hosts: 127.0.0.1 acestats.com
O1 - Hosts: 127.0.0.1 www.acestats.com
O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames][Restricted Zone site]
O1 - Hosts: 127.0.0.1 www.actualnames.com
O1 - Hosts: 127.0.0.1 ad-up.com
O1 - Hosts: 127.0.0.1 www.ad-up.com
O1 - Hosts: 127.0.0.1 adatom.com
O1 - Hosts: 127.0.0.1 aesp.adatom.com
O1 - Hosts: 127.0.0.1 adbest.com
O1 - Hosts: 127.0.0.1 adserv.adbonus.com
O1 - Hosts: 127.0.0.1 www.adbonus.com
O1 - Hosts: 127.0.0.1 www.adblaster2.info #[Restricted Zone site]
O1 - Hosts: 127.0.0.1 imgserv.adbutler.com
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 www.adcept.net
O1 - Hosts: 127.0.0.1 adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcopy.info
O1 - Hosts: 127.0.0.1 ads.adcorps.com
O1 - Hosts: 4268 more lines...
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Corel File Shell Monitor] File not found
O4 - HKCU..\Run: [Corel Photo Downloader] c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKCU..\Run: [HijackThis startup scan] C:\Program Files (x86)\Trend Micro\HiJackThis\HijackThis.exe (Trend Micro Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/20 20:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011/04/20 20:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/04/20 20:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3
[2011/04/20 20:31:13 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Corel
[2011/04/20 20:30:58 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\Documents\My PSP Files
[2011/04/20 20:30:58 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Corel
[2011/04/20 20:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2011/04/20 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2011/04/20 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011/04/20 20:27:14 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2011/04/20 20:27:14 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2011/04/20 20:27:12 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2011/04/20 20:27:12 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2011/04/20 20:27:12 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2011/04/20 20:27:12 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2011/04/20 20:27:11 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2011/04/20 20:27:11 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2011/04/20 20:27:10 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2011/04/20 20:27:10 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2011/04/20 20:27:09 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2011/04/20 20:27:09 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2011/04/20 20:27:09 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2011/04/20 20:27:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2011/04/20 20:27:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2011/04/20 20:27:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2011/04/20 20:27:05 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2011/04/20 20:27:05 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2011/04/20 20:27:05 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2011/04/20 20:27:05 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2011/04/20 20:27:04 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2011/04/20 20:27:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2011/04/20 20:27:04 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2011/04/20 20:27:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2011/04/20 20:27:03 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2011/04/20 20:27:03 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2011/04/20 20:27:02 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2011/04/20 20:27:02 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2011/04/20 20:27:01 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2011/04/20 20:27:01 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2011/04/20 20:27:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2011/04/20 20:27:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2011/04/20 20:27:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2011/04/20 20:27:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2011/04/20 20:26:59 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2011/04/20 20:26:59 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2011/04/20 20:26:58 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2011/04/20 20:26:58 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2011/04/20 20:26:56 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2011/04/20 20:26:56 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2011/04/20 20:26:56 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2011/04/20 20:26:56 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2011/04/20 20:26:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2011/04/20 20:26:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2011/04/20 20:26:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2011/04/20 20:26:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2011/04/20 20:26:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2011/04/20 20:26:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2011/04/20 20:26:50 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2011/04/20 20:26:50 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2011/04/20 20:26:49 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2011/04/20 20:26:49 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2011/04/20 20:26:48 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2011/04/20 20:26:48 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2011/04/20 20:26:47 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2011/04/20 20:26:47 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2011/04/20 20:26:45 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2011/04/20 20:26:45 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2011/04/20 20:26:37 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2011/04/20 20:26:37 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2011/04/20 20:26:36 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2011/04/20 20:26:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2011/04/20 20:26:36 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2011/04/20 20:26:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2011/04/20 20:26:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2011/04/20 20:26:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2011/04/20 20:26:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2011/04/20 20:26:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2011/04/20 20:26:34 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2011/04/20 20:26:34 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2011/04/20 20:26:31 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2011/04/20 20:26:31 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2011/04/20 20:26:29 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2011/04/20 20:26:29 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2011/04/20 20:26:27 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2011/04/20 20:26:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2011/04/20 20:07:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/04/20 19:15:17 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\Documents\Pictures
[2011/04/20 18:42:13 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\IrfanView
[2011/04/20 18:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011/04/20 18:24:43 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\PhotoScape
[2011/04/20 18:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2011/04/20 18:15:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2011/04/19 22:10:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/04/19 22:05:12 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\deployJava1.dll
[2011/04/19 22:05:12 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaws.exe
[2011/04/19 22:05:12 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaw.exe
[2011/04/19 22:05:12 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\java.exe
[2011/04/19 22:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/19 21:21:12 | 000,000,000 | ---D | C] -- C:\windows\temp
[2011/04/19 21:08:26 | 000,161,792 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011/04/19 21:08:26 | 000,031,232 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011/04/19 21:08:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011/04/19 21:03:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2011/04/19 21:03:44 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/04/19 20:53:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/19 20:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyFix Tools
[2011/04/19 20:31:24 | 000,000,000 | ---D | C] -- C:\Program Files\EasyFix Tools
[2011/04/19 18:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/04/19 18:54:13 | 000,000,000 | ---D | C] -- C:\rsit
[2011/04/19 18:45:43 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011/04/19 18:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/04/19 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/04/18 00:27:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011/04/18 00:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011/04/16 03:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2011/04/16 00:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/04/16 00:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/04/16 00:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2011/04/16 00:43:21 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\Documents\Anti-Malware
[2011/04/15 23:29:35 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll0451.old
[2011/04/15 23:29:35 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll0435.old
[2011/04/15 23:29:35 | 002,074,576 | ---- | C] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll
[2011/04/15 23:29:35 | 000,149,456 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll0451.old
[2011/04/15 23:29:35 | 000,149,456 | ---- | C] (PC Tools) -- C:\windows\SGDetectionTool.dll0435.old
[2011/04/15 23:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/04/15 23:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/04/15 23:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/04/15 23:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/04/15 16:27:31 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2011/04/15 16:27:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2011/04/13 18:31:59 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\InstallShield
[2011/04/13 18:19:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2011/04/13 18:19:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2011/04/13 18:19:00 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2011/04/13 18:19:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2011/04/13 18:19:00 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2011/04/13 18:19:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2011/04/13 18:19:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2011/04/13 18:19:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2011/04/13 18:18:59 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2011/04/13 18:18:59 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2011/04/13 18:18:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2011/04/13 18:18:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2011/04/13 18:18:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2011/04/13 18:18:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2011/04/13 18:18:15 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2011/04/13 18:18:15 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2011/04/13 18:18:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2011/04/13 18:18:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2011/04/13 18:18:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2011/04/13 18:18:13 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2011/04/13 18:18:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2011/04/13 18:18:13 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2011/04/13 18:17:25 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll
[2011/04/13 18:17:25 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll
[2011/04/13 18:17:25 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2011/04/13 18:17:25 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll
[2011/04/13 18:17:23 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2011/04/13 18:17:23 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2011/04/13 18:17:23 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2011/04/13 18:17:23 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2011/04/13 18:17:23 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll
[2011/04/13 18:17:23 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll
[2011/04/13 18:17:23 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll
[2011/04/13 18:17:21 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2011/04/13 18:17:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe
[2011/04/13 18:17:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2011/04/12 22:18:51 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Diagnostics
[2011/04/12 22:15:17 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\ElevatedDiagnostics
[2011/04/09 18:49:52 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Adobe
[2011/04/08 00:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/04/08 00:05:54 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/04/07 23:21:53 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\CrashDumps
[2011/04/07 23:21:46 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\SUPERAntiSpyware.com
[2011/04/07 23:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/04/07 23:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/04/07 23:18:23 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/04/07 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/04/07 22:23:30 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Malwarebytes
[2011/04/07 22:22:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/04/07 22:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/07 22:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/07 22:22:53 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/04/07 22:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/04/07 22:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/07 22:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/04/07 22:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/04/07 18:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/04/06 16:47:01 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys
[2011/04/06 16:47:01 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys
[2011/04/06 16:47:01 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys
[2011/04/06 16:47:01 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\symds64.sys
[2011/04/06 16:47:01 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys
[2011/04/06 16:47:01 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys
[2011/04/06 16:47:01 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys
[2011/04/06 16:46:45 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1108000.005
[2011/04/05 20:11:16 | 000,000,000 | ---D | C] -- C:\e64b84bf142a123605be3fcf6170c4
[2011/04/05 15:56:28 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2011/04/05 15:56:28 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2011/04/05 03:06:50 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2011/04/05 03:06:50 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2011/04/05 03:06:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2011/04/05 03:06:50 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2011/04/05 03:06:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2011/04/05 03:06:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2011/04/05 03:06:49 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2011/04/05 03:06:49 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2011/04/05 01:41:44 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Apple Computer
[2011/04/05 01:41:44 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Apple Computer
[2011/04/05 01:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/05 01:41:36 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\GEARAspi64.dll
[2011/04/05 01:41:36 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysWow64\GEARAspi.dll
[2011/04/05 01:41:36 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2011/04/05 01:41:36 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE
[2011/04/05 01:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/05 01:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/05 01:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/04/05 01:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/04/05 01:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/04/05 01:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/04/05 01:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/04/05 01:38:13 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Apple
[2011/04/05 01:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/04/05 01:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/04/05 01:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/05 01:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/05 01:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/04/05 01:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/04/04 22:19:06 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Adobe
[2011/04/04 19:41:02 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Mozilla
[2011/04/04 19:41:01 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Mozilla
[2011/04/04 19:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/04/04 19:36:06 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2011/04/04 19:36:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2011/04/04 19:36:04 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2011/04/04 19:36:04 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2011/04/04 19:36:03 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2011/04/04 19:36:03 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2011/04/04 19:36:03 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2011/04/04 19:36:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2011/04/04 19:36:03 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2011/04/04 19:36:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2011/04/04 19:35:44 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2011/04/04 19:35:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2011/04/04 19:35:33 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2011/04/04 19:35:31 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2011/04/04 19:35:31 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2011/04/04 19:35:31 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2011/04/04 19:35:30 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2011/04/04 19:35:29 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2011/04/04 19:35:28 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2011/04/04 19:35:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2011/04/04 19:35:12 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2011/04/04 19:35:12 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2011/04/04 19:34:31 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2011/04/04 19:34:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2011/04/04 19:34:30 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2011/04/04 19:34:29 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2011/04/04 19:34:28 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2011/04/04 19:34:27 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2011/04/04 19:34:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2011/04/04 19:34:22 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2011/04/04 19:34:21 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2011/04/04 19:34:21 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2011/04/04 19:34:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2011/04/04 19:34:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2011/04/04 19:34:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2011/04/04 19:34:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2011/04/04 19:34:20 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2011/04/04 19:34:20 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2011/04/04 19:33:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/04/04 19:33:43 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2011/04/04 19:33:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2011/04/04 19:33:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2011/04/04 19:33:41 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2011/04/04 19:33:29 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2011/04/04 19:33:24 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll
[2011/04/04 19:33:24 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2011/04/04 19:33:16 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2011/04/04 19:33:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll
[2011/04/04 19:33:15 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\davclnt.dll
[2011/04/04 19:33:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2011/04/04 19:33:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll
[2011/04/04 19:33:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll
[2011/04/04 19:33:05 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011/04/04 19:33:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2011/04/04 19:33:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2011/04/04 19:33:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2011/04/04 19:33:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2011/04/04 19:33:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2011/04/04 19:33:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2011/04/04 19:33:00 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/04/04 19:33:00 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2011/04/04 19:32:59 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2011/04/04 19:32:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2011/04/04 19:32:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rtutils.dll
[2011/04/04 19:32:46 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2011/04/04 19:32:46 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2011/04/04 19:32:39 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2011/04/04 19:32:35 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2011/04/04 19:32:35 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10warp.dll
[2011/04/04 19:32:33 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2011/04/04 19:32:33 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2011/04/04 19:32:33 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2011/04/04 19:32:33 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d2d1.dll
[2011/04/04 19:32:32 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2011/04/04 19:32:31 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2011/04/04 19:32:31 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DWrite.dll
[2011/04/04 19:32:28 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2011/04/04 19:32:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2011/04/04 19:32:28 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2011/04/04 19:32:27 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2011/04/04 19:32:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2011/04/04 19:32:27 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2011/04/04 19:32:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1core.dll
[2011/04/04 19:32:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2011/04/04 19:32:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2011/04/04 19:32:26 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2011/04/04 19:32:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2011/04/04 19:32:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2011/04/04 19:32:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1.dll
[2011/04/04 19:32:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2011/04/04 19:32:06 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2011/04/04 19:32:06 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2011/04/04 19:32:05 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2011/04/04 19:31:50 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2011/04/04 19:31:50 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2011/04/04 19:31:47 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2011/04/04 19:31:47 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2011/04/04 19:31:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\avifil32.dll
[2011/04/04 19:31:46 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mciavi32.dll
[2011/04/04 19:31:25 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2011/04/04 19:31:24 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2011/04/04 19:31:24 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2011/04/04 19:31:24 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2011/04/04 19:31:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2011/04/04 19:31:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2011/04/04 19:31:11 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2011/04/04 19:31:08 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2011/04/04 19:30:46 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2011/04/04 19:30:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2011/04/04 19:30:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msasn1.dll
[2011/04/04 19:30:44 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2011/04/04 19:30:43 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2011/04/04 19:30:43 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2011/04/04 19:30:43 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2011/04/04 19:30:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2011/04/04 19:30:28 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2011/04/04 19:30:25 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2011/04/04 19:30:17 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2011/04/04 19:30:16 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2011/04/04 19:30:14 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2011/04/04 19:30:13 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2011/04/04 19:30:12 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2011/04/04 19:28:58 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Macromedia
[2011/04/04 19:26:32 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Adobe
[2011/04/04 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Google
[2011/04/04 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Google
[2011/04/04 19:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/04/04 19:07:59 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\TOSHIBA_Corporation
[2011/04/04 02:29:20 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Toshiba
[2011/04/04 02:18:36 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/04/04 02:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/04/04 02:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/04/04 02:17:07 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Best Buy pc app
[2011/04/04 02:17:00 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy
[2011/04/04 02:16:54 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Deployment
[2011/04/04 02:16:54 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Apps
[2011/04/04 02:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Best Buy pc app
[2011/04/04 02:16:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\{FFC1EB21-0544-42CD-B814-D436727D2CA1}
[2011/04/04 02:15:25 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\PackageAware
[2011/04/04 02:14:41 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Roxio
[2011/04/04 02:14:18 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Toshiba
[2011/04/04 02:13:28 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2011/04/04 02:13:28 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wintrust.dll
[2011/04/04 02:13:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cabview.dll
[2011/04/04 02:13:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cabview.dll
[2011/04/04 02:13:16 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Searches
[2011/04/04 02:13:16 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/04 02:13:16 | 000,000,000 | -H-D | C] -- C:\Users\Alyssa\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/04/04 02:13:03 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Identities
[2011/04/04 02:12:58 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Contacts
[2011/04/04 02:12:55 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\VirtualStore
[2011/04/04 02:12:06 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\WinBatch
[2011/04/04 02:11:30 | 000,000,000 | --SD | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Videos
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Saved Games
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Pictures
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Music
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Links
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Favorites
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Downloads
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\My Documents
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\Desktop
[2011/04/04 02:11:30 | 000,000,000 | R--D | C] -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\AppData\Local\Temporary Internet Files
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Templates
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Start Menu
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\SendTo
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Recent
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\PrintHood
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\NetHood
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Documents\My Videos
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Documents\My Pictures
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Documents\My Music
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\My Documents
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Local Settings
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\AppData\Local\History
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Cookies
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\Application Data
[2011/04/04 02:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Alyssa\AppData\Local\Application Data
[2011/04/04 02:11:30 | 000,000,000 | -H-D | C] -- C:\Users\Alyssa\AppData
[2011/04/04 02:11:30 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Temp
[2011/04/04 02:11:30 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Local\Microsoft
[2011/04/04 02:11:30 | 000,000,000 | ---D | C] -- C:\Users\Alyssa\AppData\Roaming\Media Center Programs
[2011/04/03 19:12:28 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Macromed
[2011/04/03 19:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/04/03 19:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2011/04/03 19:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/04/03 19:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/04/03 19:11:18 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\PxHlpa64.sys
[2011/04/03 19:11:18 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdralw2k.sys
[2011/04/03 19:11:18 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\windows\SysNative\drivers\cdr4_xp.sys
[2011/04/03 19:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2011/04/03 19:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/04/03 19:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2011/04/03 19:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/04/03 19:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011/04/03 19:11:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2011/04/03 19:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Best Buy Software Installer
[2011/04/03 19:08:45 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2011/04/03 19:08:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2011/04/03 19:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2011/04/03 19:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/04/03 19:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/04/03 19:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/04/03 19:07:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Toshiba Shared
[2011/04/03 19:07:52 | 000,482,384 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\tos_sps64.sys
[2011/04/03 19:07:51 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2011/04/03 19:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA DVD PLAYER
[2011/04/03 19:02:53 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll
[2011/04/03 19:02:53 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll
[2011/04/03 19:02:23 | 000,049,664 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\windows\SysNative\HWS_Ctrl.dll
[2011/04/03 19:02:23 | 000,008,192 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\windows\SysNative\TSBWLS.dll
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_64
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_32
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista64
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista32
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Microsoft.VC80.MFC
[2011/04/03 19:01:57 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Microsoft.VC80.MFC
[2011/04/03 19:01:42 | 007,347,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSUSTORicon.dll
[2011/04/03 19:01:40 | 000,351,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll
[2011/04/03 19:01:40 | 000,222,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys
[2011/04/03 19:01:10 | 000,215,040 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt64win7.sys
[2011/04/03 19:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/04/03 18:59:56 | 000,446,976 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\RTL8187B.sys
[2011/04/03 18:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver
[2011/04/03 18:58:44 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\RTCOM
[2011/04/03 18:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/04/03 18:58:34 | 001,603,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkAPO64.dll
[2011/04/03 18:58:34 | 001,356,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtPgEx64.dll
[2011/04/03 18:58:34 | 001,167,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTCOM64.dll
[2011/04/03 18:58:34 | 000,611,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSnMg64.cpl
[2011/04/03 18:58:34 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSX64.dll
[2011/04/03 18:58:34 | 000,417,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkApi64.dll
[2011/04/03 18:58:34 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtlCPAPI64.dll
[2011/04/03 18:58:34 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO20.dll
[2011/04/03 18:58:34 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll
[2011/04/03 18:58:34 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll
[2011/04/03 18:58:34 | 000,294,400 | ---- | C] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll
[2011/04/03 18:58:34 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSH64.dll
[2011/04/03 18:58:34 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSHP64.dll
[2011/04/03 18:58:34 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAC64.dll
[2011/04/03 18:58:34 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSWOW64.dll
[2011/04/03 18:58:34 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtkCfg64.dll
[2011/04/03 18:58:34 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\SysNative\AERTAR64.dll
[2011/04/03 18:58:34 | 000,063,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RCoInst64.dll
[2011/04/03 18:58:34 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011/04/03 18:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/04/03 18:58:33 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2011/04/03 18:55:58 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\x64
[2011/04/03 18:55:58 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Lang
[2011/04/03 18:55:57 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\windows\SysWow64\igxpun.exe
[2011/04/03 18:55:57 | 000,000,000 | ---D | C] -- C:\Intel
[2011/04/03 18:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2011/04/03 18:53:52 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStor.sys
[2011/04/03 18:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2011/04/03 18:44:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/04/03 18:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/04/03 18:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/04/03 18:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/04/03 18:43:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/04/03 18:42:44 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/04/03 18:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/04/03 18:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/04/03 18:39:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/04/03 18:37:58 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2011/04/03 18:32:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/25 19:48:06 | 004,284,416 | ---- | C] (Google Inc.) -- C:\windows\SysWow64\GPhotos.scr
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/20 22:52:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/20 20:31:15 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
[2011/04/20 20:26:03 | 001,257,138 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\Cat.DB
[2011/04/20 20:25:00 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/04/20 19:52:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/20 19:01:03 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/04/20 19:01:03 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/04/20 19:01:03 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/04/20 18:59:30 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/04/20 18:42:13 | 000,001,013 | ---- | M] () -- C:\Users\Alyssa\Desktop\IrfanView.lnk
[2011/04/20 18:15:14 | 000,001,070 | ---- | M] () -- C:\Users\Alyssa\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2011/04/20 18:15:14 | 000,001,046 | ---- | M] () -- C:\Users\Alyssa\Desktop\PhotoScape.lnk
[2011/04/20 12:53:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/04/20 01:32:07 | 000,152,512 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2011/04/20 01:13:14 | 000,008,770 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110420_011257.reg
[2011/04/20 01:04:32 | 000,001,303 | ---- | M] () -- C:\Users\Alyssa\Desktop\Spybot - Search & Destroy.lnk
[2011/04/20 00:46:26 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/20 00:46:26 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/20 00:38:27 | 3092,942,848 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/20 00:35:12 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\ylokgt.sys
[2011/04/19 22:04:42 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaws.exe
[2011/04/19 22:04:42 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaw.exe
[2011/04/19 22:04:41 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\deployJava1.dll
[2011/04/19 22:04:41 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\java.exe
[2011/04/19 21:22:34 | 001,253,554 | ---- | M] () -- C:\windows\SysNative\drivers\Cat.DB
[2011/04/19 20:31:29 | 000,000,878 | ---- | M] () -- C:\Users\Alyssa\Desktop\EasyFix Tools.lnk
[2011/04/19 20:15:22 | 000,007,606 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110419_201510.reg
[2011/04/19 18:44:41 | 000,000,939 | ---- | M] () -- C:\Users\Alyssa\Desktop\NTREGOPT.lnk
[2011/04/19 18:44:41 | 000,000,920 | ---- | M] () -- C:\Users\Alyssa\Desktop\ERUNT.lnk
[2011/04/19 18:09:32 | 000,006,230 | ---- | M] () -- C:\Users\Alyssa\Documents\hijackthis log
[2011/04/18 01:25:38 | 000,000,876 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110418_012534.reg
[2011/04/18 01:25:16 | 000,008,690 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110418_012455.reg
[2011/04/18 00:04:36 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011/04/16 03:25:06 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2011/04/16 01:01:56 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/15 23:14:45 | 000,512,992 | ---- | M] () -- C:\Users\Alyssa\Desktop\sdsetup.exe
[2011/04/15 18:51:47 | 000,000,824 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts.orig
[2011/04/14 17:54:53 | 000,343,552 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/04/14 01:02:24 | 000,002,765 | ---- | M] () -- C:\Users\Alyssa\Documents\Attach.zip
[2011/04/12 10:44:42 | 000,149,456 | ---- | M] (PC Tools) -- C:\windows\SGDetectionTool.dll0451.old
[2011/04/12 10:44:42 | 000,149,456 | ---- | M] (PC Tools) -- C:\windows\SGDetectionTool.dll0435.old
[2011/04/12 10:44:40 | 002,074,576 | ---- | M] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll0451.old
[2011/04/12 10:44:40 | 002,074,576 | ---- | M] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll0435.old
[2011/04/12 10:44:40 | 002,074,576 | ---- | M] (Threat Expert Ltd.) -- C:\windows\PCTBDCore.dll
[2011/04/12 10:44:34 | 000,767,952 | ---- | M] () -- C:\windows\BDTSupport.dll0451.old
[2011/04/12 10:44:34 | 000,767,952 | ---- | M] () -- C:\windows\BDTSupport.dll0435.old
[2011/04/08 23:33:34 | 000,007,812 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110408_233328.reg
[2011/04/08 20:40:49 | 000,001,976 | ---- | M] () -- C:\Users\Alyssa\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/08 00:05:54 | 000,002,981 | ---- | M] () -- C:\Users\Alyssa\Desktop\HiJackThis.lnk
[2011/04/07 22:22:58 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/07 19:03:31 | 000,003,366 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110407_190124.reg
[2011/04/07 19:00:52 | 000,038,218 | ---- | M] () -- C:\Users\Alyssa\Documents\cc_20110407_190033.reg
[2011/04/07 18:59:37 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/04/07 08:56:14 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011/04/05 01:59:57 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/04/05 01:41:38 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/05 01:38:34 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/04 19:40:07 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/04 06:10:08 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2011/04/04 06:10:08 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2011/04/04 02:18:34 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/04/04 02:18:34 | 000,007,440 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/04/04 02:18:34 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/04/04 02:17:00 | 000,000,398 | ---- | M] () -- C:\Users\Alyssa\Desktop\pc app.appref-ms
[2011/04/04 02:12:27 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[2011/04/03 19:21:26 | 000,000,000 | ---- | M] () -- C:\windows\NDSTray.INI
[2011/04/03 19:00:52 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01007.Wdf
[2011/04/03 18:57:41 | 000,015,172 | ---- | M] () -- C:\windows\SysNative\results.xml
[2011/03/25 19:48:06 | 004,284,416 | ---- | M] (Google Inc.) -- C:\windows\SysWow64\GPhotos.scr
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/20 20:31:15 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
[2011/04/20 20:25:00 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/04/20 18:59:30 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/04/20 18:42:13 | 000,001,013 | ---- | C] () -- C:\Users\Alyssa\Desktop\IrfanView.lnk
[2011/04/20 18:15:14 | 000,001,070 | ---- | C] () -- C:\Users\Alyssa\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2011/04/20 18:15:14 | 000,001,046 | ---- | C] () -- C:\Users\Alyssa\Desktop\PhotoScape.lnk
[2011/04/20 01:13:06 | 000,008,770 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110420_011257.reg
[2011/04/20 00:35:12 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\drivers\ylokgt.sys
[2011/04/19 21:08:26 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2011/04/19 21:08:26 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/04/19 21:08:26 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2011/04/19 21:08:26 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/04/19 21:08:26 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/04/19 20:31:29 | 000,000,878 | ---- | C] () -- C:\Users\Alyssa\Desktop\EasyFix Tools.lnk
[2011/04/19 20:15:14 | 000,007,606 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110419_201510.reg
[2011/04/19 18:44:41 | 000,000,939 | ---- | C] () -- C:\Users\Alyssa\Desktop\NTREGOPT.lnk
[2011/04/19 18:44:41 | 000,000,920 | ---- | C] () -- C:\Users\Alyssa\Desktop\ERUNT.lnk
[2011/04/19 18:09:32 | 000,006,230 | ---- | C] () -- C:\Users\Alyssa\Documents\hijackthis log
[2011/04/18 01:25:36 | 000,000,876 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110418_012534.reg
[2011/04/18 01:25:00 | 000,008,690 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110418_012455.reg
[2011/04/18 00:04:36 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011/04/16 01:00:00 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/16 00:59:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/04/16 00:43:39 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2011/04/15 23:29:36 | 000,767,952 | ---- | C] () -- C:\windows\BDTSupport.dll0451.old
[2011/04/15 23:29:36 | 000,767,952 | ---- | C] () -- C:\windows\BDTSupport.dll0435.old
[2011/04/15 23:20:12 | 001,253,554 | ---- | C] () -- C:\windows\SysNative\drivers\Cat.DB
[2011/04/15 23:15:27 | 000,512,992 | ---- | C] () -- C:\Users\Alyssa\Desktop\sdsetup.exe
[2011/04/14 01:02:24 | 000,002,765 | ---- | C] () -- C:\Users\Alyssa\Documents\Attach.zip
[2011/04/08 23:33:31 | 000,007,812 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110408_233328.reg
[2011/04/08 00:05:54 | 000,002,981 | ---- | C] () -- C:\Users\Alyssa\Desktop\HiJackThis.lnk
[2011/04/07 23:18:23 | 000,001,976 | ---- | C] () -- C:\Users\Alyssa\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/07 22:22:58 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/07 22:18:01 | 000,001,303 | ---- | C] () -- C:\Users\Alyssa\Desktop\Spybot - Search & Destroy.lnk
[2011/04/07 19:01:27 | 000,003,366 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110407_190124.reg
[2011/04/07 19:00:37 | 000,038,218 | ---- | C] () -- C:\Users\Alyssa\Documents\cc_20110407_190033.reg
[2011/04/07 18:59:36 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/04/07 08:55:51 | 001,257,138 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\Cat.DB
[2011/04/06 16:47:01 | 000,007,829 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symefa64.cat
[2011/04/06 16:47:01 | 000,007,787 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symnetv64.cat
[2011/04/06 16:47:01 | 000,007,414 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtspx64.cat
[2011/04/06 16:47:01 | 000,007,410 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtsp64.cat
[2011/04/06 16:47:01 | 000,007,406 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symds64.cat
[2011/04/06 16:47:01 | 000,007,402 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\iron.cat
[2011/04/06 16:47:01 | 000,007,368 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symnet64.cat
[2011/04/06 16:47:01 | 000,007,358 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\cchpx64.cat
[2011/04/06 16:47:01 | 000,003,373 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symefa.inf
[2011/04/06 16:47:01 | 000,002,793 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symds.inf
[2011/04/06 16:47:01 | 000,001,838 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\cchpx64.inf
[2011/04/06 16:47:01 | 000,001,473 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symnetv.inf
[2011/04/06 16:47:01 | 000,001,445 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\symnet.inf
[2011/04/06 16:47:01 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtsp64.inf
[2011/04/06 16:47:01 | 000,001,421 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\srtspx64.inf
[2011/04/06 16:47:01 | 000,000,771 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\iron.inf
[2011/04/06 16:46:45 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1108000.005\isolate.ini
[2011/04/05 01:59:57 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/04/05 01:41:38 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/05 01:38:34 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/05 01:38:11 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/04/04 19:47:46 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/04 19:47:43 | 000,000,894 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/04 19:40:06 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/04 19:39:34 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/04 02:18:36 | 000,007,440 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/04/04 02:18:36 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/04/04 02:18:33 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011/04/04 02:17:01 | 000,000,398 | ---- | C] () -- C:\Users\Alyssa\Desktop\pc app.appref-ms
[2011/04/04 02:13:20 | 000,001,458 | ---- | C] () -- C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/04 02:12:27 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2011/04/04 02:11:30 | 000,000,290 | ---- | C] () -- C:\Users\Alyssa\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/04/04 02:11:30 | 000,000,272 | ---- | C] () -- C:\Users\Alyssa\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/04/03 19:21:26 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2011/04/03 19:01:10 | 000,067,584 | ---- | C] () -- C:\windows\SysNative\RtNicProp64.dll
[2011/04/03 19:00:52 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01007.Wdf
[2011/04/03 18:58:36 | 000,000,520 | ---- | C] () -- C:\windows\SysNative\drivers\RTEQEX1.dat
[2011/04/03 18:58:36 | 000,000,520 | ---- | C] () -- C:\windows\SysNative\drivers\RTEQEX0.dat
[2011/04/03 18:57:41 | 000,015,172 | ---- | C] () -- C:\windows\SysNative\results.xml
[2011/04/03 18:39:45 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/04/03 18:39:25 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/04/03 18:33:22 | 3092,942,848 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/27 11:05:12 | 000,982,220 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009/08/27 11:05:12 | 000,439,300 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009/08/27 11:05:12 | 000,134,592 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009/08/27 11:05:12 | 000,092,216 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2009/04/28 07:37:00 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >





SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/21/2011 at 00:32 AM

Application Version : 4.50.1002

Core Rules Database Version : 6876
Trace Rules Database Version: 4688

Scan type : Complete Scan
Total Scan Time : 01:00:52

Memory items scanned : 348
Memory threats detected : 0
Registry items scanned : 12608
Registry threats detected : 0
File items scanned : 130623
File threats detected : 5

Trojan.Agent/Gen-IExplorer[Fake]
C:\USERS\ALYSSA\APPDATA\LOCAL\TEMP\RARSFX0\NIRD\IEXPLORE.EXE
C:\USERS\ALYSSA\APPDATA\LOCAL\TEMP\RARSFX1\NIRD\IEXPLORE.EXE

Trojan.Agent/Gen-PEC
C:\USERS\ALYSSA\APPDATA\LOCAL\TEMP\RARSFX0\PROCS\EXPLORER.EXE
C:\USERS\ALYSSA\APPDATA\LOCAL\TEMP\RARSFX1\PROCS\EXPLORER.EXE

Adware.Tracking Cookie
C:\Users\Alyssa\AppData\Roaming\Microsoft\Windows\Cookies\Low\alyssa@ad.wsod[2].txt



The computer seems ok, but even with the Trojans, 95% of the time, I didn't see symptoms, but knew something was there. It's very frustrating

#8 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 21 April 2011 - 12:32 PM

I've moved this topic to the specialized log forum so that I can look at the detailed logs you've already created. I don't see anything worrisome at this point but it can't hurt to look.

Your log indicates that you have run ComboFix!

Please note: ComboFix (CF for short) is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

You may find this topic informative - ComboFix usage, Questions, Help? - Look here

Since you already ran the tool, I need to see the log it created to be sure that everything was removed. Please locate this file C:\Combofix.txt and include its contents in your next reply.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#9 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 21 April 2011 - 12:52 PM

Here is the combo fix log:

ComboFix 11-04-19.02 - Alyssa 04/19/2011 21:10:05.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3933.2491 [GMT -4:00]
Running from: c:\users\Alyssa\Downloads\ComboFix.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Emsisoft Anti-Malware *Disabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Alyssa\AppData\Roaming\EurekaLog
.
.
((((((((((((((((((((((((( Files Created from 2011-03-20 to 2011-04-20 )))))))))))))))))))))))))))))))
.
.
2011-04-20 01:21 . 2011-04-20 01:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-20 01:03 . 2011-04-20 01:08 -------- d-----w- C:\32788R22FWJFW
2011-04-20 00:31 . 2011-04-20 00:38 -------- d-----w- c:\program files\EasyFix Tools
2011-04-19 22:54 . 2011-04-19 22:54 -------- d-----w- C:\rsit
2011-04-19 22:54 . 2011-04-19 22:54 -------- d-----w- c:\program files\trend micro
2011-04-19 22:44 . 2011-04-19 22:44 -------- d-----w- c:\program files (x86)\ERUNT
2011-04-19 22:08 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0AC4E60D-E59E-4E1D-858C-F4A284D45298}\mpengine.dll
2011-04-18 04:28 . 2011-04-18 04:28 -------- d-----w- C:\sh4ldr
2011-04-18 04:27 . 2011-04-18 04:27 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-04-18 04:04 . 2011-04-18 04:04 -------- d-----w- c:\program files\Defraggler
2011-04-16 04:59 . 2011-04-16 04:59 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-04-16 04:43 . 2011-04-20 01:01 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2011-04-16 03:29 . 2011-04-12 14:44 767952 ----a-w- c:\windows\BDTSupport.dll
2011-04-16 03:15 . 2011-04-16 03:20 -------- d-----w- c:\programdata\PC Tools
2011-04-15 20:27 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-15 20:27 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-04-13 22:18 . 2011-02-24 06:24 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-13 22:17 . 2011-03-03 03:58 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-04-08 04:05 . 2011-04-08 04:05 -------- d-----w- c:\program files (x86)\Trend Micro
2011-04-08 03:21 . 2011-04-08 03:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-04-08 03:18 . 2011-04-08 03:18 -------- d-----w- c:\programdata\!SASCORE
2011-04-08 03:18 . 2011-04-08 03:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-08 02:22 . 2010-12-20 22:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-08 02:22 . 2011-04-08 02:22 -------- d-----w- c:\programdata\Malwarebytes
2011-04-08 02:22 . 2011-04-08 02:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-08 02:22 . 2010-12-20 22:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-08 02:17 . 2011-02-02 22:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-04-08 02:17 . 2011-04-18 05:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-04-08 02:17 . 2011-04-14 03:29 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-04-07 22:59 . 2011-04-07 22:59 -------- d-----w- c:\program files\CCleaner
2011-04-06 00:11 . 2011-04-06 00:11 -------- d-----w- C:\e64b84bf142a123605be3fcf6170c4
2011-04-05 19:56 . 2011-04-05 19:56 -------- d-----w- c:\windows\SysWow64\Wat
2011-04-05 19:56 . 2011-04-05 19:56 -------- d-----w- c:\windows\system32\Wat
2011-04-05 07:23 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-04-05 07:23 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-04-05 07:14 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-04-05 07:14 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-04-05 07:06 . 2009-11-25 16:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-04-05 07:06 . 2009-11-25 16:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-04-05 07:06 . 2009-11-25 16:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-04-05 07:06 . 2009-11-25 16:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-04-05 07:06 . 2009-11-25 16:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-04-05 07:06 . 2009-11-25 16:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-05 07:06 . 2009-11-25 16:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-04-05 07:06 . 2009-11-25 16:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-05 07:06 . 2009-11-25 16:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-05 07:06 . 2009-11-25 16:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-04-05 07:00 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-04-05 05:41 . 2011-04-05 05:41 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-05 05:41 . 2009-05-18 17:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-05 05:41 . 2008-04-17 16:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-04-05 05:38 . 2011-04-05 05:38 -------- d-----w- c:\program files (x86)\QuickTime
2011-04-05 05:38 . 2011-04-05 05:38 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-04-05 05:38 . 2011-04-05 05:38 -------- d-----w- c:\program files\Common Files\Apple
2011-04-05 05:37 . 2011-04-05 05:37 -------- d-----w- c:\program files\Bonjour
2011-04-05 05:37 . 2011-04-05 05:37 -------- d-----w- c:\program files (x86)\Bonjour
2011-04-05 05:37 . 2011-04-05 05:59 -------- d-----w- c:\programdata\Apple
2011-04-05 05:37 . 2011-04-05 05:41 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-04-05 02:19 . 2011-04-05 02:19 -------- d-----w- c:\windows\SysWow64\Adobe
2011-04-04 23:37 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-04-04 23:37 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-04-04 23:37 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2011-04-04 23:37 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2011-04-04 23:37 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-04-04 23:37 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-04-04 23:36 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-04-04 23:36 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-04-04 23:36 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-04-04 23:36 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-04-04 23:36 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-04-04 23:36 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-04-04 23:36 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-04-04 23:36 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-04-04 23:36 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-04-04 23:36 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-04-04 23:34 . 2010-01-19 09:05 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2011-04-04 23:32 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2011-04-04 23:31 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2011-04-04 23:30 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2011-04-04 23:25 . 2011-04-04 23:25 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-04-04 06:18 . 2011-04-04 06:18 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-04-04 06:18 . 2011-04-04 06:18 -------- d-----w- c:\program files\Symantec
2011-04-04 06:18 . 2011-04-04 06:18 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-04-04 06:16 . 2011-04-04 06:16 -------- d-----w- c:\programdata\Best Buy pc app
2011-04-04 06:16 . 2011-04-04 06:16 -------- dc-h--w- c:\programdata\{FFC1EB21-0544-42CD-B814-D436727D2CA1}
2011-04-04 06:13 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2011-04-04 06:13 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-04-04 06:13 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-04-04 06:13 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-04-04 06:12 . 2011-04-04 06:12 13 --sh--r- c:\windows\system32\drivers\fbd.sys
2011-04-04 06:11 . 2011-04-19 22:50 -------- d-----w- c:\users\Alyssa
2011-04-03 23:12 . 2011-04-03 23:12 -------- d-----w- c:\windows\SysWow64\Macromed
2011-04-03 23:09 . 2011-04-03 23:09 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-03 23:08 . 2011-04-07 12:56 -------- d-----w- c:\windows\system32\drivers\NISx64
2011-04-03 23:08 . 2011-04-04 06:18 -------- d-----w- c:\programdata\Norton
2011-04-03 23:08 . 2011-04-03 23:08 -------- d-----w- c:\program files (x86)\Norton Internet Security
2011-04-03 23:08 . 2011-04-03 23:08 -------- d-----w- c:\program files (x86)\NortonInstaller
2011-04-03 23:07 . 2011-04-03 23:07 -------- d-----w- c:\program files (x86)\Common Files\Toshiba Shared
2011-04-03 23:07 . 2009-07-24 22:57 482384 ----a-w- c:\windows\system32\drivers\tos_sps64.sys
2011-04-03 23:07 . 2009-03-09 22:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-04-03 23:02 . 1999-10-13 01:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2011-04-03 23:02 . 1999-10-13 01:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
2011-04-03 23:02 . 2009-04-29 16:26 49664 ----a-w- c:\windows\system32\HWS_Ctrl.dll
2011-04-03 23:02 . 2007-02-11 15:50 8192 ----a-w- c:\windows\system32\TSBWLS.dll
2011-04-03 23:01 . 2011-04-03 23:04 -------- d-----w- c:\programdata\win7_64
2011-04-03 23:01 . 2011-04-03 23:04 -------- d-----w- c:\programdata\win7_32
2011-04-03 22:58 . 2011-04-03 22:58 -------- d--h--w- c:\program files (x86)\Temp
2011-04-03 22:55 . 2011-04-03 22:55 -------- d-----w- c:\windows\SysWow64\x64
2011-04-03 22:55 . 2011-04-03 22:55 -------- d-----w- c:\windows\SysWow64\Lang
2011-04-03 22:55 . 2011-04-03 22:55 -------- d-----w- C:\Intel
2011-04-03 22:55 . 2009-09-02 21:27 1002008 ----a-w- c:\windows\SysWow64\igxpun.exe
2011-04-03 22:53 . 2009-06-05 01:54 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-04-03 22:52 . 2011-04-03 22:52 -------- d-----w- c:\program files (x86)\Microsoft Office Suite Activation Assistant
2011-04-03 22:44 . 2011-04-06 00:11 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-04-03 22:43 . 2011-04-03 22:53 -------- d-----w- c:\programdata\Microsoft Help
2011-04-03 22:42 . 2011-04-03 22:42 -------- d-----r- C:\MSOCache
2011-04-03 22:39 . 2011-04-03 22:39 -------- d-----w- c:\program files (x86)\Microsoft Works
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 20:36 . 2011-02-18 20:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 20:36 . 2011-02-18 20:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 13:31 . 2011-02-02 13:31 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-02-02 13:31 . 2011-02-02 13:31 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HijackThis startup scan"="c:\program files (x86)\Trend Micro\HiJackThis\HijackThis.exe" [2010-03-25 388096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-2-25 15776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
"ForceActiveDesktopOn"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
SetupExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
"SVPWUTIL"=c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"KeNotify"=c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2011-02-18 371472]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-04-12 337872]
R4 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
R4 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
R4 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-04 135664]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2010-09-05 48216]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [2010-05-05 14720]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110419.001\BHDrvx64.sys [2011-04-15 1127032]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110419.001\IDSvia64.sys [2011-03-30 476792]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2011-03-29 2860800]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2011-02-21 85800]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-04-04 132656]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PCTSDInjDriver64
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-04 23:47]
.
2011-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-04 23:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SYSTEM32\blank.htm
LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\Alyssa\AppData\Roaming\Mozilla\Firefox\Profiles\hzwdpdkv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TosReelTimeMonitor - %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-04-19 21:26:50
ComboFix-quarantined-files.txt 2011-04-20 01:26
.
Pre-Run: 199,929,446,400 bytes free
Post-Run: 199,598,641,152 bytes free
.
- - End Of File - - 9C0B5B27163DBD43CFE91C966C9D3948

#10 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 22 April 2011 - 10:53 PM

Hello.

I don't see anything to indicate an infection.

Let's take a look at the BSOD issue you mentioned.

Please download BlueScreenView to your Desktop.
Double click on BlueScreenView.exe to run the program.
When scanning is done, go to Edit>Select All.
Go to File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

~Blade


In your next reply, please include the following:
BlueScreenView Log

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#11 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 23 April 2011 - 12:46 AM

It is not showing any crashes, but what I have saved from the files I deleted may be of some help.

This is the XML file the BSOD pop up informed me to go to for description of the problem

<?xml version="1.0" encoding="Unicode" ?>
- <SYSTEMINFO>
- <SYSTEM>
<OSNAME>Windows 7 Home Premium Home Edition</OSNAME>
<OSVER>6.1.7600 0.0</OSVER>
<OSLANGUAGE>1033</OSLANGUAGE>
<ARCHITECTURE>9</ARCHITECTURE>
<PRODUCTTYPE>3</PRODUCTTYPE>
</SYSTEM>
- <MEMORYDIAGNOSTIC>
- <REG_VALUE>
<NAME>LastResult</NAME>
<DATA>Pass</DATA>
</REG_VALUE>
- <REG_VALUE>
<NAME>LastRun</NAME>
<DATA>04-17-2011 17:05:20</DATA>
</REG_VALUE>
- <REG_VALUE>
<NAME>LaunchType</NAME>
<DATA>0</DATA>
</REG_VALUE>
- <REG_VALUE>
<NAME>ScheduleType</NAME>
<DATA>0</DATA>
</REG_VALUE>
</MEMORYDIAGNOSTIC>
- <DEVICES>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family SMBus Controller - 2930</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2930&SUBSYS_FF001179&REV_03</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB2 Enhanced Host Controller - 293C</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_293C&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbehci</SERVICE>
<DRIVER>usbehci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Mobile Intel® 4 Series Express Chipset Family</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2A43&SUBSYS_FF011179&REV_07</HARDWAREID>
<SERVICE>igfx</SERVICE>
<DRIVER>igdkmd64.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Terminal Server Mouse Driver</DESCRIPTION>
<HARDWAREID>ROOT\RDP_MOU</HARDWAREID>
<SERVICE>TermDD</SERVICE>
<DRIVER>termdd.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>PCI bus</DESCRIPTION>
<HARDWAREID>ACPI\PNP0A08</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Plug and Play Software Device Enumerator</DESCRIPTION>
<HARDWAREID>root\swenum</HARDWAREID>
<SERVICE>swenum</SERVICE>
<DRIVER>swenum.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume</DESCRIPTION>
<HARDWAREID>STORAGE\Volume</HARDWAREID>
<SERVICE>volsnap</SERVICE>
<DRIVER>volsnap.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>System CMOS/real time clock</DESCRIPTION>
<HARDWAREID>ACPI\PNP0B00</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2937&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>TOSHIBA tos_sps64 Driver</DESCRIPTION>
<HARDWAREID>root\tos_sps64</HARDWAREID>
<SERVICE>tos_sps64</SERVICE>
<DRIVER>tos_sps64.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2934</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2934&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>High Definition Audio Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_293E&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>HDAudBus</SERVICE>
<DRIVER>HDAudBus.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Motherboard resources</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C02</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2934&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>UMBus Root Bus Enumerator</DESCRIPTION>
<HARDWAREID>root\umbus</HARDWAREID>
<SERVICE>umbus</SERVICE>
<DRIVER>umbus.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Motherboard resources</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C02</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft Virtual Drive Enumerator Driver</DESCRIPTION>
<HARDWAREID>ROOT\vdrvroot</HARDWAREID>
<SERVICE>vdrvroot</SERVICE>
<DRIVER>vdrvroot.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Disk drive</DESCRIPTION>
<HARDWAREID>IDE\DiskTOSHIBA_MK2555GSX_______________________FG001M__</HARDWAREID>
<SERVICE>disk</SERVICE>
<DRIVER>disk.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2938&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Numeric data processor</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C04</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume</DESCRIPTION>
<HARDWAREID>STORAGE\Volume</HARDWAREID>
<SERVICE>volsnap</SERVICE>
<DRIVER>volsnap.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Volume Manager</DESCRIPTION>
<HARDWAREID>ROOT\VOLMGR</HARDWAREID>
<SERVICE>volmgr</SERVICE>
<DRIVER>volmgr.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft AC Adapter</DESCRIPTION>
<HARDWAREID>ACPI\ACPI0003</HARDWAREID>
<SERVICE>CmBatt</SERVICE>
<DRIVER>CmBatt.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2936&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2935</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2935&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family PCI Express Root Port 1 - 2940</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2940&SUBSYS_00000000&REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft ACPI-Compliant Embedded Controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C09</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>ACPI Fixed Feature Button</DESCRIPTION>
<HARDWAREID>ACPI\FixedButton</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2939&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft ACPI-Compliant Control Method Battery</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C0A</HARDWAREID>
<SERVICE>CmBatt</SERVICE>
<DRIVER>CmBatt.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>ACPI Power Button</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C0C</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&VID8086&PID2935&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel Processor</DESCRIPTION>
<HARDWAREID>ACPI\GenuineIntel_-_Intel64_Family_6_Model_23</HARDWAREID>
<SERVICE>intelppm</SERVICE>
<DRIVER>intelppm.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2936</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2936&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family PCI Express Root Port 3 - 2944</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2944&SUBSYS_00000000&REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>ACPI Lid</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C0D</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB20&VID8086&PID293A&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft ISATAP Adapter</DESCRIPTION>
<HARDWAREID>*ISATAP</HARDWAREID>
<SERVICE>tunnel</SERVICE>
<DRIVER>tunnel.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume shadow copy</DESCRIPTION>
<HARDWAREID>STORAGE\VolumeSnapshot</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft ISATAP Adapter</DESCRIPTION>
<HARDWAREID>*ISATAP</HARDWAREID>
<SERVICE>tunnel</SERVICE>
<DRIVER>tunnel.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Synaptics PS/2 Port TouchPad</DESCRIPTION>
<HARDWAREID>ACPI\SYN0719</HARDWAREID>
<SERVICE>i8042prt</SERVICE>
<DRIVER>i8042prt.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB20&VID8086&PID293C&REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft Teredo Tunneling Adapter</DESCRIPTION>
<HARDWAREID>*TEREDO</HARDWAREID>
<SERVICE>tunnel</SERVICE>
<DRIVER>tunnel.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft System Management BIOS Driver</DESCRIPTION>
<HARDWAREID>ROOT\mssmbios</HARDWAREID>
<SERVICE>mssmbios</SERVICE>
<DRIVER>mssmbios.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Realtek PCIe FE Family Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_10EC&DEV_8136&SUBSYS_FF001179&REV_02</HARDWAREID>
<SERVICE>RTL8167</SERVICE>
<DRIVER>Rt64win7.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2937</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2937&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family PCI Express Root Port 4 - 2946</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2946&SUBSYS_00000000&REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device</DESCRIPTION>
<HARDWAREID>ACPI\TOS1900</HARDWAREID>
<SERVICE>TVALZ</SERVICE>
<DRIVER>TVALZ_O.SYS</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>ACPI x64-based PC</DESCRIPTION>
<HARDWAREID>acpiapic</HARDWAREID>
<SERVICE>\Driver\ACPI_HAL</SERVICE>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (IKEv2)</DESCRIPTION>
<HARDWAREID>ms_agilevpnminiport</HARDWAREID>
<SERVICE>RasAgileVpn</SERVICE>
<DRIVER>AgileVpn.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft ACPI-Compliant System</DESCRIPTION>
<HARDWAREID>ACPI_HAL\PNP0C08</HARDWAREID>
<SERVICE>ACPI</SERVICE>
<DRIVER>ACPI.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel Processor</DESCRIPTION>
<HARDWAREID>ACPI\GenuineIntel_-_Intel64_Family_6_Model_23</HARDWAREID>
<SERVICE>intelppm</SERVICE>
<DRIVER>intelppm.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>File as Volume Driver</DESCRIPTION>
<HARDWAREID>ROOT\BLBDRIVE</HARDWAREID>
<SERVICE>blbdrive</SERVICE>
<DRIVER>blbdrive.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (L2TP)</DESCRIPTION>
<HARDWAREID>ms_l2tpminiport</HARDWAREID>
<SERVICE>Rasl2tp</SERVICE>
<DRIVER>rasl2tp.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Composite Bus Enumerator</DESCRIPTION>
<HARDWAREID>ROOT\CompositeBus</HARDWAREID>
<SERVICE>CompositeBus</SERVICE>
<DRIVER>CompositeBus.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® 82801 PCI Bridge - 2448</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2448&SUBSYS_FF001179&REV_93</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2938</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2938&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family PCI Express Root Port 6 - 294A</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_294A&SUBSYS_00000000&REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (Network Monitor)</DESCRIPTION>
<HARDWAREID>ms_ndiswanbh</HARDWAREID>
<SERVICE>NdisWan</SERVICE>
<DRIVER>ndiswan.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Microsoft Composite Battery</DESCRIPTION>
<HARDWAREID>COMPOSITE_BATTERY</HARDWAREID>
<SERVICE>Compbatt</SERVICE>
<DRIVER>compbatt.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Realtek High Definition Audio</DESCRIPTION>
<HARDWAREID>HDAUDIO\FUNC_01&VEN_10EC&DEV_0272&SUBSYS_1179FFB2&REV_1000</HARDWAREID>
<SERVICE>IntcAzAudAddService</SERVICE>
<DRIVER>RTKVHD64.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (IP)</DESCRIPTION>
<HARDWAREID>ms_ndiswanip</HARDWAREID>
<SERVICE>NdisWan</SERVICE>
<DRIVER>ndiswan.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>LPC Interface Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2919&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>msisadrv</SERVICE>
<DRIVER>msisadrv.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB Universal Host Controller - 2939</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2939&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2A40&SUBSYS_FF001179&REV_07</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (IPv6)</DESCRIPTION>
<HARDWAREID>ms_ndiswanipv6</HARDWAREID>
<SERVICE>NdisWan</SERVICE>
<DRIVER>ndiswan.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Programmable interrupt controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0000</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter</DESCRIPTION>
<HARDWAREID>USB\VID_0BDA&PID_8197&REV_0200</HARDWAREID>
<SERVICE>RTL8187B</SERVICE>
<DRIVER>RTL8187B.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (PPPOE)</DESCRIPTION>
<HARDWAREID>ms_pppoeminiport</HARDWAREID>
<SERVICE>RasPppoe</SERVICE>
<DRIVER>raspppoe.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>System timer</DESCRIPTION>
<HARDWAREID>ACPI\PNP0100</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (PPTP)</DESCRIPTION>
<HARDWAREID>ms_pptpminiport</HARDWAREID>
<SERVICE>PptpMiniport</SERVICE>
<DRIVER>raspptp.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9M-E/M SATA AHCI Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2929&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>iaStor</SERVICE>
<DRIVER>iaStor.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>High precision event timer</DESCRIPTION>
<HARDWAREID>ACPI\PNP0103</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Intel® ICH9 Family USB2 Enhanced Host Controller - 293A</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_293A&SUBSYS_FF001179&REV_03</HARDWAREID>
<SERVICE>usbehci</SERVICE>
<DRIVER>usbehci.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>CD-ROM Drive</DESCRIPTION>
<HARDWAREID>IDE\CdRomMATbleepA_DVD-RAM_UJ890AS________________1.50____</HARDWAREID>
<SERVICE>cdrom</SERVICE>
<DRIVER>cdrom.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Mobile Intel® 4 Series Express Chipset Family</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&DEV_2A42&SUBSYS_FF011179&REV_07</HARDWAREID>
<SERVICE>igfx</SERVICE>
<DRIVER>igdkmd64.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Generic volume</DESCRIPTION>
<HARDWAREID>STORAGE\Volume</HARDWAREID>
<SERVICE>volsnap</SERVICE>
<DRIVER>volsnap.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>WAN Miniport (SSTP)</DESCRIPTION>
<HARDWAREID>ms_sstpminiport</HARDWAREID>
<SERVICE>RasSstp</SERVICE>
<DRIVER>rassstp.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Direct memory access controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0200</HARDWAREID>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Terminal Server Keyboard Driver</DESCRIPTION>
<HARDWAREID>ROOT\RDP_KBD</HARDWAREID>
<SERVICE>TermDD</SERVICE>
<DRIVER>termdd.sys</DRIVER>
</DEVICE>
- <DEVICE>
<DESCRIPTION>Standard PS/2 Keyboard</DESCRIPTION>
<HARDWAREID>ACPI\PNP0303</HARDWAREID>
<SERVICE>i8042prt</SERVICE>
<DRIVER>i8042prt.sys</DRIVER>
</DEVICE>
</DEVICES>
- <DRIVERS>
- <DRIVER>
<FILENAME>1179_TOSHIBA_na_Satellite_L455_TI10575600B.MRK</FILENAME>
<FILESIZE>2</FILESIZE>
<CREATIONDATE>12-01-2009 04:07:42</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>1394ohci.sys</FILENAME>
<FILESIZE>227840</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>ACPI.sys</FILENAME>
<FILESIZE>334416</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:35</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>acpipmi.sys</FILENAME>
<FILESIZE>12288</FILESIZE>
<CREATIONDATE>07-13-2009 23:27:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>adp94xx.sys</FILENAME>
<FILESIZE>491088</FILESIZE>
<CREATIONDATE>06-10-2009 20:36:24</CREATIONDATE>
<VERSION>1.6.6.4</VERSION>
<MANUFACTURER>Adaptec, Inc.</MANUFACTURER>
<PRODUCTNAME>Adaptec Windows 7 SAS/SATA Family Storport Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>adpahci.sys</FILENAME>
<FILESIZE>339536</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:32</CREATIONDATE>
<VERSION>1.6.6.1</VERSION>
<MANUFACTURER>Adaptec, Inc.</MANUFACTURER>
<PRODUCTNAME>Adaptec Windows Server 2003 SATA Family Storport Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>adpu320.sys</FILENAME>
<FILESIZE>182864</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>7.2.0.0</VERSION>
<MANUFACTURER>Adaptec, Inc.</MANUFACTURER>
<PRODUCTNAME>Adaptec Windows Ultra320 Family Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>afd.sys</FILENAME>
<FILESIZE>500224</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>agrsm64.sys</FILENAME>
<FILESIZE>1146880</FILESIZE>
<CREATIONDATE>06-10-2009 21:01:06</CREATIONDATE>
<VERSION>2.2.89.2</VERSION>
<MANUFACTURER>LSI Corp</MANUFACTURER>
<PRODUCTNAME>LSI SoftModem Driver</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>agp440.sys</FILENAME>
<FILESIZE>61008</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>aliide.sys</FILENAME>
<FILESIZE>15440</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:47</CREATIONDATE>
<VERSION>1.2.0.0</VERSION>
<MANUFACTURER>Acer Laboratories Inc.</MANUFACTURER>
<PRODUCTNAME>ALi mini IDE Driver</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdide.sys</FILENAME>
<FILESIZE>15440</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:49</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdk8.sys</FILENAME>
<FILESIZE>64512</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdppm.sys</FILENAME>
<FILESIZE>60928</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdsata.sys</FILENAME>
<FILESIZE>106576</FILESIZE>
<CREATIONDATE>06-10-2009 20:36:35</CREATIONDATE>
<VERSION>1.1.2.4</VERSION>
<MANUFACTURER>Advanced Micro Devices</MANUFACTURER>
<PRODUCTNAME>AHCI 1.2 Device Driver</PRODUCTNAME>
<GROUP>SCSI miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdsbs.sys</FILENAME>
<FILESIZE>194128</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:35</CREATIONDATE>
<VERSION>3.6.1540.127</VERSION>
<MANUFACTURER>AMD Technologies Inc.</MANUFACTURER>
<PRODUCTNAME>AMD Technology AHCI Compatible Controller</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>amdxata.sys</FILENAME>
<FILESIZE>28752</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:32</CREATIONDATE>
<VERSION>1.1.2.4</VERSION>
<MANUFACTURER>Advanced Micro Devices</MANUFACTURER>
<PRODUCTNAME>Storage Filter Driver</PRODUCTNAME>
<GROUP>SCSI miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>appid.sys</FILENAME>
<FILESIZE>61440</FILESIZE>
<CREATIONDATE>07-13-2009 23:52:40</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>arc.sys</FILENAME>
<FILESIZE>87632</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>5.2.0.10384</VERSION>
<MANUFACTURER>Adaptec, Inc.</MANUFACTURER>
<PRODUCTNAME>Adaptec RAID Controller</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>arcsas.sys</FILENAME>
<FILESIZE>97856</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>5.2.0.16119</VERSION>
<MANUFACTURER>Adaptec, Inc.</MANUFACTURER>
<PRODUCTNAME>Adaptec RAID Controller</PRODUCTNAME>
<GROUP>SCSI miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>asyncmac.sys</FILENAME>
<FILESIZE>23040</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>atapi.sys</FILENAME>
<FILESIZE>24128</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:47</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>bxvbda.sys</FILENAME>
<FILESIZE>468480</FILESIZE>
<CREATIONDATE>06-10-2009 20:34:28</CREATIONDATE>
<VERSION>4.8.2.0</VERSION>
<MANUFACTURER>Broadcom Corporation</MANUFACTURER>
<PRODUCTNAME>Broadcom NetXtreme II GigE</PRODUCTNAME>
<GROUP>base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>b57nd60a.sys</FILENAME>
<FILESIZE>270848</FILESIZE>
<CREATIONDATE>06-10-2009 20:34:23</CREATIONDATE>
<VERSION>10.100.4.0</VERSION>
<MANUFACTURER>Broadcom Corporation</MANUFACTURER>
<PRODUCTNAME>Broadcom NetXtreme Gigabit Ethernet Driver</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Beep.sys</FILENAME>
<FILESIZE>6656</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>BHDrvx64.sys</FILENAME>
<FILESIZE>1127032</FILESIZE>
<CREATIONDATE>04-15-2011 20:29:04</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
<ALTITUDE>365100</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>blbdrive.sys</FILENAME>
<FILESIZE>45056</FILESIZE>
<CREATIONDATE>07-13-2009 23:35:59</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>bowser.sys</FILENAME>
<FILESIZE>90624</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:19</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>BrFiltLo.sys</FILENAME>
<FILESIZE>18432</FILESIZE>
<CREATIONDATE>07-14-2009 01:19:59</CREATIONDATE>
<VERSION>1.10.0.2</VERSION>
<MANUFACTURER>Brother Industries, Ltd.</MANUFACTURER>
<PRODUCTNAME>RemovableDisk</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>BrFiltUp.sys</FILENAME>
<FILESIZE>8704</FILESIZE>
<CREATIONDATE>07-14-2009 01:20:21</CREATIONDATE>
<VERSION>1.4.0.1</VERSION>
<MANUFACTURER>Brother Industries, Ltd.</MANUFACTURER>
<PRODUCTNAME>RemovableDisk</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Brserid.sys</FILENAME>
<FILESIZE>286720</FILESIZE>
<CREATIONDATE>07-14-2009 01:19:06</CREATIONDATE>
<VERSION>1.0.1.6</VERSION>
<MANUFACTURER>Brother Industries Ltd.</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>BrSerWdm.sys</FILENAME>
<FILESIZE>47104</FILESIZE>
<CREATIONDATE>07-14-2009 01:20:11</CREATIONDATE>
<VERSION>1.0.0.20</VERSION>
<MANUFACTURER>Brother Industries Ltd.</MANUFACTURER>
<PRODUCTNAME>Brother MFL Pro</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>BrUsbMdm.sys</FILENAME>
<FILESIZE>14976</FILESIZE>
<CREATIONDATE>07-14-2009 01:20:26</CREATIONDATE>
<VERSION>1.0.0.12</VERSION>
<MANUFACTURER>Brother Industries Ltd.</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>BrUsbSer.sys</FILENAME>
<FILESIZE>14720</FILESIZE>
<CREATIONDATE>07-14-2009 01:20:15</CREATIONDATE>
<VERSION>1.0.1.3</VERSION>
<MANUFACTURER>Brother Industries Ltd.</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>bthmodem.sys</FILENAME>
<FILESIZE>72192</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:52</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>ccHPx64.sys</FILENAME>
<FILESIZE>615040</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>109.0.3.2</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>Symantec Security Technologies</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>cdfs.sys</FILENAME>
<FILESIZE>92160</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:47</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>cdrom.sys</FILENAME>
<FILESIZE>147456</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:54</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI CDROM Class</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>circlass.sys</FILENAME>
<FILESIZE>45568</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>CLFS.sys</FILENAME>
<FILESIZE>367696</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:59</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>CmBatt.sys</FILENAME>
<FILESIZE>17664</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:03</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>cmdide.sys</FILENAME>
<FILESIZE>17488</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:48</CREATIONDATE>
<VERSION>2.0.7.0</VERSION>
<MANUFACTURER>CMD Technology, Inc.</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>cng.sys</FILENAME>
<FILESIZE>460504</FILESIZE>
<CREATIONDATE>07-13-2009 23:49:42</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>compbatt.sys</FILENAME>
<FILESIZE>21584</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:02</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>CompositeBus.sys</FILENAME>
<FILESIZE>38912</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>crcdisk.sys</FILENAME>
<FILESIZE>24144</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:14</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Pnp Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>dfsc.sys</FILENAME>
<FILESIZE>102400</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>discache.sys</FILENAME>
<FILESIZE>40448</FILESIZE>
<CREATIONDATE>07-13-2009 23:37:18</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>disk.sys</FILENAME>
<FILESIZE>73280</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:57</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>drmkaud.sys</FILENAME>
<FILESIZE>5632</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:16</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>dxgkrnl.sys</FILENAME>
<FILESIZE>982912</FILESIZE>
<CREATIONDATE>04-04-2011 23:32:28</CREATIONDATE>
<VERSION>6.1.7600.16748</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video Init</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>evbda.sys</FILENAME>
<FILESIZE>3286016</FILESIZE>
<CREATIONDATE>06-10-2009 20:34:33</CREATIONDATE>
<VERSION>4.8.13.0</VERSION>
<MANUFACTURER>Broadcom Corporation</MANUFACTURER>
<PRODUCTNAME>Broadcom NetXtreme II 10 GigE</PRODUCTNAME>
<GROUP>base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>eeCtrl64.sys</FILENAME>
<FILESIZE>475696</FILESIZE>
<CREATIONDATE>04-04-2011 23:25:16</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
<ALTITUDE>329010</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>elxstor.sys</FILENAME>
<FILESIZE>530496</FILESIZE>
<CREATIONDATE>06-10-2009 20:36:49</CREATIONDATE>
<VERSION>7.2.10.211</VERSION>
<MANUFACTURER>Emulex</MANUFACTURER>
<PRODUCTNAME>Emulex LightPulse Storport Miniport Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>EraserUtilRebootDrv.sys</FILENAME>
<FILESIZE>132656</FILESIZE>
<CREATIONDATE>04-05-2011 08:55:41</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>errdev.sys</FILENAME>
<FILESIZE>9728</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:04</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>exfat.sys</FILENAME>
<FILESIZE>195072</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:29</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>fastfat.sys</FILENAME>
<FILESIZE>204800</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:29</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>fdc.sys</FILENAME>
<FILESIZE>29696</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:54</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>fileinfo.sys</FILENAME>
<FILESIZE>70224</FILESIZE>
<CREATIONDATE>07-13-2009 23:34:25</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>FSFilter Bottom</GROUP>
<ALTITUDE>45000</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>filetrace.sys</FILENAME>
<FILESIZE>34304</FILESIZE>
<CREATIONDATE>07-13-2009 23:25:40</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>FSFilter Activity Monitor</GROUP>
<ALTITUDE>385000</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>flpydisk.sys</FILENAME>
<FILESIZE>24576</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:54</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>fltmgr.sys</FILENAME>
<FILESIZE>290368</FILESIZE>
<CREATIONDATE>07-13-2009 23:20:01</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>FSFilter Infrastructure</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>FsDepends.sys</FILENAME>
<FILESIZE>55376</FILESIZE>
<CREATIONDATE>07-13-2009 23:26:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Filter</GROUP>
<ALTITUDE>370060</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>Fs_Rec.sys</FILENAME>
<FILESIZE>23104</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:46</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>fvevol.sys</FILENAME>
<FILESIZE>223448</FILESIZE>
<CREATIONDATE>04-04-2011 23:32:04</CREATIONDATE>
<VERSION>6.1.7600.16429</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>gagp30kx.sys</FILENAME>
<FILESIZE>65088</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>GEARAspiWDM.sys</FILENAME>
<FILESIZE>34152</FILESIZE>
<CREATIONDATE>04-05-2011 05:41:36</CREATIONDATE>
<VERSION>2.2.0.1</VERSION>
<MANUFACTURER>GEAR Software Inc.</MANUFACTURER>
<PRODUCTNAME>CD DVD Filter</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>hcw85cir.sys</FILENAME>
<FILESIZE>31232</FILESIZE>
<CREATIONDATE>07-13-2009 22:53:43</CREATIONDATE>
<VERSION>1.31.27127.0</VERSION>
<MANUFACTURER>Hauppauge Computer Works, Inc.</MANUFACTURER>
<PRODUCTNAME>hcw85cir.sys</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>HdAudio.sys</FILENAME>
<FILESIZE>350208</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:00</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>HDAudBus.sys</FILENAME>
<FILESIZE>122368</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>HidBatt.sys</FILENAME>
<FILESIZE>26624</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:06</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>hidbth.sys</FILENAME>
<FILESIZE>100864</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:52</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>hidir.sys</FILENAME>
<FILESIZE>46592</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:23</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>hidusb.sys</FILENAME>
<FILESIZE>30208</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:22</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>HpSAMD.sys</FILENAME>
<FILESIZE>77888</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:32</CREATIONDATE>
<VERSION>6.12.4.64</VERSION>
<MANUFACTURER>Hewlett-Packard Company</MANUFACTURER>
<PRODUCTNAME>Smart Array SAS/SATA Controller Media Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>HTTP.sys</FILENAME>
<FILESIZE>751616</FILESIZE>
<CREATIONDATE>07-13-2009 23:22:20</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>hwpolicy.sys</FILENAME>
<FILESIZE>14416</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:23</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>i8042prt.sys</FILENAME>
<FILESIZE>105472</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:58</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Keyboard Port</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>iaStor.sys</FILENAME>
<FILESIZE>408600</FILESIZE>
<CREATIONDATE>04-03-2011 22:53:52</CREATIONDATE>
<VERSION>8.9.0.1023</VERSION>
<MANUFACTURER>Intel Corporation</MANUFACTURER>
<PRODUCTNAME>Intel Matrix Storage Manager driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>iaStorV.sys</FILENAME>
<FILESIZE>410688</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:01</CREATIONDATE>
<VERSION>8.6.2.1012</VERSION>
<MANUFACTURER>Intel Corporation</MANUFACTURER>
<PRODUCTNAME>Intel Matrix Storage Manager driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>IDSvia64.sys</FILENAME>
<FILESIZE>476792</FILESIZE>
<CREATIONDATE>04-22-2011 00:39:32</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>igdkmd64.sys</FILENAME>
<FILESIZE>7369600</FILESIZE>
<CREATIONDATE>08-27-2009 15:07:06</CREATIONDATE>
<VERSION>8.15.10.1883</VERSION>
<MANUFACTURER>Intel Corporation</MANUFACTURER>
<PRODUCTNAME>Intel Graphics Accelerator Drivers for Windows 7®</PRODUCTNAME>
<GROUP>Video</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>iirsp.sys</FILENAME>
<FILESIZE>44112</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>5.4.22.0</VERSION>
<MANUFACTURER>Intel Corp./ICP vortex GmbH</MANUFACTURER>
<PRODUCTNAME>Intel/ICP Raid Storport Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>RTKVHD64.sys</FILENAME>
<FILESIZE>1966624</FILESIZE>
<CREATIONDATE>04-03-2011 22:58:34</CREATIONDATE>
<VERSION>6.0.1.5904</VERSION>
<MANUFACTURER>Realtek Semiconductor Corp.</MANUFACTURER>
<PRODUCTNAME>Realtek® High Definition Audio Function Driver</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>intelide.sys</FILENAME>
<FILESIZE>16960</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>intelppm.sys</FILENAME>
<FILESIZE>62464</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ipfltdrv.sys</FILENAME>
<FILESIZE>82944</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:04</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>IPMIDrv.sys</FILENAME>
<FILESIZE>78848</FILESIZE>
<CREATIONDATE>07-13-2009 23:47:45</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>ipnat.sys</FILENAME>
<FILESIZE>116224</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:03</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>irenum.sys</FILENAME>
<FILESIZE>17920</FILESIZE>
<CREATIONDATE>07-14-2009 00:08:59</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>isapnp.sys</FILENAME>
<FILESIZE>20544</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:08</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>msiscsi.sys</FILENAME>
<FILESIZE>224832</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:27</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>kbdclass.sys</FILENAME>
<FILESIZE>50768</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:50</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Keyboard Class</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>kbdhid.sys</FILENAME>
<FILESIZE>33280</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:20</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Keyboard Port</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ksecdd.sys</FILENAME>
<FILESIZE>95312</FILESIZE>
<CREATIONDATE>07-13-2009 23:20:57</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ksecpkg.sys</FILENAME>
<FILESIZE>153160</FILESIZE>
<CREATIONDATE>04-04-2011 23:31:08</CREATIONDATE>
<VERSION>6.1.7600.16484</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Cryptography</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ksthunk.sys</FILENAME>
<FILESIZE>20992</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:19</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>lltdio.sys</FILENAME>
<FILESIZE>60928</FILESIZE>
<CREATIONDATE>07-14-2009 00:08:51</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>LPCFilter.sys</FILENAME>
<FILESIZE>44912</FILESIZE>
<CREATIONDATE>07-31-2009 04:02:36</CREATIONDATE>
<VERSION>1.0.64.5</VERSION>
<MANUFACTURER>COMPAL ELECTRONIC INC.</MANUFACTURER>
<PRODUCTNAME />
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>lsi_fc.sys</FILENAME>
<FILESIZE>114752</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:34</CREATIONDATE>
<VERSION>1.28.3.52</VERSION>
<MANUFACTURER>LSI Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>lsi_sas.sys</FILENAME>
<FILESIZE>106560</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>1.28.3.52</VERSION>
<MANUFACTURER>LSI Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>lsi_sas2.sys</FILENAME>
<FILESIZE>65600</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:34</CREATIONDATE>
<VERSION>2.0.2.71</VERSION>
<MANUFACTURER>LSI Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>lsi_scsi.sys</FILENAME>
<FILESIZE>115776</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>1.28.3.67</VERSION>
<MANUFACTURER>LSI Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>luafv.sys</FILENAME>
<FILESIZE>113152</FILESIZE>
<CREATIONDATE>07-13-2009 23:26:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>FSFilter Virtualization</GROUP>
<ALTITUDE>135000</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>megasas.sys</FILENAME>
<FILESIZE>35392</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:14</CREATIONDATE>
<VERSION>4.5.1.64</VERSION>
<MANUFACTURER>LSI Corporation</MANUFACTURER>
<PRODUCTNAME>MEGASAS Storport Driver for Windows 7\Server 2008 R2 for x64</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MegaSR.sys</FILENAME>
<FILESIZE>284736</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>13.5.409.2009</VERSION>
<MANUFACTURER>LSI Corporation, Inc.</MANUFACTURER>
<PRODUCTNAME>MegaRAID Software RAID</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>modem.sys</FILENAME>
<FILESIZE>40448</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:49</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>monitor.sys</FILENAME>
<FILESIZE>30208</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:53</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>mouclass.sys</FILENAME>
<FILESIZE>49216</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:50</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Pointer Class</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mouhid.sys</FILENAME>
<FILESIZE>31232</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:20</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Pointer Port</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mountmgr.sys</FILENAME>
<FILESIZE>94784</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:54</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mpio.sys</FILENAME>
<FILESIZE>155216</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:27</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mpsdrv.sys</FILENAME>
<FILESIZE>77312</FILESIZE>
<CREATIONDATE>07-14-2009 00:08:25</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mrxdav.sys</FILENAME>
<FILESIZE>140800</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:57</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>mrxsmb.sys</FILENAME>
<FILESIZE>157696</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:19</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mrxsmb10.sys</FILENAME>
<FILESIZE>286720</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:19</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mrxsmb20.sys</FILENAME>
<FILESIZE>126464</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:19</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>msahci.sys</FILENAME>
<FILESIZE>30272</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:01</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>msdsm.sys</FILENAME>
<FILESIZE>140352</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:32</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Msfs.sys</FILENAME>
<FILESIZE>26112</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:47</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>File system</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mshidkmdf.sys</FILENAME>
<FILESIZE>8192</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:24</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>msisadrv.sys</FILENAME>
<FILESIZE>15424</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MSKSSRV.sys</FILENAME>
<FILESIZE>11136</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:18</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MSPCLOCK.sys</FILENAME>
<FILESIZE>7168</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MSPQM.sys</FILENAME>
<FILESIZE>6784</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MsRPC.sys</FILENAME>
<FILESIZE>367168</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>mssmbios.sys</FILENAME>
<FILESIZE>32320</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:10</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>MSTEE.sys</FILENAME>
<FILESIZE>8064</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>MTConfig.sys</FILENAME>
<FILESIZE>15360</FILESIZE>
<CREATIONDATE>07-14-2009 00:02:08</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>mup.sys</FILENAME>
<FILESIZE>60496</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:45</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nwifi.sys</FILENAME>
<FILESIZE>318976</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:24</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ENG64.SYS</FILENAME>
<FILESIZE>117880</FILESIZE>
<CREATIONDATE>04-22-2011 10:16:29</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>EX64.SYS</FILENAME>
<FILESIZE>1828984</FILESIZE>
<CREATIONDATE>04-22-2011 10:16:30</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>ndis.sys</FILENAME>
<FILESIZE>947776</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS Wrapper</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ndiscap.sys</FILENAME>
<FILESIZE>35328</FILESIZE>
<CREATIONDATE>07-14-2009 00:08:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ndistapi.sys</FILENAME>
<FILESIZE>24064</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:00</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>ndisuio.sys</FILENAME>
<FILESIZE>56320</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:25</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ndiswan.sys</FILENAME>
<FILESIZE>164352</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:13</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>NDProxy.sys</FILENAME>
<FILESIZE>57856</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:05</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>netbios.sys</FILENAME>
<FILESIZE>44544</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NetBIOSGroup</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>netbt.sys</FILENAME>
<FILESIZE>259072</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:29</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nfrd960.sys</FILENAME>
<FILESIZE>51264</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>7.10.0.0</VERSION>
<MANUFACTURER>IBM Corporation</MANUFACTURER>
<PRODUCTNAME>IBM ServeRAID Controller</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Npfs.sys</FILENAME>
<FILESIZE>44032</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>File system</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nsiproxy.sys</FILENAME>
<FILESIZE>24576</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:03</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>Ntfs.sys</FILENAME>
<FILESIZE>1659984</FILESIZE>
<CREATIONDATE>07-13-2009 23:20:57</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Null.sys</FILENAME>
<FILESIZE>6144</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:38</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nvraid.sys</FILENAME>
<FILESIZE>149056</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>10.6.0.16</VERSION>
<MANUFACTURER>NVIDIA Corporation</MANUFACTURER>
<PRODUCTNAME>NVIDIA nForce™ RAID Driver</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nvstor.sys</FILENAME>
<FILESIZE>167488</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:34</CREATIONDATE>
<VERSION>10.6.0.16</VERSION>
<MANUFACTURER>NVIDIA Corporation</MANUFACTURER>
<PRODUCTNAME>NVIDIA nForce™ SATA Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>nv_agp.sys</FILENAME>
<FILESIZE>122960</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ohci1394.sys</FILENAME>
<FILESIZE>72832</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:45</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>parport.sys</FILENAME>
<FILESIZE>97280</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:41</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Parallel arbitrator</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>partmgr.sys</FILENAME>
<FILESIZE>75840</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:58</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>pci.sys</FILENAME>
<FILESIZE>183872</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:52</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>pciide.sys</FILENAME>
<FILESIZE>12352</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:49</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>pcmcia.sys</FILENAME>
<FILESIZE>220752</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:10</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>pcw.sys</FILENAME>
<FILESIZE>50768</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:30</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>peauth.sys</FILENAME>
<FILESIZE>651264</FILESIZE>
<CREATIONDATE>07-13-2009 23:51:01</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>raspptp.sys</FILENAME>
<FILESIZE>111616</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:19</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>processr.sys</FILENAME>
<FILESIZE>60416</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>pacer.sys</FILENAME>
<FILESIZE>131584</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:42</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>PxHlpa64.sys</FILENAME>
<FILESIZE>55280</FILESIZE>
<CREATIONDATE>04-03-2011 23:11:18</CREATIONDATE>
<VERSION>3.0.90.2</VERSION>
<MANUFACTURER>Sonic Solutions</MANUFACTURER>
<PRODUCTNAME>PxHelp64</PRODUCTNAME>
<GROUP>Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ql2300.sys</FILENAME>
<FILESIZE>1524816</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:36</CREATIONDATE>
<VERSION>9.1.8.6</VERSION>
<MANUFACTURER>QLogic Corporation</MANUFACTURER>
<PRODUCTNAME>QLogic Fibre Channel Stor Miniport Driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ql40xx.sys</FILENAME>
<FILESIZE>128592</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:34</CREATIONDATE>
<VERSION>2.1.3.20</VERSION>
<MANUFACTURER>QLogic Corporation</MANUFACTURER>
<PRODUCTNAME>QLA40XX iSCSI Host Bus Adapter</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>qwavedrv.sys</FILENAME>
<FILESIZE>46592</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>rasacd.sys</FILENAME>
<FILESIZE>14848</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:09</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Streams Drivers</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>AgileVpn.sys</FILENAME>
<FILESIZE>60416</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:24</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>rasl2tp.sys</FILENAME>
<FILESIZE>130048</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:12</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>raspppoe.sys</FILENAME>
<FILESIZE>92672</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>rassstp.sys</FILENAME>
<FILESIZE>83968</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:25</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>rdbss.sys</FILENAME>
<FILESIZE>309248</FILESIZE>
<CREATIONDATE>07-13-2009 23:24:11</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>rdpbus.sys</FILENAME>
<FILESIZE>24064</FILESIZE>
<CREATIONDATE>07-14-2009 00:17:46</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>RDPCDD.sys</FILENAME>
<FILESIZE>7680</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video Save</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>rdpencdd.sys</FILENAME>
<FILESIZE>7680</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video Save</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>rdprefmp.sys</FILENAME>
<FILESIZE>8192</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:35</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video Save</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>RDPWD.sys</FILENAME>
<FILESIZE>204800</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>rdyboost.sys</FILENAME>
<FILESIZE>214096</FILESIZE>
<CREATIONDATE>07-13-2009 23:34:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>rspndr.sys</FILENAME>
<FILESIZE>76800</FILESIZE>
<CREATIONDATE>07-14-2009 00:08:51</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>RtsUStor.sys</FILENAME>
<FILESIZE>222208</FILESIZE>
<CREATIONDATE>04-03-2011 23:01:40</CREATIONDATE>
<VERSION>6.1.7600.30101</VERSION>
<MANUFACTURER>Realtek Semiconductor Corp.</MANUFACTURER>
<PRODUCTNAME>Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>Rt64win7.sys</FILENAME>
<FILESIZE>215040</FILESIZE>
<CREATIONDATE>04-03-2011 23:01:10</CREATIONDATE>
<VERSION>7.3.522.2009</VERSION>
<MANUFACTURER>Realtek</MANUFACTURER>
<PRODUCTNAME>Realtek 8136/8168/8169 PCI/PCIe Adapters</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>RTL8187B.sys</FILENAME>
<FILESIZE>446976</FILESIZE>
<CREATIONDATE>04-03-2011 22:59:56</CREATIONDATE>
<VERSION>62.1176.812.2009</VERSION>
<MANUFACTURER>Realtek Semiconductor Corporation</MANUFACTURER>
<PRODUCTNAME>Realtek RTL8187B Wireless USB 2.0 Adapter</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>SASDIFSV64.SYS</FILENAME>
<FILESIZE>14920</FILESIZE>
<CREATIONDATE>02-17-2010 18:23:05</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>SASKUTIL64.SYS</FILENAME>
<FILESIZE>12360</FILESIZE>
<CREATIONDATE>02-17-2010 18:23:05</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>sbp2port.sys</FILENAME>
<FILESIZE>104016</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:53</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>scfilter.sys</FILENAME>
<FILESIZE>29696</FILESIZE>
<CREATIONDATE>07-13-2009 23:50:17</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>secdrv.sys</FILENAME>
<FILESIZE>23040</FILESIZE>
<CREATIONDATE>07-14-2009 02:36:07</CREATIONDATE>
<VERSION>4.3.86.0</VERSION>
<MANUFACTURER>Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.</MANUFACTURER>
<PRODUCTNAME>Macrovision SECURITY Driver</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>serenum.sys</FILENAME>
<FILESIZE>23552</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:33</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>serial.sys</FILENAME>
<FILESIZE>94208</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:40</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>sermouse.sys</FILENAME>
<FILESIZE>26624</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:20</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Pointer Port</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>sffdisk.sys</FILENAME>
<FILESIZE>14336</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:01</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>sffp_mmc.sys</FILENAME>
<FILESIZE>13824</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:03</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>sffp_sd.sys</FILENAME>
<FILESIZE>14336</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:02</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>sfloppy.sys</FILENAME>
<FILESIZE>16896</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:02</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>SiSRaid2.sys</FILENAME>
<FILESIZE>43584</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:40</CREATIONDATE>
<VERSION>5.1.1039.2600</VERSION>
<MANUFACTURER>Silicon Integrated Systems Corp.</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>sisraid4.sys</FILENAME>
<FILESIZE>80464</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>5.1.1039.3600</VERSION>
<MANUFACTURER>Silicon Integrated Systems</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>smb.sys</FILENAME>
<FILESIZE>93184</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:09</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>spldr.sys</FILENAME>
<FILESIZE>19008</FILESIZE>
<CREATIONDATE>07-13-2009 20:27:56</CREATIONDATE>
<VERSION>6.1.7127.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>SRTSP64.SYS</FILENAME>
<FILESIZE>505392</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>12.0.2.7</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>AutoProtect</PRODUCTNAME>
<GROUP>FSFilter Anti-Virus</GROUP>
<ALTITUDE>329000</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>SRTSPX64.SYS</FILENAME>
<FILESIZE>32304</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>12.0.2.7</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>AutoProtect</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>srv.sys</FILENAME>
<FILESIZE>461312</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:27</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>srv2.sys</FILENAME>
<FILESIZE>401920</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:27</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>srvnet.sys</FILENAME>
<FILESIZE>161792</FILESIZE>
<CREATIONDATE>04-13-2011 22:17:27</CREATIONDATE>
<VERSION>6.1.7600.16765</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Network</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>stexstor.sys</FILENAME>
<FILESIZE>24656</FILESIZE>
<CREATIONDATE>07-13-2009 21:59:33</CREATIONDATE>
<VERSION>5.0.1.1</VERSION>
<MANUFACTURER>Promise Technology</MANUFACTURER>
<PRODUCTNAME>Promise SuperTrak EX Series</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>swenum.sys</FILENAME>
<FILESIZE>12496</FILESIZE>
<CREATIONDATE>07-14-2009 00:00:18</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>SYMDS64.SYS</FILENAME>
<FILESIZE>433200</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>1.0.0.121</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>SymDS</PRODUCTNAME>
<GROUP>FSFilter Bottom</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>SYMEFA64.SYS</FILENAME>
<FILESIZE>221232</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>2.0.3.2</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>EFA</PRODUCTNAME>
<GROUP>FSFilter Activity Monitor</GROUP>
<ALTITUDE>260600</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>SYMEVENT64x86.SYS</FILENAME>
<FILESIZE>173104</FILESIZE>
<CREATIONDATE>04-04-2011 06:18:36</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER />
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>Ironx64.SYS</FILENAME>
<FILESIZE>150064</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>1.0.4.3</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>Iron</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>SYMTDIV.SYS</FILENAME>
<FILESIZE>451120</FILESIZE>
<CREATIONDATE>04-06-2011 20:47:01</CREATIONDATE>
<VERSION>10.0.3.4</VERSION>
<MANUFACTURER>Symantec Corporation</MANUFACTURER>
<PRODUCTNAME>Symantec Security Drivers</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>SynTP.sys</FILENAME>
<FILESIZE>274480</FILESIZE>
<CREATIONDATE>07-21-2009 00:48:32</CREATIONDATE>
<VERSION>13.2.6.1</VERSION>
<MANUFACTURER>Synaptics Incorporated</MANUFACTURER>
<PRODUCTNAME>Synaptics Pointing Device Driver</PRODUCTNAME>
<GROUP>Pointer Port</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>tcpip.sys</FILENAME>
<FILESIZE>1896832</FILESIZE>
<CREATIONDATE>04-04-2011 23:33:32</CREATIONDATE>
<VERSION>6.1.7600.16610</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>tcpip.sys</FILENAME>
<FILESIZE>1896832</FILESIZE>
<CREATIONDATE>04-04-2011 23:33:32</CREATIONDATE>
<VERSION>6.1.7600.16610</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tcpipreg.sys</FILENAME>
<FILESIZE>44544</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:49</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tdcmdpst.sys</FILENAME>
<FILESIZE>27784</FILESIZE>
<CREATIONDATE>07-31-2009 04:22:04</CREATIONDATE>
<VERSION>2.0.0.3</VERSION>
<MANUFACTURER>TOSHIBA Corporation.</MANUFACTURER>
<PRODUCTNAME />
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>tdpipe.sys</FILENAME>
<FILESIZE>15872</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:32</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tdtcp.sys</FILENAME>
<FILESIZE>23552</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:32</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tdx.sys</FILENAME>
<FILESIZE>99840</FILESIZE>
<CREATIONDATE>07-13-2009 23:21:15</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>termdd.sys</FILENAME>
<FILESIZE>62544</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:36</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tos_sps64.sys</FILENAME>
<FILESIZE>482384</FILESIZE>
<CREATIONDATE>04-03-2011 23:07:52</CREATIONDATE>
<VERSION>4.2.0.0</VERSION>
<MANUFACTURER>TOSHIBA Corporation</MANUFACTURER>
<PRODUCTNAME>tos_sps64</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tssecsrv.sys</FILENAME>
<FILESIZE>38400</FILESIZE>
<CREATIONDATE>07-14-2009 00:16:41</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>tunnel.sys</FILENAME>
<FILESIZE>125440</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:38</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>TVALZ_O.SYS</FILENAME>
<FILESIZE>26840</FILESIZE>
<CREATIONDATE>07-14-2009 22:31:18</CREATIONDATE>
<VERSION>2.0.0.3</VERSION>
<MANUFACTURER>TOSHIBA Corporation</MANUFACTURER>
<PRODUCTNAME />
</DRIVER>
- <DRIVER>
<FILENAME>uagp35.sys</FILENAME>
<FILESIZE>64080</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:44</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>udfs.sys</FILENAME>
<FILESIZE>327168</FILESIZE>
<CREATIONDATE>07-13-2009 23:23:37</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot File System</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>uliagpkx.sys</FILENAME>
<FILESIZE>64592</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PnP Filter</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>umbus.sys</FILENAME>
<FILESIZE>48640</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:56</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>umpass.sys</FILENAME>
<FILESIZE>9728</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:52</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbaapl64.sys</FILENAME>
<FILESIZE>51712</FILESIZE>
<CREATIONDATE>02-18-2011 20:36:58</CREATIONDATE>
<VERSION>1.55.0.0</VERSION>
<MANUFACTURER>Apple, Inc.</MANUFACTURER>
<PRODUCTNAME>Apple Mobile Device USB Driver</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbccgp.sys</FILENAME>
<FILESIZE>98816</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:45</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbcir.sys</FILENAME>
<FILESIZE>100352</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:37</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbehci.sys</FILENAME>
<FILESIZE>51200</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:30</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbhub.sys</FILENAME>
<FILESIZE>343040</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:09</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbohci.sys</FILENAME>
<FILESIZE>25600</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:30</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>usbprint.sys</FILENAME>
<FILESIZE>25088</FILESIZE>
<CREATIONDATE>07-14-2009 00:38:18</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>extended base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>USBSTOR.SYS</FILENAME>
<FILESIZE>89600</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>usbuhci.sys</FILENAME>
<FILESIZE>30720</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:27</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>vdrvroot.sys</FILENAME>
<FILESIZE>36432</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:31</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Boot Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>vgapnp.sys</FILENAME>
<FILESIZE>29184</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>vga.sys</FILENAME>
<FILESIZE>29184</FILESIZE>
<CREATIONDATE>07-13-2009 23:38:48</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Video Save</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>vhdmp.sys</FILENAME>
<FILESIZE>217680</FILESIZE>
<CREATIONDATE>07-14-2009 00:01:36</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>SCSI miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>viaide.sys</FILENAME>
<FILESIZE>17488</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:50</CREATIONDATE>
<VERSION>6.0.6000.170</VERSION>
<MANUFACTURER>VIA Technologies, Inc.</MANUFACTURER>
<PRODUCTNAME>VIA PCI IDE MINI Driver</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>volmgr.sys</FILENAME>
<FILESIZE>71760</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:57</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>volmgrx.sys</FILENAME>
<FILESIZE>363584</FILESIZE>
<CREATIONDATE>07-13-2009 23:20:35</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>System Bus Extender</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>volsnap.sys</FILENAME>
<FILESIZE>294992</FILESIZE>
<CREATIONDATE>07-13-2009 23:20:09</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>vsmraid.sys</FILENAME>
<FILESIZE>161872</FILESIZE>
<CREATIONDATE>06-10-2009 20:37:58</CREATIONDATE>
<VERSION>6.0.6000.6210</VERSION>
<MANUFACTURER>VIA Technologies Inc.,Ltd</MANUFACTURER>
<PRODUCTNAME>VIA RAID driver</PRODUCTNAME>
<GROUP>SCSI Miniport</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>vwifibus.sys</FILENAME>
<FILESIZE>24576</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:21</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>vwififlt.sys</FILENAME>
<FILESIZE>59904</FILESIZE>
<CREATIONDATE>07-14-2009 00:07:22</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>wacompen.sys</FILENAME>
<FILESIZE>27776</FILESIZE>
<CREATIONDATE>07-14-2009 00:02:07</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>wanarp.sys</FILENAME>
<FILESIZE>88576</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:22</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>wanarp.sys</FILENAME>
<FILESIZE>88576</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:22</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>wd.sys</FILENAME>
<FILESIZE>21056</FILESIZE>
<CREATIONDATE>07-13-2009 23:19:55</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>Wdf01000.sys</FILENAME>
<FILESIZE>654928</FILESIZE>
<CREATIONDATE>07-13-2009 23:22:11</CREATIONDATE>
<VERSION>1.9.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>WdfLoadGroup</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>wfplwf.sys</FILENAME>
<FILESIZE>12800</FILESIZE>
<CREATIONDATE>07-14-2009 00:09:26</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>NDIS</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>wimmount.sys</FILENAME>
<FILESIZE>22096</FILESIZE>
<CREATIONDATE>07-13-2009 23:29:31</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>FSFilter Infrastructure</GROUP>
<ALTITUDE>180700</ALTITUDE>
</DRIVER>
- <DRIVER>
<FILENAME>WinUsb.sys</FILENAME>
<FILESIZE>40448</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:28</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
- <DRIVER>
<FILENAME>wmiacpi.sys</FILENAME>
<FILESIZE>14336</FILESIZE>
<CREATIONDATE>07-13-2009 23:31:03</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>Extended Base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>ws2ifsl.sys</FILENAME>
<FILESIZE>21504</FILESIZE>
<CREATIONDATE>07-14-2009 00:10:34</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>PNP_TDI</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>WudfPf.sys</FILENAME>
<FILESIZE>112128</FILESIZE>
<CREATIONDATE>07-14-2009 00:05:40</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
<GROUP>base</GROUP>
</DRIVER>
- <DRIVER>
<FILENAME>WUDFRd.sys</FILENAME>
<FILESIZE>172544</FILESIZE>
<CREATIONDATE>07-14-2009 00:06:06</CREATIONDATE>
<VERSION>6.1.7600.16385</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
</DRIVERS>
</SYSTEMINFO>

I was also looking in event viewer and came across a few things:

The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa8006eb3000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 042211-35927-01.

There are many more warnings and critical events logged all from the night and early morning between 4/21 and 4/22. I am concerned and I am wondering if I should wave a white flag and just go with a system restore?!?

#12 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 24 April 2011 - 12:47 PM

Hello.

Is the error you mentioned recurring, or was it a one time occurrence?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#13 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 25 April 2011 - 04:28 PM

The BlueScreen occurrence was the first. I did send the logs to my father to forward to my brother whom I no longer speak too, and he informed my father that he sees 2 malware items in the HijackThis log: Superantispyware (SAS) and Watadmin Service. I know those are necessary system operating files so I'm pretty lost as to what I can do. He also said that the reason I am just about dead in the water is because the lsass is missing, which is why I have lost admin rights. Do these observations seem right? Last night, I received an e-mailo from MYSELF. I logged on, changed the password for the second time and looked at my recent log ons. I live in Jersey, but somehow I logged on in Germany and California at the same time last night and sent out viagra links. Please help me :(

#14 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:29 PM

Posted 26 April 2011 - 06:24 AM

Hello,

Neither of the entries your brother mentions are malware. They're both legitimate. I'm not sure what makes him think they're bad, but he's mistaken.

A couple house rules before we go any further. These guidelines will help us both and get you fixed up faster and more efficiently.

Before we begin cleaning your machine, I'd like to lay out some guidelines for us to follow while we are working together.
  • I will be assisting you with your malware issues. This may or may not resolve other problems you are having with your computer. If you are still having problems after your machine has been determined clean, I will be glad to direct you to the proper forum for assistance.
  • Even if things appear better, that does not mean we are finished. Please continue to follow my instructions until I give you the all clean. Absence of symptoms does not mean that all the malware has been removed. If a piece of the infection is left, it can regenerate and reinfect your machine.
  • Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • I ask that you please refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. If you act independently it will cause changes to your system that I will not be aware of, which will make the process of cleaning the machine a much slower and more difficult process. Additionally, some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you are unsure or confused about any instructions I give you, you should ask me to clarify before doing anything. Additionally, if you run into any problems while carrying out instructions, you should STOP and reply back here explaining what happened.
  • After 5 days if a topic is not replied to we assume it has been abandoned and it is closed. If you need additional time, that is perfectly alright; you just need to let us know beforehand. :)

***************************************************

I logged on, changed the password for the second time and looked at my recent log ons.

Do this for me. Please log into your email using a computer that you know is clean and change your password again. Just in case.

***************************************************

You've lost admin rights? when did this happen and can you provide examples?

***************************************************

Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

EasyFix Tools (or any permutation of EasyFix)

Additional instructions can be found here if needed.

***************************************************

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :OTL
    DRV - [2011/04/20 00:35:12 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\windows\system32\drivers\ylokgt.sys -- (yqcj)
    [2011/04/20 00:35:12 | 000,061,440 | ---- | M] () -- C:\windows\SysWow64\drivers\ylokgt.sys
    [2011/04/19 21:03:44 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2011/04/05 20:11:16 | 000,000,000 | ---D | C] -- C:\e64b84bf142a123605be3fcf6170c4
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    
    :commands
    [emptytemp]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

***************************************************
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

~Blade


In your next reply, please include the following:
OTL Fix Log
OTL.txt
Extras.txt

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users