[code] OTS logfile created on: 6/21/2011 5:14:02 PM - Run 1 OTS by OldTimer - Version 3.1.44.0 Folder = C:\Users\Alyssa\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137.20 Gb Total Space | 27.21 Gb Free Space | 19.83% Space Free | Partition Type: NTFS Drive D: | 11.85 Gb Total Space | 1.89 Gb Free Space | 15.93% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ALYSSA-PC Current User Name: Alyssa Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Alyssa\Downloads\OTS.exe -> [2011/06/21 17:13:05 | 000,645,120 | ---- | M] (OldTimer Tools) explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -> [2008/08/11 21:06:28 | 000,611,664 | ---- | M] (Lavasoft) [Modules - Safe List] ots.exe -> C:\Users\Alyssa\Downloads\OTS.exe -> [2011/06/21 17:13:05 | 000,645,120 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) [Win32 Services - All] (Dnscache) DNS Client [Auto | Running] -> C:\Windows\System32\dnsrslvr.dll -> [2011/03/02 10:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) (FontCache) Windows Font Cache Service [Auto | Stopped] -> C:\Windows\System32\FntCache.dll -> [2011/02/22 08:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) (Sophos AutoUpdate Service) Sophos AutoUpdate Service [Auto | Stopped] -> C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -> [2011/01/25 16:41:30 | 000,230,640 | ---- | M] (Sophos Plc) (swi_service) Sophos Web Intelligence Service [Auto | Stopped] -> C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -> [2011/01/25 16:41:01 | 001,541,360 | ---- | M] (Sophos Plc) (SAVService) Sophos Anti-Virus [Unknown | Stopped] -> C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -> [2011/01/25 16:40:53 | 000,097,520 | ---- | M] (Sophos Plc) (SAVAdminService) Sophos Anti-Virus status reporter [Unknown | Stopped] -> C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -> [2011/01/25 16:40:49 | 000,163,056 | ---- | M] (Sophos Plc) (Sophos Message Router) Sophos Message Router [Auto | Stopped] -> C:\Program Files\Sophos\Remote Management System\RouterNT.exe -> [2011/01/25 16:40:26 | 000,806,912 | ---- | M] (Sophos Plc) (Sophos Agent) Sophos Agent [Auto | Stopped] -> C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe -> [2011/01/25 16:40:22 | 000,282,624 | ---- | M] (Sophos Plc) (iPod Service) iPod Service [On_Demand | Stopped] -> C:\Program Files\iPod\bin\iPodService.exe -> [2010/12/13 18:16:10 | 000,820,008 | ---- | M] (Apple Inc.) (Schedule) Task Scheduler [Unknown | Stopped] -> C:\Windows\System32\schedsvc.dll -> [2010/11/04 13:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) (Apple Mobile Device) Apple Mobile Device [Auto | Stopped] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) (LanmanServer) Server [Auto | Stopped] -> C:\Windows\System32\srvsvc.dll -> [2010/09/06 11:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) (Spooler) Print Spooler [Auto | Stopped] -> C:\Windows\System32\spoolsv.exe -> [2010/08/17 09:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) (Bonjour Service) Bonjour Service [Auto | Stopped] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2010/07/27 18:44:08 | 000,345,376 | ---- | M] (Apple Inc.) (lxebCATSCustConnectService) lxebCATSCustConnectService [Auto | Stopped] -> C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe -> [2010/04/14 19:55:56 | 000,193,192 | ---- | M] () (WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -> [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) (iphlpsvc) IP Helper [Auto | Stopped] -> C:\Windows\System32\iphlpsvc.dll -> [2010/02/18 08:30:03 | 000,200,704 | ---- | M] (Microsoft Corporation) (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2010/01/19 16:45:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) (lxeb_device) lxeb_device [Auto | Stopped] -> C:\Windows\System32\lxebcoms.exe -> [2010/01/07 22:01:28 | 000,598,696 | ---- | M] ( ) (gupdatem) Google Update Service (gupdatem) [On_Demand | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009/12/24 20:25:44 | 000,135,664 | ---- | M] (Google Inc.) (gupdate) Google Update Service (gupdate) [Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009/12/24 20:25:44 | 000,135,664 | ---- | M] (Google Inc.) (WinRM) Windows Remote Management (WS-Management) [On_Demand | Stopped] -> C:\Windows\System32\WsmSvc.dll -> [2009/10/09 16:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) (Wecsvc) Windows Event Collector [On_Demand | Stopped] -> C:\Windows\System32\wecsvc.dll -> [2009/10/09 16:55:52 | 000,146,944 | ---- | M] (Microsoft Corporation) (WPDBusEnum) Portable Device Enumerator Service [Auto | Stopped] -> C:\Windows\System32\wpdbusenum.dll -> [2009/09/30 20:01:54 | 000,081,920 | ---- | M] (Microsoft Corporation) (WinHttpAutoProxySvc) WinHTTP Web Proxy Auto-Discovery Service [On_Demand | Stopped] -> C:\Windows\System32\winhttp.dll -> [2009/08/24 06:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) (wuauserv) Windows Update [Auto | Stopped] -> C:\Windows\System32\wuaueng.dll -> [2009/08/06 21:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) (Wlansvc) WLAN AutoConfig [Auto | Running] -> C:\Windows\System32\wlansvc.dll -> [2009/07/11 14:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) (Themes) Themes [Auto | Stopped] -> C:\Windows\System32\shsvcs.dll -> [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) (ShellHWDetection) Shell Hardware Detection [Auto | Stopped] -> C:\Windows\System32\shsvcs.dll -> [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) (SamSs) Security Accounts Manager [Auto | Stopped] -> C:\Windows\System32\lsass.exe -> [2009/06/15 07:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) (ProtectedStorage) Protected Storage [On_Demand | Stopped] -> C:\Windows\System32\lsass.exe -> [2009/06/15 07:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) (Netlogon) Netlogon [On_Demand | Stopped] -> C:\Windows\System32\lsass.exe -> [2009/06/15 07:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) (KeyIso) CNG Key Isolation [On_Demand | Running] -> C:\Windows\System32\lsass.exe -> [2009/06/15 07:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) (LanmanWorkstation) Workstation [Auto | Running] -> C:\Windows\System32\wkssvc.dll -> [2009/06/10 06:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) (wscsvc) Security Center [Auto | Stopped] -> C:\Windows\System32\wscsvc.dll -> [2009/04/11 01:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) (Eventlog) Windows Event Log [Auto | Running] -> C:\Windows\System32\wevtsvc.dll -> [2009/04/11 01:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) (stisvc) Windows Image Acquisition (WIA) [Auto | Stopped] -> C:\Windows\System32\wiaservc.dll -> [2009/04/11 01:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) (wcncsvc) Windows Connect Now - Config Registrar [On_Demand | Stopped] -> C:\Windows\System32\wcncsvc.dll -> [2009/04/11 01:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) (W32Time) Windows Time [Auto | Stopped] -> C:\Windows\System32\w32time.dll -> [2009/04/11 01:28:25 | 000,282,624 | ---- | M] (Microsoft Corporation) (PlugPlay) Plug and Play [Auto | Running] -> C:\Windows\System32\umpnpmgr.dll -> [2009/04/11 01:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) (WebClient) WebClient [Auto | Stopped] -> C:\Windows\System32\WebClnt.dll -> [2009/04/11 01:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) (Winmgmt) Windows Management Instrumentation [Auto | Running] -> C:\Windows\System32\wbem\WMIsvc.dll -> [2009/04/11 01:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) (WPCSvc) Parental Controls [On_Demand | Stopped] -> C:\Windows\System32\wpcsvc.dll -> [2009/04/11 01:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) (WerSvc) Windows Error Reporting Service [Auto | Stopped] -> C:\Windows\System32\wersvc.dll -> [2009/04/11 01:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation) (UxSms) Desktop Window Manager Session Manager [Auto | Stopped] -> C:\Windows\System32\uxsms.dll -> [2009/04/11 01:28:25 | 000,029,184 | ---- | M] (Microsoft Corporation) (SysMain) Superfetch [Auto | Stopped] -> C:\Windows\System32\sysmain.dll -> [2009/04/11 01:28:24 | 000,558,080 | ---- | M] (Microsoft Corporation) (RpcSs) Remote Procedure Call (RPC) [Unknown | Running] -> C:\Windows\System32\rpcss.dll -> [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) (DcomLaunch) DCOM Server Process Launcher [Unknown | Running] -> C:\Windows\System32\rpcss.dll -> [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) (TermService) Terminal Services [Auto | Stopped] -> C:\Windows\System32\termsrv.dll -> [2009/04/11 01:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) (swprv) Microsoft Software Shadow Copy Provider [On_Demand | Stopped] -> C:\Windows\System32\swprv.dll -> [2009/04/11 01:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) (RasMan) Remote Access Connection Manager [On_Demand | Stopped] -> C:\Windows\System32\rasmans.dll -> [2009/04/11 01:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) (TapiSrv) Telephony [On_Demand | Stopped] -> C:\Windows\System32\tapisrv.dll -> [2009/04/11 01:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) (RemoteRegistry) Remote Registry [On_Demand | Stopped] -> C:\Windows\System32\regsvc.dll -> [2009/04/11 01:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) (SCardSvr) Smart Card [Unknown | Stopped] -> C:\Windows\System32\SCardSvr.dll -> [2009/04/11 01:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) (SLUINotify) SL UI Notification Service [On_Demand | Stopped] -> C:\Windows\System32\SLUINotify.dll -> [2009/04/11 01:28:24 | 000,060,928 | ---- | M] (Microsoft Corporation) (BITS) Background Intelligent Transfer Service [Auto | Stopped] -> C:\Windows\System32\qmgr.dll -> [2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) (PNRPsvc) Peer Name Resolution Protocol [On_Demand | Stopped] -> C:\Windows\System32\p2psvc.dll -> [2009/04/11 01:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) (PNRPAutoReg) PNRP Machine Name Publication Service [On_Demand | Stopped] -> C:\Windows\System32\p2psvc.dll -> [2009/04/11 01:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) (p2psvc) Peer Networking Grouping [On_Demand | Stopped] -> C:\Windows\System32\p2psvc.dll -> [2009/04/11 01:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) (p2pimsvc) Peer Networking Identity Manager [On_Demand | Stopped] -> C:\Windows\System32\p2psvc.dll -> [2009/04/11 01:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) (napagent) Network Access Protection Agent [On_Demand | Stopped] -> C:\Windows\System32\QAGENTRT.DLL -> [2009/04/11 01:28:23 | 000,302,592 | ---- | M] (Microsoft Corporation) (ProfSvc) User Profile Service [Auto | Running] -> C:\Windows\System32\profsvc.dll -> [2009/04/11 01:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) (IKEEXT) IKE and AuthIP IPsec Keying Modules [Auto | Running] -> C:\Windows\System32\IKEEXT.DLL -> [2009/04/11 01:28:20 | 000,438,784 | ---- | M] (Microsoft Corporation) (MpsSvc) Windows Firewall [Auto | Running] -> C:\Windows\System32\MPSSVC.dll -> [2009/04/11 01:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) (PolicyAgent) IPsec Policy Agent [Auto | Running] -> C:\Windows\System32\IPSECSVC.DLL -> [2009/04/11 01:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) (gpsvc) Group Policy Client [Unknown | Stopped] -> C:\Windows\System32\gpsvc.dll -> [2009/04/11 01:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation) (EMDMgmt) ReadyBoost [Auto | Stopped] -> C:\Windows\System32\emdmgmt.dll -> [2009/04/11 01:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) (EventSystem) COM+ Event System [Auto | Stopped] -> C:\Windows\System32\es.dll -> [2009/04/11 01:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) (hidserv) Human Interface Device Access [Auto | Stopped] -> C:\Windows\System32\hidserv.dll -> [2009/04/11 01:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) (BFE) Base Filtering Engine [Auto | Running] -> C:\Windows\System32\BFE.DLL -> [2009/04/11 01:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) (Audiosrv) Windows Audio [Auto | Stopped] -> C:\Windows\System32\audiosrv.dll -> [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) (AudioEndpointBuilder) Windows Audio Endpoint Builder [Auto | Stopped] -> C:\Windows\System32\audiosrv.dll -> [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) (Dhcp) DHCP Client [Auto | Running] -> C:\Windows\System32\dhcpcsvc.dll -> [2009/04/11 01:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) (dot3svc) Wired AutoConfig [On_Demand | Stopped] -> C:\Windows\System32\dot3svc.dll -> [2009/04/11 01:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) (CryptSvc) Cryptographic Services [Auto | Running] -> C:\Windows\System32\cryptsvc.dll -> [2009/04/11 01:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) (BthServ) Bluetooth Support Service [Auto | Stopped] -> C:\Windows\System32\bthserv.dll -> [2009/04/11 01:28:18 | 000,040,960 | ---- | M] (Microsoft Corporation) (SCPolicySvc) Smart Card Removal Policy [Unknown | Stopped] -> C:\Windows\System32\certprop.dll -> [2009/04/11 01:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) (CertPropSvc) Certificate Propagation [Unknown | Stopped] -> C:\Windows\System32\certprop.dll -> [2009/04/11 01:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) (wmiApSrv) WMI Performance Adapter [On_Demand | Stopped] -> C:\Windows\System32\wbem\WmiApSrv.exe -> [2009/04/11 01:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) (VSS) Volume Shadow Copy [On_Demand | Stopped] -> C:\Windows\System32\VSSVC.exe -> [2009/04/11 01:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) (vds) Virtual Disk [On_Demand | Stopped] -> C:\Windows\System32\vds.exe -> [2009/04/11 01:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) (TrustedInstaller) Windows Modules Installer [Unknown | Stopped] -> C:\Windows\servicing\TrustedInstaller.exe -> [2009/04/11 01:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) (WSearch) Windows Search [Auto | Stopped] -> C:\Windows\System32\SearchIndexer.exe -> [2009/04/11 01:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) (slsvc) Software Licensing [Auto | Stopped] -> C:\Windows\System32\SLsvc.exe -> [2009/04/11 01:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) (msiserver) Windows Installer [On_Demand | Stopped] -> C:\Windows\System32\msiexec.exe -> [2009/04/11 01:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) (DFSR) DFS Replication [On_Demand | Stopped] -> C:\Windows\System32\dfsr.exe -> [2009/04/11 01:27:31 | 002,092,544 | ---- | M] (Microsoft Corporation) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) (gusvc) Google Software Updater [Auto | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/03/24 19:59:04 | 000,183,280 | ---- | M] (Google) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2009/02/18 13:39:20 | 000,043,904 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2009/02/18 13:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) (idsvc) Windows CardSpace [Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2009/02/18 13:38:42 | 000,879,448 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) (aawservice) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -> [2008/08/11 21:06:28 | 000,611,664 | ---- | M] (Lavasoft) (HP Health Check Service) HP Health Check Service [Auto | Stopped] -> c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -> [2008/06/16 08:02:28 | 000,094,208 | ---- | M] (Hewlett-Packard) (IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Stopped] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) (wudfsvc) Windows Driver Foundation - User-mode Driver Framework [Auto | Running] -> C:\Windows\System32\WUDFSvc.dll -> [2008/01/19 02:37:12 | 000,055,296 | ---- | M] (Microsoft Corporation) (wercplsupport) Problem Reports and Solutions Control Panel Support [On_Demand | Stopped] -> C:\Windows\System32\wercplsupport.dll -> [2008/01/19 02:36:52 | 000,062,976 | ---- | M] (Microsoft Corporation) (WdiSystemHost) Diagnostic System Host [Unknown | Stopped] -> C:\Windows\System32\wdi.dll -> [2008/01/19 02:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) (WdiServiceHost) Diagnostic Service Host [Unknown | Stopped] -> C:\Windows\System32\wdi.dll -> [2008/01/19 02:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) (upnphost) UPnP Device Host [Auto | Stopped] -> C:\Windows\System32\upnphost.dll -> [2008/01/19 02:36:46 | 000,259,072 | ---- | M] (Microsoft Corporation) (TrkWks) Distributed Link Tracking Client [Auto | Stopped] -> C:\Windows\System32\trkwks.dll -> [2008/01/19 02:36:42 | 000,075,264 | ---- | M] (Microsoft Corporation) (TBS) TPM Base Services [Auto | Stopped] -> C:\Windows\System32\tbssvc.dll -> [2008/01/19 02:36:39 | 000,056,320 | ---- | M] (Microsoft Corporation) (SSDPSRV) SSDP Discovery [On_Demand | Stopped] -> C:\Windows\System32\ssdpsrv.dll -> [2008/01/19 02:36:36 | 000,155,648 | ---- | M] (Microsoft Corporation) (SstpSvc) Secure Socket Tunneling Protocol Service [On_Demand | Stopped] -> C:\Windows\System32\sstpsvc.dll -> [2008/01/19 02:36:36 | 000,116,736 | ---- | M] (Microsoft Corporation) (SessionEnv) Terminal Services Configuration [On_Demand | Stopped] -> C:\Windows\System32\SessEnv.dll -> [2008/01/19 02:36:21 | 000,084,992 | ---- | M] (Microsoft Corporation) (SENS) System Event Notification Service [Auto | Stopped] -> C:\Windows\System32\Sens.dll -> [2008/01/19 02:36:21 | 000,047,104 | ---- | M] (Microsoft Corporation) (SDRSVC) Windows Backup [On_Demand | Stopped] -> C:\Windows\System32\sdrsvc.dll -> [2008/01/19 02:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) (seclogon) Secondary Logon [Auto | Stopped] -> C:\Windows\System32\seclogon.dll -> [2008/01/19 02:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) (RasAuto) Remote Access Auto Connection Manager [On_Demand | Stopped] -> C:\Windows\System32\rasauto.dll -> [2008/01/19 02:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) (QWAVE) Quality Windows Audio Video Experience [On_Demand | Stopped] -> C:\Windows\System32\qwave.dll -> [2008/01/19 02:36:14 | 000,243,712 | ---- | M] (Microsoft Corporation) (pla) Performance Logs & Alerts [On_Demand | Stopped] -> C:\Windows\System32\pla.dll -> [2008/01/19 02:36:06 | 001,502,208 | ---- | M] (Microsoft Corporation) (PcaSvc) Program Compatibility Assistant Service [Auto | Stopped] -> C:\Windows\System32\pcasvc.dll -> [2008/01/19 02:36:03 | 000,037,888 | ---- | M] (Microsoft Corporation) (nsi) Network Store Interface Service [Auto | Running] -> C:\Windows\System32\nsisvc.dll -> [2008/01/19 02:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) (NlaSvc) Network Location Awareness [Auto | Running] -> C:\Windows\System32\nlasvc.dll -> [2008/01/19 02:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) (Netman) Network Connections [On_Demand | Running] -> C:\Windows\System32\netman.dll -> [2008/01/19 02:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) (netprofm) Network List Service [Auto | Running] -> C:\Windows\System32\netprofm.dll -> [2008/01/19 02:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) (KtmRm) KtmRm for Distributed Transaction Coordinator [Auto | Stopped] -> C:\Windows\System32\msdtckrm.dll -> [2008/01/19 02:34:56 | 000,344,576 | ---- | M] (Microsoft Corporation) (RemoteAccess) Routing and Remote Access [Disabled | Stopped] -> C:\Windows\System32\mprdim.dll -> [2008/01/19 02:34:53 | 000,068,608 | ---- | M] (Microsoft Corporation) (THREADORDER) Thread Ordering Server [On_Demand | Stopped] -> C:\Windows\System32\mmcss.dll -> [2008/01/19 02:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) (MMCSS) Multimedia Class Scheduler [Auto | Stopped] -> C:\Windows\System32\mmcss.dll -> [2008/01/19 02:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) (Mcx2Svc) Windows Media Center Extender Service [Disabled | Stopped] -> C:\Windows\System32\Mcx2Svc.dll -> [2008/01/19 02:34:44 | 000,053,760 | ---- | M] (Microsoft Corporation) (lltdsvc) Link-Layer Topology Discovery Mapper [On_Demand | Stopped] -> C:\Windows\System32\lltdsvc.dll -> [2008/01/19 02:34:42 | 000,188,928 | ---- | M] (Microsoft Corporation) (hkmsvc) Health Key and Certificate Management [On_Demand | Stopped] -> C:\Windows\System32\KMSVC.DLL -> [2008/01/19 02:34:36 | 000,068,096 | ---- | M] (Microsoft Corporation) (MSiSCSI) Microsoft iSCSI Initiator Service [On_Demand | Stopped] -> C:\Windows\System32\iscsiexe.dll -> [2008/01/19 02:34:35 | 000,111,616 | ---- | M] (Microsoft Corporation) (SharedAccess) Internet Connection Sharing (ICS) [Disabled | Stopped] -> C:\Windows\System32\ipnathlp.dll -> [2008/01/19 02:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) (IPBusEnum) PnP-X IP Bus Enumerator [On_Demand | Stopped] -> C:\Windows\System32\IPBusEnum.dll -> [2008/01/19 02:34:34 | 000,074,240 | ---- | M] (Microsoft Corporation) (fdPHost) Function Discovery Provider Host [On_Demand | Stopped] -> C:\Windows\System32\fdPHost.dll -> [2008/01/19 02:34:21 | 000,013,312 | ---- | M] (Microsoft Corporation) (EapHost) Extensible Authentication Protocol [On_Demand | Running] -> C:\Windows\System32\eapsvc.dll -> [2008/01/19 02:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) (DPS) Diagnostic Policy Service [Unknown | Stopped] -> C:\Windows\System32\dps.dll -> [2008/01/19 02:34:06 | 000,134,656 | ---- | M] (Microsoft Corporation) (Browser) Computer Browser [Auto | Stopped] -> C:\Windows\System32\browser.dll -> [2008/01/19 02:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) (Appinfo) Application Information [On_Demand | Stopped] -> C:\Windows\System32\appinfo.dll -> [2008/01/19 02:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [On_Demand | Stopped] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/19 02:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) (UI0Detect) Interactive Services Detection [On_Demand | Stopped] -> C:\Windows\System32\UI0Detect.exe -> [2008/01/19 02:33:33 | 000,035,840 | ---- | M] (Microsoft Corporation) (MSDTC) Distributed Transaction Coordinator [Unknown | Stopped] -> C:\Windows\System32\msdtc.exe -> [2008/01/19 02:33:16 | 000,105,984 | ---- | M] (Microsoft Corporation) (ehRecvr) Windows Media Center Receiver Service [On_Demand | Stopped] -> C:\Windows\ehome\ehrecvr.exe -> [2008/01/19 02:33:09 | 000,292,352 | ---- | M] (Microsoft Corporation) (ALG) Application Layer Gateway Service [On_Demand | Stopped] -> C:\Windows\System32\alg.exe -> [2008/01/19 02:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) (QPCapSvc) QuickPlay Background Capture Service (QBCS) [Auto | Stopped] -> C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -> [2007/09/30 21:34:54 | 000,271,760 | ---- | M] () (QPSched) QuickPlay Task Scheduler (QTS) [Auto | Stopped] -> C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -> [2007/09/30 21:34:54 | 000,112,016 | ---- | M] () (GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -> [2007/07/23 18:33:06 | 000,181,800 | ---- | M] (WildTangent, Inc.) (WcesComm) Windows Mobile-2003-based device connectivity [Auto | Stopped] -> C:\Windows\WindowsMobile\wcescomm.dll -> [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) (RapiMgr) Windows Mobile-based device connectivity [Auto | Stopped] -> C:\Windows\WindowsMobile\rapimgr.dll -> [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) (Com4Qlb) Com4Qlb [On_Demand | Stopped] -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -> [2007/03/05 12:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) (RichVideo) Cyberlink RichVideo Service(CRVS) [Auto | Stopped] -> C:\Program Files\CyberLink\Shared Files\RichVideo.exe -> [2007/01/09 05:25:30 | 000,272,024 | ---- | M] () (ehSched) Windows Media Center Scheduler Service [On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2006/11/02 07:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) (ehstart) Windows Media Center Service Launcher [Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) (TabletInputService) Tablet PC Input Service [Auto | Stopped] -> C:\Windows\System32\TabSvc.dll -> [2006/11/02 07:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) (WcsPlugInService) Windows Color System [On_Demand | Stopped] -> C:\Windows\System32\WcsPlugInService.dll -> [2006/11/02 04:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) (lmhosts) TCP/IP NetBIOS Helper [Auto | Running] -> C:\Windows\System32\lmhsvc.dll -> [2006/11/02 04:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) (FDResPub) Function Discovery Resource Publication [Auto | Stopped] -> C:\Windows\System32\FDResPub.dll -> [2006/11/02 04:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) (AeLookupSvc) Application Experience [Auto | Stopped] -> C:\Windows\System32\aelupsvc.dll -> [2006/11/02 04:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) (SNMPTRAP) SNMP Trap [On_Demand | Stopped] -> C:\Windows\System32\snmptrap.exe -> [2006/11/02 04:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) (RpcLocator) Remote Procedure Call (RPC) Locator [On_Demand | Stopped] -> C:\Windows\System32\Locator.exe -> [2006/11/02 04:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) (COMSysApp) COM+ System Application [On_Demand | Stopped] -> C:\Windows\System32\dllhost.exe -> [2006/11/02 04:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) (hpqwmiex) hpqwmiex [Auto | Stopped] -> C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -> [2006/05/02 17:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Driver Services - All] (SymIMMP) SymIMMP [Kernel | On_Demand | Stopped] -> -> File not found (NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> -> File not found (NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> -> File not found (IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> -> File not found (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> -> File not found (blbdrive) blbdrive [Kernel | Disabled | Stopped] -> -> File not found (mrxsmb10) SMB 1.x MiniRedirector [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mrxsmb10.sys -> [2011/02/22 08:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) (mrxsmb20) SMB 2.0 MiniRedirector [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mrxsmb20.sys -> [2011/02/22 08:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) (mrxsmb) SMB MiniRedirector Wrapper and Engine [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mrxsmb.sys -> [2011/02/22 08:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) (bowser) bowser [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\bowser.sys -> [2011/02/22 08:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) (srv) srv [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\srv.sys -> [2011/02/18 09:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) (srv2) srv2 [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\srv2.sys -> [2011/02/18 09:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) (srvnet) srvnet [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\srvnet.sys -> [2011/02/18 09:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) (SAVOnAccess) SAVOnAccess [File_System | System | Stopped] -> C:\Windows\System32\drivers\savonaccess.sys -> [2011/01/25 16:41:10 | 000,122,360 | ---- | M] (Sophos Plc) (DXGKrnl) LDDM Graphics Subsystem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\dxgkrnl.sys -> [2011/01/20 11:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbaapl.sys -> [2010/09/28 16:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) (sdcfilter) sdcfilter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sdcfilter.sys -> [2010/09/10 17:25:09 | 000,023,928 | ---- | M] (Sophos Plc) (SophosBootDriver) SophosBootDriver [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\SophosBootDriver.sys -> [2010/09/09 17:14:03 | 000,022,536 | ---- | M] (Sophos Plc) (Tcpip6) Microsoft IPv6 Protocol Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tcpip.sys -> [2010/06/16 11:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\tcpip.sys -> [2010/06/16 11:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2010/05/27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated) (HTTP) HTTP [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\http.sys -> [2010/02/20 15:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) (tunnel) Microsoft IPv6 Tunnel Miniport Adapter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tunnel.sys -> [2010/02/18 06:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (tcpipreg) TCP/IP Registry Compatibility [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\tcpipreg.sys -> [2009/12/08 12:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) (WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\WpdUsb.sys -> [2009/09/30 20:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) (Wdf01000) Kernel Mode Driver Frameworks service [Kernel | Boot | Running] -> C:\Windows\system32\drivers\Wdf01000.sys -> [2009/07/14 12:45:07 | 000,445,008 | ---- | M] (Microsoft Corporation) (KSecDD) KSecDD [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\ksecdd.sys -> [2009/06/15 18:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\GEARAspiWDM.sys -> [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) (volmgrx) Dynamic Volume Manager [Kernel | Boot | Running] -> C:\Windows\System32\drivers\volmgrx.sys -> [2009/04/11 01:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) (volsnap) Storage volumes [Kernel | Boot | Running] -> C:\Windows\system32\drivers\volsnap.sys -> [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) (pci) PCI Bus Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\pci.sys -> [2009/04/11 01:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) (TermDD) Terminal Device Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\termdd.sys -> [2009/04/11 01:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) (Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\ntfs.sys -> [2009/04/11 01:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) (NDIS) NDIS System Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\ndis.sys -> [2009/04/11 01:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) (ACPI) Microsoft ACPI Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\acpi.sys -> [2009/04/11 01:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) (CLFS) Common Log (CLFS) [Kernel | Unknown | Running] -> C:\Windows\System32\clfs.sys -> [2009/04/11 01:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) (FltMgr) FltMgr [File_System | Boot | Running] -> C:\Windows\system32\drivers\fltmgr.sys -> [2009/04/11 01:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) (iScsiPrt) iScsiPort Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\msiscsi.sys -> [2009/04/11 01:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) (MsRPC) MsRPC [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\msrpc.sys -> [2009/04/11 01:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) (Ecache) ReadyBoost Caching Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\ecache.sys -> [2009/04/11 01:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) (partmgr) Partition Manager [Kernel | Boot | Running] -> C:\Windows\System32\drivers\partmgr.sys -> [2009/04/11 01:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) (disk) Disk Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\disk.sys -> [2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) (Mup) Mup [File_System | Boot | Running] -> C:\Windows\System32\Drivers\mup.sys -> [2009/04/11 01:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) (atapi) IDE Channel [Kernel | Boot | Running] -> C:\Windows\system32\drivers\atapi.sys -> [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) (RDPWD) RDP Winstation Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\rdpwd.sys -> [2009/04/10 23:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) (AFD) Ancilliary Function Driver for Winsock [Kernel | System | Running] -> C:\Windows\system32\drivers\afd.sys -> [2009/04/10 23:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) (RasSstp) WAN Miniport (SSTP) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rassstp.sys -> [2009/04/10 23:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) (NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ndiswan.sys -> [2009/04/10 23:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) (RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\raspppoe.sys -> [2009/04/10 23:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) (tdx) NetIO Legacy TDI Support Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\tdx.sys -> [2009/04/10 23:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) (PSched) QoS Packet Scheduler [Kernel | System | Running] -> C:\Windows\System32\drivers\pacer.sys -> [2009/04/10 23:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) (netbt) netbt [Kernel | System | Running] -> C:\Windows\System32\drivers\netbt.sys -> [2009/04/10 23:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session) [Kernel | System | Running] -> C:\Windows\System32\drivers\smb.sys -> [2009/04/10 23:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) (NativeWifiP) NativeWiFi Filter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nwifi.sys -> [2009/04/10 23:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) (usbhub) USB2 Enabled Hub [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\usbhub.sys -> [2009/04/10 23:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) (ohci1394) RICOH OHCI Compliant IEEE 1394 Host Controller [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ohci1394.sys -> [2009/04/10 23:43:04 | 000,062,208 | ---- | M] (Microsoft Corporation) (USBSTOR) USB Mass Storage Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBSTOR.SYS -> [2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\usbehci.sys -> [2009/04/10 23:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) (WINUSB) WinUsb Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) (HidUsb) Microsoft HID Class Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\hidusb.sys -> [2009/04/10 23:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\hdaudbus.sys -> [2009/04/10 23:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) (cdrom) CD-ROM Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\cdrom.sys -> [2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) (sffp_sd) SFF Storage Protocol Driver for SDBus [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sffp_sd.sys -> [2009/04/10 23:39:13 | 000,011,776 | ---- | M] (Microsoft Corporation) (kbdhid) Keyboard HID Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\kbdhid.sys -> [2009/04/10 23:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) (sdbus) sdbus [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sdbus.sys -> [2009/04/10 23:19:14 | 000,089,088 | ---- | M] (Microsoft Corporation) (MRxDAV) WebDav Client Redirector Driver [File_System | On_Demand | Stopped] -> C:\Windows\system32\drivers\mrxdav.sys -> [2009/04/10 23:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) (rdbss) Redirected Buffering Sub Sysytem [File_System | System | Running] -> C:\Windows\System32\drivers\rdbss.sys -> [2009/04/10 23:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) (DfsC) DFS Namespace Client Driver [File_System | System | Running] -> C:\Windows\System32\drivers\dfsc.sys -> [2009/04/10 23:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) (Npfs) Npfs [File_System | System | Running] -> C:\Windows\System32\drivers\npfs.sys -> [2009/04/10 23:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) (udfs) udfs [File_System | Disabled | Stopped] -> C:\Windows\System32\drivers\udfs.sys -> [2009/04/10 23:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) (exfat) exFAT File System Driver [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\exfat.sys -> [2009/04/10 23:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) (fastfat) FAT12/16/32 File System Driver [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\fastfat.sys -> [2009/04/10 23:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) (BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2008/10/23 03:16:28 | 001,331,192 | ---- | M] (Broadcom Corporation) (BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2008/10/23 03:16:28 | 001,331,192 | ---- | M] (Broadcom Corporation) (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\iaStor.sys -> [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) (igfx) igfx [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/10 20:36:10 | 002,302,976 | ---- | M] (Intel Corporation) (ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/10 20:36:10 | 002,302,976 | ---- | M] (Intel Corporation) (FileInfo) File Information FS MiniFilter [File_System | Boot | Running] -> C:\Windows\system32\drivers\fileinfo.sys -> [2008/01/19 02:42:31 | 000,058,936 | ---- | M] (Microsoft Corporation) (MountMgr) Mount Point Manager [Kernel | Boot | Running] -> C:\Windows\System32\drivers\mountmgr.sys -> [2008/01/19 02:42:28 | 000,057,400 | ---- | M] (Microsoft Corporation) (volmgr) Volume Manager Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\volmgr.sys -> [2008/01/19 02:42:18 | 000,052,792 | ---- | M] (Microsoft Corporation) (kbdclass) Keyboard Class Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\kbdclass.sys -> [2008/01/19 02:41:52 | 000,035,384 | ---- | M] (Microsoft Corporation) (mouclass) Mouse Class Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\mouclass.sys -> [2008/01/19 02:41:52 | 000,034,360 | ---- | M] (Microsoft Corporation) (mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mssmbios.sys -> [2008/01/19 02:41:49 | 000,031,288 | ---- | M] (Microsoft Corporation) (spldr) Security Processor Loader Driver [Kernel | Boot | Stopped] -> C:\Windows\System32\drivers\spldr.sys -> [2008/01/19 02:41:30 | 000,021,048 | ---- | M] (Microsoft Corporation) (Compbatt) Microsoft Composite Battery Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\compbatt.sys -> [2008/01/19 02:41:25 | 000,020,792 | ---- | M] (Microsoft Corporation) (intelide) intelide [Kernel | Boot | Running] -> C:\Windows\system32\drivers\intelide.sys -> [2008/01/19 02:41:20 | 000,017,976 | ---- | M] (Microsoft Corporation) (msisadrv) ISA/EISA Class Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\msisadrv.sys -> [2008/01/19 02:41:14 | 000,016,440 | ---- | M] (Microsoft Corporation) (swenum) Software Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\swenum.sys -> [2008/01/19 02:41:14 | 000,015,288 | ---- | M] (Microsoft Corporation) (usbprint) Microsoft USB PRINTER Class [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbprint.sys -> [2008/01/19 01:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) (usbscan) USB Scanner Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbscan.sys -> [2008/01/19 01:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) (tssecsrv) Terminal Services Security Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tssecsrv.sys -> [2008/01/19 01:01:15 | 000,023,552 | ---- | M] (Microsoft Corporation) (RDPENCDD) RDP Encoder Mirror Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\RDPENCDD.sys -> [2008/01/19 01:01:09 | 000,006,144 | ---- | M] (Microsoft Corporation) (TDTCP) TDTCP [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tdtcp.sys -> [2008/01/19 01:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) (RDPCDD) RDPCDD [Kernel | System | Stopped] -> C:\Windows\System32\drivers\RDPCDD.sys -> [2008/01/19 01:01:08 | 000,006,144 | ---- | M] (Microsoft Corporation) (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tdpipe.sys -> [2008/01/19 01:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) (Modem) Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\modem.sys -> [2008/01/19 00:57:16 | 000,031,744 | ---- | M] (Microsoft Corporation) (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\MODEMCSA.sys -> [2008/01/19 00:57:16 | 000,018,432 | ---- | M] (Microsoft Corporation) (ws2ifsl) Winsock IFS driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ws2ifsl.sys -> [2008/01/19 00:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) (Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rasl2tp.sys -> [2008/01/19 00:56:34 | 000,076,288 | ---- | M] (Microsoft Corporation) (PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\raspptp.sys -> [2008/01/19 00:56:34 | 000,062,976 | ---- | M] (Microsoft Corporation) (Wanarpv6) Remote Access IPv6 ARP Driver [Kernel | System | Stopped] -> C:\Windows\System32\drivers\wanarp.sys -> [2008/01/19 00:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) (Wanarp) Remote Access IP ARP Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\wanarp.sys -> [2008/01/19 00:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) (RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\rasacd.sys -> [2008/01/19 00:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) (AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\asyncmac.sys -> [2008/01/19 00:56:29 | 000,017,408 | ---- | M] (Microsoft Corporation) (IPNAT) IP Network Address Translator [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ipnat.sys -> [2008/01/19 00:56:28 | 000,100,864 | ---- | M] (Microsoft Corporation) (NDProxy) NDIS Proxy [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ndproxy.sys -> [2008/01/19 00:56:28 | 000,049,664 | ---- | M] (Microsoft Corporation) (NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ndistapi.sys -> [2008/01/19 00:56:24 | 000,020,992 | ---- | M] (Microsoft Corporation) (IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ipfltdrv.sys -> [2008/01/19 00:56:23 | 000,047,616 | ---- | M] (Microsoft Corporation) (QWAVEdrv) QWAVE driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\qwavedrv.sys -> [2008/01/19 00:56:07 | 000,031,232 | ---- | M] (Microsoft Corporation) (nsiproxy) NSI proxy service [Kernel | System | Running] -> C:\Windows\System32\drivers\nsiproxy.sys -> [2008/01/19 00:55:50 | 000,016,384 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\System32\drivers\netbios.sys -> [2008/01/19 00:55:45 | 000,035,840 | ---- | M] (Microsoft Corporation) (tunmp) Microsoft Tun Miniport Adapter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\TUNMP.SYS -> [2008/01/19 00:55:41 | 000,015,360 | ---- | M] (Microsoft Corporation) (Ndisuio) NDIS Usermode I/O Protocol [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ndisuio.sys -> [2008/01/19 00:55:40 | 000,016,896 | ---- | M] (Microsoft Corporation) (IRENUM) IR Bus Enumerator [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\irenum.sys -> [2008/01/19 00:55:19 | 000,013,312 | ---- | M] (Microsoft Corporation) (rspndr) Link-Layer Topology Discovery Responder [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\rspndr.sys -> [2008/01/19 00:55:03 | 000,060,416 | ---- | M] (Microsoft Corporation) (lltdio) Link-Layer Topology Discovery Mapper I/O Driver [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\lltdio.sys -> [2008/01/19 00:55:03 | 000,047,104 | ---- | M] (Microsoft Corporation) (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\mpsdrv.sys -> [2008/01/19 00:54:46 | 000,064,000 | ---- | M] (Microsoft Corporation) (umbus) UMBus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\umbus.sys -> [2008/01/19 00:53:40 | 000,034,816 | ---- | M] (Microsoft Corporation) (usbvideo) USB Video Device (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbvideo.sys -> [2008/01/19 00:53:38 | 000,134,016 | ---- | M] (Microsoft Corporation) (usbccgp) Microsoft USB Generic Parent Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\usbccgp.sys -> [2008/01/19 00:53:29 | 000,073,216 | ---- | M] (Microsoft Corporation) (usbuhci) Microsoft USB Universal Host Controller Miniport Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\usbuhci.sys -> [2008/01/19 00:53:20 | 000,023,552 | ---- | M] (Microsoft Corporation) (drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\drmkaud.sys -> [2008/01/19 00:53:16 | 000,005,632 | ---- | M] (Microsoft Corporation) (WUDFRd) WUDFRd [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\WUDFRd.sys -> [2008/01/19 00:53:04 | 000,083,328 | ---- | M] (Microsoft Corporation) (monitor) Microsoft Monitor Class Function Driver Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\monitor.sys -> [2008/01/19 00:52:19 | 000,041,984 | ---- | M] (Microsoft Corporation) (VgaSave) VgaSave [Kernel | System | Running] -> C:\Windows\System32\drivers\vga.sys -> [2008/01/19 00:52:06 | 000,025,088 | ---- | M] (Microsoft Corporation) (sffdisk) SFF Storage Class Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sffdisk.sys -> [2008/01/19 00:49:46 | 000,013,312 | ---- | M] (Microsoft Corporation) (MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mskssrv.sys -> [2008/01/19 00:49:20 | 000,008,192 | ---- | M] (Microsoft Corporation) (MSTEE) Microsoft Streaming Tee/Sink-to-Sink Converter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mstee.sys -> [2008/01/19 00:49:19 | 000,006,016 | ---- | M] (Microsoft Corporation) (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\i8042prt.sys -> [2008/01/19 00:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) (MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mspclock.sys -> [2008/01/19 00:49:18 | 000,005,888 | ---- | M] (Microsoft Corporation) (MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mspqm.sys -> [2008/01/19 00:49:18 | 000,005,504 | ---- | M] (Microsoft Corporation) (sermouse) Serial Mouse Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sermouse.sys -> [2008/01/19 00:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) (mouhid) Mouse HID Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mouhid.sys -> [2008/01/19 00:49:16 | 000,015,872 | ---- | M] (Microsoft Corporation) (Null) Null [Kernel | System | Running] -> C:\Windows\System32\drivers\null.sys -> [2008/01/19 00:49:12 | 000,004,608 | ---- | M] (Microsoft Corporation) (Beep) Beep [Kernel | System | Running] -> C:\Windows\System32\drivers\beep.sys -> [2008/01/19 00:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) (CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CmBatt.sys -> [2008/01/19 00:32:47 | 000,014,208 | ---- | M] (Microsoft Corporation) (WmiAcpi) Microsoft Windows Management Interface for ACPI [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\wmiacpi.sys -> [2008/01/19 00:32:47 | 000,011,264 | ---- | M] (Microsoft Corporation) (luafv) UAC File Virtualization [File_System | Auto | Stopped] -> C:\Windows\system32\drivers\luafv.sys -> [2008/01/19 00:30:36 | 000,084,480 | ---- | M] (Microsoft Corporation) (Filetrace) Filetrace [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\filetrace.sys -> [2008/01/19 00:30:23 | 000,027,648 | ---- | M] (Microsoft Corporation) (Msfs) Msfs [File_System | System | Running] -> C:\Windows\System32\drivers\msfs.sys -> [2008/01/19 00:28:09 | 000,022,528 | ---- | M] (Microsoft Corporation) (cdfs) CD/DVD File System Reader [File_System | Disabled | Running] -> C:\Windows\System32\drivers\cdfs.sys -> [2008/01/19 00:28:02 | 000,070,144 | ---- | M] (Microsoft Corporation) (intelppm) Intel Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\intelppm.sys -> [2008/01/19 00:27:21 | 000,041,472 | ---- | M] (Microsoft Corporation) (RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rtlh86.sys -> [2007/09/17 18:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) (HpqRemHid) HP Remote Control HID Device [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqRemHid.sys -> [2007/07/11 12:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) (HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rixdptsk.sys -> [2007/03/22 00:02:04 | 000,037,376 | ---- | M] (REDC) (rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2007/02/24 16:42:22 | 000,039,936 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2007/01/23 18:40:20 | 000,042,496 | ---- | M] (REDC) (smserial) smserial [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\smserial.sys -> [2007/01/16 22:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) (pcmcia) pcmcia [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\pcmcia.sys -> [2006/11/02 04:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) (nv_agp) NVIDIA nForce AGP Bus Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\nv_agp.sys -> [2006/11/02 04:50:40 | 000,106,600 | ---- | M] (Microsoft Corporation) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) (nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) (isapnp) PnP ISA/EISA Bus Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\isapnp.sys -> [2006/11/02 04:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) (msdsm) Microsoft Multi-Path Device Specific Module [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\msdsm.sys -> [2006/11/02 04:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (mpio) Microsoft Multi-Path Bus Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mpio.sys -> [2006/11/02 04:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) (sbp2port) SBP-2 Transport/Protocol Bus Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sbp2port.sys -> [2006/11/02 04:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) (nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) (SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) (gagp30kx) Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\gagp30kx.sys -> [2006/11/02 04:50:04 | 000,058,984 | ---- | M] (Microsoft Corporation) (uliagpkx) Uli AGP Bus Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\uliagpkx.sys -> [2006/11/02 04:50:04 | 000,058,472 | ---- | M] (Microsoft Corporation) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) (uagp35) Microsoft AGPv3.5 Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\uagp35.sys -> [2006/11/02 04:49:59 | 000,056,936 | ---- | M] (Microsoft Corporation) (amdagp) AMD AGP Bus Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\amdagp.sys -> [2006/11/02 04:49:59 | 000,054,888 | ---- | M] (Microsoft Corporation) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) (viaagp) VIA AGP Bus Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\viaagp.sys -> [2006/11/02 04:49:52 | 000,054,376 | ---- | M] (Microsoft Corporation) (agp440) Intel AGP Bus Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\agp440.sys -> [2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) (sisagp) SIS AGP Bus Filter [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\sisagp.sys -> [2006/11/02 04:49:51 | 000,053,352 | ---- | M] (Microsoft Corporation) (i2omp) i2omp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\i2omp.sys -> [2006/11/02 04:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) (msahci) msahci [Kernel | Boot | Running] -> C:\Windows\system32\drivers\msahci.sys -> [2006/11/02 04:49:44 | 000,023,144 | ---- | M] (Microsoft Corporation) (crcdisk) Crcdisk Filter Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\crcdisk.sys -> [2006/11/02 04:49:43 | 000,022,632 | ---- | M] (Microsoft Corporation) (Wd) Microsoft Watchdog Timer Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\wd.sys -> [2006/11/02 04:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) (amdide) amdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\amdide.sys -> [2006/11/02 04:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) (pciide) pciide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\pciide.sys -> [2006/11/02 04:49:20 | 000,013,416 | ---- | M] (Microsoft Corporation) (PEAUTH) PEAUTH [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\PEAuth.sys -> [2006/11/02 04:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) (rdpdr) Terminal Server Device Redirector Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\rdpdr.sys -> [2006/11/02 04:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) (BTHMODEM) Bluetooth Serial Communications Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\bthmodem.sys -> [2006/11/02 03:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) (HidBth) Microsoft Bluetooth HID Miniport [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hidbth.sys -> [2006/11/02 03:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) (usbcir) eHome Infrared Receiver (USBCIR) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\usbcir.sys -> [2006/11/02 03:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) (circlass) Consumer IR Devices [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\circlass.sys -> [2006/11/02 03:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) (usbohci) Microsoft USB Open Host Controller Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\usbohci.sys -> [2006/11/02 03:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) (HidIr) Microsoft Infrared HID Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hidir.sys -> [2006/11/02 03:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) (vga) vga [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\vgapnp.sys -> [2006/11/02 03:53:56 | 000,026,112 | ---- | M] (Microsoft Corporation) (WacomPen) Wacom Serial Pen HID Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\wacompen.sys -> [2006/11/02 03:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) (sfloppy) High-Capacity Floppy Disk Drive [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sfloppy.sys -> [2006/11/02 03:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) (sffp_mmc) SFF Storage Protocol Driver for MMC [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\sffp_mmc.sys -> [2006/11/02 03:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) (fdc) Floppy Disk Controller Driver [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\fdc.sys -> [2006/11/02 03:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) (flpydisk) Floppy Disk Driver [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\flpydisk.sys -> [2006/11/02 03:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) (Serial) Serial Port Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\serial.sys -> [2006/11/02 03:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) (Parport) Parallel port driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\parport.sys -> [2006/11/02 03:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) (Serenum) Serenum Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\serenum.sys -> [2006/11/02 03:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) (Parvdm) Parvdm [Kernel | Auto | Stopped] -> C:\Windows\system32\drivers\parvdm.sys -> [2006/11/02 03:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) (IPMIDRV) IPMIDRV [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ipmidrv.sys -> [2006/11/02 03:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) (ViaC7) VIA C7 Processor Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viac7.sys -> [2006/11/02 03:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) (AmdK8) AMD K8 Processor Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\amdk8.sys -> [2006/11/02 03:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) (Crusoe) Transmeta Crusoe Processor Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\crusoe.sys -> [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) (AmdK7) AMD K7 Processor Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\amdk7.sys -> [2006/11/02 03:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) (Processor) Processor Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\processr.sys -> [2006/11/02 03:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTDPV3.SYS -> [2006/11/02 02:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTAZL3.SYS -> [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTCNXT3.SYS -> [2006/11/02 02:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) (HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\HdAudio.sys -> [2006/11/02 02:36:49 | 000,235,520 | ---- | M] (Microsoft Corporation) (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\e100b325.sys -> [2006/11/02 02:30:54 | 000,163,328 | ---- | M] (Intel Corporation) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) (secdrv) Security Driver [Kernel | Auto | Stopped] -> C:\Windows\System32\drivers\secdrv.sys -> [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Registry - All] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com -> HKEY_CURRENT_USER\: Main\\"Start Page" -> https://www.commonapp.org/CommonApp/default.aspx -> HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 -> HKEY_CURRENT_USER\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s -> HKEY_CURRENT_USER\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\System32\ieframe.dll [Microsoft Url Search Hook] -> [2011/02/18 11:35:23 | 006,089,216 | ---- | M] (Microsoft Corporation) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Alyssa\AppData\Roaming\Mozilla\FireFox\Profiles\p0ykhspy.default\prefs.js -> extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:1.1 -> extensions.enabledItems -> moveplayer@movenetworks.com:7 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/09/01 22:04:29 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011/04/30 19:26:56 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\Alyssa\AppData\Roaming\Mozilla\Extensions -> [2011/02/02 15:37:30 | 000,000,000 | ---D | M] No name found -> C:\Users\Alyssa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2011/02/02 15:37:30 | 000,000,000 | ---D | M] -> C:\Users\Alyssa\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org -> [2009/03/27 23:27:26 | 000,000,000 | ---D | M] -> C:\Users\Alyssa\AppData\Roaming\Mozilla\Firefox\Profiles\p0ykhspy.default\extensions -> [2011/04/10 16:21:07 | 000,000,000 | ---D | M] Microsoft .NET Framework Assistant -> C:\Users\Alyssa\AppData\Roaming\Mozilla\Firefox\Profiles\p0ykhspy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2011/06/17 20:30:13 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011/06/11 21:42:31 | 000,000,000 | ---D | M] Default -> C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2011/04/30 19:26:56 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} -> [2011/06/11 21:42:31 | 000,000,000 | ---D | M] No name found -> -> File not found Move Media Player -> C:\USERS\ALYSSA\APPDATA\ROAMING\MOVE NETWORKS -> [2011/06/17 20:30:13 | 000,000,000 | ---D | M] < FireFox Plugins [Program Folders] > -> npqmp071701000002.dll -> C:\Users\Alyssa\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll -> [2010/05/18 10:45:18 | 005,642,688 | ---- | M] (Move Networks) < HOSTS File > ([2006/09/18 16:41:30 | 000,000,761 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} [HKLM] -> C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll [Sophos Web Content Scanner] -> [2011/01/25 16:40:47 | 000,246,000 | ---- | M] (Sophos Plc) {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2011/06/03 23:57:14 | 000,305,328 | ---- | M] (Google Inc.) {AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Plug-In] -> [2010/11/22 20:05:52 | 001,242,504 | ---- | M] (Skype Technologies S.A.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [Google Toolbar Notifier BHO] -> [2011/06/04 00:00:29 | 001,007,160 | ---- | M] (Google Inc.) {D2C5E510-BE6D-42CC-9F61-E4F939078474} [HKLM] -> C:\Program Files\Lexmark Printable Web\bho.dll [Lexmark Printable Web] -> [2008/05/21 21:28:12 | 000,180,224 | ---- | M] () {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2010/05/27 15:48:46 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} [HKLM] -> c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [HP Print Clips] -> [2007/08/31 13:32:24 | 000,177,504 | ---- | M] (Hewlett-Packard Co.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2011/06/03 23:57:14 | 000,305,328 | ---- | M] (Google Inc.) "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2011/06/03 23:57:14 | 000,305,328 | ---- | M] (Google Inc.) WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "Acrobat Assistant 8.0" -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe ["C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"] -> [2008/10/14 21:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) "AdobeCS4ServiceManager" -> C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ["C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin] -> [2008/08/14 08:58:34 | 000,611,712 | ---- | M] (Adobe Systems Incorporated) "CarboniteSetupLite" -> C:\Program Files\Carbonite\CarbonitePreinstaller.exe ["C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800] -> [2009/07/15 18:26:14 | 000,283,792 | ---- | M] (Carbonite, Inc.) "EEventManager" -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe ["C:\Program Files\Epson Software\Event Manager\EEventManager.exe"] -> [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) "EKIJ5000StatusMonitor" -> C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe [C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe] -> [2008/07/18 23:08:22 | 001,306,624 | ---- | M] (Eastman Kodak Company) "EzPrint" -> C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ["C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe"] -> [2009/10/01 12:45:29 | 000,139,944 | ---- | M] () "HotKeysCmds" -> C:\Windows\System32\hkcmd.exe [C:\Windows\system32\hkcmd.exe] -> [2008/02/21 19:34:46 | 000,166,424 | ---- | M] (Intel Corporation) "HP Health Check Scheduler" -> c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] -> [2008/06/16 08:03:20 | 000,075,008 | ---- | M] (Hewlett-Packard) "HP Software Update" -> C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe] -> [2007/05/08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) "hpqSRMon" -> C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe] -> [2008/06/02 02:55:22 | 000,080,896 | ---- | M] (Hewlett-Packard) "hpWirelessAssistant" -> C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe] -> [2007/09/13 10:47:52 | 000,480,560 | ---- | M] (Hewlett-Packard Development Company, L.P.) "IAAnotif" -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) "IgfxTray" -> C:\Windows\System32\igfxtray.exe [C:\Windows\system32\igfxtray.exe] -> [2008/02/21 19:35:06 | 000,141,848 | ---- | M] (Intel Corporation) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2010/12/13 18:16:18 | 000,421,160 | ---- | M] (Apple Inc.) "lxebmon.exe" -> C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ["C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe"] -> [2009/10/01 12:45:27 | 000,766,632 | ---- | M] () "OnScreenDisplay" -> C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe] -> [2007/09/04 15:54:20 | 000,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) "Persistence" -> C:\Windows\System32\igfxpers.exe [C:\Windows\system32\igfxpers.exe] -> [2008/02/21 19:34:58 | 000,133,656 | ---- | M] (Intel Corporation) "QlbCtrl" -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start] -> [2007/09/19 16:31:34 | 000,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) "QPService" -> C:\Program Files\HP\QuickPlay\QPService.exe ["C:\Program Files\HP\QuickPlay\QPService.exe"] -> [2007/09/30 21:34:14 | 000,181,544 | ---- | M] (CyberLink Corp.) "QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2010/11/29 18:38:18 | 000,421,888 | ---- | M] (Apple Inc.) "RtHDVCpl" -> [C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe] -> File not found "SMSERIAL" -> C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe] -> [2007/01/16 22:34:18 | 000,634,880 | ---- | M] (Motorola Inc.) "Sophos AutoUpdate Monitor" -> C:\Program Files\Sophos\AutoUpdate\ALMon.exe [C:\Program Files\Sophos\AutoUpdate\almon.exe] -> [2011/01/25 16:41:29 | 000,439,536 | ---- | M] (Sophos Plc) "SunJavaUpdateSched" -> C:\Program Files\Common Files\Java\Java Update\jusched.exe ["C:\Program Files\Common Files\Java\Java Update\jusched.exe"] -> [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) "SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe] -> [2010/05/27 22:31:22 | 001,721,640 | ---- | M] (Synaptics Incorporated) "SynTPStart" -> C:\Program Files\Synaptics\SynTP\SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007/09/15 03:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2010/10/03 23:21:26 | 000,202,256 | ---- | M] (RealNetworks, Inc.) "UCam_Menu" -> C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"] -> [2008/06/13 19:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.) "WAWifiMessage" -> C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe] -> [2007/01/08 17:53:06 | 000,311,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) "Windows Mobile Device Center" -> C:\Windows\WindowsMobile\wmdc.exe [%windir%\WindowsMobile\wmdc.exe] -> [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "FlashPlayerUpdate" -> C:\Windows\System32\Macromed\Flash\FlashUtil10i_Plugin.exe [C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -update plugin] -> [2010/08/22 10:45:42 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) "Shockwave Updater" -> [C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_en-US)_AppleWebKit/532.0_(KHTML,_like_Gecko)_Chrome/3.0.195.38_Safari/532.0" -"http://media.pearsoncmg.com/bc/bc_campbell_biology_7/media/interactivemedia/activities_c6e/H10/H1001/st01/media.html"] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"BindDirectlyToPropertySetStorage" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [2] -> File not found \\"ConsentPromptBehaviorUser" -> [1] -> File not found \\"EnableInstallerDetection" -> [1] -> File not found \\"EnableLUA" -> [0] -> File not found \\"EnableSecureUIAPaths" -> [1] -> File not found \\"EnableVirtualization" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [1] -> File not found \\"ValidateAdminCodeSignatures" -> [0] -> File not found \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"scforceoption" -> [0] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"FilterAdministratorToken" -> [0] -> File not found \\"EnableUIADesktopToggle" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats \UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2011/04/13 17:40:10 | 004,284,416 | ---- | M] (Google Inc.) Append to existing PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert link target to Adobe PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert link target to existing PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert selected links to Adobe PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert selected links to existing PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert selection to Adobe PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert selection to existing PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) Convert to Adobe PDF -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html] -> [2007/05/10 22:47:03 | 000,321,120 | ---- | M] (Adobe Systems Incorporated) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000] -> [2011/01/12 00:10:50 | 018,362,216 | ---- | M] (Microsoft Corporation) Google Sidewiki... -> [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222] -> [2007/05/31 09:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation) {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Menu: @C:\Windows\WindowsMobile\INetRepl.dll,-223] -> [2007/05/31 09:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation) {58ECB495-38F0-49cb-A538-10282ABF65E7}:{A93C41D8-01F8-4F8B-B14C-DE20B117E636} [HKLM] -> c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll [Button: HP Smart Select] -> [2007/08/31 13:34:58 | 000,152,928 | ---- | M] (Hewlett-Packard Co.) {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Plug-In] -> [2010/11/22 20:05:52 | 001,242,504 | ---- | M] (Skype Technologies S.A.) {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Plug-In] -> [2010/11/22 20:05:52 | 001,242,504 | ---- | M] (Skype Technologies S.A.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 05:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 127.0.0.1] -> http = Local intranet | -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab [Reg Error: Key error.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] -> {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.254 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {33B8DF4E-5ED5-4893-869B-D69CEDF3539B}\\DhcpNameServer -> 192.168.1.254 (Broadcom 802.11b/g WLAN) -> {6651BDA3-EA6E-40D6-8DE5-B37BDBDC7380}\\DhcpNameServer -> 138.237.49.157 138.237.49.138 (Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL -> C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll -> [2011/02/02 11:38:23 | 000,234,408 | ---- | M] (Sophos Plc) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> C:\Windows\System32\shell32.dll -> [2011/01/21 11:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) Control_RunDLL "sysdm.cpl" -> C:\Windows\System32\sysdm.cpl -> [2008/01/19 02:32:57 | 000,242,688 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> C:\Windows\System32\igfxdev.dll -> [2008/02/10 19:46:44 | 000,204,800 | ---- | M] (Intel Corporation) < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> C:\Windows\System32\webcheck.dll [WebCheck] -> [2009/04/11 01:28:25 | 000,233,984 | ---- | M] (Microsoft Corporation) < SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler -> "{8C7461EF-2B13-11d2-BE35-3078302C2030}" [HKLM] -> C:\Windows\System32\browseui.dll [Component Categories cache daemon] -> [2009/04/11 01:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> credssp.dll -> C:\Windows\System32\credssp.dll -> [2008/01/19 02:33:59 | 000,015,872 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> C:\Windows\System32\msv1_0.dll -> [2009/09/10 11:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> C:\Windows\System32\kerberos.dll -> [2009/06/15 09:52:38 | 000,499,712 | ---- | M] (Microsoft Corporation) msv1_0 -> C:\Windows\System32\msv1_0.dll -> [2009/09/10 11:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation) schannel -> C:\Windows\System32\schannel.dll -> [2010/08/10 10:53:15 | 000,274,944 | ---- | M] (Microsoft Corporation) wdigest -> C:\Windows\System32\wdigest.dll -> [2009/06/15 09:54:00 | 000,175,104 | ---- | M] (Microsoft Corporation) tspkg -> C:\Windows\System32\tspkg.dll -> [2008/01/19 02:36:42 | 000,062,464 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -> C:\Program Files\EarthLink TotalAccess\TaskPanl.exe [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink] -> [2006/08/30 14:35:12 | 000,952,088 | ---- | M] (EarthLink, Inc.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2008/07/24 05:00:41 | 000,000,074 | ---- | M] () D:\AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{7dccfa3b-2bff-11df-8c8b-001e68077342} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dccfa3b-2bff-11df-8c8b-001e68077342}\shell \{7dccfa3b-2bff-11df-8c8b-001e68077342}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dccfa3b-2bff-11df-8c8b-001e68077342}\shell\AutoRun\command \{7dccfa3b-2bff-11df-8c8b-001e68077342}\shell\AutoRun\command\\"" -> [G:\LaunchU3.exe -a] -> File not found \{84895462-dbe7-11df-8c65-001e68077342} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84895462-dbe7-11df-8c65-001e68077342}\shell \{84895462-dbe7-11df-8c65-001e68077342}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84895462-dbe7-11df-8c65-001e68077342}\shell\AutoRun\command \{84895462-dbe7-11df-8c65-001e68077342}\shell\AutoRun\command\\"" -> [F:\EMP_UDSe.exe /autorun] -> File not found \{b86c8af3-9db4-11de-91ce-001e68077342} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b86c8af3-9db4-11de-91ce-001e68077342}\shell \{b86c8af3-9db4-11de-91ce-001e68077342}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b86c8af3-9db4-11de-91ce-001e68077342}\shell\AutoRun\command \{b86c8af3-9db4-11de-91ce-001e68077342}\shell\AutoRun\command\\"" -> [G:\LaunchU3.exe -a] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] LastGood -> C:\Windows\LastGood -> [2011/06/21 15:40:25 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2011/06/21 12:24:34 | 000,039,984 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware -> [2011/06/21 12:24:34 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2011/06/21 12:24:28 | 000,022,712 | ---- | C] (Malwarebytes Corporation) pss -> C:\Windows\pss -> [2011/06/20 15:56:09 | 000,000,000 | ---D | C] _OTS -> C:\_OTS -> [2011/06/17 12:11:37 | 000,000,000 | ---D | C] AVAST Software -> C:\ProgramData\AVAST Software -> [2011/06/14 17:31:13 | 000,000,000 | ---D | C] AVAST Software -> C:\Program Files\AVAST Software -> [2011/06/14 17:31:13 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\Alyssa\AppData\Roaming\Malwarebytes -> [2011/06/11 20:57:09 | 000,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2011/06/11 20:56:38 | 000,000,000 | ---D | C] Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2011/06/11 20:56:32 | 000,000,000 | ---D | C] Google Earth -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth -> [2011/06/04 16:03:33 | 000,000,000 | ---D | C] lxebcoin.dll -> C:\Windows\System32\lxebcoin.dll -> [2010/04/13 19:41:34 | 000,442,368 | ---- | C] ( ) lxebih.exe -> C:\Windows\System32\lxebih.exe -> [2010/01/07 22:01:28 | 000,324,264 | ---- | C] ( ) lxebcfg.exe -> C:\Windows\System32\lxebcfg.exe -> [2010/01/07 22:01:26 | 000,373,416 | ---- | C] ( ) lxebserv.dll -> C:\Windows\System32\lxebserv.dll -> [2009/12/13 13:26:38 | 001,048,576 | ---- | C] ( ) lxebusb1.dll -> C:\Windows\System32\lxebusb1.dll -> [2009/12/13 13:26:38 | 000,847,872 | ---- | C] ( ) lxebinpa.dll -> C:\Windows\System32\lxebinpa.dll -> [2009/12/13 13:26:38 | 000,364,544 | ---- | C] ( ) lxebiesc.dll -> C:\Windows\System32\lxebiesc.dll -> [2009/12/13 13:26:38 | 000,344,064 | ---- | C] ( ) lxebhbn3.dll -> C:\Windows\System32\lxebhbn3.dll -> [2009/12/13 13:26:37 | 000,688,128 | ---- | C] ( ) lxeblmpm.dll -> C:\Windows\System32\lxeblmpm.dll -> [2009/12/13 13:26:37 | 000,577,536 | ---- | C] ( ) lxebcoms.exe -> C:\Windows\System32\lxebcoms.exe -> [2009/12/13 13:26:36 | 000,598,696 | ---- | C] ( ) lxebcomm.dll -> C:\Windows\System32\lxebcomm.dll -> [2009/12/13 13:26:36 | 000,376,832 | ---- | C] ( ) lxebcomc.dll -> C:\Windows\System32\lxebcomc.dll -> [2009/12/13 13:26:35 | 000,802,816 | ---- | C] ( ) lxebpmui.dll -> C:\Windows\System32\lxebpmui.dll -> [2009/12/09 20:47:50 | 000,643,072 | ---- | C] ( ) lxebhcp.dll -> C:\Windows\System32\lxebhcp.dll -> [2009/12/09 20:37:34 | 000,356,352 | ---- | C] ( ) 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/06/21 16:00:02 | 000,607,658 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/06/21 16:00:02 | 000,105,530 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/06/21 15:55:36 | 000,067,584 | --S- | M] () temppf.sys -> C:\Windows\System32\temppf.sys -> [2011/06/21 15:55:22 | 268,435,456 | -HS- | M] () d3d9caps.dat -> C:\Users\Alyssa\AppData\Local\d3d9caps.dat -> [2011/06/21 15:52:22 | 000,001,356 | ---- | M] () DIFxAPI.dll -> C:\Windows\DIFxAPI.dll -> [2011/06/21 15:41:40 | 000,319,456 | ---- | M] (Microsoft Corporation) User_Feed_Synchronization-{C0649183-CBA2-483B-884F-A0DE156DB4D6}.job -> C:\Windows\tasks\User_Feed_Synchronization-{C0649183-CBA2-483B-884F-A0DE156DB4D6}.job -> [2011/06/21 15:30:00 | 000,000,424 | -H-- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/06/21 12:24:34 | 000,000,906 | ---- | M] () MBR.dat -> C:\Users\Alyssa\Desktop\MBR.dat -> [2011/06/21 08:25:06 | 000,000,512 | ---- | M] () umstartup.etl -> C:\Windows\System32\umstartup.etl -> [2011/06/17 20:46:25 | 000,015,360 | ---- | M] () Google Software Updater.job -> C:\Windows\tasks\Google Software Updater.job -> [2011/06/17 17:32:26 | 000,000,868 | ---- | M] () aswMBR.old -> C:\Users\Alyssa\Desktop\aswMBR.old -> [2011/06/15 19:40:39 | 000,001,514 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/05 15:41:41 | 000,003,296 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/06/05 15:41:41 | 000,003,296 | -H-- | M] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/06/05 15:27:00 | 000,000,886 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-3542362207-1953595748-2698762895-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3542362207-1953595748-2698762895-1000UA.job -> [2011/06/05 14:58:00 | 000,000,912 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/06/05 00:27:00 | 000,000,882 | ---- | M] () Google Earth.lnk -> C:\Users\Public\Desktop\Google Earth.lnk -> [2011/06/04 16:03:35 | 000,002,073 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-3542362207-1953595748-2698762895-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3542362207-1953595748-2698762895-1000Core.job -> [2011/06/04 15:58:01 | 000,000,860 | ---- | M] () Microsoft Office Word 2007.lnk -> C:\Users\Alyssa\Desktop\Microsoft Office Word 2007.lnk -> [2011/06/04 10:28:00 | 000,002,627 | ---- | M] () TCU Scheduled Scan.job -> C:\Windows\tasks\TCU Scheduled Scan.job -> [2011/06/04 00:00:03 | 000,000,530 | ---- | M] () mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) Twain001.Mtx -> C:\Windows\Twain001.Mtx -> [2011/05/23 21:11:02 | 000,000,004 | ---- | M] () hpqp.ini -> C:\Users\Public\Documents\hpqp.ini -> [2011/05/23 21:10:53 | 000,000,164 | ---- | M] () Twunk001.MTX -> C:\Windows\Twunk001.MTX -> [2011/05/23 21:10:31 | 000,000,156 | ---- | M] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2011/05/23 10:09:11 | 000,000,012 | ---- | M] () 4 C:\Users\Alyssa\AppData\Local\Temp\*.tmp files -> C:\Users\Alyssa\AppData\Local\Temp\*.tmp -> 4 C:\Users\Alyssa\AppData\Local\Temp\*.tmp files -> C:\Users\Alyssa\AppData\Local\Temp\*.tmp -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] USetup.iss -> C:\Windows\USetup.iss -> [2011/06/21 15:41:54 | 000,000,553 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/06/21 12:24:34 | 000,000,906 | ---- | C] () temppf.sys -> C:\Windows\System32\temppf.sys -> [2011/06/17 17:32:02 | 268,435,456 | -HS- | C] () aswMBR.old -> C:\Users\Alyssa\Desktop\aswMBR.old -> [2011/06/16 13:59:50 | 000,001,514 | ---- | C] () MBR.dat -> C:\Users\Alyssa\Desktop\MBR.dat -> [2011/06/15 19:40:39 | 000,000,512 | ---- | C] () Google Earth.lnk -> C:\Users\Public\Desktop\Google Earth.lnk -> [2011/06/04 16:03:35 | 000,002,073 | ---- | C] () nsreg.dat -> C:\Windows\nsreg.dat -> [2011/02/02 15:36:53 | 000,000,000 | ---- | C] () cdplayer.ini -> C:\Windows\cdplayer.ini -> [2010/10/03 23:23:56 | 000,000,025 | ---- | C] () EEventManager.INI -> C:\Windows\EEventManager.INI -> [2010/08/20 08:42:41 | 000,000,000 | ---- | C] () EPPICPrinterDB.dat -> C:\Windows\System32\EPPICPrinterDB.dat -> [2010/08/15 17:27:57 | 000,073,220 | ---- | C] () PICSDK.ini -> C:\Windows\System32\PICSDK.ini -> [2010/08/15 17:27:57 | 000,000,097 | ---- | C] () EPPICPattern131.dat -> C:\Windows\System32\EPPICPattern131.dat -> [2010/08/15 17:27:56 | 000,031,053 | ---- | C] () EPPICPattern1.dat -> C:\Windows\System32\EPPICPattern1.dat -> [2010/08/15 17:27:56 | 000,029,114 | ---- | C] () EPPICPattern121.dat -> C:\Windows\System32\EPPICPattern121.dat -> [2010/08/15 17:27:56 | 000,027,417 | ---- | C] () EPPICPattern3.dat -> C:\Windows\System32\EPPICPattern3.dat -> [2010/08/15 17:27:56 | 000,021,021 | ---- | C] () EPPICPattern5.dat -> C:\Windows\System32\EPPICPattern5.dat -> [2010/08/15 17:27:56 | 000,015,670 | ---- | C] () EPPICPattern2.dat -> C:\Windows\System32\EPPICPattern2.dat -> [2010/08/15 17:27:56 | 000,013,280 | ---- | C] () EPPICPattern4.dat -> C:\Windows\System32\EPPICPattern4.dat -> [2010/08/15 17:27:56 | 000,010,673 | ---- | C] () EPPICPattern6.dat -> C:\Windows\System32\EPPICPattern6.dat -> [2010/08/15 17:27:56 | 000,004,943 | ---- | C] () EPPICPresetData_PT.dat -> C:\Windows\System32\EPPICPresetData_PT.dat -> [2010/08/15 17:27:56 | 000,001,140 | ---- | C] () EPPICPresetData_BP.dat -> C:\Windows\System32\EPPICPresetData_BP.dat -> [2010/08/15 17:27:56 | 000,001,140 | ---- | C] () EPPICPresetData_ES.dat -> C:\Windows\System32\EPPICPresetData_ES.dat -> [2010/08/15 17:27:56 | 000,001,137 | ---- | C] () EPPICPresetData_FR.dat -> C:\Windows\System32\EPPICPresetData_FR.dat -> [2010/08/15 17:27:56 | 000,001,130 | ---- | C] () EPPICPresetData_CF.dat -> C:\Windows\System32\EPPICPresetData_CF.dat -> [2010/08/15 17:27:56 | 000,001,130 | ---- | C] () EPPICPresetData_EN.dat -> C:\Windows\System32\EPPICPresetData_EN.dat -> [2010/08/15 17:27:56 | 000,001,104 | ---- | C] () ENX125_127.ini -> C:\Windows\ENX125_127.ini -> [2010/08/15 17:18:07 | 000,000,077 | ---- | C] () LuUninstall.LiveUpdate -> C:\ProgramData\LuUninstall.LiveUpdate -> [2010/08/15 16:16:35 | 000,101,740 | ---- | C] () lxebvs.dll -> C:\Windows\System32\lxebvs.dll -> [2009/12/13 13:32:01 | 000,040,960 | ---- | C] () lxebrwrd.ini -> C:\Windows\System32\lxebrwrd.ini -> [2009/12/13 13:26:59 | 000,000,044 | -H-- | C] () LXEBinst.dll -> C:\Windows\System32\LXEBinst.dll -> [2009/12/13 13:26:39 | 000,385,024 | ---- | C] () LXEBsmr.dll -> C:\Windows\System32\LXEBsmr.dll -> [2009/12/13 13:21:16 | 000,023,552 | ---- | C] () LXEBsm.dll -> C:\Windows\System32\LXEBsm.dll -> [2009/12/13 13:21:15 | 000,299,008 | ---- | C] () mlfcache.dat -> C:\Windows\System32\mlfcache.dat -> [2009/11/25 02:31:36 | 000,136,776 | -H-- | C] () lxebinsr.dll -> C:\Windows\System32\lxebinsr.dll -> [2009/11/09 09:06:52 | 000,106,496 | ---- | C] () lxebcur.dll -> C:\Windows\System32\lxebcur.dll -> [2009/11/09 09:06:50 | 000,036,864 | ---- | C] () lxebjswr.dll -> C:\Windows\System32\lxebjswr.dll -> [2009/11/09 09:06:40 | 000,057,344 | ---- | C] () lxebinsb.dll -> C:\Windows\System32\lxebinsb.dll -> [2009/11/09 09:06:26 | 000,262,144 | ---- | C] () lxebcub.dll -> C:\Windows\System32\lxebcub.dll -> [2009/11/09 09:06:22 | 000,090,112 | ---- | C] () lxebgrd.dll -> C:\Windows\System32\lxebgrd.dll -> [2009/11/09 09:06:14 | 000,208,896 | ---- | C] () lxebcu.dll -> C:\Windows\System32\lxebcu.dll -> [2009/11/09 09:06:06 | 000,253,952 | ---- | C] () lxebins.dll -> C:\Windows\System32\lxebins.dll -> [2009/11/09 09:05:54 | 000,323,584 | ---- | C] () lxebgcfg.dll -> C:\Windows\System32\lxebgcfg.dll -> [2009/11/09 08:59:58 | 000,086,016 | ---- | C] () lxebcuir.dll -> C:\Windows\System32\lxebcuir.dll -> [2009/10/21 11:06:22 | 000,110,592 | ---- | C] () lxebcui.dll -> C:\Windows\System32\lxebcui.dll -> [2009/10/21 11:06:20 | 000,294,912 | ---- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/09/20 16:47:09 | 000,117,248 | ---- | C] () StructuredQuerySchema.bin -> C:\Windows\System32\StructuredQuerySchema.bin -> [2009/09/20 16:47:09 | 000,107,612 | ---- | C] () com.taylorpub.taylortools.windowpreferences.xml -> C:\Users\Alyssa\AppData\Roaming\com.taylorpub.taylortools.windowpreferences.xml -> [2009/09/20 08:23:30 | 000,000,749 | ---- | C] () ezsidmv.dat -> C:\Windows\System32\ezsidmv.dat -> [2009/09/19 16:44:56 | 000,000,056 | -H-- | C] () com.taylorpub.taylortools.settings.xml -> C:\Users\Alyssa\AppData\Roaming\com.taylorpub.taylortools.settings.xml -> [2009/09/19 16:32:19 | 000,000,199 | ---- | C] () OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () OGAEXEC.exe -> C:\Windows\System32\OGAEXEC.exe -> [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () d3d9caps.dat -> C:\Users\Alyssa\AppData\Local\d3d9caps.dat -> [2009/04/13 19:33:08 | 000,001,356 | ---- | C] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2009/04/13 08:03:43 | 000,000,012 | ---- | C] () NPSWF32.dll -> C:\Windows\System32\NPSWF32.dll -> [2009/03/24 18:12:52 | 002,463,976 | ---- | C] () StructuredQuerySchemaTrivial.bin -> C:\Windows\System32\StructuredQuerySchemaTrivial.bin -> [2009/03/07 23:04:54 | 000,018,904 | ---- | C] () wklnhst.dat -> C:\Users\Alyssa\AppData\Roaming\wklnhst.dat -> [2009/02/10 22:21:34 | 000,000,210 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Alyssa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/07/25 10:42:38 | 000,048,640 | ---- | C] () RTHDAEQ1.dat -> C:\Windows\System32\drivers\RTHDAEQ1.dat -> [2008/07/24 06:10:37 | 000,000,176 | ---- | C] () RTHDAEQ0.dat -> C:\Windows\System32\drivers\RTHDAEQ0.dat -> [2008/07/24 06:10:37 | 000,000,176 | ---- | C] () rixdicon.dll -> C:\Windows\System32\rixdicon.dll -> [2008/07/24 06:10:01 | 000,016,480 | ---- | C] () hpqins13.dat -> C:\Windows\hpqins13.dat -> [2008/07/24 05:16:34 | 000,101,605 | ---- | C] () lsdelete.exe -> C:\Windows\System32\lsdelete.exe -> [2008/05/16 11:58:04 | 000,012,632 | ---- | C] () igfxCoIn_v1437.dll -> C:\Windows\System32\igfxCoIn_v1437.dll -> [2008/02/10 20:55:18 | 000,147,456 | ---- | C] () igklg400.bin -> C:\Windows\System32\igklg400.bin -> [2008/02/10 20:34:48 | 002,215,364 | ---- | C] () igklg450.bin -> C:\Windows\System32\igklg450.bin -> [2008/02/10 20:34:48 | 001,971,732 | ---- | C] () igmedcompkrn.bin -> C:\Windows\System32\igmedcompkrn.bin -> [2008/02/10 20:34:48 | 000,029,932 | ---- | C] () igfxCoIn_v1329.dll -> C:\Windows\System32\igfxCoIn_v1329.dll -> [2007/09/13 10:31:06 | 000,147,456 | ---- | C] () igmedkrn.dll -> C:\Windows\System32\igmedkrn.dll -> [2007/09/13 10:22:46 | 001,238,832 | ---- | C] () igmedcompkrn.dll -> C:\Windows\System32\igmedcompkrn.dll -> [2007/09/13 10:22:46 | 000,104,636 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2006/11/02 07:57:28 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2006/11/02 07:47:37 | 002,434,336 | ---- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2006/11/02 05:33:01 | 000,607,658 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2006/11/02 05:33:01 | 000,287,440 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2006/11/02 05:33:01 | 000,105,530 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2006/11/02 05:33:01 | 000,030,674 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2006/11/02 05:23:21 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2006/11/02 03:58:30 | 000,043,131 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2006/11/02 03:19:00 | 000,000,741 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2006/11/02 02:25:31 | 000,673,088 | ---- | C] () WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006/03/09 17:58:00 | 001,060,424 | ---- | C] () [Custom Scans] < MD5 Scans Start> < %systemdrive%\AGP440.SYS /md5 /s > AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys -> [2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys -> [2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys -> [2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys -> [2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=313FF294978EA6AF715722D708FB249F -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys -> [2008/07/24 05:36:31 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys -> [2008/07/24 05:36:32 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys -> [2008/07/24 05:36:32 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\drivers\AGP440.sys -> [2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys -> [2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) < %systemdrive%\ATAPI.SYS /md5 /s > atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\drivers\atapi.sys -> [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys -> [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys -> [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys -> [2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys -> [2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys -> [2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys -> [2008/07/24 17:47:05 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys -> [2008/07/24 17:47:05 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=E03E8C99D15D0381E02743C36AFC7C6F -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys -> [2008/07/24 17:47:04 | 000,021,560 | ---- | M] (Microsoft Corporation) < %systemdrive%\CNGAUDIT.DLL /md5 /s > cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\System32\cngaudit.dll -> [2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll -> [2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) < %systemdrive%\EVENTLOG.DLL /md5 /s > EventLog.dll : MD5=C2A279A458A06DE2C83D842AA042B5A8 -> C:\Program Files\CyberLink\PowerDirector\EventLog.dll -> [2007/01/13 00:30:08 | 000,007,216 | ---- | M] () < %systemdrive%\EXPLORER.EXE /md5 /s > explorer.exe : MD5=37440D09DEAE0B672A04DCCF7ABF06BE -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe -> [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe -> [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=50BA5850147410CDE89C523AD3BC606E -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe -> [2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=6D06CD98D954FE87FB2DB8108793B399 -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe -> [2008/07/24 17:52:18 | 002,923,520 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=BD06F0BF753BC704B653C3A50F89D362 -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe -> [2008/07/24 17:52:18 | 002,923,520 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=D07D4C3038F3578FFCE1C0237F2A1253 -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=D07D4C3038F3578FFCE1C0237F2A1253 -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe -> [2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=FD8C53FB002217F6F888BCF6F5D7084D -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe -> [2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) explorer.exe : MD5=FFA764631CB70A30065C12EF8E174F9F -> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe -> [2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) < %systemdrive%\IASTOR.SYS /md5 /s > iastor.sys : MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -> C:\SWSETUP\Drivers\ITM\Winall\Driver\iastor.sys -> [2007/07/12 23:35:02 | 000,305,176 | ---- | M] (Intel Corporation) iaStor.sys : MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -> C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys -> [2007/07/12 23:35:02 | 000,305,176 | ---- | M] (Intel Corporation) iastor.sys : MD5=8D58627FEF3F8767665D9F4DC91CBD97 -> C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\iastor.sys -> [2008/04/15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) iastor.sys : MD5=CEB53BB804B41C52AB0782505C8E2994 -> C:\SWSETUP\Drivers\ITM\Winall\Driver64\iastor.sys -> [2007/07/12 23:35:44 | 000,381,976 | ---- | M] (Intel Corporation) iastor.sys : MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -> C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iastor.sys -> [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) iaStor.sys : MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -> C:\Windows\System32\drivers\iaStor.sys -> [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) iaStor.sys : MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -> C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys -> [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) < %systemdrive%\IASTORV.SYS /md5 /s > iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys -> [2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys -> [2008/01/19 02:42:51 | 000,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=C957BF4B5D80B46C5017BF0101E6C906 -> C:\Windows\System32\drivers\iaStorV.sys -> [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=C957BF4B5D80B46C5017BF0101E6C906 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys -> [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) < %systemdrive%\NETLOGON.DLL /md5 /s > netlogon.dll : MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll -> [2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\System32\netlogon.dll -> [2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll -> [2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll -> [2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) < %systemdrive%\NTOSKRNL.EXE /md5 /s > ntoskrnl.exe : MD5=03279407E78F76BA1131DAB35A5E55C0 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe -> [2008/09/17 23:35:07 | 003,470,904 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=09C5FB44F152EFF551A112C931DDE640 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe -> [2009/08/05 09:10:22 | 003,548,216 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=0E8F7801D17C7437CEE216099B975163 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntoskrnl.exe -> [2008/07/24 17:52:22 | 003,471,032 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=1ACD7FC485D0E0FF9097E08900D834CC -> C:\Windows\System32\ntoskrnl.exe -> [2010/10/15 09:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=1ACD7FC485D0E0FF9097E08900D834CC -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe -> [2010/10/15 09:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=1E09CE4D9BB7B6521FB023CAE2E55F63 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe -> [2008/09/17 23:27:44 | 003,472,952 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=1FD3E8BFFD38F9B145E4B2B238B692F7 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe -> [2008/09/18 00:09:09 | 003,549,240 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=20D040ECE9A8F578D1D938256F34B663 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe -> [2009/12/08 15:52:16 | 003,546,200 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=22D444D3D88A4C299894B3638A114BF7 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe -> [2008/04/26 03:11:33 | 003,549,240 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=2972EEF8E834883EEC7C1995639341EF -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe -> [2009/12/08 17:29:12 | 003,469,912 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=2D202D94C6D0EC6B1483D2D47016FA0A -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntoskrnl.exe -> [2008/07/24 17:34:14 | 003,470,520 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=2DF67260DD3167402ABC14DC11112686 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntoskrnl.exe -> [2008/07/24 17:34:13 | 003,472,056 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=31289DD6914686D088582EED4B43F826 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe -> [2010/02/18 09:21:55 | 003,550,088 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=3910FE042C707E6BACD0FEC5AB9ECDE6 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe -> [2009/03/02 23:24:50 | 003,469,280 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=393BB8FE05D66ABA7B091E6032179272 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe -> [2009/03/02 23:46:01 | 003,547,632 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=3EEEDCCFB587BCB0E2DE075332498C11 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe -> [2009/08/05 12:15:59 | 003,547,736 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=4765C66A89E7151626FF3545B01D2601 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe -> [2009/08/05 09:28:44 | 003,467,864 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=47DB9968B8CF2031C46007F42CCE2437 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe -> [2010/06/08 11:47:40 | 003,548,552 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=4F2488EC5D0EBFE868F47681BCF315D3 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntoskrnl.exe -> [2008/07/24 04:14:00 | 003,470,008 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=5302026B0FADB0819009798D3F6BCD77 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe -> [2009/08/05 09:22:41 | 003,546,184 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=575DD16BF4C21C2F7E2BBE203AC1E957 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe -> [2009/08/04 07:34:19 | 003,548,216 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=6025E5530E2C43E1983CC8B840DF2108 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe -> [2010/02/18 09:49:31 | 003,545,992 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=664CA09C523FAB9D01BE6C4028C1B58B -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe -> [2009/12/08 15:01:02 | 003,548,216 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=6700F35EBA206E5C89AC27C9A124DC01 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe -> [2008/01/19 02:43:47 | 003,548,728 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=6798DBF3F25721637AEF5B6C69911C9C -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe -> [2009/04/11 01:32:49 | 003,549,672 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=808C86316AED98716C5F305A6265F393 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe -> [2009/03/02 23:22:43 | 003,471,328 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=883D5B644BFA3DC7298D4731B13AF499 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntoskrnl.exe -> [2006/11/02 04:51:48 | 003,467,880 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=8B5EEAA99965E26C3FBB9FAC8BD3B6A1 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe -> [2010/10/15 09:08:12 | 003,552,144 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=99B743BE7149970EB8D9C48FB0A41BF7 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntoskrnl.exe -> [2008/07/24 04:14:00 | 003,470,520 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=9E6991F557248A5E6E742D1081583969 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntoskrnl.exe -> [2008/07/24 17:52:21 | 003,471,544 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=A0BF353A68B434F2BBFF238FEEB51486 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntoskrnl.exe -> [2008/07/24 17:47:06 | 003,470,392 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=A573338BDCED710795C618EA5FCF48D5 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe -> [2010/10/15 09:08:12 | 003,548,048 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=A5D0B405442724448D23D61821BEA92A -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe -> [2010/02/18 09:07:05 | 003,548,040 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=B23072AE0FD60A2BE57FD48F81DDB5BB -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntoskrnl.exe -> [2008/07/24 17:47:05 | 003,471,928 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=C5759C9345A06EE52C7F5ECCF685CA6D -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe -> [2010/02/18 12:36:43 | 003,548,560 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=C5AB434D0C8FA38EAD136FB29E2504B7 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe -> [2010/06/08 13:04:17 | 003,550,600 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=C9CD31B3CBA8134F2B47FB5E78376ACC -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe -> [2008/04/26 03:25:54 | 003,549,240 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=CD2EEBFA39E742C8C066CCE09382A19B -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe -> [2009/12/08 15:54:53 | 003,467,848 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=D32E95B17477E183F6019A99BE799BA9 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe -> [2009/12/08 15:36:58 | 003,548,760 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=D5FA5D17F03E6D39E1A12431DD6F2A39 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe -> [2010/06/08 12:00:41 | 003,545,992 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=D8DCA438CE571DB20BD8C4915CAC0760 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe -> [2009/08/05 09:10:15 | 003,469,896 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=DC44BF78DEB87B7737D0D29B5B8EDAE3 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe -> [2010/02/18 09:54:03 | 003,468,168 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=DEA801F2D9FD1DB35ED6B9BC4A6657F1 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe -> [2008/09/17 23:54:49 | 003,549,752 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=DFF34C5D66AB4BF1EED47BF19D1267BB -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe -> [2009/03/02 23:37:19 | 003,548,656 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=F276ABE13DD0BA1024A42A443E47A4A2 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe -> [2010/10/15 09:08:12 | 003,550,608 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=F2BEE482023F146CF85EBB15B9E1CD35 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe -> [2010/06/08 12:35:04 | 003,548,040 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=F8BEC470EAA8621751F739585C5871CD -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe -> [2010/02/18 09:34:36 | 003,470,216 | ---- | M] (Microsoft Corporation) ntoskrnl.exe : MD5=FB82B0147B7D93379B68F8A6A5828C70 -> C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe -> [2009/12/08 15:14:53 | 003,550,264 | ---- | M] (Microsoft Corporation) < %systemdrive%\NVSTOR.SYS /md5 /s > nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\drivers\nvstor.sys -> [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys -> [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys -> [2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys -> [2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) < %systemdrive%\SCECLI.DLL /md5 /s > scecli.dll : MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll -> [2008/01/19 02:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=80E2839D05CA5970A86D7BE2A08BFF61 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll -> [2006/11/02 04:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\System32\scecli.dll -> [2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll -> [2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) < %systemdrive%\USERINIT.EXE /md5 /s > userinit.exe : MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -> C:\Windows\System32\userinit.exe -> [2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) userinit.exe : MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe -> [2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) userinit.exe : MD5=22027835939F86C3E47AD8E3FBDE3D11 -> C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe -> [2006/11/02 04:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) < %systemdrive%\UXTHEME.DLL /md5 /s > uxtheme.dll : MD5=999D69DEB576C2C424294DF025891CC6 -> C:\Windows\System32\uxtheme.dll -> [2008/01/19 02:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) uxtheme.dll : MD5=999D69DEB576C2C424294DF025891CC6 -> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_a5e49ad4068f9b12\uxtheme.dll -> [2008/01/19 02:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) uxtheme.dll : MD5=E340D47578B8CB8A86D3578EA50A3B83 -> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6000.16386_none_a3add8d809a48a3e\uxtheme.dll -> [2006/11/02 04:46:13 | 000,240,640 | ---- | M] (Microsoft Corporation) < %systemdrive%\VOLSNAP.SYS /md5 /s > volsnap.sys : MD5=11EF6C1CAEF76B685233450A126125D6 -> C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys -> [2006/11/02 04:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=147281C01FCB1DF9252DE2A10D5E7093 -> C:\Windows\System32\drivers\volsnap.sys -> [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=147281C01FCB1DF9252DE2A10D5E7093 -> C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys -> [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=147281C01FCB1DF9252DE2A10D5E7093 -> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys -> [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=327639D2EC931B057F3826A51ADC73E9 -> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5\volsnap.sys -> [2008/07/24 17:47:04 | 000,211,000 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -> C:\Windows\System32\DriverStore\FileRepository\volume.inf_f47b2c78\volsnap.sys -> [2008/07/24 17:47:04 | 000,211,000 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447\volsnap.sys -> [2008/07/24 17:47:04 | 000,211,000 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=D8B4A53DD2769F226B3EB374374987C9 -> C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys -> [2008/01/19 02:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) volsnap.sys : MD5=D8B4A53DD2769F226B3EB374374987C9 -> C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys -> [2008/01/19 02:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) < %systemdrive%\WINLOGON.EXE /md5 /s > winlogon.exe : MD5=898E7C06A350D4A1A64A9EA264D55452 -> C:\Windows\System32\winlogon.exe -> [2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) winlogon.exe : MD5=898E7C06A350D4A1A64A9EA264D55452 -> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe -> [2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) winlogon.exe : MD5=9F75392B9128A91ABAFB044EA350BAAD -> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe -> [2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) winlogon.exe : MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -> C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe -> [2008/01/19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) < MD5 Scans End> [Alternate Data Streams] @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:A93CCA6B < End of report > [/code]