OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8D40C000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 4456448 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 97.46 )
0x8244C000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft Corporation, NT Kernel & System)
0x8244C000 PnpManager 3907584 bytes
0x8244C000 RAW 3907584 bytes
0x8244C000 WMIxWDM 3907584 bytes
0x9B680000 Win32k 2113536 bytes
0x9B680000 C:\Windows\System32\win32k.sys 2113536 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xA5A0A000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120108.006\NAVEX15.SYS 1572864 bytes (Symantec Corporation, AV Engine)
0x88209000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x83001000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8C600000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x83204000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x80463000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xA0ADC000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9280C000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111223.001\BHDrvx86.sys 835584 bytes (Symantec Corporation, BASH Driver)
0x82A6A000 C:\Windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS 765952 bytes (Symantec Corporation, Symantec Extended File Attributes)
0x8C703000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 737280 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x9FC06000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x91C07000 C:\Windows\system32\drivers\stwrt.sys 667648 bytes (SigmaTel, Inc., NDRC)
0x8D84C000 C:\Windows\System32\drivers\dxgkrnl.sys 655360 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x83309000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0xA5604000 C:\Windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS 548864 bytes (Symantec Corporation, Symantec AutoProtect)
0x9295B000 C:\Windows\System32\Drivers\bthport.sys 524288 bytes (Microsoft Corporation, Bluetooth Bus Driver)
0x80543000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x82B2E000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x9FCD9000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x92393000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)
0x92335000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120106.002\IDSvix86.sys 385024 bytes (Symantec Corporation, IDS Core Driver)
0x91D98000 C:\Windows\System32\Drivers\N360\0501000.01D\SYMTDIV.SYS 364544 bytes (Symantec Corporation, Network Dispatch Driver)
0x82A03000 C:\Windows\system32\drivers\N360\0501000.01D\SYMDS.SYS 356352 bytes (Symantec Corporation, Symantec Data Store)
0xA0A87000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x8D97D000 C:\Windows\system32\DRIVERS\HSXHWBS2.sys 303104 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0x806A8000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x92203000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8060C000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80422000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x80749000 C:\Windows\system32\drivers\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8D902000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x922EF000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x83137000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0xA0A0E000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x88319000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x831A4000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x82419000 ACPI_HAL 208896 bytes
0x82419000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8078A000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x9224B000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8C7C4000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x91CAA000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8310C000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8D9C7000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x807BC000 C:\Windows\system32\DRIVERS\rfcomm.sys 167936 bytes (Microsoft Corporation, Bluetooth RFCOMM Driver)
0xA0BBA000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xA0A5F000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x88369000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x80663000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x82B9F000 C:\Windows\system32\Drivers\SYMEVENT.SYS 155648 bytes (Symantec Corporation, Symantec Event Library)
0x91CD7000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x922B4000 C:\Windows\system32\drivers\N360\0501000.01D\Ironx86.SYS 147456 bytes (Symantec Corporation, Iron Driver)
0x833AD000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8071B000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x9FD91000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x91D2F000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x9FDB2000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x82BC5000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 122880 bytes (Symantec Corporation, Symantec Eraser Utility Driver)
0x9FD46000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x832EE000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x807E5000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x929E5000 C:\Windows\system32\DRIVERS\bthpan.sys 106496 bytes (Microsoft Corporation, Bluetooth Personal Area Networking)
0x9FD63000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x80702000 C:\Windows\system32\drivers\nvraid.sys 102400 bytes (NVIDIA Corporation, NVIDIAŽ nForce(TM) RAID Driver)
0x8D94F000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xA0A47000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x82BE3000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x83396000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x928D8000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xA5B9E000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x9227D000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x91D82000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x9FD7C000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x83172000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x928FC000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0x9FDD1000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0xA5B8A000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120108.006\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)
0x833DF000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x831EA000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x9FCC6000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x922A1000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x9FDE6000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x88390000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x831D9000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80409000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x883E2000 C:\Windows\system32\DRIVERS\amdk8.sys 65536 bytes (Microsoft Corporation, Processor Device Driver)
0x8D96D000 C:\Windows\system32\DRIVERS\bcm4sbxp.sys 65536 bytes (Broadcom Corporation, Broadcom Corporation NDIS 5.1 ethernet driver)
0x82A5A000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x9291A000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x9FCB6000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x806F2000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x83187000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x883B4000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8835A000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8068A000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x833D0000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8D940000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x80699000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x9B8C0000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x92293000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x91D6B000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x9294E000 C:\Windows\System32\Drivers\BTHUSB.sys 53248 bytes (Microsoft Corporation, Bluetooth Miniport Driver)
0x9292A000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x92941000 C:\Windows\System32\Drivers\dump_nvstor.sys 53248 bytes
0x8C7B7000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8073C000 C:\Windows\system32\drivers\nvstor.sys 53248 bytes (NVIDIA Corporation, NVIDIAŽ nForce(TM) Sata Performance Driver)
0x83197000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x928EF000 C:\Windows\system32\DRIVERS\usbscan.sys 53248 bytes (Microsoft Corporation, USB Scanner Driver)
0x805BF000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x92800000 C:\Windows\system32\DRIVERS\hidbth.sys 49152 bytes (Microsoft Corporation, Bluetooth Miniport Driver for HID Devices)
0xA0BEC000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x91D23000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8D8EC000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8D400000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x883F2000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x91D60000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8D9F1000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x922D8000 C:\Windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS 45056 bytes (Symantec Corporation, Symantec AutoProtect)
0x8C7F3000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x883CE000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x929DB000 C:\Windows\system32\DRIVERS\BthEnum.sys 40960 bytes (Microsoft Corporation, Bluetooth Bus Extender)
0x92937000 C:\Windows\System32\Drivers\dump_diskdump.sys 40960 bytes
0x883AA000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x833F3000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x9232B000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xA0BE2000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x8D8F8000 C:\Windows\system32\DRIVERS\usbohci.sys 40960 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0x922E3000 C:\Windows\system32\DRIVERS\usbprint.sys 40960 bytes (Microsoft Corporation, USB Printer driver)
0xA5BB4000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x883A1000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x91CFC000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x92911000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x91DF1000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x82B25000 C:\Windows\System32\Drivers\PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x91D79000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x9B8A0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x883D9000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x80652000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8041A000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x923F1000 C:\Windows\system32\DRIVERS\LHidFilt.Sys 32768 bytes (Logitech, Inc., Logitech HID Filter Driver.)
0x88200000 C:\Windows\system32\DRIVERS\LMouFilt.Sys 32768 bytes (Logitech, Inc., Logitech Mouse Filter Driver.)
0x91D13000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x8065B000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x91D50000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x91D58000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x88352000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xA0BF8000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x91D0C000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x91D1C000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80402000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x91D05000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8D967000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xA0AD8000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0xA0AD6000 C:\Windows\system32\DRIVERS\dsunidrv.sys 8192 bytes (Gteko Ltd., GUniDriver)
0x8C7FE000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x922ED000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x824F47AA-->824F47B1 [ntkrnlpa.exe]
[4736]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x763C847D-->69D56323 [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x763B2EF5-->69D562BE [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x763C8152-->69D56259 [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x763B10B0-->69B6170B [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x7638CD8B-->69C09A14 [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x763DD639-->69D56103 [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x763DD65D-->69D5609F [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x763DD4D9-->69D561E0 [ieframe.dll]
[4736]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x763DD5D3-->69D56167 [ieframe.dll]
[744]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->677C47BB [IEShims.dll]
[744]iexplore.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x73C01288-->677C47BB [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->677DBC51 [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->677C63E7 [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->677DC811 [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->677C47BB [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77B6111C-->677C6D22 [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77B61110-->677C5EC7 [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77B61174-->677C4E2B [IEShims.dll]
[744]iexplore.exe-->gdi32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77B611AC-->677D029E [IEShims.dll]
[744]iexplore.exe-->kernel32.dll+0x00001CB3, Type: Inline - RelativeJump 0x76B41CB3-->034700F7 [unknown_code_page]
[744]iexplore.exe-->kernel32.dll+0x00001DBE, Type: Inline - RelativeJump 0x76B41DBE-->03470319 [unknown_code_page]
[744]iexplore.exe-->kernel32.dll+0x00029DA6, Type: Inline - RelativeJump 0x76B69DA6-->034703CF [unknown_code_page]
[744]iexplore.exe-->kernel32.dll+0x0004AF70, Type: Inline - RelativeJump 0x76B8AF70-->03470263 [unknown_code_page]
[744]iexplore.exe-->kernel32.dll+0x00095D4F, Type: Inline - RelativeJump 0x76BD5D4F-->034701AD [unknown_code_page]
[744]iexplore.exe-->kernel32.dll-->CreateThread, Type: Inline - RelativeJump 0x76B8CB2E-->69BC7303 [ieframe.dll]
[744]iexplore.exe-->kernel32.dll-->HeapCreate, Type: Inline - RelativeJump 0x76B69DAB-->76B69DA6 [kernel32.dll]
[744]iexplore.exe-->kernel32.dll-->SetProcessDEPPolicy, Type: Inline - RelativeJump 0x76BD5D54-->76BD5D4F [kernel32.dll]
[744]iexplore.exe-->kernel32.dll-->VirtualAlloc, Type: Inline - RelativeJump 0x76B8AF75-->76B8AF70 [kernel32.dll]
[744]iexplore.exe-->kernel32.dll-->VirtualProtect, Type: Inline - RelativeJump 0x76B41DC3-->76B41DBE [kernel32.dll]
[744]iexplore.exe-->kernel32.dll-->WriteProcessMemory, Type: Inline - RelativeJump 0x76B41CB8-->76B41CB3 [kernel32.dll]
[744]iexplore.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->677C47BB [IEShims.dll]
[744]iexplore.exe-->ntdll.dll-->NtMapViewOfSection, Type: Inline - RelativeJump 0x777A4974-->0347003A [unknown_code_page]
[744]iexplore.exe-->shell32.dll+0x000889A8, Type: Inline - PushRet 0x76CA89A8-->C1677D01 [unknown_code_page]
[744]iexplore.exe-->shell32.dll+0x000889A9, Type: Code Mismatch 0x76CA89A9 + 559529 [01 7D 67]
[744]iexplore.exe-->shell32.dll+0x000889B0, Type: Inline - RelativeJump 0x76CA89B0-->76CA8A1F [shell32.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->677DBC51 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateDirectoryW, Type: IAT modification 0x768E13B0-->677C6291 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->677C63E7 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateHardLinkW, Type: IAT modification 0x768E11A4-->677DC49D [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x768E12E8-->677D7F4F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->677DC811 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x768E132C-->677DF94D [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x768E1328-->677DFCF6 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x768E1114-->677E07CA [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetBinaryTypeW, Type: IAT modification 0x768E1280-->677D9F4B [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesA, Type: IAT modification 0x768E1370-->677D0ADF [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesExW, Type: IAT modification 0x768E14A4-->677D968F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x768E13BC-->677C5F62 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetLongPathNameW, Type: IAT modification 0x768E14EC-->677D997F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileIntW, Type: IAT modification 0x768E1390-->677DA249 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionNamesW, Type: IAT modification 0x768E1164-->677DA89F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionW, Type: IAT modification 0x768E1100-->677DA56D [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x768E13A0-->677DABDB [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameA, Type: IAT modification 0x768E136C-->677D9AF3 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameW, Type: IAT modification 0x768E1428-->677D9C69 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->677C6D22 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x768E1284-->677C5EC7 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x768E1448-->677C4E2B [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->677DE0C1 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->677DE089 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->RemoveDirectoryW, Type: IAT modification 0x768E13AC-->677DEE67 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->ReplaceFileW, Type: IAT modification 0x768E1140-->677DE457 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x768E1384-->677D029E [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x768E124C-->677DF500 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->677D939B [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileSectionW, Type: IAT modification 0x768E1168-->677DB245 [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x768E116C-->677DB56B [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->ntdll.dll-->NtQueryDirectoryFile, Type: IAT modification 0x768E2320-->677D8C1A [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->user32.dll-->LoadImageW, Type: IAT modification 0x768E1890-->677DCB0F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->user32.dll-->PrivateExtractIconsW, Type: IAT modification 0x768E1A6C-->677DD11F [IEShims.dll]
[744]iexplore.exe-->shell32.dll-->user32.dll-->WinHelpW, Type: IAT modification 0x768E191C-->677DD6BF [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x77D5154C-->677C6692 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->677D19CA [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegDeleteKeyW, Type: IAT modification 0x77D51544-->677E33C5 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegEnumValueW, Type: IAT modification 0x77D51524-->677D0E28 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->677C60B5 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryInfoKeyW, Type: IAT modification 0x77D51520-->677D1555 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x77D5152C-->677C7278 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x76388E3B-->69C27BB7 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateDialogIndirectParamA, Type: Inline - RelativeJump 0x763A26F1-->69D56660 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateDialogIndirectParamW, Type: Inline - RelativeJump 0x763A9A62-->69D56698 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateDialogParamA, Type: Inline - RelativeJump 0x763A17AA-->69D565F0 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateDialogParamW, Type: Inline - RelativeJump 0x763872A2-->69D56628 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateWindowExA, Type: Inline - RelativeJump 0x7638DC2A-->69BD3363 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x76391305-->69C2FF8F [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - RelativeJump 0x7638DB88-->69BC952D [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - SEH 0x7638DB8D [unknown_code_page]
[744]iexplore.exe-->user32.dll-->DefWindowProcA, Type: Inline - SEH 0x7638DB8E [unknown_code_page]
[744]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - RelativeJump 0x763A03B4-->69C27C1A [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - SEH 0x763A03B9 [unknown_code_page]
[744]iexplore.exe-->user32.dll-->DefWindowProcW, Type: Inline - SEH 0x763A03BA [unknown_code_page]
[744]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x763C847D-->69D56323 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x763B2EF5-->69D562BE [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x763C8152-->69D56259 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x763B10B0-->69B6170B [ieframe.dll]
[744]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x7638CD8B-->69C09A14 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->EndDialog, Type: Inline - RelativeJump 0x763B326E-->69D5702E [ieframe.dll]
[744]iexplore.exe-->user32.dll-->GetAsyncKeyState, Type: Inline - RelativeJump 0x7638863C-->69BADD8D [ieframe.dll]
[744]iexplore.exe-->user32.dll-->GetKeyState, Type: Inline - RelativeJump 0x76398CB1-->69BADC67 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->IsDialogMessage, Type: Inline - RelativeJump 0x763A1847-->69D56D5A [ieframe.dll]
[744]iexplore.exe-->user32.dll-->IsDialogMessageW, Type: Inline - RelativeJump 0x763A0745-->69D56D82 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->677DBC51 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->677C63E7 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x77D511B4-->677D7F4F [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->677DC811 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x77D511E4-->677DF94D [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x77D511EC-->677DFCF6 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x77D511E8-->677E07CA [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x77D51328-->677DABDB [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->677C47BB [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77D51250-->677C6D22 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->677C5EC7 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77D512FC-->677C4E2B [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->677DE089 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77D51154-->677D029E [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x77D511D8-->677DF500 [IEShims.dll]
[744]iexplore.exe-->user32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x77D512BC-->677DB56B [IEShims.dll]
[744]iexplore.exe-->user32.dll-->keybd_event, Type: Inline - RelativeJump 0x763DD972-->69D575AE [ieframe.dll]
[744]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x763DD639-->69D56103 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x763DD65D-->69D5609F [ieframe.dll]
[744]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x763DD4D9-->69D561E0 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x763DD5D3-->69D56167 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->SendInput, Type: Inline - RelativeJump 0x763B2F75-->69D575F1 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->SetCursorPos, Type: Inline - RelativeJump 0x763C6FB2-->69D576CA [ieframe.dll]
[744]iexplore.exe-->user32.dll-->SetKeyboardState, Type: Inline - RelativeJump 0x763B0987-->69D57649 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x763887AD-->69C02194 [ieframe.dll]
[744]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x763898DB-->69C4EB74 [ieframe.dll]
[744]iexplore.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x63001400-->677C47BB [IEShims.dll]
[744]iexplore.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->677C47BB [IEShims.dll]