Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

What could be slowing my computer down?

Started by jojobo36 , Aug 20 2011 10:32 PM

  • Please log in to reply

#1
jojobo36
Posted 20 August 2011 - 10:32 PM

jojobo36

    Member

  • Member
  • PipPip
  • 97 posts
Good Evening,

I am writing to you becasue I just don't know what else to do. I don't know if I have a virus, malware, spyware or whatever else could be wrong. I have been a member and have had help in the past with other computers in our house hold. with wonderful results.. With that being said. I use TLC, Malwarebytes, SuperAnti spyware when running our monthly scans. When running these scans it comes up with nothing.
The problem we seem to be having,the computer is running real slow, when trying to open icons for any program it takes some time to open. When trying to close a program it will take a long time to close, or it will show it's not responding. you could be right in the middle of something and the computer completley locks up. When I open windows task manager, most of the time the phyiscal memory is running at 100%. I do notice it seems to happen more often when using firefox. Firefox container ID will be running at very high numbers. But, we do experience some problems like that when using Internet Eplorer. That is why we started using firefox. I don't know what else to check. Do we need to upgrade our ram? Should we use google chrome? Hope you can help.
Thanks so much for your time!!
Much appreciated.

n OTL logfile created on: 8/20/2011 9:39:28 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Wes Cornwell\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.76 Mb Total Physical Memory | 327.18 Mb Available Physical Memory | 34.16% Memory free
2.13 Gb Paging File | 0.84 Gb Available in Paging File | 39.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 180.68 Gb Free Space | 81.10% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.36 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: WESCORNWELL-PC | User Name: Wes Cornwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/20 21:39:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Downloads\OTL.exe
PRC - [2011/08/16 00:40:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/12 15:26:12 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe
PRC - [2011/03/16 12:55:39 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 09:02:50 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/20 11:48:45 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/21 10:20:47 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/06/25 01:22:40 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/06/25 01:17:17 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/25 01:05:02 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/25 01:04:58 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldfserv.exe
PRC - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/08/16 00:40:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/11/29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/07/21 10:20:47 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/06/25 01:17:17 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/29 08:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/08/16 00:40:26 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/16 00:40:25 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/06 15:00:40 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/25 01:05:10 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/05/31 11:43:22 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/04 19:45:23 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/03/04 13:32:36 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/23 00:22:52 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/08/02 06:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/13 15:47:44 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/05/13 15:47:44 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/11/11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/03/15 08:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [1999/08/10 13:51:58 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.avg.co...s&lng=en-US&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011/08/20 21:20:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/06 12:41:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 12:17:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]

[2011/02/10 16:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Extensions
[2011/05/15 12:35:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions
[2011/02/13 11:37:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/10 20:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/18 03:20:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 12:27:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/01 09:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/10 20:02:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/20 21:20:01 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.007.026.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/07/06 12:41:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/15 18:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: worldwinner.com ([www] https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.94.172.166 209.94.172.167
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/13 23:11:35 | 000,000,000 | ---D | C] -- C:\f64d872016d01040bbb9643a4116bc
[2007/10/31 17:48:05 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\dldfhcp.dll
[2007/10/31 17:48:02 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\dldfinpa.dll
[2007/10/31 17:48:02 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldfiesc.dll
[2007/10/31 17:48:00 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\dldfserv.dll
[2007/10/31 17:48:00 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\dldfusb1.dll
[2007/10/31 17:47:58 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldfprox.dll
[2007/10/31 17:47:57 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldfpmui.dll
[2007/10/31 17:47:57 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\dldflmpm.dll
[2007/10/31 17:47:54 | 000,320,136 | ---- | C] ( ) -- C:\Windows\System32\dldfih.exe
[2007/10/31 17:47:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldfhbn3.dll
[2007/10/31 17:47:43 | 000,598,664 | ---- | C] ( ) -- C:\Windows\System32\dldfcoms.exe
[2007/10/31 17:47:42 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldfcomm.dll
[2007/10/31 17:47:41 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\dldfcomc.dll
[2007/10/31 17:47:39 | 000,365,192 | ---- | C] ( ) -- C:\Windows\System32\dldfcfg.exe
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/20 20:59:25 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 20:59:25 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/20 12:00:54 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/20 05:19:56 | 084,229,551 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/08/16 00:58:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/15 13:12:17 | 000,581,632 | ---- | M] () -- C:\Users\Wes Cornwell\Documents\Inventory10.qhi
[2011/08/13 23:18:32 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/13 23:18:32 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/11 11:14:42 | 000,000,104 | ---- | M] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk
[2011/07/31 23:22:24 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/11 11:14:42 | 000,000,104 | ---- | C] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk
[2010/12/30 17:29:53 | 000,207,001 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/05/05 16:50:37 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010/03/31 19:34:36 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2010/03/11 00:55:05 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/03/11 00:55:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/03/11 00:55:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/03/11 00:55:05 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/03/11 00:55:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/01/29 21:15:54 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/09/18 12:39:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/18 12:39:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/08/12 07:46:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/19 00:59:58 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/05/16 03:02:58 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007/12/01 20:08:26 | 000,061,440 | ---- | C] () -- C:\Windows\wnUninstall.exe
[2007/11/11 22:38:09 | 000,032,390 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2007/11/11 20:36:53 | 000,032,662 | ---- | C] () -- C:\ProgramData\dldf
[2007/10/31 18:57:49 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/10/31 18:57:49 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\73B486E930.sys
[2007/10/31 18:49:58 | 000,374,784 | ---- | C] () -- C:\Windows\3dg32.dll
[2007/10/31 18:49:57 | 000,000,250 | ---- | C] () -- C:\Windows\3dr.ini
[2007/10/31 17:52:35 | 001,377,872 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2007/10/31 17:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDFPMON.DLL
[2007/10/31 17:51:10 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDFFXPU.DLL
[2007/10/31 17:50:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldfoem.dll
[2007/10/31 17:50:50 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDFPMRC.DLL
[2007/10/31 17:48:07 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfinst.dll
[2007/10/31 17:48:01 | 000,499,712 | ---- | C] () -- C:\Windows\System32\dldfutil.dll
[2007/10/31 17:47:57 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldfjswr.dll
[2007/10/31 17:47:56 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfinsb.dll
[2007/10/31 17:47:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfins.dll
[2007/10/31 17:47:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldfinsr.dll
[2007/10/31 17:47:49 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldfgrd.dll
[2007/10/31 17:47:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldfcub.dll
[2007/10/31 17:47:44 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldfcu.dll
[2007/10/31 17:47:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldfcur.dll
[2007/10/31 17:47:36 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldfcfg.dll
[2007/10/31 15:18:40 | 000,000,152 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2007/10/31 15:18:38 | 000,006,838 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2007/10/31 15:14:51 | 000,000,784 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Roaming\wklnhst.dat
[2007/10/30 23:33:44 | 000,013,312 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/22 14:17:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldfcaps.dll
[2007/05/08 18:48:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldfdrs.dll
[2007/05/03 19:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfcoin.dll
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/03/12 22:17:08 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldfcnv4.dll
[2006/11/10 17:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,321,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,608,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,908 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/08/01 05:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldfvs.dll
[1997/08/14 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997/08/14 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997/08/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997/08/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/04/18 13:52:58 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\948 Series
[2009/08/23 01:01:25 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Alawar
[2011/01/26 11:02:18 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Amazon
[2009/09/09 13:40:47 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Artogon
[2010/03/16 22:27:01 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\AVG9
[2009/08/04 01:51:27 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\BloodTies
[2009/11/06 02:49:45 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/05/14 15:45:33 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\EA
[2009/11/14 22:19:49 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\ElementalsTheMagicKey
[2010/03/08 04:43:18 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\FixCleaner
[2009/11/14 22:58:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Freezetag
[2009/10/04 19:16:09 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Friday's games
[2009/10/15 16:53:09 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\funkitron
[2009/06/07 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Gogii Games
[2009/07/14 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\ImperialCity
[2007/12/09 14:41:16 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\IsolatedStorage
[2008/06/07 17:29:15 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\LimeWire
[2009/10/15 13:56:44 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\md studio
[2009/05/14 14:39:48 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Meridian93
[2007/11/16 21:57:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\MusicNet
[2009/05/24 01:30:02 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1001
[2009/05/04 12:48:05 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1002
[2009/08/09 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Oberonv1005
[2011/05/17 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\PCDr
[2009/08/19 01:37:43 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\PlayFirst
[2009/10/15 12:55:34 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Playrix Entertainment
[2009/11/14 23:58:37 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\PoBros
[2009/05/14 18:03:03 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Pogo Games
[2009/08/23 14:36:39 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Righteous Kill
[2009/05/24 00:22:52 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\SpinTop Games
[2007/10/31 18:17:36 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\Template
[2009/08/05 01:59:11 | 000,000,000 | ---D | M] -- C:\Users\Wes Cornwell\AppData\Roaming\TheScruffs
[2011/07/31 23:22:24 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/08/16 00:55:54 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/20 12:00:54 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:CD2ECCEC
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:FB384C06
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:618BF152
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D09AEE3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:B1C68614
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6E5C36BA
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C17FCA88
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E8A39657
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0A404476
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4EFDF5FB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8F2B426
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:B156F3F2
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1A3FC1C4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:001F2DD1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DD831FA6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1B79AEF3
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A39CF033
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E6427C0F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0DA384B0
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:76C67845
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A73EAFFB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9B7E8561
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DEC7E19B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C4F37A10
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B17C9C5E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:68E05C43
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ECD1173C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444169A0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DA5FD7CF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:685CA1CF

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 20 August 2011 - 11:13 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
You could use some more RAM. 1 G (which you more or less have) is what I recommend as a minimum for XP. With Vista 4 G is probably best. You can get a boost without openign the box if you have a 1 G or better USB drive. Clear it off and remove it then when you plug it in the next time Vista should ask if you want to use it to speed up the system. Say yes.

Certain slower sticks won't work. It should test the stick when you plug it in and tell you if it's good enough.

See http://blogs.msdn.co.../02/615199.aspx

You can speed up Firefox.
First Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

Then go to Firefox (Tools) Options. Manage Add-ons. Extensions. Disable all three Java Consoles:
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24.

They are out of date and stupid Java does not remove the old consoles. You should have at least 6 update 26. Get it at http://www.java.com/en/
Do not let it install foistware like Yahoo Toolbar or McAfee Anti-Virus Scan.

Now download save and run Speedy Fox.
http://www.crystalidea.com/speedyfox
(remember to right click and Run As Administrator)
Speed up my Firefox.

Keep Speedy Fox on your desktop and run it any time you upgrade or make a change to Firefox.


Let's run a few checks to make sure we aren't missing anything.

If one of the following will not run then just skip to the next one then go back and try the things that wouldn't run again after finishing the others.

I'd uninstall Superantispyware and PC Doctor first so they don't interfere or make the scans slower. PC Doctor now comes with an Anti-Virus which means you should not run it with AVG.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

We need to uninstall AVG9 in order to run the next scan. It's obsolete anyway. We will replace it with the free Avast.
Download save and run the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free Avast installer.

Uninstall AVG9

Run the Avg Remover

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)
Once you have it installed and it has updated:
Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK
Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted

ComboFix

:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.

Right click and Run As Administrator the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply
Posted Image

Open OTL again (Right click and Run As Administrator) and select the All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.


Ron
  • 0

#3
jojobo36
Posted 23 August 2011 - 10:41 AM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Hi Ron,
Thank you so much for the fast reply. Sorry for my delay.
I have a few questions for you,
When using USB drive to speed system- I have a 8GB and a 4GB stick. I read that the 8GB is to large for the program and will not work? Is this correct? I also have a 4GB stick that I did try, but it seemed to bog down the computer even more. So I removed it to continue with the scans. Should I try using it again?

Also, when using the 4GB USB drive, could you tell me what the following message means. "While this device is being used. The reserved space will not be available for storage"

Java- Can I disable the 3 outdated java programs on Internet Explorer as well?

PC Doctor- Did you see that I had this program to remove? I didn't find it on my PC

disabling Avast, right click on ball, click on disable until rebooted. I did that, but when running ComboFix it still said Avast was running? I still ran the scan.

Thank you again for all your help and time!! :)


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7534

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

8/22/2011 2:24:57 AM
mbam-log-2011-08-22 (02-24-57).txt

Scan type: Quick scan
Objects scanned: 188077
Time elapsed: 7 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


ComboFix 11-08-22.03 - Wes Cornwell 08/22/2011 9:50.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.958.404 [GMT -5:00]
Running from: c:\users\Wes Cornwell\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\pswi_preloaded.exe
c:\programdata\SPL25DB.tmp
c:\programdata\SPL4AD7.tmp
c:\programdata\SPL6A87.tmp
c:\programdata\SPL7E7.tmp
c:\programdata\SPL8342.tmp
c:\programdata\SPL8E4E.tmp
c:\programdata\SPLDE8D.tmp
c:\programdata\SPLDEC8.tmp
c:\users\Wes Cornwell\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif
.
.
((((((((((((((((((((((((( Files Created from 2011-07-22 to 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 14:59 . 2011-08-22 14:59 -------- d-----w- c:\users\Wes Cornwell\AppData\Local\temp
2011-08-22 14:59 . 2011-08-22 14:59 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-08-22 14:59 . 2011-08-22 14:59 -------- d-----w- c:\users\SYSTEM\AppData\Local\temp
2011-08-22 14:59 . 2011-08-22 14:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-08-22 14:59 . 2011-08-22 14:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-22 08:05 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-22 08:05 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-22 08:05 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-22 08:05 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-22 08:05 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-08-22 08:04 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-22 08:02 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-22 08:02 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-22 08:01 . 2011-08-22 08:01 -------- d-----w- c:\programdata\AVAST Software
2011-08-22 08:01 . 2011-08-22 08:01 -------- d-----w- c:\program files\AVAST Software
2011-08-22 07:10 . 2011-07-07 00:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 07:10 . 2011-08-22 07:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-22 07:10 . 2011-07-07 00:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-13 23:22 . 2011-07-20 14:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42E3528F-6F29-4CC0-AF2C-D4B0290F8D12}\mpengine.dll
2011-08-10 23:13 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 23:10 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 23:10 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 23:10 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 23:10 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 23:10 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 20:26 . 2011-05-16 16:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 13:34 . 2011-07-13 13:47 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 00:14 . 2009-10-03 02:45 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-07-06 17:41 . 2011-05-15 23:21 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-10-10 160592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FIRST WARN ON-LINE.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FIRST WARN ON-LINE.lnk
backup=c:\windows\pss\FIRST WARN ON-LINE.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk
backup=c:\windows\pss\Microsoft Find Fast.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk
backup=c:\windows\pss\Office Startup.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell AIO Printer 948 Fax Server]
2007-07-03 13:37 307848 ----a-w- c:\program files\Dell AIO Printer 948\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dldfmon.exe]
2007-07-03 13:36 455304 ----a-w- c:\program files\Dell AIO Printer 948\dldfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 22:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linksys Wireless Manager]
2009-07-09 05:21 1366064 ----a-r- c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2007-07-03 13:36 410248 ----a-w- c:\program files\Dell AIO Printer 948\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2009-06-18 21:41 647216 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 05:16 13535776 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 05:16 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 22:23 118784 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-17 12:22 4907008 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNDDOCK]
2011-05-26 03:04 956928 ----a-w- c:\program files\Rand McNally\Rand McNally TND Dock\TNDDock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-08-02 735232]
R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgusbgps.sys [2008-11-11 19968]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-04 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-16 116608]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe [2007-06-26 598664]
S2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\dldfserv.exe [2007-06-26 98952]
S2 mrtRate;mrtRate; [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
2011-08-22 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
Trusted Zone: worldwinner.com\www
TCP: DhcpNameServer = 209.94.172.166 209.94.172.167
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bf0cb54&v=7.007.026.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-AVG9_TRAY - c:\progra~1\AVG\AVG9\avgtray.exe
MSConfigStartUp-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
MSConfigStartUp-dscactivate - c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-22 09:59
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,fe,53,9f,fc,22,88,40,af,8f,9a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,fe,53,9f,fc,22,88,40,af,8f,9a,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-08-22 10:05:36
ComboFix-quarantined-files.txt 2011-08-22 15:05
.
Pre-Run: 190,430,101,504 bytes free
Post-Run: 190,392,418,304 bytes free
.
- - End Of File - - A0849E0DE2DD38C54795FAD8B87E2477


TDSSKILLER
2011/08/22 11:10:24.0392 0892 TDSS rootkit removing tool 2.5.16.0 Aug 19 2011 17:48:17
2011/08/22 11:10:24.0782 0892 ================================================================================
2011/08/22 11:10:24.0782 0892 SystemInfo:
2011/08/22 11:10:24.0782 0892
2011/08/22 11:10:24.0782 0892 OS Version: 6.0.6002 ServicePack: 2.0
2011/08/22 11:10:24.0782 0892 Product type: Workstation
2011/08/22 11:10:24.0782 0892 ComputerName: WESCORNWELL-PC
2011/08/22 11:10:24.0782 0892 UserName: Wes Cornwell
2011/08/22 11:10:24.0782 0892 Windows directory: C:\Windows
2011/08/22 11:10:24.0782 0892 System windows directory: C:\Windows
2011/08/22 11:10:24.0782 0892 Processor architecture: Intel x86
2011/08/22 11:10:24.0782 0892 Number of processors: 2
2011/08/22 11:10:24.0782 0892 Page size: 0x1000
2011/08/22 11:10:24.0782 0892 Boot type: Normal boot
2011/08/22 11:10:24.0782 0892 ================================================================================
2011/08/22 11:10:25.0843 0892 Initialize success
2011/08/22 11:10:42.0426 3960 ================================================================================
2011/08/22 11:10:42.0426 3960 Scan started
2011/08/22 11:10:42.0426 3960 Mode: Manual;
2011/08/22 11:10:42.0426 3960 ================================================================================
2011/08/22 11:10:43.0112 3960 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/08/22 11:10:43.0206 3960 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/08/22 11:10:43.0268 3960 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/08/22 11:10:43.0315 3960 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/08/22 11:10:43.0362 3960 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/08/22 11:10:43.0456 3960 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/08/22 11:10:43.0518 3960 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/08/22 11:10:43.0549 3960 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/08/22 11:10:43.0580 3960 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
2011/08/22 11:10:43.0627 3960 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/08/22 11:10:43.0658 3960 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
2011/08/22 11:10:43.0736 3960 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/08/22 11:10:43.0768 3960 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/22 11:10:43.0846 3960 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/08/22 11:10:43.0892 3960 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/08/22 11:10:43.0955 3960 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
2011/08/22 11:10:43.0986 3960 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
2011/08/22 11:10:44.0033 3960 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\Windows\system32\drivers\aswRdr.sys
2011/08/22 11:10:44.0095 3960 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
2011/08/22 11:10:44.0220 3960 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
2011/08/22 11:10:44.0251 3960 aswTdi (984cfce2168286c2511695c2f9621475) C:\Windows\system32\drivers\aswTdi.sys
2011/08/22 11:10:44.0298 3960 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/22 11:10:44.0329 3960 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/08/22 11:10:44.0423 3960 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/08/22 11:10:44.0516 3960 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/22 11:10:44.0563 3960 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/08/22 11:10:44.0594 3960 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/08/22 11:10:44.0641 3960 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/08/22 11:10:44.0672 3960 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/08/22 11:10:44.0766 3960 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/08/22 11:10:44.0797 3960 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/08/22 11:10:44.0828 3960 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/08/22 11:10:44.0969 3960 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/22 11:10:45.0031 3960 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/22 11:10:45.0078 3960 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/08/22 11:10:45.0125 3960 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/08/22 11:10:45.0218 3960 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
2011/08/22 11:10:45.0265 3960 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/08/22 11:10:45.0296 3960 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/08/22 11:10:45.0328 3960 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/08/22 11:10:45.0421 3960 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/08/22 11:10:45.0499 3960 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/08/22 11:10:45.0593 3960 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/08/22 11:10:45.0624 3960 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/08/22 11:10:45.0671 3960 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/08/22 11:10:45.0733 3960 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/08/22 11:10:45.0858 3960 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/08/22 11:10:45.0967 3960 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2011/08/22 11:10:46.0030 3960 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/22 11:10:46.0139 3960 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/08/22 11:10:46.0186 3960 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/08/22 11:10:46.0232 3960 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/08/22 11:10:46.0279 3960 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/08/22 11:10:46.0373 3960 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/08/22 11:10:46.0420 3960 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/08/22 11:10:46.0451 3960 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/22 11:10:46.0560 3960 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/08/22 11:10:46.0576 3960 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/08/22 11:10:46.0622 3960 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/22 11:10:46.0654 3960 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/08/22 11:10:46.0700 3960 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/22 11:10:46.0747 3960 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/22 11:10:46.0825 3960 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/22 11:10:46.0903 3960 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/08/22 11:10:46.0950 3960 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/08/22 11:10:47.0012 3960 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/22 11:10:47.0044 3960 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/08/22 11:10:47.0137 3960 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/08/22 11:10:47.0246 3960 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
2011/08/22 11:10:47.0293 3960 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/08/22 11:10:47.0356 3960 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/08/22 11:10:47.0418 3960 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/22 11:10:47.0449 3960 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/08/22 11:10:47.0496 3960 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/08/22 11:10:47.0605 3960 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/22 11:10:47.0699 3960 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\drivers\intelide.sys
2011/08/22 11:10:47.0730 3960 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/22 11:10:47.0839 3960 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/22 11:10:47.0902 3960 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/08/22 11:10:47.0948 3960 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/08/22 11:10:47.0995 3960 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/08/22 11:10:48.0042 3960 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/08/22 11:10:48.0073 3960 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/22 11:10:48.0104 3960 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/08/22 11:10:48.0120 3960 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/08/22 11:10:48.0167 3960 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/22 11:10:48.0214 3960 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/22 11:10:48.0276 3960 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/22 11:10:48.0354 3960 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/22 11:10:48.0463 3960 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/22 11:10:48.0494 3960 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/22 11:10:48.0526 3960 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/22 11:10:48.0572 3960 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/08/22 11:10:48.0604 3960 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/08/22 11:10:48.0650 3960 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/08/22 11:10:48.0697 3960 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/08/22 11:10:48.0744 3960 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/22 11:10:48.0775 3960 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/22 11:10:48.0806 3960 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/22 11:10:48.0838 3960 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/08/22 11:10:48.0884 3960 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/08/22 11:10:48.0916 3960 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/22 11:10:48.0994 3960 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/08/22 11:10:49.0040 3960 mrtRate (6075de2ad531f6e30c9995dfda22001f) C:\Windows\system32\drivers\mrtRate.sys
2011/08/22 11:10:49.0087 3960 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/22 11:10:49.0165 3960 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/22 11:10:49.0212 3960 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/22 11:10:49.0243 3960 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/22 11:10:49.0290 3960 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
2011/08/22 11:10:49.0337 3960 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/08/22 11:10:49.0399 3960 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/08/22 11:10:49.0430 3960 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/08/22 11:10:49.0493 3960 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/22 11:10:49.0540 3960 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/22 11:10:49.0571 3960 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/08/22 11:10:49.0664 3960 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/08/22 11:10:49.0727 3960 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/22 11:10:49.0758 3960 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/08/22 11:10:49.0774 3960 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/08/22 11:10:49.0852 3960 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/22 11:10:49.0914 3960 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/08/22 11:10:49.0976 3960 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/22 11:10:50.0023 3960 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/22 11:10:50.0070 3960 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/22 11:10:50.0117 3960 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/08/22 11:10:50.0164 3960 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/22 11:10:50.0195 3960 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/22 11:10:50.0335 3960 netr28u (1569349e4e9558238e4260c3668325ff) C:\Windows\system32\DRIVERS\netr28u.sys
2011/08/22 11:10:50.0398 3960 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/08/22 11:10:50.0460 3960 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/08/22 11:10:50.0507 3960 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/22 11:10:50.0585 3960 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/08/22 11:10:50.0647 3960 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/08/22 11:10:50.0725 3960 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/08/22 11:10:50.0756 3960 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/08/22 11:10:50.0819 3960 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/08/22 11:10:51.0271 3960 nvlddmkm (e572ebf0a86a76e7cfcaab00648f0f83) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/22 11:10:51.0521 3960 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/08/22 11:10:51.0568 3960 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/08/22 11:10:51.0614 3960 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/08/22 11:10:51.0692 3960 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/08/22 11:10:51.0770 3960 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/08/22 11:10:51.0817 3960 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/08/22 11:10:51.0848 3960 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/08/22 11:10:51.0880 3960 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/08/22 11:10:51.0958 3960 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/08/22 11:10:52.0020 3960 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/08/22 11:10:52.0082 3960 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/08/22 11:10:52.0207 3960 pnarp (63200893c9d5934a7504d20f68276cc7) C:\Windows\system32\DRIVERS\pnarp.sys
2011/08/22 11:10:52.0285 3960 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/22 11:10:52.0332 3960 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/08/22 11:10:52.0394 3960 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/22 11:10:52.0441 3960 purendis (748bcab4eff5959ed347c05a1c1a0af8) C:\Windows\system32\DRIVERS\purendis.sys
2011/08/22 11:10:52.0488 3960 PxHelp20 (324c27635e516184c811339a75cefd4a) C:\Windows\system32\Drivers\PxHelp20.sys
2011/08/22 11:10:52.0613 3960 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/08/22 11:10:52.0660 3960 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/08/22 11:10:52.0706 3960 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/22 11:10:52.0816 3960 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/22 11:10:52.0909 3960 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/22 11:10:52.0956 3960 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/22 11:10:53.0003 3960 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/22 11:10:53.0050 3960 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/22 11:10:53.0096 3960 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/22 11:10:53.0174 3960 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/22 11:10:53.0268 3960 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/08/22 11:10:53.0299 3960 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/22 11:10:53.0346 3960 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/08/22 11:10:53.0440 3960 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/22 11:10:53.0611 3960 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/08/22 11:10:53.0658 3960 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/22 11:10:53.0705 3960 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/08/22 11:10:53.0752 3960 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/08/22 11:10:53.0798 3960 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/08/22 11:10:53.0845 3960 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/08/22 11:10:53.0876 3960 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/22 11:10:53.0892 3960 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/22 11:10:53.0939 3960 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/08/22 11:10:54.0032 3960 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/08/22 11:10:54.0064 3960 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/08/22 11:10:54.0095 3960 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/08/22 11:10:54.0142 3960 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/08/22 11:10:54.0220 3960 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/08/22 11:10:54.0298 3960 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/08/22 11:10:54.0298 3960 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/08/22 11:10:54.0298 3960 sptd - detected LockedFile.Multi.Generic (1)
2011/08/22 11:10:54.0360 3960 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/08/22 11:10:54.0438 3960 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/22 11:10:54.0516 3960 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/22 11:10:54.0563 3960 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/08/22 11:10:54.0610 3960 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/22 11:10:54.0656 3960 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/08/22 11:10:54.0734 3960 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/08/22 11:10:54.0766 3960 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/08/22 11:10:54.0890 3960 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
2011/08/22 11:10:54.0984 3960 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/22 11:10:55.0046 3960 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/22 11:10:55.0093 3960 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/08/22 11:10:55.0140 3960 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/08/22 11:10:55.0187 3960 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/22 11:10:55.0234 3960 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/22 11:10:55.0296 3960 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/22 11:10:55.0343 3960 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/08/22 11:10:55.0390 3960 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/22 11:10:55.0483 3960 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/08/22 11:10:55.0530 3960 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/22 11:10:55.0577 3960 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/22 11:10:55.0608 3960 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/08/22 11:10:55.0655 3960 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/08/22 11:10:55.0686 3960 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/08/22 11:10:55.0733 3960 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/22 11:10:55.0795 3960 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/08/22 11:10:55.0842 3960 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/08/22 11:10:55.0889 3960 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/22 11:10:55.0920 3960 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/08/22 11:10:55.0967 3960 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/08/22 11:10:56.0076 3960 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/22 11:10:56.0092 3960 UsbGps (071b8e7a0ca11a2a9b32109058136bbe) C:\Windows\system32\DRIVERS\lgusbgps.sys
2011/08/22 11:10:56.0138 3960 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/22 11:10:56.0185 3960 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/08/22 11:10:56.0201 3960 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/08/22 11:10:56.0232 3960 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/22 11:10:56.0263 3960 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/08/22 11:10:56.0294 3960 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/22 11:10:56.0341 3960 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/22 11:10:56.0404 3960 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/22 11:10:56.0450 3960 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/08/22 11:10:56.0482 3960 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/08/22 11:10:56.0513 3960 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/08/22 11:10:56.0544 3960 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
2011/08/22 11:10:56.0575 3960 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/08/22 11:10:56.0622 3960 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/08/22 11:10:56.0731 3960 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/08/22 11:10:56.0762 3960 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/08/22 11:10:56.0809 3960 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/08/22 11:10:56.0965 3960 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 11:10:56.0981 3960 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 11:10:57.0059 3960 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/08/22 11:10:57.0106 3960 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/22 11:10:57.0199 3960 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/08/22 11:10:57.0324 3960 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/22 11:10:57.0402 3960 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/08/22 11:10:57.0464 3960 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/22 11:10:57.0542 3960 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/22 11:10:57.0636 3960 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/08/22 11:10:57.0698 3960 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/08/22 11:10:57.0730 3960 Boot (0x1200) (5ae36f71a098ea3b302cb5da6500d4ad) \Device\Harddisk0\DR0\Partition0
2011/08/22 11:10:57.0745 3960 Boot (0x1200) (33a0e30d2deefaed18a33003866f2c53) \Device\Harddisk0\DR0\Partition1
2011/08/22 11:10:57.0761 3960 ================================================================================
2011/08/22 11:10:57.0761 3960 Scan finished
2011/08/22 11:10:57.0761 3960 ================================================================================
2011/08/22 11:10:57.0776 3908 Detected object count: 1
2011/08/22 11:10:57.0776 3908 Actual detected object count: 1
2011/08/22 11:11:18.0805 3908 LockedFile.Multi.Generic(sptd) - User select action: Skip



AVAST
aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-22 11:13:34
-----------------------------
11:13:34.759 OS Version: Windows 6.0.6002 Service Pack 2
11:13:34.759 Number of processors: 2 586 0x6B01
11:13:34.759 ComputerName: WESCORNWELL-PC UserName: Wes Cornwell
11:13:35.804 Initialize success
11:13:36.740 AVAST engine defs: 11082200
11:13:45.211 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
11:13:45.211 Disk 0 Vendor: WDC_WD25 10.0 Size: 238418MB BusType: 8
11:13:47.239 Disk 0 MBR read successfully
11:13:47.239 Disk 0 MBR scan
11:13:47.645 Disk 0 Windows VISTA default MBR code
11:13:47.660 Disk 0 scanning sectors +488278016
11:13:48.269 Disk 0 scanning C:\Windows\system32\drivers
11:14:06.708 Service scanning
11:14:08.034 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
11:14:08.642 Modules scanning
11:14:19.110 Disk 0 trace - called modules:
11:14:19.141 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8529f1f8]<<
11:14:19.141 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x858e7a50]
11:14:19.656 3 CLASSPNP.SYS[86da28b3] -> nt!IofCallDriver -> [0x853668c8]
11:14:19.656 5 acpi.sys[82b306bc] -> nt!IofCallDriver -> \Device\00000059[0x8532ec90]
11:14:19.672 \Driver\nvstor[0x853318c8] -> IRP_MJ_CREATE -> 0x8529f1f8
11:14:20.171 AVAST engine scan C:\Windows
11:14:24.508 AVAST engine scan C:\Windows\system32
11:16:32.786 AVAST engine scan C:\Windows\system32\drivers
11:16:43.738 AVAST engine scan C:\Users\Wes Cornwell
11:17:15.718 Disk 0 MBR has been saved successfully to "C:\Users\Wes Cornwell\Desktop\MBR.dat"
11:17:15.733 The log file has been saved successfully to "C:\Users\Wes Cornwell\Desktop\aswMBR.txt"


OTL logfile created on: 8/22/2011 11:26:28 AM - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Wes Cornwell\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.76 Mb Total Physical Memory | 186.79 Mb Available Physical Memory | 19.50% Memory free
2.13 Gb Paging File | 1.22 Gb Available in Paging File | 57.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 177.35 Gb Free Space | 79.61% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.36 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: WESCORNWELL-PC | User Name: Wes Cornwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/20 21:39:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Downloads\OTL.exe
PRC - [2011/08/16 00:40:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldfserv.exe
PRC - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011/08/16 00:40:36 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/11/29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/03/29 08:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 06:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/04 13:32:36 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/08/02 06:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/13 15:47:44 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/05/13 15:47:44 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/11/11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/03/15 08:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [1999/08/10 13:51:58 | 000,034,916 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.avg.co...s&lng=en-US&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/22 03:03:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/06 12:41:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 12:17:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]

[2011/02/10 16:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Extensions
[2011/05/15 12:35:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions
[2011/02/13 11:37:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/10 20:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/18 03:20:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 12:27:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/01 09:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/10 20:02:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/07/06 12:41:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/15 18:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/22 09:59:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: worldwinner.com ([www] https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.94.172.166 209.94.172.167
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/22 11:12:41 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Wes Cornwell\Desktop\aswMBR.exe
[2011/08/22 11:04:46 | 001,405,744 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Wes Cornwell\Desktop\tdsskiller.exe
[2011/08/22 10:05:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/22 10:05:38 | 000,000,000 | ---D | C] -- C:\Users\Wes Cornwell\AppData\Local\temp
[2011/08/22 09:46:47 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/08/22 09:31:08 | 004,181,210 | R--- | C] (Swearware) -- C:\Users\Wes Cornwell\Desktop\ComboFix.exe
[2011/08/22 03:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/22 03:05:05 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/08/22 03:05:05 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/22 03:05:02 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/08/22 03:05:01 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/08/22 03:05:01 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/08/22 03:04:59 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/08/22 03:02:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/22 03:02:47 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/08/22 03:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/22 03:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/22 02:10:10 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/22 02:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/22 02:10:05 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/22 02:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 23:13:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/13 23:13:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/08/13 23:13:57 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/08/13 23:13:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/13 23:13:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/08/13 23:11:35 | 000,000,000 | ---D | C] -- C:\f64d872016d01040bbb9643a4116bc
[2011/08/10 18:13:33 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/10 18:10:27 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/10 18:10:27 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2007/10/31 17:48:05 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\dldfhcp.dll
[2007/10/31 17:48:02 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\dldfinpa.dll
[2007/10/31 17:48:02 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldfiesc.dll
[2007/10/31 17:48:00 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\dldfserv.dll
[2007/10/31 17:48:00 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\dldfusb1.dll
[2007/10/31 17:47:58 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldfprox.dll
[2007/10/31 17:47:57 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldfpmui.dll
[2007/10/31 17:47:57 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\dldflmpm.dll
[2007/10/31 17:47:54 | 000,320,136 | ---- | C] ( ) -- C:\Windows\System32\dldfih.exe
[2007/10/31 17:47:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldfhbn3.dll
[2007/10/31 17:47:43 | 000,598,664 | ---- | C] ( ) -- C:\Windows\System32\dldfcoms.exe
[2007/10/31 17:47:42 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldfcomm.dll
[2007/10/31 17:47:41 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\dldfcomc.dll
[2007/10/31 17:47:39 | 000,365,192 | ---- | C] ( ) -- C:\Windows\System32\dldfcfg.exe

========== Files - Modified Within 30 Days ==========

[2011/08/22 11:17:53 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/22 11:17:53 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/22 11:17:15 | 000,000,512 | ---- | M] () -- C:\Users\Wes Cornwell\Desktop\MBR.dat
[2011/08/22 11:12:56 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Wes Cornwell\Desktop\aswMBR.exe
[2011/08/22 11:04:46 | 001,405,744 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Wes Cornwell\Desktop\tdsskiller.exe
[2011/08/22 09:59:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/08/22 09:32:09 | 004,181,210 | R--- | M] (Swearware) -- C:\Users\Wes Cornwell\Desktop\ComboFix.exe
[2011/08/22 09:17:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/22 03:05:06 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/22 03:04:59 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/22 02:10:11 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/22 01:25:22 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/08/22 00:34:31 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/22 00:34:31 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/15 13:12:17 | 000,581,632 | ---- | M] () -- C:\Users\Wes Cornwell\Documents\Inventory10.qhi
[2011/08/12 15:26:13 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/08/11 11:14:42 | 000,000,104 | ---- | M] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk
[2011/07/31 23:22:24 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

========== Files Created - No Company Name ==========

[2011/08/22 11:17:15 | 000,000,512 | ---- | C] () -- C:\Users\Wes Cornwell\Desktop\MBR.dat
[2011/08/22 03:05:06 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/22 02:10:11 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 11:14:42 | 000,000,104 | ---- | C] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk
[2010/12/30 17:29:53 | 000,207,001 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/05/05 16:50:37 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010/03/31 19:34:36 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2010/03/11 00:55:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2010/03/11 00:55:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2010/03/11 00:55:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/03/11 00:55:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/03/11 00:55:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/01/29 21:15:54 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/09/18 12:39:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/18 12:39:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/08/12 07:46:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/19 00:59:58 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/05/16 03:02:58 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007/12/01 20:08:26 | 000,061,440 | ---- | C] () -- C:\Windows\wnUninstall.exe
[2007/11/11 22:38:09 | 000,032,390 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2007/11/11 20:36:53 | 000,032,662 | ---- | C] () -- C:\ProgramData\dldf
[2007/10/31 18:57:49 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/10/31 18:57:49 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\73B486E930.sys
[2007/10/31 18:49:58 | 000,374,784 | ---- | C] () -- C:\Windows\3dg32.dll
[2007/10/31 18:49:57 | 000,000,250 | ---- | C] () -- C:\Windows\3dr.ini
[2007/10/31 17:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDFPMON.DLL
[2007/10/31 17:51:10 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDFFXPU.DLL
[2007/10/31 17:50:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldfoem.dll
[2007/10/31 17:50:50 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDFPMRC.DLL
[2007/10/31 17:48:07 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfinst.dll
[2007/10/31 17:48:01 | 000,499,712 | ---- | C] () -- C:\Windows\System32\dldfutil.dll
[2007/10/31 17:47:57 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldfjswr.dll
[2007/10/31 17:47:56 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfinsb.dll
[2007/10/31 17:47:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfins.dll
[2007/10/31 17:47:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldfinsr.dll
[2007/10/31 17:47:49 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldfgrd.dll
[2007/10/31 17:47:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldfcub.dll
[2007/10/31 17:47:44 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldfcu.dll
[2007/10/31 17:47:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldfcur.dll
[2007/10/31 17:47:36 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldfcfg.dll
[2007/10/31 15:18:40 | 000,000,152 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2007/10/31 15:18:38 | 000,006,838 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2007/10/31 15:14:51 | 000,000,784 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Roaming\wklnhst.dat
[2007/10/30 23:33:44 | 000,013,312 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/22 14:17:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldfcaps.dll
[2007/05/08 18:48:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldfdrs.dll
[2007/05/03 19:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfcoin.dll
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/03/12 22:17:08 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldfcnv4.dll
[2006/11/10 17:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,321,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,608,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,908 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/08/01 05:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldfvs.dll
[1997/08/14 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997/08/14 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997/08/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997/08/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:CD2ECCEC
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:FB384C06
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:618BF152
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D09AEE3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:B1C68614
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6E5C36BA
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C17FCA88
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E8A39657
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0A404476
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4EFDF5FB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8F2B426
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:B156F3F2
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1A3FC1C4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:001F2DD1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DD831FA6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1B79AEF3
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A39CF033
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E6427C0F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0DA384B0
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:76C67845
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A73EAFFB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9B7E8561
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DEC7E19B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C4F37A10
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B17C9C5E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:68E05C43
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ECD1173C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444169A0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DA5FD7CF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:685CA1CF

< End of report >


OTL Extras logfile created on: 8/22/2011 11:26:28 AM - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Wes Cornwell\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.76 Mb Total Physical Memory | 186.79 Mb Available Physical Memory | 19.50% Memory free
2.13 Gb Paging File | 1.22 Gb Available in Paging File | 57.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 177.35 Gb Free Space | 79.61% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.36 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: WESCORNWELL-PC | User Name: Wes Cornwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15F92067-5390-4DD0-8103-23EFB5E9836A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04559640-978D-43A7-8093-DE92A841018E}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldffax.exe |
"{0C60ED18-E553-4E0B-9E6D-EEE8A0DCB976}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"{1686B3AF-9B63-45FA-976C-B292CB61FDCB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldftime.exe |
"{307B020C-E563-46C8-A310-3592814721D8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{312D10C2-DA32-4E86-8002-4A6EC225DFF0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{32EDAD9D-7EB9-4904-90E5-11346270887B}" = protocol=6 | dir=in | app=c:\windows\system32\dldfcoms.exe |
"{346866DB-F82B-409F-B0A9-45C929CB63B5}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldftime.exe |
"{356D0316-1AA1-4A0A-B08C-AD55F32085AA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{370D5422-FD4E-4EF5-A1DE-EE1C114AE83D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{38B22FD9-FA66-4200-BEB2-645E62EDBF83}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldffax.exe |
"{3B4684E3-933B-4CB6-A1FD-0D1612D8CA82}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{4038C590-097B-4886-8220-1E3133DEB72B}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{466470E7-829F-4771-B500-EEBA450A1DF1}" = dir=in | app=c:\program files\avg\avg9\avgam.exe |
"{4AE9DE6E-76D0-4604-BD1C-F84AF10C5819}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"{4C249343-73CC-419E-9874-EC2F117D9DCE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{4E5FC7C9-D653-48A1-A1B2-19710C0E4F37}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{587FAAE6-33FB-4F00-A0FB-CA3D0B52DD36}" = protocol=17 | dir=in | app=c:\windows\system32\dldfcoms.exe |
"{642F86A8-2E58-4D5D-A4F7-8350B5045E7C}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\memcard.exe |
"{771F4399-D956-46C3-80EE-36F7D018A08E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{7E6D0705-32A2-42E4-87DD-757864692F1F}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{87B55347-5DBC-4A4D-9E9C-A08F7E6DEED9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{89C007C0-4232-4D11-A7C8-BEE6A26A0B93}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
"{9BA19A75-A32B-4726-AFB5-50407BDEE8BB}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfaiox.exe |
"{9CF70A78-2928-45A6-A79E-E6DA4AF1C30E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{A510A952-9298-4048-A3A4-870297D6F681}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{A6906C5F-6453-45A6-AA9E-D6951AB88A97}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfjswx.exe |
"{AC1E4701-7A40-44DA-8680-3FDA52C8B200}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\memcard.exe |
"{AEC7959C-B44C-41FF-9626-9F0C98E076B4}" = dir=in | app=e:\setup\hpznui01.exe |
"{BD9BA4C5-24B8-43C3-A27D-C8C3CAA91D84}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE3BF063-F138-4301-9A5B-5754623CDAD1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{C25B9B75-42D5-44FD-AD33-34EF480BA347}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D687FE31-766E-428A-8689-049BED05A636}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{D70D395B-0362-47B1-92F5-6DD4D76DF7D0}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{EE5B9EBF-5EB6-4A9D-A128-DFD3A048E5B0}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfjswx.exe |
"{F5D1A5A3-852D-460C-B299-FD230489A833}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfaiox.exe |
"{F6DDEFDE-7016-417E-9678-0E5F5B547C7B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F8501F48-CC70-469A-98F7-6ED7FC6EDFEE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F9298395-85F9-4AD4-8148-2A76D2F5B622}" = dir=in | app=c:\program files\avg\avg9\avgdiagex.exe |
"{FD397B8A-6C05-4839-A65A-9975E5517EBD}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
"TCP Query User{06B07688-0200-4FDC-97B3-DEF01E588C40}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{16532C1C-5A5F-4CA3-9977-E0D056B0E597}C:\program files\dell aio printer 948\dldfafcn.exe" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfafcn.exe |
"TCP Query User{29A5A069-F73A-4D26-86D7-329A3EA2D5E2}C:\program files\common files\first warn on-line\trueweather.exe" = protocol=6 | dir=in | app=c:\program files\common files\first warn on-line\trueweather.exe |
"TCP Query User{3FDA3271-B22B-4392-9701-F4ADD955094F}C:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
"TCP Query User{4A89CF63-4BD1-4E3B-A21A-6BD558D0B335}E:\setup.exe" = protocol=6 | dir=in | app=e:\setup.exe |
"TCP Query User{81D4D067-E6AC-4C27-B691-05D12927E4AA}C:\program files\common files\first warn on-line\trueweather.exe" = protocol=6 | dir=in | app=c:\program files\common files\first warn on-line\trueweather.exe |
"TCP Query User{F1B37261-FEF4-4E8F-8215-8C466002EACB}C:\program files\dell aio printer 948\dldfmon.exe" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"TCP Query User{F67A5633-8544-4C3D-B611-B1FE3045F1E8}C:\program files\rand mcnally\rand mcnally tnd dock\tnddock.exe" = protocol=6 | dir=in | app=c:\program files\rand mcnally\rand mcnally tnd dock\tnddock.exe |
"UDP Query User{0835F9A6-BAF0-407E-8BB0-A2D4911E5FCB}E:\setup.exe" = protocol=17 | dir=in | app=e:\setup.exe |
"UDP Query User{0DA430C1-7EC0-40CC-8C54-7924071D4B3C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2B86E629-7B1D-4E5D-AA7E-0EBF9AFEE9E0}C:\program files\common files\first warn on-line\trueweather.exe" = protocol=17 | dir=in | app=c:\program files\common files\first warn on-line\trueweather.exe |
"UDP Query User{38D6492B-F55F-4C90-B22F-71B0EDF0D4FF}C:\program files\common files\first warn on-line\trueweather.exe" = protocol=17 | dir=in | app=c:\program files\common files\first warn on-line\trueweather.exe |
"UDP Query User{47FEB229-1BC5-4575-8B85-E8843440EE1D}C:\program files\dell aio printer 948\dldfmon.exe" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"UDP Query User{518D89FA-1A11-4D60-A020-DCE564BD9BD3}C:\program files\rand mcnally\rand mcnally tnd dock\tnddock.exe" = protocol=17 | dir=in | app=c:\program files\rand mcnally\rand mcnally tnd dock\tnddock.exe |
"UDP Query User{52987CB3-20E7-487E-8474-8F56DBB7F10E}C:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
"UDP Query User{9AB94B69-7F0D-4E6D-A461-6C5CD8147EFB}C:\program files\dell aio printer 948\dldfafcn.exe" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfafcn.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 26
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52592821-F0CA-4131-8958-BCAE6E50B523}" = Pure Networks Platform
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69DC59F6-C3CE-429F-BDEB-9F45095610C2}" = Rand McNally TND Dock
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6C6ECD6F-895A-47B0-9332-9D785957AB60}" = Rand McNally TND Dock
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{7D9B77E1-0078-0001-4447-ADD4C0A93D1D}" = Sansa Media Converter
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}" = Watson
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDF64407-E968-4AC8-8323-A1DDBE5A8D72}" = Quicken Home Inventory Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = AI RoboForm (All Users)
"avast" = avast! Free Antivirus
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"DAO 3.5" = DAO 3.5
"Dell AIO Printer 948" = Dell AIO Printer 948
"Dell Support Center" = Dell Support Center
"Excel" = Microsoft Excel 97
"FIRST WARN ON-LINE" = FIRST WARN ON-LINE
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"Linksys Wireless Manager" = Linksys Wireless Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Punch! Professional Home Design" = Punch! Professional Home Design
"Shop for HP Supplies" = Shop for HP Supplies

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#4
RKinner
Posted 23 August 2011 - 01:20 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
"While this device is being used. The reserved space will not be available for storage"

Just means the USB stick can't be used to save data on because Windows will be using it.

If it's not helping then the stick may be too slow tho it is supposed to check them when you plug them up.

We can skip that for now and see if removing some of the junk helps.

Uninstall:
getPlus® for Adobe (This is a download manager Adobe used to foist on you. We don't need it.)
Adobe Reader 9.4.5 (Obsolete. You need to get the latest version.)
Internet Service Offers Launcher
MarketResearch
SUPERAntiSpyware.

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library

File::
c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
c:\windows\Tasks\SystemToolsDailyTest.job
c:\windows\System32\Drivers\sptd.sys

Driver::
sptd
nosGetPlusHelper
SASKUTIL
mrtRate

Folder::
c:\program files\SUPERAntiSpyware
C:\Program Files\NOS


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Copy the text in the code box by highlighting and Ctrl + c 


:processes
killallprocesses

:Services
sprtsvc_dellsupportcenter

:OTL
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4bf0cb54&v=7.007.026.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
[2010/08/18 03:20:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 12:27:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/01 09:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
     
:Commands
[purity]
[Reboot]

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Run aswMBR again. This time change the A-V Scan to None before starting the scan. It won't take nearly as long. Copy and paste the log.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. Close all programs including your browser and wait 60 seconds for things to settle down. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



Ron
  • 0

#5
jojobo36
Posted 24 August 2011 - 01:45 PM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Hi Ron,

sigverif- driver scan. 1 program showed up. dsproct.sys


ComboFix 11-08-24.01 - Wes Cornwell 08/24/2011 0:35.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.958.389 [GMT -5:00]
Running from: c:\users\Wes Cornwell\Desktop\ComboFix.exe
Command switches used :: c:\users\Wes Cornwell\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\Drivers\sptd.sys"
"c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job"
"c:\windows\Tasks\SystemToolsDailyTest.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\NOS
c:\program files\NOS\bin\getPlus_Helper.dll
c:\program files\SUPERAntiSpyware
c:\program files\SUPERAntiSpyware\AppData.sas
c:\program files\SUPERAntiSpyware\Language\CHINESE SIMPLIFIED (GB).LNG
c:\program files\SUPERAntiSpyware\Language\HEBREW (IL).LNG
c:\program files\SUPERAntiSpyware\SASCORE.EXE
c:\program files\SUPERAntiSpyware\SASTask.exe
c:\program files\SUPERAntiSpyware\SASUNINST.EXE
c:\program files\SUPERAntiSpyware\Uninstall.exe
c:\windows\system32\comct332.ocx
c:\windows\System32\Drivers\sptd.sys
c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
c:\windows\Tasks\SystemToolsDailyTest.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MRTRATE
-------\Legacy_SASKUTIL
-------\Legacy_SPTD
-------\Service_mrtRate
-------\Service_nosGetPlusHelper
-------\Service_SASKUTIL
-------\Service_sptd
-------\Service_!SASCORE
-------\Service_getPlusHelper
-------\Service_!SASCORE
-------\Service_getPlusHelper
.
.
((((((((((((((((((((((((( Files Created from 2011-07-24 to 2011-08-24 )))))))))))))))))))))))))))))))
.
.
2011-08-24 05:44 . 2011-08-24 05:48 -------- d-----w- c:\users\Wes Cornwell\AppData\Local\temp
2011-08-24 05:44 . 2011-08-24 05:44 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-08-24 05:44 . 2011-08-24 05:44 -------- d-----w- c:\users\SYSTEM\AppData\Local\temp
2011-08-24 05:44 . 2011-08-24 05:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-08-24 05:44 . 2011-08-24 05:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-23 16:18 . 2011-08-23 16:18 -------- d-----w- c:\program files\ieSpell
2011-08-22 08:05 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-22 08:05 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-22 08:05 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-22 08:05 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-22 08:05 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-08-22 08:04 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-22 08:02 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-22 08:02 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-22 08:01 . 2011-08-22 08:01 -------- d-----w- c:\programdata\AVAST Software
2011-08-22 08:01 . 2011-08-22 08:01 -------- d-----w- c:\program files\AVAST Software
2011-08-22 07:10 . 2011-07-07 00:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 07:10 . 2011-08-22 07:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-22 07:10 . 2011-07-07 00:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-13 23:22 . 2011-07-20 14:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42E3528F-6F29-4CC0-AF2C-D4B0290F8D12}\mpengine.dll
2011-08-10 23:13 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 23:10 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 23:10 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 23:10 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 23:10 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 23:10 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 20:26 . 2011-05-16 16:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 13:34 . 2011-07-13 13:47 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-06 17:41 . 2011-05-15 23:21 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-10-10 160592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FIRST WARN ON-LINE.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FIRST WARN ON-LINE.lnk
backup=c:\windows\pss\FIRST WARN ON-LINE.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk
backup=c:\windows\pss\Microsoft Find Fast.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk
backup=c:\windows\pss\Office Startup.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell AIO Printer 948 Fax Server]
2007-07-03 13:37 307848 ----a-w- c:\program files\Dell AIO Printer 948\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dldfmon.exe]
2007-07-03 13:36 455304 ----a-w- c:\program files\Dell AIO Printer 948\dldfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2009-11-18 22:13 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linksys Wireless Manager]
2009-07-09 05:21 1366064 ----a-r- c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2007-07-03 13:36 410248 ----a-w- c:\program files\Dell AIO Printer 948\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2009-06-18 21:41 647216 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 05:16 13535776 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-03 05:16 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 22:23 118784 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-17 12:22 4907008 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNDDOCK]
2011-05-26 03:04 956928 ----a-w- c:\program files\Rand McNally\Rand McNally TND Dock\TNDDock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-08-02 735232]
R3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgusbgps.sys [2008-11-11 19968]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe [2007-06-26 598664]
S2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\dldfserv.exe [2007-06-26 98952]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
Trusted Zone: worldwinner.com\www
TCP: DhcpNameServer = 209.94.172.166 209.94.172.167
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4bf0cb54&v=7.007.026.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
c:\windows\System32\wuauclt.exe [1508] 0x8469EAD8
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,fe,53,9f,fc,22,88,40,af,8f,9a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,fe,53,9f,fc,22,88,40,af,8f,9a,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\dldfserv.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\System32\wsqmcons.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\RacAgent.exe
.
**************************************************************************
.
Completion time: 2011-08-24 01:06:23 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-24 06:05
ComboFix2.txt 2011-08-22 15:05
.
Pre-Run: 185,593,036,800 bytes free
Post-Run: 185,603,899,392 bytes free
.
- - End Of File - - 18D3F695CE131A0992F417FCDB7418BE


aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-24 10:47:15
-----------------------------
10:47:15.846 OS Version: Windows 6.0.6002 Service Pack 2
10:47:15.846 Number of processors: 2 586 0x6B01
10:47:15.846 ComputerName: WESCORNWELL-PC UserName: Wes Cornwell
10:47:24.223 Initialize success
10:47:25.486 AVAST engine defs: 11082401
10:47:48.793 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000055
10:47:48.793 Disk 0 Vendor: WDC_WD25 10.0 Size: 238418MB BusType: 8
10:47:50.836 Disk 0 MBR read successfully
10:47:50.836 Disk 0 MBR scan
10:47:50.836 Disk 0 Windows VISTA default MBR code
10:47:50.836 Disk 0 scanning sectors +488278016
10:47:50.946 Disk 0 scanning C:\Windows\system32\drivers
10:48:06.780 Service scanning
10:48:09.198 Modules scanning
10:48:14.470 Disk 0 trace - called modules:
10:48:14.517 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor.sys ndis.sys nvmfdx32.sys
10:48:14.533 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c1b250]
10:48:14.533 3 CLASSPNP.SYS[869a88b3] -> nt!IofCallDriver -> [0x84308cf8]
10:48:15.094 5 acpi.sys[82a0b6bc] -> nt!IofCallDriver -> \Device\00000055[0x842f6b88]
10:48:15.094 Scan finished successfully
10:48:31.864 Disk 0 MBR has been saved successfully to "C:\Users\Wes Cornwell\Desktop\MBR.dat"
10:48:31.880 The log file has been saved successfully to "C:\Users\Wes Cornwell\Desktop\aswMBR.txt"


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 24/08/2011 2:16:41 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/08/2011 6:14:43 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom

Log: 'System' Date/Time: 24/08/2011 6:14:43 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/08/2011 6:14:12 PM
Type: Error Category: 0
Event: 1048 Source: Microsoft-Windows-TerminalServices-LocalSessionManager
Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel. .

Log: 'System' Date/Time: 24/08/2011 4:02:08 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom

Log: 'System' Date/Time: 24/08/2011 4:02:08 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 24/08/2011 4:02:00 PM
Type: Error Category: 0
Event: 1048 Source: Microsoft-Windows-TerminalServices-LocalSessionManager
Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel. .

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/08/2011 4:00:02 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 24/08/2011 2:17:53 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Procexp
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 97.69 0 K 24 K
procexp.exe 4948 1.54 17,668 K 26,364 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 912 0.77 41,136 K 31,408 K Desktop Window Manager Microsoft Corporation
svchost.exe 1212 < 0.01 66,604 K 57,060 K Host Process for Windows Services Microsoft Corporation
csrss.exe 664 < 0.01 2,080 K 3,852 K Client Server Runtime Process Microsoft Corporation
System 4 < 0.01 0 K 576 K
explorer.exe 3020 < 0.01 39,140 K 44,172 K Windows Explorer Microsoft Corporation
nmsrvc.exe 2712 < 0.01 9,992 K 6,620 K Pure Networks Platform Service Cisco Systems, Inc.
WmiPrvSE.exe 3992 < 0.01 3,416 K 2,888 K WMI Provider Host Microsoft Corporation
wmpnetwk.exe 3024 < 0.01 4,536 K 1,020 K Windows Media Player Network Sharing Service Microsoft Corporation
svchost.exe 1200 < 0.01 54,956 K 46,380 K Host Process for Windows Services Microsoft Corporation
XAudio.exe 2652 < 0.01 1,032 K 260 K Modem Audio Service Conexant Systems, Inc.
SearchIndexer.exe 2584 < 0.01 34,880 K 18,724 K Microsoft Windows Search Indexer Microsoft Corporation
AvastSvc.exe 1792 < 0.01 25,844 K 1,692 K avast! Service AVAST Software
AvastUI.exe 1732 < 0.01 5,532 K 1,340 K avast! Antivirus AVAST Software
RoxWatch9.exe 2336 < 0.01 6,736 K 1,192 K RoxSniffer9 Module Sonic Solutions
csrss.exe 604 < 0.01 1,712 K 1,968 K Client Server Runtime Process Microsoft Corporation
unsecapp.exe 612 < 0.01 2,552 K 1,312 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
rundll32.exe 1496 < 0.01 4,736 K 904 K Windows host process (Rundll32) Microsoft Corporation
svchost.exe 3208 < 0.01 4,620 K 2,428 K Host Process for Windows Services Microsoft Corporation
taskeng.exe 4920 < 0.01 1,516 K 4,248 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1020 < 0.01 3,756 K 3,228 K Host Process for Windows Services Microsoft Corporation
AppleMobileDeviceService.exe 920 < 0.01 3,284 K 692 K MobileDeviceService Apple Inc.
spoolsv.exe 308 < 0.01 13,124 K 3,192 K Spooler SubSystem App Microsoft Corporation
dldfserv.exe 932 < 0.01 1,144 K 328 K Service Executable
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
wmpnscfg.exe 2956 1,964 K 952 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
WLIDSVCM.EXE 3092 1,108 K 248 K Microsoft® Windows Live ID Service Monitor Microsoft Corporation
WLIDSVC.EXE 2508 5,088 K 1,140 K Microsoft® Windows Live ID Service Microsoft Corporation
winlogon.exe 800 2,288 K 1,136 K Windows Logon Application Microsoft Corporation
wininit.exe 656 1,576 K 284 K Windows Start-Up Application Microsoft Corporation
taskeng.exe 2536 9,640 K 3,656 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 4080 2,180 K 1,960 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1664 16,024 K 5,928 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1412 8,088 K 3,764 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1160 15,272 K 6,400 K Host Process for Windows Services Microsoft Corporation
svchost.exe 936 2,896 K 3,372 K Host Process for Windows Services Microsoft Corporation
svchost.exe 484 15,188 K 8,116 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1352 2,196 K 1,440 K Host Process for Windows Services Microsoft Corporation
svchost.exe 3440 1,756 K 384 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2092 3,652 K 332 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2112 1,156 K 212 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2152 1,048 K 208 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2236 2,372 K 644 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2440 4,404 K 632 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2476 788 K 532 K Host Process for Windows Services Microsoft Corporation
smss.exe 464 292 K 184 K Windows Session Manager Microsoft Corporation
SLsvc.exe 1380 5,644 K 1,328 K Microsoft Software Licensing Service Microsoft Corporation
services.exe 700 2,868 K 2,140 K Services and Controller app Microsoft Corporation
PSIService.exe 2248 2,504 K 284 K nTitles PSIService
PresentationFontCache.exe 3280 12,228 K 1,636 K PresentationFontCache.exe Microsoft Corporation
nvvsvc.exe 992 1,404 K 412 K NVIDIA Driver Helper Service, Version 175.16 NVIDIA Corporation
mDNSResponder.exe 1296 1,888 K 756 K Bonjour Service Apple Inc.
lsm.exe 724 3,176 K 1,512 K Local Session Manager Service Microsoft Corporation
lsass.exe 716 3,652 K 1,408 K Local Security Authority Process Microsoft Corporation
jusched.exe 3984 1,400 K 272 K Java™ Update Scheduler Sun Microsystems, Inc.
dldfcoms.exe 12 2,844 K 368 K Printer Communication System
audiodg.exe 1328 16,064 K 11,636 K Windows Audio Device Graph Isolation Microsoft Corporation
AERTSrv.exe 792 592 K 188 K Andrea filters APO access service (32-bit) Andrea Electronics Corporation
  • 0

#6
RKinner
Posted 24 August 2011 - 07:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Copy the next 5 lines:

netsvcs
/md5start
cdrom.sys
explorer.exe
/md5stop

Right click on OTL and Run As Administrator

Paste the above into the Custom Scan/Fixes box and Run Scan. Post the log.

Copy the next line:

reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /s > \junk.txt

Start, Programs, Accessories then right click on Command Prompt and Run As Administrator.
Right click and Paste or Edit then Paste and the copied line should appear. Hit Enter. Now type:

notepad \junk.txt

(Space before \. Copy and paste the text into a reply.)

Ron
  • 0

#7
jojobo36
Posted 25 August 2011 - 09:30 AM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Good Morning,
When coping the line into the command prompt, nothing happens, no log is created??

Please advise,
Thanks!
  • 0

#8
jojobo36
Posted 25 August 2011 - 09:35 AM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
I apologise for last entry. I did get it to work.

Thanks so much for your time!


OTL logfile created on: 8/25/2011 10:02:38 AM - Run 4
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Wes Cornwell\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.76 Mb Total Physical Memory | 335.62 Mb Available Physical Memory | 35.04% Memory free
2.13 Gb Paging File | 1.19 Gb Available in Paging File | 55.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 172.71 Gb Free Space | 77.52% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.36 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: WESCORNWELL-PC | User Name: Wes Cornwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/20 21:39:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Wes Cornwell\Downloads\OTL.exe
PRC - [2011/08/12 15:26:12 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldfserv.exe
PRC - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/06/18 16:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/06/26 06:56:08 | 000,098,952 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 06:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/02 06:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/05/13 15:47:44 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/05/13 15:47:44 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/11/11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbgps.sys -- (UsbGps)
DRV - [2008/11/11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/03/15 08:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/22 03:03:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/06 12:41:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/23 20:07:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/30 17:39:31 | 000,000,000 | ---D | M]

[2011/02/10 16:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Extensions
[2011/05/15 12:35:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions
[2011/02/13 11:37:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Wes Cornwell\AppData\Roaming\Mozilla\Firefox\Profiles\ryox0u1c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/24 01:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/10 20:02:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/22 03:03:05 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/06 12:41:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/15 18:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/24 00:47:21 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: worldwinner.com ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.94.172.166 209.94.172.167
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/08/24 14:25:30 | 004,768,032 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Wes Cornwell\Desktop\procexp.exe
[2011/08/24 14:04:53 | 000,061,440 | ---- | C] ( ) -- C:\Users\Wes Cornwell\Desktop\VEW.exe
[2011/08/24 04:40:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/08/24 01:27:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/24 00:47:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/24 00:44:03 | 000,000,000 | ---D | C] -- C:\Users\Wes Cornwell\AppData\Local\temp
[2011/08/24 00:32:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/08/23 11:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\ieSpell
[2011/08/22 11:12:41 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Wes Cornwell\Desktop\aswMBR.exe
[2011/08/22 11:04:46 | 001,405,744 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Wes Cornwell\Desktop\tdsskiller.exe
[2011/08/22 09:31:08 | 004,182,311 | R--- | C] (Swearware) -- C:\Users\Wes Cornwell\Desktop\ComboFix.exe
[2011/08/22 03:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/22 03:05:05 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/08/22 03:05:05 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/22 03:05:02 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/08/22 03:05:01 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/08/22 03:05:01 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/08/22 03:04:59 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/08/22 03:02:51 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/22 03:02:47 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/08/22 03:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/22 03:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/22 02:10:10 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/22 02:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/22 02:10:05 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/22 02:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 23:13:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/13 23:13:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/08/13 23:13:57 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/08/13 23:13:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/13 23:13:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/08/13 23:11:35 | 000,000,000 | ---D | C] -- C:\f64d872016d01040bbb9643a4116bc
[2011/08/10 18:13:33 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/10 18:10:27 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/10 18:10:27 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2007/10/31 17:48:05 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\dldfhcp.dll
[2007/10/31 17:48:02 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\dldfinpa.dll
[2007/10/31 17:48:02 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldfiesc.dll
[2007/10/31 17:48:00 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\dldfserv.dll
[2007/10/31 17:48:00 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\dldfusb1.dll
[2007/10/31 17:47:58 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldfprox.dll
[2007/10/31 17:47:57 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\dldfpmui.dll
[2007/10/31 17:47:57 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\dldflmpm.dll
[2007/10/31 17:47:54 | 000,320,136 | ---- | C] ( ) -- C:\Windows\System32\dldfih.exe
[2007/10/31 17:47:50 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldfhbn3.dll
[2007/10/31 17:47:43 | 000,598,664 | ---- | C] ( ) -- C:\Windows\System32\dldfcoms.exe
[2007/10/31 17:47:42 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldfcomm.dll
[2007/10/31 17:47:41 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\dldfcomc.dll
[2007/10/31 17:47:39 | 000,365,192 | ---- | C] ( ) -- C:\Windows\System32\dldfcfg.exe

========== Files - Modified Within 30 Days ==========

[2011/08/25 09:21:24 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/25 09:21:24 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/24 15:21:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/24 14:26:35 | 004,768,032 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Wes Cornwell\Desktop\procexp.exe
[2011/08/24 14:04:53 | 000,061,440 | ---- | M] ( ) -- C:\Users\Wes Cornwell\Desktop\VEW.exe
[2011/08/24 10:48:31 | 000,000,512 | ---- | M] () -- C:\Users\Wes Cornwell\Desktop\MBR.dat
[2011/08/24 00:47:21 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/08/24 00:31:50 | 004,182,311 | R--- | M] (Swearware) -- C:\Users\Wes Cornwell\Desktop\ComboFix.exe
[2011/08/22 11:12:56 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Wes Cornwell\Desktop\aswMBR.exe
[2011/08/22 11:04:46 | 001,405,744 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Wes Cornwell\Desktop\tdsskiller.exe
[2011/08/22 03:05:06 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/22 03:04:59 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/22 02:10:11 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/22 00:34:31 | 000,608,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/22 00:34:31 | 000,105,908 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/15 13:12:17 | 000,581,632 | ---- | M] () -- C:\Users\Wes Cornwell\Documents\Inventory10.qhi
[2011/08/12 15:26:13 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/08/11 11:14:42 | 000,000,104 | ---- | M] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk

========== Files Created - No Company Name ==========

[2011/08/22 11:17:15 | 000,000,512 | ---- | C] () -- C:\Users\Wes Cornwell\Desktop\MBR.dat
[2011/08/22 03:05:06 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/22 02:10:11 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/11 11:14:42 | 000,000,104 | ---- | C] () -- C:\Users\Wes Cornwell\Application Data\Microsoft\Internet Explorer\Quick Launch\The Internet - Shortcut.lnk
[2010/12/30 17:29:53 | 000,207,001 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/05/05 16:50:37 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010/03/31 19:34:36 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2010/03/11 00:55:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2010/03/11 00:55:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2010/03/11 00:55:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/03/11 00:55:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/03/11 00:55:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/01/29 21:15:54 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/09/18 12:39:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/18 12:39:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/08/12 07:46:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/19 00:59:58 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/05/16 03:02:58 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2007/12/01 20:08:26 | 000,061,440 | ---- | C] () -- C:\Windows\wnUninstall.exe
[2007/11/11 22:38:09 | 000,032,390 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2007/11/11 20:36:53 | 000,032,662 | ---- | C] () -- C:\ProgramData\dldf
[2007/10/31 18:57:49 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/10/31 18:57:49 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\73B486E930.sys
[2007/10/31 18:49:58 | 000,374,784 | ---- | C] () -- C:\Windows\3dg32.dll
[2007/10/31 18:49:57 | 000,000,250 | ---- | C] () -- C:\Windows\3dr.ini
[2007/10/31 17:51:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDFPMON.DLL
[2007/10/31 17:51:10 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDFFXPU.DLL
[2007/10/31 17:50:50 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldfoem.dll
[2007/10/31 17:50:50 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDFPMRC.DLL
[2007/10/31 17:48:07 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfinst.dll
[2007/10/31 17:48:01 | 000,499,712 | ---- | C] () -- C:\Windows\System32\dldfutil.dll
[2007/10/31 17:47:57 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldfjswr.dll
[2007/10/31 17:47:56 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfinsb.dll
[2007/10/31 17:47:55 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldfins.dll
[2007/10/31 17:47:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldfinsr.dll
[2007/10/31 17:47:49 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldfgrd.dll
[2007/10/31 17:47:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldfcub.dll
[2007/10/31 17:47:44 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldfcu.dll
[2007/10/31 17:47:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldfcur.dll
[2007/10/31 17:47:36 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldfcfg.dll
[2007/10/31 15:18:40 | 000,000,152 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2007/10/31 15:18:38 | 000,006,838 | ---- | C] () -- C:\Windows\ICOADB32.DAT
[2007/10/31 15:14:51 | 000,000,784 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Roaming\wklnhst.dat
[2007/10/30 23:33:44 | 000,013,312 | ---- | C] () -- C:\Users\Wes Cornwell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/22 14:17:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldfcaps.dll
[2007/05/08 18:48:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldfdrs.dll
[2007/05/03 19:50:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldfcoin.dll
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/03/12 22:17:08 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldfcnv4.dll
[2006/11/10 17:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,321,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,608,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,908 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/08/01 05:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldfvs.dll
[1997/08/14 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997/08/14 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997/08/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997/08/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== Custom Scans ==========



< MD5 for: CDROM.SYS >
[2008/01/19 00:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/19 00:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 03:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/11/14 18:29:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/11/14 18:29:19 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:CD2ECCEC
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:FB384C06
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:618BF152
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:0E660858
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D09AEE3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:B1C68614
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6E5C36BA
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C17FCA88
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E8A39657
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0A404476
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4EFDF5FB
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8F2B426
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:B156F3F2
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1A3FC1C4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:001F2DD1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DD831FA6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1B79AEF3
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A39CF033
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E6427C0F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0DA384B0
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:76C67845
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A73EAFFB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9B7E8561
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DEC7E19B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C4F37A10
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B17C9C5E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:68E05C43
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ECD1173C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444169A0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DA5FD7CF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:685CA1CF

< End of report >




HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
NotificationTimeOut REG_DWORD 0x0
SnapshotMonitors REG_DWORD 0x1
RCDependentServices REG_MULTI_SZ CertPropSvc\0SessionEnv
ProductVersion REG_SZ 5.1
AllowRemoteRPC REG_DWORD 0x0
DelayConMgrTimeout REG_DWORD 0x0
fDenyTSConnections REG_DWORD 0x0
StartRCM REG_DWORD 0x0
TSAdvertise REG_DWORD 0x0
DeleteTempDirsOnExit REG_DWORD 0x1
fSingleSessionPerUser REG_DWORD 0x1
PerSessionTempDir REG_DWORD 0x0
TSUserEnabled REG_DWORD 0x0
InstanceID REG_SZ 959f3c3c-162f-4b43-8d29-844c534

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\ConnectionHandler

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\ConnectionHandler\0f0a4bf8-8362-435d-938c-222a518a8b78
CLSID REG_SZ 2be8bdbb-be09-499d-9a4b-4637e09ae00b
Name REG_SZ Default Connection Handler
Description REG_SZ Default Connection Handler
fAcceptConnection REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\ConnectionHandler\88f5767d-d13f-404d-a348-8b8e030294a9
CLSID REG_SZ 2be8bdbb-be09-499d-9a4b-4637e09ae00b
Name REG_SZ Default Connection Handler
Description REG_SZ Default Connection Handler
fAcceptConnection REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Password REG_SZ
MaxConnectionTime REG_DWORD 0x0
InitialProgram REG_SZ
fInheritMaxSessionTime REG_DWORD 0x0
CallbackNumber REG_SZ
MaxIdleTime REG_DWORD 0x0
UserName REG_SZ
fInheritCallbackNumber REG_DWORD 0x0
MaxDisconnectionTime REG_DWORD 0x0
KeyboardLayout REG_DWORD 0x0
Callback REG_DWORD 0x0
WorkDirectory REG_SZ
Shadow REG_DWORD 0x1
fInheritInitialProgram REG_DWORD 0x1
fReconnectSame REG_DWORD 0x0
fInheritMaxIdleTime REG_DWORD 0x0
fInheritShadow REG_DWORD 0x0
fInheritAutoLogon REG_DWORD 0x1
fInheritResetBroken REG_DWORD 0x0
Domain REG_SZ
fInheritMaxDisconnectionTime REG_DWORD 0x0
fResetBroken REG_DWORD 0x0
NWLogonServer REG_SZ
fInheritReconnectSame REG_DWORD 0x0
fLogonDisabled REG_DWORD 0x0
fInheritCallback REG_DWORD 0x0
fPromptForPassword REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping\JPN
00000002 REG_SZ kbd106.dll
00010002 REG_SZ kbd106n.dll
00000001 REG_SZ kbdax2.dll
000000000017 REG_SZ kbdlk41a.dll
000000020017 REG_SZ kbdlk41j.dll
00020002 REG_SZ f3ahvoas.dll
00000003 REG_SZ kbdibm02.dll
00010D01 REG_SZ kbdnec95.dll
00010D04 REG_SZ kbdnec95.dll
00000D01 REG_SZ kbdnecNT.dll
00000D04 REG_SZ kbdnecNT.dll
000000020015 REG_SZ kbdnecAT.dll
00020D01 REG_SZ kbdnecAT.dll
00020D04 REG_SZ kbdnecAT.dll
00000000 REG_SZ kbd101.dll

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping\KOR
00000003 REG_SZ kbd101a.dll
00000004 REG_SZ kbd101b.dll
00000005 REG_SZ kbd101c.dll
00000006 REG_SZ kbd103.dll

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM
TSFeatures REG_DWORD 0xffffffff

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\Licensing Core
LicensingMode REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SessionArbitrationHelper

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SysProcs
screg.exe REG_DWORD 0x0
netdde.exe REG_DWORD 0x0
clipsrv.exe REG_DWORD 0x0
lmsvcs.exe REG_DWORD 0x0
MsgSvc.exe REG_DWORD 0x0
NETSTRS.EXE REG_DWORD 0x0
nddeagnt.exe REG_DWORD 0x0
os2srv.exe REG_DWORD 0x0
wfshell.exe REG_DWORD 0x0
win.com REG_DWORD 0x0
conime.exe REG_DWORD 0x0
proquota.exe REG_DWORD 0x0
imepadsv.exe REG_DWORD 0x0
ctfmon.exe REG_DWORD 0x0
TaskEng.exe REG_DWORD 0x0
dwm.exe REG_DWORD 0x0
wisptis.exe REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes\0f0a4bf8-8362-435d-938c-222a518a8b78
Name REG_SZ RDP Regular Desktop Terminal
SessionSource REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes\0f0a4bf8-8362-435d-938c-222a518a8b78\ReconCompat
88f5767d-d13f-404d-a348-8b8e030294a9 REG_DWORD 0x0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes\88f5767d-d13f-404d-a348-8b8e030294a9
Name REG_SZ Service Terminal
LicenseType REG_SZ 45344fe7-00e6-4ac6-9f01-d01fd4ffadfb
SessionSource REG_DWORD 0x3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes\88f5767d-d13f-404d-a348-8b8e030294a9\ReconCompat
0f0a4bf8-8362-435d-938c-222a518a8b78 REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO\disc
VgaCompatible REG_SZ \Device\Video0
\Device\Video0 REG_SZ \REGISTRY\Machine\System\CurrentControlSet\Services\TSDDD\Device0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO\rdpdd
\Device\Video0 REG_SZ \REGISTRY\Machine\System\CurrentControlSet\Services\RDPDD\Device0
VgaCompatible REG_SZ \Device\Video0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd
BaudRate REG_DWORD 0xe100
ByteSize REG_DWORD 0x8
CfgDll REG_SZ RDPCFGEX.DLL
ColorDepth REG_DWORD 0x3
ConnectType REG_DWORD 0x1
DeviceName REG_SZ
fAutoClientDrives REG_DWORD 0x1
fAutoClientLpts REG_DWORD 0x1
fDisableCam REG_DWORD 0x0
fDisableCcm REG_DWORD 0x0
fDisableCdm REG_DWORD 0x0
fDisableClip REG_DWORD 0x0
fDisableCpm REG_DWORD 0x0
fDisableEncryption REG_DWORD 0x1
fDisableLPT REG_DWORD 0x0
fEnableBreakDisconnect REG_DWORD 0x0
fEnableDsrSensitivity REG_DWORD 0x0
fEnableDTR REG_DWORD 0x1
fEnableRTS REG_DWORD 0x1
fFlowSoftwareRx REG_DWORD 0x1
fFlowSoftwareTx REG_DWORD 0x1
fForceClientLptDef REG_DWORD 0x1
fInheritAutoClient REG_DWORD 0x1
FlowHardwareRx REG_DWORD 0x1
FlowHardwareTx REG_DWORD 0x1
FlowType REG_DWORD 0x1
InputBufferLength REG_DWORD 0x800
MinEncryptionLevel REG_DWORD 0x2
Parity REG_DWORD 0x0
StartupPrograms REG_SZ rdpclip
StopBits REG_DWORD 0x0
WdDLL REG_SZ rdpwd
WdFlag REG_DWORD 0x36
WdName REG_SZ Microsoft RDP 6.1
WdPrefix REG_SZ RDP
WsxDLL REG_SZ rdpwsx
XoffChar REG_DWORD 0x13
XonChar REG_DWORD 0x11

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Pds

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Pds\tssecsrv
PdName REG_SZ tssecsrv
PdClass REG_DWORD 0xb
PdFlag REG_DWORD 0x0
PdDLL REG_SZ tssecsrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp
InteractiveDelay REG_DWORD 0xa
OutBufCount REG_DWORD 0x6
OutBufDelay REG_DWORD 0x64
OutBufLength REG_DWORD 0x212
PdClass REG_DWORD 0x2
PdDLL REG_SZ tdtcp
PdFlag REG_DWORD 0x4e
PdName REG_SZ tcp
PortNumber REG_DWORD 0xd3d
ServiceName REG_SZ tcpip
RequiredPds REG_MULTI_SZ tssecsrv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations
DefaultSecurity REG_BINARY 010014809C000000A800000000000000140000000200880006000000000014000100000001010000000000050400000000001400BF030F000101000000000005120000000000140089000F00010100000000000513000000000014008100000001010000000000051400000000001800BF030F000102000000000005200000002002000000001800210100000102000000000005200000002B020000010100000000000512000000010100000000000512000000
ConsoleSecurity REG_BINARY 010014809C000000A800000000000000140000000200880006000000000014000100000001010000000000050400000000001400BF030F000101000000000005120000000000140089000F00010100000000000513000000000014008100000001010000000000051400000000001800BF030F000102000000000005200000002002000000001800210100000102000000000005200000002B020000010100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console
Shadow REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console\RDP
InteractiveDelay REG_DWORD 0x32
OutBufDelay REG_DWORD 0x64
PdClass REG_DWORD 0x2
PdDLL REG_SZ tdtcp
PdFlag REG_DWORD 0x4e
PdName REG_SZ tcp
WdDLL REG_SZ rdpwd
WdFlag REG_DWORD 0x34
WdName REG_SZ Microsoft RDP 6.1
WdPrefix REG_SZ RDP
WsxDLL REG_SZ rdpwsx

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Callback REG_DWORD 0x0
CallbackNumber REG_SZ
CdClass REG_DWORD 0x0
CdDLL REG_SZ
CdFlag REG_DWORD 0x0
CdName REG_SZ
CfgDll REG_SZ RDPCFGEX.DLL
ColorDepth REG_DWORD 0x5
Comment REG_SZ
Domain REG_SZ
DrawGdiplusSupportLevel REG_DWORD 0x1
fAutoClientDrives REG_DWORD 0x1
fAutoClientLpts REG_DWORD 0x1
fDisableCam REG_DWORD 0x0
fDisableCcm REG_DWORD 0x0
fDisableCdm REG_DWORD 0x0
fDisableClip REG_DWORD 0x0
fDisableCpm REG_DWORD 0x0
fDisableEncryption REG_DWORD 0x1
fDisableExe REG_DWORD 0x0
fDisableLPT REG_DWORD 0x0
fEnableWinStation REG_DWORD 0x1
fForceClientLptDef REG_DWORD 0x1
fHomeDirectoryMapRoot REG_DWORD 0x0
fInheritAutoClient REG_DWORD 0x1
fInheritAutoLogon REG_DWORD 0x1
fInheritCallback REG_DWORD 0x0
fInheritCallbackNumber REG_DWORD 0x1
fInheritColorDepth REG_DWORD 0x0
fInheritInitialProgram REG_DWORD 0x1
fInheritMaxDisconnectionTime REG_DWORD 0x1
fInheritMaxIdleTime REG_DWORD 0x1
fInheritMaxSessionTime REG_DWORD 0x1
fInheritReconnectSame REG_DWORD 0x1
fInheritResetBroken REG_DWORD 0x1
fInheritSecurity REG_DWORD 0x0
fInheritShadow REG_DWORD 0x1
fLogonDisabled REG_DWORD 0x0
fPromptForPassword REG_DWORD 0x0
fReconnectSame REG_DWORD 0x0
fResetBroken REG_DWORD 0x0
fUseDefaultGina REG_DWORD 0x0
InitialProgram REG_SZ
InputBufferLength REG_DWORD 0x800
InteractiveDelay REG_DWORD 0x32
KeepAliveTimeout REG_DWORD 0x0
KeyboardLayout REG_DWORD 0x0
LanAdapter REG_DWORD 0x0
MaxConnectionTime REG_DWORD 0x0
MaxDisconnectionTime REG_DWORD 0x0
MaxIdleTime REG_DWORD 0x0
MaxInstanceCount REG_DWORD 0xffffffff
MinEncryptionLevel REG_DWORD 0x2
NWLogonServer REG_SZ
OutBufCount REG_DWORD 0x6
OutBufDelay REG_DWORD 0x64
OutBufLength REG_DWORD 0x212
Password REG_SZ
PdClass REG_DWORD 0x2
PdClass1 REG_DWORD 0xb
PdDLL REG_SZ tdtcp
PdDLL1 REG_SZ tssecsrv
PdFlag REG_DWORD 0x4e
PdFlag1 REG_DWORD 0x0
PdName REG_SZ tcp
PdName1 REG_SZ tssecsrv
PortNumber REG_DWORD 0xd3d
SecurityLayer REG_DWORD 0x1
Shadow REG_DWORD 0x1
UserAuthentication REG_DWORD 0x0
Username REG_SZ
WdDLL REG_SZ rdpwd
WdFlag REG_DWORD 0x36
WdName REG_SZ Microsoft RDP 6.1
WdPrefix REG_SZ RDP
WFProfilePath REG_SZ
WorkDirectory REG_SZ
WsxDLL REG_SZ rdpwsx
  • 0

#9
RKinner
Posted 25 August 2011 - 01:25 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I don't see anything obvious wrong with Terminal Service so let's just turn it off for now. We don't need it. It's only used if you want someone to log into your PC to work on it.

Right click on Computer and select Manage then Continue then Services and Applications then Services. Scroll down to Terminal Services and right click and select Properties. Change the Startup type: to Disabled. Apply.

Now go to the left pane and click on Device Manager. Find the DVD/CD-ROM Drives entry and click on the + in front of it to open it up. What drive does it show?

Right click on that drive and select Properties then Driver and then Driver Details. It should show c:\windows\system32\drivers\cdrom.sys version:6.0.6002.18005 (or newer version) Does it? OK now go back to the Drive and right click as before but this time select Uninstall. Don't reboot yet.

Select the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Run VEW again as before and post the logs.

Ron
  • 0

#10
jojobo36
Posted 25 August 2011 - 07:46 PM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Hi Ron,

I did manage to disable the Terminal Services. However there were 2 listed. One was listed as an automatic start (allows users to connect), One was a manual start. Automatic start was the one I disabled.

When in the computer management, device mananger, There is nothing listed on the right with DVD/CD-ROM anywhere??

I stopped at this point I didn't go any further.

Thanks,
Joann
  • 0

Advertisements

#11
RKinner
Posted 25 August 2011 - 08:08 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Go back into Device Manager and under View, check View Hidden Devices then look to see if you see a DVD/CD-Rom entry.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Attach the file to your next post.

Ron
  • 0

#12
jojobo36
Posted 26 August 2011 - 04:59 PM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Good afternoon,

I went into Device manager, show hidden files. Still no DVD/CD-Rom entry. Strange cause it should be there!!

Just wanted to let you know. Dell support center popped up and wanted to install updates. I was getting an error "Dell support center has stopped working, A problem has caused the program to stop working correctly. I hit end program, it popped up 3x before it didn't ask me to end program again. But, I did notice the Dell support Center Icon was on the task bar still downloading updates..

Thanks for your time and all your help!



Vino's Event Viewer v01c run on Windows Vista in English
Report run at 26/08/2011 5:43:20 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/08/2011 10:28:03 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 26/08/2011 10:13:14 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom

Log: 'System' Date/Time: 26/08/2011 10:13:14 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/08/2011 10:10:21 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 26/08/2011 5:44:21 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/08/2011 10:28:34 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 26/08/2011 10:28:28 PM
Type: Error Category: 0
Event: 1010 Source: Microsoft-Windows-Perflib
The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Summary
Operating System
MS Windows Vista Home Basic 32-bit SP2
CPU
AMD Athlon 64 X2 4000+ 71 °C
Brisbane 65nm Technology
RAM
1.00 GB Dual-Channel DDR2 @ 301MHz (5-5-5-15)
Motherboard
Dell Inc. 0RY206 (Socket AM2 ) 53 °C
Graphics
DELL SE178WFP (1440x900@60Hz)
64MB GeForce 6150SE nForce 430 (Dell)
Hard Drives
244GB Western Digital WDC WD25 00JS-75NCB3 SCSI Disk Device (RAID)
Optical Drives
No optical disk drives detected
Audio
Realtek High Definition Audio
Operating System
MS Windows Vista Home Basic 32-bit SP2
Installation Date: 26 October 2007, 07:16

Windows Security Center
User Account Control (UAC) Enabled
Notify level 3 - Always Notify
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Tuesday
Schedule Time 2 pm
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Enabled
Company Name AVG Technologies
Display Name AVG Anti-Virus
Product Version 8.0
Environment Variables
USERPROFILE C:\Users\Wes Cornwell
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Wes Cornwell\AppData\Local\Temp
TMP C:\Users\Wes Cornwell\AppData\Local\Temp
path %CommonProgramFiles%\Microsoft Shared\Windows Live
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path
C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
%CommonProgramFiles%\Microsoft Shared\Windows Live
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 15
PROCESSOR_IDENTIFIER x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_REVISION 6b01
NUMBER_OF_PROCESSORS 2
RoxioCentral C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
asl.log Destination=file
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
Process List
aertsrv.exe
Process ID 472
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\AERTSrv.exe
Memory Usage 72 KB
Peak Memory Usage 2.09 MB
applemobiledeviceservice.exe
Process ID 1080
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 356 KB
Peak Memory Usage 6.93 MB
audiodg.exe
Process ID 1288
avastsvc.exe
Process ID 1732
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 24 MB
Peak Memory Usage 53 MB
avastui.exe
Process ID 2448
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 832 KB
Peak Memory Usage 8.23 MB
csrss.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 1.04 MB
Peak Memory Usage 4.95 MB
csrss.exe
Process ID 656
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 3.59 MB
Peak Memory Usage 15 MB
dldfcoms.exe
Process ID 1492
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\dldfcoms.exe
Memory Usage 132 KB
Peak Memory Usage 8.07 MB
dldfserv.exe
Process ID 888
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\spool\DRIVERS\W32X86\3\dldfserv.exe
Memory Usage 148 KB
Peak Memory Usage 3.16 MB
dwm.exe
Process ID 3744
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 35 MB
Peak Memory Usage 49 MB
explorer.exe
Process ID 3796
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\Explorer.EXE
Memory Usage 40 MB
Peak Memory Usage 43 MB
flashutil10v_activex.exe
Process ID 2548
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe
Memory Usage 1.96 MB
Peak Memory Usage 5.30 MB
hpswp_clipbook.exe
Process ID 3716
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
Memory Usage 1.71 MB
Peak Memory Usage 5.28 MB
iexplore.exe
Process ID 3856
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 85 MB
Peak Memory Usage 102 MB
iexplore.exe
Process ID 3488
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 19 MB
Peak Memory Usage 26 MB
jusched.exe
Process ID 2380
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 72 KB
Peak Memory Usage 3.91 MB
lsass.exe
Process ID 704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 2.04 MB
Peak Memory Usage 7.79 MB
lsm.exe
Process ID 716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 1.17 MB
Peak Memory Usage 5.21 MB
mdnsresponder.exe
Process ID 1608
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 480 KB
Peak Memory Usage 5.05 MB
nmsrvc.exe
Process ID 2652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
Memory Usage 6.44 MB
Peak Memory Usage 16 MB
nvvsvc.exe
Process ID 960
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 60 KB
Peak Memory Usage 3.58 MB
presentationfontcache.exe
Process ID 3532
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Memory Usage 1.23 MB
Peak Memory Usage 9.38 MB
psiservice.exe
Process ID 2216
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\PSIService.exe
Memory Usage 72 KB
Peak Memory Usage 3.88 MB
roxwatch9.exe
Process ID 2264
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
Memory Usage 648 KB
Peak Memory Usage 9.75 MB
rundll32.exe
Process ID 1472
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\rundll32.exe
Memory Usage 408 KB
Peak Memory Usage 7.62 MB
searchfilterhost.exe
Process ID 2908
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 6.90 MB
Peak Memory Usage 6.90 MB
searchindexer.exe
Process ID 2536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
searchprotocolhost.exe
Process ID 392
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 8.27 MB
Peak Memory Usage 8.27 MB
services.exe
Process ID 692
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 2.26 MB
Peak Memory Usage 6.93 MB
slsvc.exe
Process ID 1336
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 856 KB
Peak Memory Usage 15 MB
smss.exe
Process ID 464
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 44 KB
Peak Memory Usage 756 KB
speccy.exe
Process ID 1084
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 17 MB
Peak Memory Usage 73 MB
spoolsv.exe
Process ID 204
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 3.12 MB
Peak Memory Usage 28 MB
svchost.exe
Process ID 1172
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 70 MB
Peak Memory Usage 607 MB
svchost.exe
Process ID 988
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 2.61 MB
Peak Memory Usage 6.26 MB
svchost.exe
Process ID 1128
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.38 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1160
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 44 MB
Peak Memory Usage 92 MB
svchost.exe
Process ID 1312
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage KB
Peak Memory Usage 4.87 MB
svchost.exe
Process ID 1372
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.45 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 2200
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 116 KB
Peak Memory Usage 5.57 MB
svchost.exe
Process ID 2432
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 68 KB
Peak Memory Usage 2.49 MB
svchost.exe
Process ID 2392
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 108 KB
Peak Memory Usage 6.79 MB
svchost.exe
Process ID 3080
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 1.14 MB
Peak Memory Usage 7.28 MB
svchost.exe
Process ID 2076
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 64 KB
Peak Memory Usage 3.38 MB
svchost.exe
Process ID 2056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 144 KB
Peak Memory Usage 7.35 MB
svchost.exe
Process ID 288
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.19 MB
Peak Memory Usage 35 MB
svchost.exe
Process ID 1588
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.16 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 3988
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 2.32 MB
Peak Memory Usage 9.57 MB
svchost.exe
Process ID 2184
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 64 KB
Peak Memory Usage 3.12 MB
svchost.exe
Process ID 904
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 2.79 MB
Peak Memory Usage 6.47 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 3480
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 420 KB
Peak Memory Usage 5.61 MB
taskeng.exe
Process ID 3732
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\taskeng.exe
Memory Usage 2.97 MB
Peak Memory Usage 10 MB
unsecapp.exe
Process ID 2568
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\wbem\unsecapp.exe
Memory Usage 772 KB
Peak Memory Usage 4.72 MB
wininit.exe
Process ID 648
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 76 KB
Peak Memory Usage 4.34 MB
winlogon.exe
Process ID 796
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 980 KB
Peak Memory Usage 6.88 MB
wlidsvc.exe
Process ID 2460
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 500 KB
Peak Memory Usage 9.57 MB
wlidsvcm.exe
Process ID 3008
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 72 KB
Peak Memory Usage 3.05 MB
wmiprvse.exe
Process ID 3184
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 2.84 MB
Peak Memory Usage 5.79 MB
wmiprvse.exe
Process ID 2880
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 6.49 MB
Peak Memory Usage 6.49 MB
wmpnetwk.exe
Process ID 2792
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 516 KB
Peak Memory Usage 8.59 MB
wmpnscfg.exe
Process ID 3336
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Windows Media Player\wmpnscfg.exe
Memory Usage 448 KB
Peak Memory Usage 5.18 MB
xaudio.exe
Process ID 2600
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DRIVERS\xaudio.exe
Memory Usage 100 KB
Peak Memory Usage 2.78 MB
TimeZone
TimeZone GMT -6 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Scheduler
8/26/2011 5:54 PM;Every 13 minute(s) from 2:00 PM for 2232 hour(s) every day, starting 8/26/2011 SystemToolsDailyTest
9/15/2011 2:00 AM;Every 11 minute(s) from 2:00 AM for 2232 hour(s) on day 15 of every month, starting 9/15/2011 PCDoctorBackgroundMonitorTask
Hotfixes
8/24/2011 Update for Windows Vista (KB2570791)
8/23/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
8/14/2011 Security Update for Windows Vista (KB2567680)
8/14/2011 Security Update for Windows Vista (KB2536276)
8/14/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871)
8/14/2011 Update Rollup for ActiveX Killbits for Windows Vista (KB2562937)
8/14/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2559049)
8/14/2011 Update for Windows Mail Junk E-mail Filter [August 2011] (KB905866)
8/14/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
8/14/2011 Update for Windows Vista (KB2563227)
8/14/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2539633)
8/14/2011 Security Update for Windows Vista (KB2556532)
8/14/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2539636)
8/14/2011 Security Update for Windows Vista (KB2563894)
8/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1657.0)
7/14/2011 Security Update for Windows Vista (KB2532531)
7/14/2011 Security Update for Windows Vista (KB2555917)
7/14/2011 Update for Windows Mail Junk E-mail Filter [July 2011] (KB905866)
7/14/2011 Windows Malicious Software Removal Tool - July 2011 (KB890830)
7/14/2011 Update for Windows Vista (KB2533623)
7/14/2011 Security Update for Windows Vista (KB2507938)
6/29/2011 Update for Windows Vista (KB2545698)
6/29/2011 Update for Windows Vista (KB2541763)
6/28/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
6/28/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866)
6/28/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
6/28/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
6/17/2011 Security Update for Windows Vista (KB2535512)
6/17/2011 Windows Malicious Software Removal Tool - June 2011 (KB890830)
6/17/2011 Update for Microsoft Office 2003 (KB2543854)
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
6/17/2011 Security Update for Windows Vista (KB2503665)
6/17/2011 Security Update for Windows Vista (KB2536275)
6/17/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2530548)
6/17/2011 Security Update for Windows Vista (KB2476490)
6/17/2011 Update for Microsoft Office 2003 (KB2539581)
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for Windows Vista (KB2544893)
6/17/2011 Security Update for Windows Vista (KB2536276)
6/17/2011 Update for Windows Mail Junk E-mail Filter [June 2011] (KB905866)
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
5/21/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
5/16/2011 Windows Internet Explorer 9 for Windows Vista
5/16/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
5/16/2011 Update for Windows Mail Junk E-mail Filter [May 2011] (KB905866)
5/16/2011 Security Update for Microsoft Office 2007 System (KB2540162)
4/29/2011 Update for Windows Vista (KB2492386)
4/29/2011 Update for Windows Vista (KB2522422)
4/29/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/15/2011 Security Update for Windows Vista (KB2507618)
4/15/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2497640)
4/15/2011 Security Update for Windows Vista (KB2511455)
4/15/2011 Security Update for Windows Vista (KB2506212)
4/15/2011 Security Update for Windows Vista (KB2508429)
4/15/2011 Security Update for Windows Vista (KB2509553)
4/15/2011 Security Update for Windows Vista (KB2506223)
4/15/2011 Security Update for Microsoft Office 2003 (KB2509503)
4/15/2011 Security Update for Windows Vista (KB2503658)
4/15/2011 Security Update for Windows Vista (KB2510531)
4/15/2011 Security Update for Windows Vista (KB2412687)
4/15/2011 Security Update for Microsoft Office 2007 System (KB2464635)
4/15/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708)
4/15/2011 Security Update for Microsoft Office 2007 System (KB2509488)
4/15/2011 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272)
4/15/2011 Update for Windows Mail Junk E-mail Filter [April 2011] (KB905866)
4/15/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
4/15/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/15/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
4/15/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2449742)
3/26/2011 Update for Windows Vista (KB2524375)
3/23/2011 Update for Windows Vista (KB2505189)
3/16/2011 Update for Windows Vista (KB971029)
3/9/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
3/9/2011 Update for Windows Mail Junk E-mail Filter [March 2011] (KB905866)
3/9/2011 Security Update for Windows Vista (KB2479943)
3/9/2011 Security Update for Windows Vista (KB2481109)
2/25/2011 Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930)
2/10/2011 Security Update for Windows Vista (KB2479628)
2/10/2011 Security Update for Windows Vista (KB2393802)
2/10/2011 Update for Windows Mail Junk E-mail Filter [February 2011] (KB905866)
2/10/2011 Platform Update Supplement for Windows Vista (KB2117917)
2/10/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2482017)
2/10/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
2/10/2011 Security Update for Windows Vista (KB2483185)
2/10/2011 Security Update for Windows Vista (KB2485376)
1/26/2011 Security Update for the 2007 Microsoft Office System (KB969618)
1/26/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
1/26/2011 Security Update for the 2007 Microsoft Office System (KB972581)
1/25/2011 Security Update for Microsoft Office 2007 System (KB2289158)
1/25/2011 Security Update for Microsoft Office 2003 (KB2289187)
1/25/2011 Update for Microsoft Silverlight (KB2477244)
1/25/2011 Update for Microsoft Search Enhancement Pack
1/25/2011 PowerPoint Viewer 2007 Service Pack 2 (SP2)
1/25/2011 Security Update for the 2007 Microsoft Office System (KB2344875)
1/25/2011 Security Update for the 2007 Microsoft Office System (KB2345043)
1/25/2011 Update for Microsoft Silverlight (KB2416427)
1/25/2011 Word Viewer 2003 Service Pack 3 (SP3)
1/25/2011 Security Update for Microsoft Office 2003 (KB951535)
1/25/2011 Security Update for Microsoft Word Viewer (KB2345009)
1/25/2011 Security Update for Microsoft Office 2003 (KB972580)
1/25/2011 Bing Bar 6.0 (KB2459075)
1/25/2011 Security Update for Microsoft Silverlight (KB978464)
1/25/2011 Update for the 2007 Microsoft Office System (KB2284654)
1/25/2011 Security Update for Microsoft Office 2003 (KB2288613)
1/13/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
1/13/2011 Security Update for Windows Vista (KB2419640)
1/13/2011 Security Update for Windows Vista (KB2478935)
12/27/2010 AMYUNI Technologies - Printers - Amyuni Document Converter 300
12/18/2010 Security Update for Windows Vista (KB2423089)
12/18/2010 Security Update for Windows Vista (KB2436673)
12/18/2010 Security Update for Windows Vista (KB2305420)
12/18/2010 Security Update for Windows Vista (KB2442962)
12/18/2010 Security Update for Windows Vista (KB2296199)
12/18/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2416400)
12/18/2010 Update for Windows Vista (KB2443685)
12/18/2010 Update for Internet Explorer for Windows Vista (KB2467659)
12/18/2010 Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
12/15/2010 Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
12/15/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
11/23/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2447568)
11/10/2010 Update for Windows Mail Junk E-mail Filter [November 2010] (KB905866)
11/10/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
10/26/2010 Update for Windows Vista (KB2388210)
10/16/2010 Security Update for Windows Vista (KB2378111)
10/16/2010 Update for Windows Vista (KB2345886)
10/16/2010 Security Update for Windows Vista (KB2207566)
10/16/2010 Security Update for Windows Vista (KB979687)
10/16/2010 Security Update for Windows Vista (KB982132)
10/16/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2360131)
10/16/2010 Security Update for Windows Vista (KB2387149)
10/16/2010 Security Update for Windows Vista (KB981957)
10/16/2010 Security Update for Windows Vista (KB979688)
10/16/2010 Security Update for Windows Vista (KB2281679)
10/16/2010 Security Update for Windows Vista (KB2296011)
10/14/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
10/7/2010 Security Update for Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2416470)
10/7/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
10/1/2010 Update for Windows Vista (KB2158563)
10/1/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2362765)
9/16/2010 Security Update for Windows Vista (KB981322)
9/16/2010 Security Update for Windows Vista (KB2347290)
9/16/2010 Security Update for Windows Vista (KB975558)
9/16/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
9/16/2010 Update for Windows Mail Junk E-mail Filter [September 2010] (KB905866)
9/16/2010 Update for Windows Vista (KB2141007)
8/15/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2183461)
8/15/2010 Security Update for Windows Vista (KB982665)
8/15/2010 Security Update for Windows Vista (KB980436)
8/15/2010 Security Update for Windows Vista (KB981997)
8/15/2010 Security Update for Windows Vista (KB2160329)
8/15/2010 Security Update for Windows Vista (KB982799)
8/15/2010 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB983589)
8/15/2010 Security Update for Windows Vista (KB981852)
8/15/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB982664)
8/15/2010 Windows Malicious Software Removal Tool - August 2010 (KB890830)
8/15/2010 Security Update for Windows Vista (KB2079403)
8/15/2010 Security Update for Windows Vista (KB982214)
8/15/2010 Security Update for Windows Vista (KB978886)
8/15/2010 Update for Windows Mail Junk E-mail Filter [August 2010] (KB905866)
8/9/2010 Microsoft .NET Framework 4 Client Profile for Windows Vista x86 (KB982670)
8/3/2010 Security Update for Windows Vista (KB2286198)
7/15/2010 Update for Windows Mail Junk E-mail Filter [July 2010] (KB905866)
7/15/2010 Windows Malicious Software Removal Tool - July 2010 (KB890830)
6/25/2010 Update for Windows Vista (KB982519)
6/25/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982525)
6/18/2010 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
6/12/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update x86 (KB979910)
6/12/2010 Security Update for Windows Vista (KB979482)
6/12/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB980195)
6/12/2010 Security Update for Windows Vista (KB980218)
6/12/2010 Windows Malicious Software Removal Tool - June 2010 (KB890830)
6/12/2010 Update for Windows Mail Junk E-mail Filter [June 2010] (KB905866)
6/12/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB982381)
6/12/2010 Security Update for Windows Vista (KB979559)
6/12/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982536)
5/26/2010 Update for Windows Vista (KB981793)
5/26/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB982632)
5/12/2010 Windows Malicious Software Removal Tool - May 2010 (KB890830)
5/12/2010 Security Update for Windows Vista (KB978542)
5/12/2010 Update for Windows Mail Junk E-mail Filter [May 2010] (KB905866)
4/28/2010 Update for Windows Vista (KB980248)
4/15/2010 Security Update for Windows Vista (KB980232)
4/15/2010 Security Update for Windows Vista (KB979683)
4/15/2010 Security Update for Windows Vista (KB981332)
4/15/2010 Windows Malicious Software Removal Tool - April 2010 (KB890830)
4/15/2010 Update for Windows Mail Junk E-mail Filter [April 2010] (KB905866)
4/15/2010 Security Update for Windows Vista (KB978601)
4/15/2010 Security Update for Windows Vista (KB977816)
4/15/2010 Security Update for Windows Vista (KB978338)
4/15/2010 Security Update for Windows Vista (KB979309)
4/3/2010 nVidia - Display - NVIDIA GeForce 6150SE nForce 430
4/1/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB980182)
3/28/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB980302)
3/11/2010 Security Update for Movie Maker 6.0 for Windows Vista (KB975561)
3/11/2010 Update for Windows Mail Junk E-mail Filter [March 2010] (KB905866)
3/11/2010 Windows Malicious Software Removal Tool - March 2010 (KB890830)
2/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.0.0)
2/24/2010 Update for Windows Vista (KB976662)
2/24/2010 Update for Windows Vista (KB979306)
2/24/2010 Update for Rights Management Services Client for Windows Vista (KB979099)
2/24/2010 Update for Windows Vista (KB976264)
2/24/2010 Update for Windows Vista (KB975929)
2/10/2010 Security Update for Windows Vista (KB971468)
2/10/2010 Windows Malicious Software Removal Tool - February 2010 (KB890830)
2/10/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262)
2/10/2010 Security Update for Windows Vista (KB977165)
2/10/2010 Update for Windows Mail Junk E-mail Filter [February 2010] (KB905866)
2/10/2010 Security Update for Windows Vista (KB974145)
2/10/2010 Security Update for Windows Vista (KB975560)
2/10/2010 Security Update for Windows Vista (KB978251)
1/27/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB978506)
1/22/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB978207)
1/13/2010 Security Update for Windows Vista (KB972270)
1/13/2010 Update for Windows Mail Junk E-mail Filter [January 2010] (KB905866)
1/13/2010 Windows Malicious Software Removal Tool - January 2010 (KB890830)
1/13/2010 Update for Windows (KB928439)
12/12/2009 Update for Windows Vista (KB971737)
12/12/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB976325)
12/12/2009 Update for Windows Vista (KB970430)
12/12/2009 Windows Malicious Software Removal Tool - December 2009 (KB890830)
12/12/2009 Update for Windows Mail Junk E-mail Filter [December 2009] (KB905866)
12/12/2009 Security Update for Windows Vista (KB974318)
12/10/2009 Update for Windows Vista (KB971737)
12/10/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB976325)
12/10/2009 Update for Windows Vista (KB970430)
12/10/2009 Windows Malicious Software Removal Tool - December 2009 (KB890830)
12/10/2009 Update for Windows Mail Junk E-mail Filter [December 2009] (KB905866)
12/10/2009 Security Update for Windows Vista (KB974318)
11/25/2009 Update for Windows Vista (KB973687)
11/25/2009 Update for Windows Vista (KB976098)
11/25/2009 Update for Windows Vista (KB976470)
11/25/2009 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
11/12/2009 Windows Malicious Software Removal Tool - November 2009 (KB890830)
11/12/2009 Security Update for Windows Vista (KB969947)
11/12/2009 Update for Windows Mail Junk E-mail Filter [November 2009] (KB905866)
11/12/2009 Security Update for Windows Vista (KB973565)
11/6/2009 Update for Internet Explorer 8 for Windows Vista (KB976749)
11/6/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.443.0)
11/3/2009 Platform Update for Windows Vista (KB971644)
11/3/2009 Update for Windows Vista (KB968389)
11/1/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB974470)
10/30/2009 Windows Vista Service Pack 2 (KB948465)
10/30/2009 Windows Vista Service Pack 2 (KB948465)
10/30/2009 Windows Update Agent 7.4.7600.226
10/30/2009 Update for Windows Vista (KB975889)
10/30/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB975364)
10/30/2009 Update for Windows Vista (KB972145)
10/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.301.0)
10/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.18.0)
10/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.940.0)
10/17/2009 Security Update for Windows Vista (KB975467)
10/17/2009 Windows Malicious Software Removal Tool - October 2009 (KB890830)
10/17/2009 Security Update for Windows Vista (KB971486)
10/17/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 (KB974469)
10/17/2009 Update for Windows Mail Junk E-mail Filter [October 2009] (KB905866)
10/17/2009 Security Update for Windows Vista (KB958869)
10/17/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB974455)
10/17/2009 Security Update for Windows Vista (KB974571)
10/17/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973525)
10/17/2009 Security Update for Windows Vista (KB975517)
10/17/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155)
10/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.841.0)
10/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.698.0)
10/10/2009 Windows Vista Service Pack 2 (KB948465)
10/10/2009 Windows Vista Service Pack 2 (KB948465)
10/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.543.0)
10/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.379.0)
10/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.321.0)
9/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.136.0)
9/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.10.0)
9/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.957.0)
9/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.848.0)
9/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.715.0)
9/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.586.0)
9/10/2009 Security Update for Jscript 5.8 for Windows Vista (KB971961)
9/10/2009 Security Update for Windows Vista (KB967723)
9/10/2009 Security Update for Windows Vista (KB970710)
9/10/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB968816)
9/10/2009 Windows Malicious Software Removal Tool - September 2009 (KB890830)
9/10/2009 Update for Windows Mail Junk E-mail Filter [September 2009] (KB905866)
9/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.477.0)
9/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.330.0)
9/3/2009 Update for Windows Vista (KB972036)
9/2/2009 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
8/31/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.146.0)
8/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.2059.0)
8/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.2033.0)
8/27/2009 Update for Windows Vista (KB970653)
8/27/2009 Update for Windows Vista (KB972036)
8/27/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB973874)
8/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1861.0)
8/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1684.0)
8/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1552.0)
8/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1394.0)
8/13/2009 Security Update for Windows Vista (KB973507)
8/13/2009 Security Update for Windows Vista (KB971657)
8/13/2009 Security Update for Windows Vista (KB956744)
8/13/2009 Security Update for Windows Vista (KB971557)
8/13/2009 Security Update for Windows Vista (KB973540)
8/13/2009 Update for Windows Mail Junk E-mail Filter [August 2009] (KB905866)
8/13/2009 Windows Malicious Software Removal Tool - August 2009 (KB890830)
8/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1207.0)
8/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1021.0)
8/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.812.0)
7/31/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.604.0)
7/29/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB972260)
7/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.422.0)
7/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.118.0)
7/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.67.0)
7/22/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB972636)
7/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1958.0)
7/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1700.0)
7/16/2009 Security Update for Windows Vista (KB961371)
7/16/2009 Update for Windows Mail Junk E-mail Filter [July 2009] (KB905866)
7/16/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973346)
7/16/2009 Windows Malicious Software Removal Tool - July 2009 (KB890830)
7/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1497.0)
7/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1304.0)
7/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1063.0)
7/7/2009 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
7/6/2009 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
7/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.835.0)
6/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.601.0)
6/25/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.369.0)
6/25/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB971930)
6/25/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.149.0)
6/18/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1480.0)
6/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1267.0)
6/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1107.0)
6/10/2009 Security Update for Windows Vista (KB968537)
6/10/2009 Security Update for Windows Vista (KB961501)
6/10/2009 Update for Windows Mail Junk E-mail Filter [June 2009] (KB905866)
6/10/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB969897)
6/10/2009 Windows Malicious Software Removal Tool - June 2009 (KB890830)
6/10/2009 Security Update for Windows Vista (KB970238)
6/10/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB969898)
6/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.918.0)
6/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.789.0)
6/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.659.0)
6/1/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB971180)
5/31/2009 Update for Windows Vista (KB955430)
5/30/2009 Internet Explorer 8 for Windows Vista
5/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.458.0)
5/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.52.0)
5/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1556.0)
5/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1329.0)
5/13/2009 Windows Malicious Software Removal Tool - May 2009 (KB890830)
5/13/2009 Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)
5/11/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1094.0)
5/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.963.0)
5/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.806.0)
5/2/2009 nVidia - Display - NVIDIA GeForce 6150SE nForce 430
4/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.619.0)
4/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.181.0)
4/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1987.0)
4/17/2009 Security Update for Windows Vista (KB960803)
4/17/2009 Security Update for Windows Vista (KB952004)
4/17/2009 Update for Windows Mail Junk E-mail Filter [April 2009] (KB905866)
4/17/2009 Windows Malicious Software Removal Tool - April 2009 (KB890830)
4/17/2009 Security Update for Windows Vista (KB956572)
4/17/2009 Security Update for Windows Vista (KB959426)
4/17/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB963027)
4/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1579.0)
4/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1119.0)
4/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.933.0)
3/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.736.0)
3/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.543.0)
3/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.314.0)
3/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.103.0)
3/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.638.0)
3/15/2009 Windows Malicious Software Removal Tool - March 2009 (KB890830)
3/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.431.0)
3/11/2009 Update for Windows Vista (KB959772)
3/11/2009 Update for Windows Mail Junk E-mail Filter [March 2009] (KB905866)
3/11/2009 Security Update for Windows Vista (KB960225)
3/11/2009 Security Update for Windows Vista (KB958690)
3/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.288.0)
3/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.256.0)
3/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.92.0)
3/2/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
3/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1279.0)
2/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1145.0)
2/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.937.0)
2/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.768.0)
2/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.484.0)
2/13/2009 Windows Malicious Software Removal Tool - February 2009 (KB890830)
2/13/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)
2/13/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB960715)
2/13/2009 Update for Windows Mail Junk E-mail Filter [February 2009] (KB905866)
2/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.391.0)
2/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.303.0)
1/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2750.0)
1/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2551.0)
1/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2376.0)
1/19/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2195.0)
1/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2011.0)
1/15/2009 Update for Windows Mail Junk E-mail Filter [January 2009] (KB905866)
1/15/2009 Security Update for Windows Vista (KB958687)
1/15/2009 Windows Malicious Software Removal Tool - January 2009 (KB890830)
1/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1841.0)
1/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1662.0)
1/6/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1455.0)
1/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1289.0)
12/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.989.0)
12/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.864.0)
12/24/2008 Security Update for Internet Explorer 7 in Windows Vista (KB960714)
12/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.523.0)
12/13/2008 Update for Windows Mail Junk E-mail Filter [December 2008] (KB905866)
12/13/2008 Security Update for Windows Vista (KB956802)
12/13/2008 Windows Malicious Software Removal Tool - December 2008 (KB890830)
12/13/2008 Update for Windows Vista (KB957388)
12/13/2008 Update for Windows Vista (KB955839)
12/13/2008 Security Update for Windows Vista (KB958623)
12/13/2008 Security Update for Windows Vista (KB958624)
12/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB958215)
12/13/2008 Security Update for Windows Vista (KB952069)
12/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.369.0)
12/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.217.0)
12/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.88.0)
12/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.966.0)
11/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.864.0)
11/26/2008 Update for Windows Vista (KB959108)
11/26/2008 Update for Windows Vista (KB957321)
11/26/2008 Update for Windows Vista (KB959130)
11/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.708.0)
11/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.567.0)
11/19/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.487.0)
11/18/2008 Windows Update Agent 7.2.6001.788
11/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.283.0)
11/12/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.167.0)
11/12/2008 Security Update for Windows Vista (KB957097)
11/12/2008 Windows Malicious Software Removal Tool - November 2008 (KB890830)
11/12/2008 Security Update for Windows Vista (KB955069)
11/12/2008 Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)
11/12/2008 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
11/12/2008 Security Update for Windows Vista (KB954459)
11/9/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.15.0)
11/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1466.0)
11/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1403.0)
10/31/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1246.0)
10/30/2008 Update for Windows Vista (KB957200)
10/30/2008 Security Update for Windows Vista (KB953155)
10/28/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1162.0)
10/25/2008 Security Update for Windows Vista (KB958644)
10/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1012.0)
10/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.731.0)
10/15/2008 Update for Windows Vista (KB957000)
10/15/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB956391)
10/15/2008 Update for Windows Mail Junk E-mail Filter [October 2008] (KB905866)
10/15/2008 Security Update for Windows Vista (KB954211)
10/15/2008 Windows Malicious Software Removal Tool - October 2008 (KB890830)
10/15/2008 Security Update for Windows Vista (KB957095)
10/15/2008 Security Update for Windows Vista (KB956841)
10/15/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB956390)
10/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.430.0)
10/10/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.380.0)
10/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.280.0)
10/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.124.0)
9/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.801.0)
9/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.702.0)
9/19/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.537.0)
9/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.462.0)
9/12/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.309.0)
9/11/2008 Windows Malicious Software Removal Tool - September 2008 (KB890830)
9/11/2008 Update for Windows Vista (KB954366)
9/11/2008 Security Update for Windows Vista (KB954154)
9/11/2008 Security Update for Windows Vista (KB938464)
9/11/2008 Update for Windows Vista (KB955302)
9/11/2008 Update for Windows Mail Junk E-mail Filter [September 2008] (KB905866)
9/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.128.0)
9/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.73.0)
9/3/2008 Windows Update Agent 7.2.6001.784
9/3/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.1074.0)
8/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.925.0)
8/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.794.0)
8/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.625.0)
8/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.563.0)
8/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.365.0)
8/13/2008 Security Update for Windows Vista (KB953733)
8/13/2008 Update for Windows Vista (KB951072)
8/13/2008 Windows Malicious Software Removal Tool - August 2008 (KB890830)
8/13/2008 Security Update for Windows Vista (KB950974)
8/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB953838)
8/13/2008 Update for Windows Mail Junk E-mail Filter [August 2008] (KB905866)
8/13/2008 Update for Windows Vista (KB952287)
8/13/2008 Update for Windows Vista (KB951618)
8/13/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB953839)
8/13/2008 Security Update for Windows Mail for Windows Vista (KB951066)
8/12/2008 Windows Search 4.0 for Windows Vista (KB940157)
8/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.172.0)
8/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.72.0)
8/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.39.119.0)
7/30/2008 Definition Update for Windows Defender - KB915597 (Definition 1.39.25.0)
7/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1115.0)
7/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1028.0)
7/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.746.0)
7/11/2008 Update for Windows Vista (KB955020)
7/11/2008 Windows Malicious Software Removal Tool - July 2008 (KB890830)
7/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.579.0)
7/9/2008 Update for Windows Vista (KB952709)
7/9/2008 Security Update for Windows Vista (KB950582)
7/9/2008 Update for Windows Mail Junk E-mail Filter [July 2008] (KB905866)
7/9/2008 Update for Windows Vista (KB951978)
7/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.370.0)
7/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.271.0)
7/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.191.0)
6/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1.0)
6/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.563.0)
6/19/2008 Windows Vista Service Pack 1 (KB936330)
6/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.475.0)
6/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.347.0)
6/11/2008 Update for Windows Vista (KB952714)
6/11/2008 Update for Windows Mail Junk E-mail Filter [June 2008] (KB905866)
6/11/2008 Windows Malicious Software Removal Tool - June 2008 (KB890830)
6/11/2008 Security Update for Windows Vista (KB951376)
6/11/2008 Security Update for Windows Vista (KB950762)
6/11/2008 Security Update for Windows Vista (KB951698)
6/11/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB950759)
6/11/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB950760)
6/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.118.0)
6/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.24.0)
5/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9770.6)
5/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9763.8)
5/28/2008 Update for Windows Vista (KB947562)
5/22/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9751.9)
5/21/2008 Update for Windows Vista (KB940510)
5/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9738.0)
5/16/2008 Windows Malicious Software Removal Tool - May 2008 (KB890830)
5/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9651.0)
5/14/2008 Update for Windows Mail Junk E-mail Filter [May 2008] (KB905866)
5/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9607.0)
5/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9487.0)
5/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9443.0)
5/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9351.0)
5/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9309.0)
4/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9205.0)
4/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9142.0)
4/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8982.0)
4/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8888.0)
4/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8726.0)
4/10/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8683.0)
4/9/2008 Update for Windows Mail Junk E-mail Filter [April 2008] (KB905866)
4/9/2008 Security Update for ActiveX Killbits for Windows Vista (KB948881)
4/9/2008 Update for Windows Vista (KB938371)
4/9/2008 Security Update for Windows Vista (KB941693)
4/9/2008 Security Update for Windows Vista (KB948590)
4/9/2008 Windows Malicious Software Removal Tool - April 2008 (KB890830)
4/9/2008 Security Update for Windows Vista (KB945553)
4/9/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB947864)
4/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8557.0)
4/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8469.0)
4/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8330.0)
3/28/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8167.0)
3/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8083.0)
3/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7920.0)
3/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7831.0)
3/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7671.0)
3/12/2008 Windows Malicious Software Removal Tool - March 2008 (KB890830)
3/12/2008 Update for Windows Mail Junk E-mail Filter [March 2008] (KB905866)
3/12/2008 Update for Windows Vista (KB946041)
2/14/2008 Update for Windows Vista (KB937287)
2/13/2008 Security Update for Windows Vista (KB946026)
2/13/2008 Update for Windows Vista (KB938371)
2/13/2008 Windows Malicious Software Removal Tool - February 2008 (KB890830)
2/13/2008 Update for Windows Mail Junk E-mail Filter [February 2008] (KB905866)
2/13/2008 Update for Windows Vista (KB943899)
2/13/2008 Security Update for Windows Vista (KB946456)
2/13/2008 Update for Windows Vista (KB943302)
2/13/2008 Security Update for Windows Vista (KB943055)
2/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB944533)
1/9/2008 Update for Windows Mail Junk E-mail Filter [January 2008] (KB905866)
1/9/2008 Security Update for Windows Vista (KB941644)
1/9/2008 Windows Malicious Software Removal Tool - January 2008 (KB890830)
1/9/2008 Update for Windows Vista (KB943302)
1/9/2008 Update for Windows Vista (KB943899)
1/9/2008 Update for Windows Vista (KB943411)
12/12/2007 Security Update for Windows Vista (KB941568)
12/12/2007 Security Update for Windows Vista (KB941569)
12/12/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB942615)
12/12/2007 Security Update for Windows Vista (KB942624)
12/12/2007 Windows Malicious Software Removal Tool - December 2007 (KB890830)
12/12/2007 Update for Windows Mail Junk E-mail Filter [December 2007] (KB905866)
12/12/2007 Security Update for Windows Vista (KB943078)
12/12/2007 Update for Windows Vista (KB942763)
11/15/2007 Update for Windows (KB917607)
11/14/2007 Update for Windows Vista (KB941649)
11/14/2007 Windows Malicious Software Removal Tool - November 2007 (KB890830)
11/14/2007 Update for Windows Vista (KB941600)
11/14/2007 Update for Windows Mail Junk E-mail Filter [November 2007] (KB905866)
11/5/2007 Update for Windows Vista (KB939165)
10/31/2007 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB941833)
10/31/2007 Update for Windows Vista (KB938194)
10/31/2007 Update for .NET Framework 3.0: x86 (KB932471)
10/31/2007 Update for Windows Vista (KB933360)
10/31/2007 Update for Windows Mail Junk E-mail Filter [October 2007] (KB905866)
10/31/2007 Windows Malicious Software Removal Tool - October 2007 (KB890830)
10/31/2007 Update for Windows Vista (KB941651)
10/31/2007 Security Update for Microsoft .NET Framework, Version 2.0 (KB929916)
10/31/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB939653)
10/31/2007 Update for Windows Vista (KB938979)
10/31/2007 Security Update for Windows Mail for Windows Vista (KB941202)
10/31/2007 Security Update for Windows Vista (KB933729)
10/31/2007 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)
10/31/2007 NVIDIA Corporation driver update for NVIDIA MCP61 Serial ATA Controller
10/31/2007 Update for Windows Vista (KB939159)
10/31/2007 Windows Update software 7.0.6000.381
Services
Running Andrea RT Filters Service
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running dldf_device
Running dldfCATSCustConnectService
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP CUE DeviceDiscovery Service
Running HP Network Devices Support
Running hpqcxs08
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running Multimedia Class Scheduler
Running Net Driver HPZ12
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running NVIDIA Display Driver Service
Running Peer Networking Identity Manager
Running Plug and Play
Running Pml Driver HPZ12
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running ProtexisLicensing
Running Pure Networks Platform Service
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Roxio Hard Drive Watcher 9
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running UPnP Device Host
Running User Profile Service
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Presentation Foundation Font Cache 3.0.0.0
Running Windows Search
Running Windows Time
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Running XAudioService
Stopped Application Layer Gateway Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped DSBrokerService
Stopped Function Discovery Provider Host
Stopped Health Key and Certificate Management
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped RoxMediaDB9
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped stllssvr
Stopped Terminal Services
Stopped Terminal Services Configuration
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
AMD Athlon™ 64 X2 Dual Core Processor 4000+
AMD Athlon™ 64 X2 Dual Core Processor 4000+
AMD AwayMode
ACPI Power Button
System board
ACPI Fan
ACPI Thermal Zone
ACPI Fixed Feature Button
PCI bus
PCI standard RAM Controller
NVIDIA nForce PCI System Management
PCI standard RAM Controller
NVIDIA nForce Networking Controller
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
AMD HyperTransport™ Configuration
AMD Address Map Configuration
AMD DRAM and HyperTransport™ Trace Mode Configuration
AMD Miscellaneous Configuration
Motherboard resources
Motherboard resources
PCI standard ISA bridge
Motherboard resources
Programmable interrupt controller
Direct memory access controller
System timer
High precision event timer
System CMOS/real time clock
System speaker
Numeric data processor
Standard OpenHCD USB Host Controller
USB Root Hub
USB Human Interface Device
HID Keyboard Device
USB Composite Device
USB Human Interface Device
HID-compliant mouse
USB Human Interface Device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
PCI standard PCI-to-PCI bridge
Conexant D850 PCI V.92 Modem
High Definition Audio Controller
Realtek High Definition Audio
Standard Dual Channel PCI IDE Controller
IDE Channel
IDE Channel
NVIDIA MCP61 Serial ATA Controller
WDC WD25 00JS-75NCB3 SCSI Disk Device
NVIDIA GeForce 6150SE nForce 430
Generic PnP Monitor
CPU
AMD Athlon 64 X2 4000+
Cores 2
Threads 2
Name AMD Athlon 64 X2 4000+
Code Name Brisbane
Package Socket AM2 (940)
Technology 65nm
Specification AMD Athlon™ 64 X2 Dual Core Processor 4000+
Family F
Extended Family F
Model B
Extended Model 6B
Stepping 1
Revision BH-G1
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, AMD 64
Virtualization Supported, Enabled
Hyperthreading Not supported
Fan Speed 1718 RPM
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Stock Core Speed 2100 MHz
Stock Bus Speed 200 MHz
Average Temperature 71 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 512 KBytes
Core 0
Core Speed 2109.8 MHz
Multiplier x 10.5
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Temperature 70 °C
Thread 1
APIC ID 0
Core 1
Core Speed 2109.8 MHz
Multiplier x 10.5
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Temperature 73 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 4
Used memory slots 2
Free memory slots 2
Memory
Type DDR2
Size 1024 MBytes
Channels # Dual
DRAM Frequency 301.4 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 21 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 74 %
Total Physical 957 MB
Available Physical 241 MB
Total Virtual 2.00 GB
Available Virtual 1.86 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 512 MBytes
Manufacturer MOSEL
Max Bandwidth PC2-5300 (333 MHz)
Part Number V916764K24QCFW-F5
Serial Number E5372C78
Week/year 38 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 512 MBytes
Manufacturer MOSEL
Max Bandwidth PC2-5300 (333 MHz)
Part Number V916764K24QCFW-F5
Serial Number E1372C79
Week/year 38 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Model 0RY206
Version 00
Chipset Vendor NVIDIA
Chipset Model MCP61
Chipset Revision A3
Southbridge Vendor NVIDIA
Southbridge Model MCP61
Southbridge Revision A2
System Temperature 53 °C
BIOS
Brand Dell Inc.
Version 1.0.6
Date 09/06/2007
Voltage
VIN0 1.712 V
MEMORY CONTROLLER 1.680 V
VIN2 1.536 V
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage In Use
Data But Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI-X
Slot Type PCI-X
Slot Usage Available
Data But Width 8192 bit
Slot Designation PCIEX16
Slot Number 2
Slot PCI-X
Slot Type PCI-X
Slot Usage Available
Data But Width 256 bit
Slot Designation PCIEX1_1
Slot Number 3
Graphics
Monitor
Name DELL SE178WFP on NVIDIA GeForce 6150SE nForce 430
Current Resolution 1440x900 pixels
Work Resolution 1440x870 pixels
State enabled, primary, output devices support
Monitor Width 1440
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce 6150SE nForce 430
GPU MCP61P
Device ID 10DE-03D0
Revision A3
Subvendor Dell (1028)
Current Performance Level Level 1
Current GPU Clock 425 MHz
Current Memory Clock 100 MHz
DirectX Support 9.0c
DirectX Shader Model 3.0
OpenGL Support 2.0
Bus Interface FPCI
Driver nvlddmkm.sys
Driver version 8.15.11.9038
ForceWare version 175.16
BIOS Version 5.61.32.25.02
ROPs 2
Shaders Vertex 2/Pixel 2
Memory Type System
Physical Memory 64 MB
Virtual Memory 288 MB
Count of performance levels : 1
Level 0
GPU Clock 425 MHz
Memory Clock 100 MHz
Hard Drives
WDC WD25 00JS-75NCB3 SCSI Disk Device
Manufacturer Western Digital
Business Unit/Brand Mobile/WD Scorpio Free Fall Sensor (FFS)
Interface RAID
Capacity 244GB
Real size 250,000,000,000 bytes
RAID Type Hardware RAID
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #0, Partition #0
Size 47.0 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter D:
File System NTFS
Volume Serial Number E4297055
Size 10.00GB
Used Space 3.64GB (37%)
Free Space 6.36GB (63%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter C:
File System NTFS
Volume Serial Number DE2E5B91
Size 223GB
Used Space 54GB (25%)
Free Space 169GB (75%)
Optical Drives
No optical disk drives detected
Audio
Sound Card
Realtek High Definition Audio
Playback Device
Speakers (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Unknown
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Photosmart D110 series
Device Kind Camera/scanner
Device Name Photosmart D110 series
Location ip:192.168.1.103,subnet:192.168.1.0/24
Driver
Date 10-12-2009
Version 8.0.0.0
File system32\DRIVERS\serscan.sys
Network
You are connected to the internet
Connected through NVIDIA nForce Networking Controller
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 209.94.172.166
Alternate DNS server 209.94.172.167
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 209.94.169.102
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name WESCORNWELL-PC
DNS Name WesCornwell-PC
Domain Name WesCornwell-PC
Remote Desktop
Console
State Active
Domain WesCornwell-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Disabled
Adapters List
NVIDIA nForce Networking Controller
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
Quicken - HP Deskjet 990c Quicken - HP Deskjet 990c,LocalsplOnly
  • 0

#13
RKinner
Posted 26 August 2011 - 08:38 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Appears this is a desktop - probably a Dell Inspiron 531. It's running way too hot.

CPU
AMD Athlon 64 X2 4000+ 71 °C

That's double what mine runs. Even a laptop should only be at 50 °C

Also it says there is no optical drive (DVD/CD). Perhaps it has gotten unplugged? Or it may just be dead.

I would open the case (with it off but still plugged in) and vacuum out all of the dust you can find. A small brush to dislodge the dust is handy. Pay special attention to the heatsink over the CPU. It may be necessary to remove the fan to clean the heatsink or this may be one of those with a fan mounted on the back that blows through a shroud on the CPU. You can usually move the shroud out of the way if you are careful. Also clean the intakes to the power supply. Turn it on and verify that the fan starts up quickly. (An old tired fan will sometimes take a long time to get up to speed.) Also make sure that it runs quietly.

Then check the DVD/CD. Make sure the power cable is plugged in and check the data cable at both ends to make sure it is plugged in securely.

Put it back together and let it run for a bit then run speccy again and post the log.

Ron
  • 0

#14
jojobo36
Posted 29 August 2011 - 06:08 PM

jojobo36

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Hi Ron,
Thanks again for all your help.

Tower is all cleaned out. Checked the DVD/CD everything was plugged in. After discussing it with my partner, he may have deleted it, This computer has been running like crap for so long, I guess he thought just start deleting stuff and it will work better. UGH!! So, would I need contact Dell to have it re-installed? or is there any tricks to that..lol.


SPECCY LOG:

Summary
Operating System
MS Windows Vista Home Basic 32-bit SP2
CPU
AMD Athlon 64 X2 4000+ 48 °C
Brisbane 65nm Technology
RAM
1.00 GB Dual-Channel DDR2 @ 301MHz (5-5-5-15)
Motherboard
Dell Inc. 0RY206 (Socket AM2 ) 30 °C
Graphics
DELL SE178WFP (1440x900@60Hz)
64MB GeForce 6150SE nForce 430 (Dell)
Hard Drives
244GB Western Digital WDC WD25 00JS-75NCB3 SCSI Disk Device (RAID)
Optical Drives
No optical disk drives detected
Audio
Realtek High Definition Audio
Operating System
MS Windows Vista Home Basic 32-bit SP2
Installation Date: 26 October 2007, 07:16

Windows Security Center
User Account Control (UAC) Enabled
Notify level 3 - Always Notify
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Tuesday
Schedule Time 2 pm
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Enabled
Company Name AVG Technologies
Display Name AVG Anti-Virus
Product Version 8.0
Environment Variables
USERPROFILE C:\Users\Wes Cornwell
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Wes Cornwell\AppData\Local\Temp
TMP C:\Users\Wes Cornwell\AppData\Local\Temp
path %CommonProgramFiles%\Microsoft Shared\Windows Live
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path
C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
%CommonProgramFiles%\Microsoft Shared\Windows Live
C:\Program Files\Common Files\Roxio Shared\DLLShared
C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 15
PROCESSOR_IDENTIFIER x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_REVISION 6b01
NUMBER_OF_PROCESSORS 2
RoxioCentral C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
asl.log Destination=file
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
Process List
aertsrv.exe
Process ID 2436
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\AERTSrv.exe
Memory Usage 32 KB
Peak Memory Usage 2.09 MB
applemobiledeviceservice.exe
Process ID 2464
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 352 KB
Peak Memory Usage 6.82 MB
audiodg.exe
Process ID 1296
avastsvc.exe
Process ID 1752
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 22 MB
Peak Memory Usage 68 MB
avastui.exe
Process ID 2404
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 816 KB
Peak Memory Usage 9.46 MB
csrss.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 1.77 MB
Peak Memory Usage 4.98 MB
csrss.exe
Process ID 660
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 2.85 MB
Peak Memory Usage 15 MB
dldfcoms.exe
Process ID 2640
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\dldfcoms.exe
Memory Usage 104 KB
Peak Memory Usage 8.08 MB
dldfserv.exe
Process ID 2624
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\spool\DRIVERS\W32X86\3\dldfserv.exe
Memory Usage 144 KB
Peak Memory Usage 3.16 MB
dllhost.exe
Process ID 1240
dllhost.exe
Process ID 1352
dwm.exe
Process ID 768
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 31 MB
Peak Memory Usage 49 MB
explorer.exe
Process ID 2116
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\Explorer.EXE
Memory Usage 16 MB
Peak Memory Usage 33 MB
flashutil10v_activex.exe
Process ID 2820
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe
Memory Usage 5.38 MB
Peak Memory Usage 5.39 MB
hpswp_clipbook.exe
Process ID 500
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
Memory Usage 5.22 MB
Peak Memory Usage 5.24 MB
iexplore.exe
Process ID 488
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 19 MB
Peak Memory Usage 20 MB
iexplore.exe
Process ID 1672
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 88 MB
Peak Memory Usage 90 MB
jusched.exe
Process ID 2396
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 40 KB
Peak Memory Usage 3.87 MB
lsass.exe
Process ID 704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 2.61 MB
Peak Memory Usage 7.97 MB
lsm.exe
Process ID 716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 1.18 MB
Peak Memory Usage 5.22 MB
mdnsresponder.exe
Process ID 2596
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 1.17 MB
Peak Memory Usage 5.06 MB
nmsrvc.exe
Process ID 3392
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
Memory Usage 6.41 MB
Peak Memory Usage 16 MB
nvvsvc.exe
Process ID 972
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 44 KB
Peak Memory Usage 3.55 MB
psiservice.exe
Process ID 2860
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\PSIService.exe
Memory Usage 44 KB
Peak Memory Usage 3.89 MB
roxwatch9.exe
Process ID 2984
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
Memory Usage 820 KB
Peak Memory Usage 9.78 MB
rundll32.exe
Process ID 1532
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\rundll32.exe
Memory Usage 528 KB
Peak Memory Usage 7.61 MB
searchindexer.exe
Process ID 3244
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 17 MB
Peak Memory Usage 18 MB
services.exe
Process ID 692
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 2.93 MB
Peak Memory Usage 7.02 MB
slsvc.exe
Process ID 1344
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 764 KB
Peak Memory Usage 15 MB
smss.exe
Process ID 464
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 52 KB
Peak Memory Usage 756 KB
speccy.exe
Process ID 828
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 17 MB
Peak Memory Usage 72 MB
spoolsv.exe
Process ID 268
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 3.18 MB
Peak Memory Usage 28 MB
svchost.exe
Process ID 2680
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 1.79 MB
Peak Memory Usage 6.98 MB
svchost.exe
Process ID 2696
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 212 KB
Peak Memory Usage 3.38 MB
svchost.exe
Process ID 2824
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 212 KB
Peak Memory Usage 3.12 MB
svchost.exe
Process ID 2836
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 48 KB
Peak Memory Usage 5.59 MB
svchost.exe
Process ID 3080
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 56 KB
Peak Memory Usage 6.81 MB
svchost.exe
Process ID 3112
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 528 KB
Peak Memory Usage 2.33 MB
svchost.exe
Process ID 1168
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 44 MB
Peak Memory Usage 92 MB
svchost.exe
Process ID 916
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.05 MB
Peak Memory Usage 6.32 MB
svchost.exe
Process ID 1000
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 2.73 MB
Peak Memory Usage 6.29 MB
svchost.exe
Process ID 3808
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.42 MB
Peak Memory Usage 6.42 MB
svchost.exe
Process ID 3832
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 2.45 MB
Peak Memory Usage 7.18 MB
svchost.exe
Process ID 1136
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.86 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 1180
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 546 MB
svchost.exe
Process ID 1320
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage KB
Peak Memory Usage 4.85 MB
svchost.exe
Process ID 1380
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.02 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1588
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.53 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 276
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.50 MB
Peak Memory Usage 38 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 812
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 1.35 MB
Peak Memory Usage 5.61 MB
taskeng.exe
Process ID 472
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\taskeng.exe
Memory Usage 2.39 MB
Peak Memory Usage 9.86 MB
unsecapp.exe
Process ID 2372
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Windows\system32\wbem\unsecapp.exe
Memory Usage 1.09 MB
Peak Memory Usage 4.83 MB
wininit.exe
Process ID 648
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 44 KB
Peak Memory Usage 4.35 MB
winlogon.exe
Process ID 796
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 956 KB
Peak Memory Usage 6.87 MB
wlidsvc.exe
Process ID 3204
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 768 KB
Peak Memory Usage 9.61 MB
wlidsvcm.exe
Process ID 3652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 48 KB
Peak Memory Usage 3.05 MB
wmiprvse.exe
Process ID 1608
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 2.01 MB
Peak Memory Usage 5.77 MB
wmiprvse.exe
Process ID 3896
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 6.59 MB
Peak Memory Usage 6.59 MB
wmpnetwk.exe
Process ID 4032
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 556 KB
Peak Memory Usage 8.66 MB
wmpnscfg.exe
Process ID 3976
User Wes Cornwell
Domain WesCornwell-PC
Path C:\Program Files\Windows Media Player\wmpnscfg.exe
Memory Usage 512 KB
Peak Memory Usage 5.29 MB
xaudio.exe
Process ID 3312
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DRIVERS\xaudio.exe
Memory Usage 96 KB
Peak Memory Usage 2.81 MB
TimeZone
TimeZone GMT -6 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Scheduler
8/30/2011 2:00 PM;Every 13 minute(s) from 2:00 PM for 2232 hour(s) every day, starting 8/30/2011 SystemToolsDailyTest
9/15/2011 2:00 AM;Every 11 minute(s) from 2:00 AM for 2232 hour(s) on day 15 of every month, starting 9/15/2011 PCDoctorBackgroundMonitorTask
Hotfixes
8/24/2011 Update for Windows Vista (KB2570791)
8/23/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
8/14/2011 Security Update for Windows Vista (KB2567680)
8/14/2011 Security Update for Windows Vista (KB2536276)
8/14/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871)
8/14/2011 Update Rollup for ActiveX Killbits for Windows Vista (KB2562937)
8/14/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2559049)
8/14/2011 Update for Windows Mail Junk E-mail Filter [August 2011] (KB905866)
8/14/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
8/14/2011 Update for Windows Vista (KB2563227)
8/14/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2539633)
8/14/2011 Security Update for Windows Vista (KB2556532)
8/14/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2539636)
8/14/2011 Security Update for Windows Vista (KB2563894)
8/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1657.0)
7/14/2011 Security Update for Windows Vista (KB2532531)
7/14/2011 Security Update for Windows Vista (KB2555917)
7/14/2011 Update for Windows Mail Junk E-mail Filter [July 2011] (KB905866)
7/14/2011 Windows Malicious Software Removal Tool - July 2011 (KB890830)
7/14/2011 Update for Windows Vista (KB2533623)
7/14/2011 Security Update for Windows Vista (KB2507938)
6/29/2011 Update for Windows Vista (KB2545698)
6/29/2011 Update for Windows Vista (KB2541763)
6/28/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2478660)
6/28/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866)
6/28/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
6/28/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
6/17/2011 Security Update for Windows Vista (KB2535512)
6/17/2011 Windows Malicious Software Removal Tool - June 2011 (KB890830)
6/17/2011 Update for Microsoft Office 2003 (KB2543854)
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
6/17/2011 Security Update for Windows Vista (KB2503665)
6/17/2011 Security Update for Windows Vista (KB2536275)
6/17/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2530548)
6/17/2011 Security Update for Windows Vista (KB2476490)
6/17/2011 Update for Microsoft Office 2003 (KB2539581)
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for Windows Vista (KB2544893)
6/17/2011 Security Update for Windows Vista (KB2536276)
6/17/2011 Update for Windows Mail Junk E-mail Filter [June 2011] (KB905866)
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
5/21/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
5/16/2011 Windows Internet Explorer 9 for Windows Vista
5/16/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
5/16/2011 Update for Windows Mail Junk E-mail Filter [May 2011] (KB905866)
5/16/2011 Security Update for Microsoft Office 2007 System (KB2540162)
4/29/2011 Update for Windows Vista (KB2492386)
4/29/2011 Update for Windows Vista (KB2522422)
4/29/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/15/2011 Security Update for Windows Vista (KB2507618)
4/15/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2497640)
4/15/2011 Security Update for Windows Vista (KB2511455)
4/15/2011 Security Update for Windows Vista (KB2506212)
4/15/2011 Security Update for Windows Vista (KB2508429)
4/15/2011 Security Update for Windows Vista (KB2509553)
4/15/2011 Security Update for Windows Vista (KB2506223)
4/15/2011 Security Update for Microsoft Office 2003 (KB2509503)
4/15/2011 Security Update for Windows Vista (KB2503658)
4/15/2011 Security Update for Windows Vista (KB2510531)
4/15/2011 Security Update for Windows Vista (KB2412687)
4/15/2011 Security Update for Microsoft Office 2007 System (KB2464635)
4/15/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708)
4/15/2011 Security Update for Microsoft Office 2007 System (KB2509488)
4/15/2011 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272)
4/15/2011 Update for Windows Mail Junk E-mail Filter [April 2011] (KB905866)
4/15/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
4/15/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/15/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
4/15/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2449742)
3/26/2011 Update for Windows Vista (KB2524375)
3/23/2011 Update for Windows Vista (KB2505189)
3/16/2011 Update for Windows Vista (KB971029)
3/9/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
3/9/2011 Update for Windows Mail Junk E-mail Filter [March 2011] (KB905866)
3/9/2011 Security Update for Windows Vista (KB2479943)
3/9/2011 Security Update for Windows Vista (KB2481109)
2/25/2011 Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930)
2/10/2011 Security Update for Windows Vista (KB2479628)
2/10/2011 Security Update for Windows Vista (KB2393802)
2/10/2011 Update for Windows Mail Junk E-mail Filter [February 2011] (KB905866)
2/10/2011 Platform Update Supplement for Windows Vista (KB2117917)
2/10/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2482017)
2/10/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
2/10/2011 Security Update for Windows Vista (KB2483185)
2/10/2011 Security Update for Windows Vista (KB2485376)
1/26/2011 Security Update for the 2007 Microsoft Office System (KB969618)
1/26/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
1/26/2011 Security Update for the 2007 Microsoft Office System (KB972581)
1/25/2011 Security Update for Microsoft Office 2007 System (KB2289158)
1/25/2011 Security Update for Microsoft Office 2003 (KB2289187)
1/25/2011 Update for Microsoft Silverlight (KB2477244)
1/25/2011 Update for Microsoft Search Enhancement Pack
1/25/2011 PowerPoint Viewer 2007 Service Pack 2 (SP2)
1/25/2011 Security Update for the 2007 Microsoft Office System (KB2344875)
1/25/2011 Security Update for the 2007 Microsoft Office System (KB2345043)
1/25/2011 Update for Microsoft Silverlight (KB2416427)
1/25/2011 Word Viewer 2003 Service Pack 3 (SP3)
1/25/2011 Security Update for Microsoft Office 2003 (KB951535)
1/25/2011 Security Update for Microsoft Word Viewer (KB2345009)
1/25/2011 Security Update for Microsoft Office 2003 (KB972580)
1/25/2011 Bing Bar 6.0 (KB2459075)
1/25/2011 Security Update for Microsoft Silverlight (KB978464)
1/25/2011 Update for the 2007 Microsoft Office System (KB2284654)
1/25/2011 Security Update for Microsoft Office 2003 (KB2288613)
1/13/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
1/13/2011 Security Update for Windows Vista (KB2419640)
1/13/2011 Security Update for Windows Vista (KB2478935)
12/27/2010 AMYUNI Technologies - Printers - Amyuni Document Converter 300
12/18/2010 Security Update for Windows Vista (KB2423089)
12/18/2010 Security Update for Windows Vista (KB2436673)
12/18/2010 Security Update for Windows Vista (KB2305420)
12/18/2010 Security Update for Windows Vista (KB2442962)
12/18/2010 Security Update for Windows Vista (KB2296199)
12/18/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2416400)
12/18/2010 Update for Windows Vista (KB2443685)
12/18/2010 Update for Internet Explorer for Windows Vista (KB2467659)
12/18/2010 Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
12/15/2010 Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
12/15/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
11/23/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2447568)
11/10/2010 Update for Windows Mail Junk E-mail Filter [November 2010] (KB905866)
11/10/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
10/26/2010 Update for Windows Vista (KB2388210)
10/16/2010 Security Update for Windows Vista (KB2378111)
10/16/2010 Update for Windows Vista (KB2345886)
10/16/2010 Security Update for Windows Vista (KB2207566)
10/16/2010 Security Update for Windows Vista (KB979687)
10/16/2010 Security Update for Windows Vista (KB982132)
10/16/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2360131)
10/16/2010 Security Update for Windows Vista (KB2387149)
10/16/2010 Security Update for Windows Vista (KB981957)
10/16/2010 Security Update for Windows Vista (KB979688)
10/16/2010 Security Update for Windows Vista (KB2281679)
10/16/2010 Security Update for Windows Vista (KB2296011)
10/14/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
10/7/2010 Security Update for Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2416470)
10/7/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
10/1/2010 Update for Windows Vista (KB2158563)
10/1/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2362765)
9/16/2010 Security Update for Windows Vista (KB981322)
9/16/2010 Security Update for Windows Vista (KB2347290)
9/16/2010 Security Update for Windows Vista (KB975558)
9/16/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
9/16/2010 Update for Windows Mail Junk E-mail Filter [September 2010] (KB905866)
9/16/2010 Update for Windows Vista (KB2141007)
8/15/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2183461)
8/15/2010 Security Update for Windows Vista (KB982665)
8/15/2010 Security Update for Windows Vista (KB980436)
8/15/2010 Security Update for Windows Vista (KB981997)
8/15/2010 Security Update for Windows Vista (KB2160329)
8/15/2010 Security Update for Windows Vista (KB982799)
8/15/2010 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB983589)
8/15/2010 Security Update for Windows Vista (KB981852)
8/15/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB982664)
8/15/2010 Windows Malicious Software Removal Tool - August 2010 (KB890830)
8/15/2010 Security Update for Windows Vista (KB2079403)
8/15/2010 Security Update for Windows Vista (KB982214)
8/15/2010 Security Update for Windows Vista (KB978886)
8/15/2010 Update for Windows Mail Junk E-mail Filter [August 2010] (KB905866)
8/9/2010 Microsoft .NET Framework 4 Client Profile for Windows Vista x86 (KB982670)
8/3/2010 Security Update for Windows Vista (KB2286198)
7/15/2010 Update for Windows Mail Junk E-mail Filter [July 2010] (KB905866)
7/15/2010 Windows Malicious Software Removal Tool - July 2010 (KB890830)
6/25/2010 Update for Windows Vista (KB982519)
6/25/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982525)
6/18/2010 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
6/12/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update x86 (KB979910)
6/12/2010 Security Update for Windows Vista (KB979482)
6/12/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB980195)
6/12/2010 Security Update for Windows Vista (KB980218)
6/12/2010 Windows Malicious Software Removal Tool - June 2010 (KB890830)
6/12/2010 Update for Windows Mail Junk E-mail Filter [June 2010] (KB905866)
6/12/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB982381)
6/12/2010 Security Update for Windows Vista (KB979559)
6/12/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982536)
5/26/2010 Update for Windows Vista (KB981793)
5/26/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB982632)
5/12/2010 Windows Malicious Software Removal Tool - May 2010 (KB890830)
5/12/2010 Security Update for Windows Vista (KB978542)
5/12/2010 Update for Windows Mail Junk E-mail Filter [May 2010] (KB905866)
4/28/2010 Update for Windows Vista (KB980248)
4/15/2010 Security Update for Windows Vista (KB980232)
4/15/2010 Security Update for Windows Vista (KB979683)
4/15/2010 Security Update for Windows Vista (KB981332)
4/15/2010 Windows Malicious Software Removal Tool - April 2010 (KB890830)
4/15/2010 Update for Windows Mail Junk E-mail Filter [April 2010] (KB905866)
4/15/2010 Security Update for Windows Vista (KB978601)
4/15/2010 Security Update for Windows Vista (KB977816)
4/15/2010 Security Update for Windows Vista (KB978338)
4/15/2010 Security Update for Windows Vista (KB979309)
4/3/2010 nVidia - Display - NVIDIA GeForce 6150SE nForce 430
4/1/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB980182)
3/28/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB980302)
3/11/2010 Security Update for Movie Maker 6.0 for Windows Vista (KB975561)
3/11/2010 Update for Windows Mail Junk E-mail Filter [March 2010] (KB905866)
3/11/2010 Windows Malicious Software Removal Tool - March 2010 (KB890830)
2/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.0.0)
2/24/2010 Update for Windows Vista (KB976662)
2/24/2010 Update for Windows Vista (KB979306)
2/24/2010 Update for Rights Management Services Client for Windows Vista (KB979099)
2/24/2010 Update for Windows Vista (KB976264)
2/24/2010 Update for Windows Vista (KB975929)
2/10/2010 Security Update for Windows Vista (KB971468)
2/10/2010 Windows Malicious Software Removal Tool - February 2010 (KB890830)
2/10/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262)
2/10/2010 Security Update for Windows Vista (KB977165)
2/10/2010 Update for Windows Mail Junk E-mail Filter [February 2010] (KB905866)
2/10/2010 Security Update for Windows Vista (KB974145)
2/10/2010 Security Update for Windows Vista (KB975560)
2/10/2010 Security Update for Windows Vista (KB978251)
1/27/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB978506)
1/22/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB978207)
1/13/2010 Security Update for Windows Vista (KB972270)
1/13/2010 Update for Windows Mail Junk E-mail Filter [January 2010] (KB905866)
1/13/2010 Windows Malicious Software Removal Tool - January 2010 (KB890830)
1/13/2010 Update for Windows (KB928439)
12/12/2009 Update for Windows Vista (KB971737)
12/12/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB976325)
12/12/2009 Update for Windows Vista (KB970430)
12/12/2009 Windows Malicious Software Removal Tool - December 2009 (KB890830)
12/12/2009 Update for Windows Mail Junk E-mail Filter [December 2009] (KB905866)
12/12/2009 Security Update for Windows Vista (KB974318)
12/10/2009 Update for Windows Vista (KB971737)
12/10/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB976325)
12/10/2009 Update for Windows Vista (KB970430)
12/10/2009 Windows Malicious Software Removal Tool - December 2009 (KB890830)
12/10/2009 Update for Windows Mail Junk E-mail Filter [December 2009] (KB905866)
12/10/2009 Security Update for Windows Vista (KB974318)
11/25/2009 Update for Windows Vista (KB973687)
11/25/2009 Update for Windows Vista (KB976098)
11/25/2009 Update for Windows Vista (KB976470)
11/25/2009 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
11/12/2009 Windows Malicious Software Removal Tool - November 2009 (KB890830)
11/12/2009 Security Update for Windows Vista (KB969947)
11/12/2009 Update for Windows Mail Junk E-mail Filter [November 2009] (KB905866)
11/12/2009 Security Update for Windows Vista (KB973565)
11/6/2009 Update for Internet Explorer 8 for Windows Vista (KB976749)
11/6/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.443.0)
11/3/2009 Platform Update for Windows Vista (KB971644)
11/3/2009 Update for Windows Vista (KB968389)
11/1/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 (KB974470)
10/30/2009 Windows Vista Service Pack 2 (KB948465)
10/30/2009 Windows Vista Service Pack 2 (KB948465)
10/30/2009 Windows Update Agent 7.4.7600.226
10/30/2009 Update for Windows Vista (KB975889)
10/30/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB975364)
10/30/2009 Update for Windows Vista (KB972145)
10/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.301.0)
10/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.18.0)
10/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.940.0)
10/17/2009 Security Update for Windows Vista (KB975467)
10/17/2009 Windows Malicious Software Removal Tool - October 2009 (KB890830)
10/17/2009 Security Update for Windows Vista (KB971486)
10/17/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 (KB974469)
10/17/2009 Update for Windows Mail Junk E-mail Filter [October 2009] (KB905866)
10/17/2009 Security Update for Windows Vista (KB958869)
10/17/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB974455)
10/17/2009 Security Update for Windows Vista (KB974571)
10/17/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973525)
10/17/2009 Security Update for Windows Vista (KB975517)
10/17/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155)
10/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.841.0)
10/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.698.0)
10/10/2009 Windows Vista Service Pack 2 (KB948465)
10/10/2009 Windows Vista Service Pack 2 (KB948465)
10/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.543.0)
10/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.379.0)
10/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.321.0)
9/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.136.0)
9/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.10.0)
9/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.957.0)
9/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.848.0)
9/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.715.0)
9/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.586.0)
9/10/2009 Security Update for Jscript 5.8 for Windows Vista (KB971961)
9/10/2009 Security Update for Windows Vista (KB967723)
9/10/2009 Security Update for Windows Vista (KB970710)
9/10/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB968816)
9/10/2009 Windows Malicious Software Removal Tool - September 2009 (KB890830)
9/10/2009 Update for Windows Mail Junk E-mail Filter [September 2009] (KB905866)
9/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.477.0)
9/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.330.0)
9/3/2009 Update for Windows Vista (KB972036)
9/2/2009 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
8/31/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.146.0)
8/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.2059.0)
8/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.2033.0)
8/27/2009 Update for Windows Vista (KB970653)
8/27/2009 Update for Windows Vista (KB972036)
8/27/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB973874)
8/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1861.0)
8/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1684.0)
8/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1552.0)
8/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1394.0)
8/13/2009 Security Update for Windows Vista (KB973507)
8/13/2009 Security Update for Windows Vista (KB971657)
8/13/2009 Security Update for Windows Vista (KB956744)
8/13/2009 Security Update for Windows Vista (KB971557)
8/13/2009 Security Update for Windows Vista (KB973540)
8/13/2009 Update for Windows Mail Junk E-mail Filter [August 2009] (KB905866)
8/13/2009 Windows Malicious Software Removal Tool - August 2009 (KB890830)
8/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1207.0)
8/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1021.0)
8/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.812.0)
7/31/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.604.0)
7/29/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB972260)
7/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.422.0)
7/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.118.0)
7/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.67.0)
7/22/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB972636)
7/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1958.0)
7/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1700.0)
7/16/2009 Security Update for Windows Vista (KB961371)
7/16/2009 Update for Windows Mail Junk E-mail Filter [July 2009] (KB905866)
7/16/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973346)
7/16/2009 Windows Malicious Software Removal Tool - July 2009 (KB890830)
7/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1497.0)
7/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1304.0)
7/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1063.0)
7/7/2009 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
7/6/2009 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
7/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.835.0)
6/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.601.0)
6/25/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.369.0)
6/25/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB971930)
6/25/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.149.0)
6/18/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1480.0)
6/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1267.0)
6/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1107.0)
6/10/2009 Security Update for Windows Vista (KB968537)
6/10/2009 Security Update for Windows Vista (KB961501)
6/10/2009 Update for Windows Mail Junk E-mail Filter [June 2009] (KB905866)
6/10/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB969897)
6/10/2009 Windows Malicious Software Removal Tool - June 2009 (KB890830)
6/10/2009 Security Update for Windows Vista (KB970238)
6/10/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB969898)
6/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.918.0)
6/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.789.0)
6/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.659.0)
6/1/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB971180)
5/31/2009 Update for Windows Vista (KB955430)
5/30/2009 Internet Explorer 8 for Windows Vista
5/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.458.0)
5/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.52.0)
5/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1556.0)
5/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1329.0)
5/13/2009 Windows Malicious Software Removal Tool - May 2009 (KB890830)
5/13/2009 Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)
5/11/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1094.0)
5/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.963.0)
5/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.806.0)
5/2/2009 nVidia - Display - NVIDIA GeForce 6150SE nForce 430
4/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.619.0)
4/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.181.0)
4/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1987.0)
4/17/2009 Security Update for Windows Vista (KB960803)
4/17/2009 Security Update for Windows Vista (KB952004)
4/17/2009 Update for Windows Mail Junk E-mail Filter [April 2009] (KB905866)
4/17/2009 Windows Malicious Software Removal Tool - April 2009 (KB890830)
4/17/2009 Security Update for Windows Vista (KB956572)
4/17/2009 Security Update for Windows Vista (KB959426)
4/17/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB963027)
4/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1579.0)
4/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1119.0)
4/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.933.0)
3/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.736.0)
3/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.543.0)
3/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.314.0)
3/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.103.0)
3/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.638.0)
3/15/2009 Windows Malicious Software Removal Tool - March 2009 (KB890830)
3/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.431.0)
3/11/2009 Update for Windows Vista (KB959772)
3/11/2009 Update for Windows Mail Junk E-mail Filter [March 2009] (KB905866)
3/11/2009 Security Update for Windows Vista (KB960225)
3/11/2009 Security Update for Windows Vista (KB958690)
3/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.288.0)
3/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.256.0)
3/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.92.0)
3/2/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
3/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1279.0)
2/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1145.0)
2/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.937.0)
2/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.768.0)
2/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.484.0)
2/13/2009 Windows Malicious Software Removal Tool - February 2009 (KB890830)
2/13/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)
2/13/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB960715)
2/13/2009 Update for Windows Mail Junk E-mail Filter [February 2009] (KB905866)
2/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.391.0)
2/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.303.0)
1/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2750.0)
1/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2551.0)
1/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2376.0)
1/19/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2195.0)
1/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2011.0)
1/15/2009 Update for Windows Mail Junk E-mail Filter [January 2009] (KB905866)
1/15/2009 Security Update for Windows Vista (KB958687)
1/15/2009 Windows Malicious Software Removal Tool - January 2009 (KB890830)
1/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1841.0)
1/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1662.0)
1/6/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1455.0)
1/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1289.0)
12/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.989.0)
12/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.864.0)
12/24/2008 Security Update for Internet Explorer 7 in Windows Vista (KB960714)
12/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.523.0)
12/13/2008 Update for Windows Mail Junk E-mail Filter [December 2008] (KB905866)
12/13/2008 Security Update for Windows Vista (KB956802)
12/13/2008 Windows Malicious Software Removal Tool - December 2008 (KB890830)
12/13/2008 Update for Windows Vista (KB957388)
12/13/2008 Update for Windows Vista (KB955839)
12/13/2008 Security Update for Windows Vista (KB958623)
12/13/2008 Security Update for Windows Vista (KB958624)
12/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB958215)
12/13/2008 Security Update for Windows Vista (KB952069)
12/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.369.0)
12/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.217.0)
12/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.88.0)
12/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.966.0)
11/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.864.0)
11/26/2008 Update for Windows Vista (KB959108)
11/26/2008 Update for Windows Vista (KB957321)
11/26/2008 Update for Windows Vista (KB959130)
11/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.708.0)
11/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.567.0)
11/19/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.487.0)
11/18/2008 Windows Update Agent 7.2.6001.788
11/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.283.0)
11/12/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.167.0)
11/12/2008 Security Update for Windows Vista (KB957097)
11/12/2008 Windows Malicious Software Removal Tool - November 2008 (KB890830)
11/12/2008 Security Update for Windows Vista (KB955069)
11/12/2008 Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)
11/12/2008 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
11/12/2008 Security Update for Windows Vista (KB954459)
11/9/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.15.0)
11/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1466.0)
11/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1403.0)
10/31/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1246.0)
10/30/2008 Update for Windows Vista (KB957200)
10/30/2008 Security Update for Windows Vista (KB953155)
10/28/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1162.0)
10/25/2008 Security Update for Windows Vista (KB958644)
10/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1012.0)
10/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.731.0)
10/15/2008 Update for Windows Vista (KB957000)
10/15/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB956391)
10/15/2008 Update for Windows Mail Junk E-mail Filter [October 2008] (KB905866)
10/15/2008 Security Update for Windows Vista (KB954211)
10/15/2008 Windows Malicious Software Removal Tool - October 2008 (KB890830)
10/15/2008 Security Update for Windows Vista (KB957095)
10/15/2008 Security Update for Windows Vista (KB956841)
10/15/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB956390)
10/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.430.0)
10/10/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.380.0)
10/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.280.0)
10/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.124.0)
9/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.801.0)
9/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.702.0)
9/19/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.537.0)
9/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.462.0)
9/12/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.309.0)
9/11/2008 Windows Malicious Software Removal Tool - September 2008 (KB890830)
9/11/2008 Update for Windows Vista (KB954366)
9/11/2008 Security Update for Windows Vista (KB954154)
9/11/2008 Security Update for Windows Vista (KB938464)
9/11/2008 Update for Windows Vista (KB955302)
9/11/2008 Update for Windows Mail Junk E-mail Filter [September 2008] (KB905866)
9/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.128.0)
9/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.73.0)
9/3/2008 Windows Update Agent 7.2.6001.784
9/3/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.1074.0)
8/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.925.0)
8/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.794.0)
8/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.625.0)
8/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.563.0)
8/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.365.0)
8/13/2008 Security Update for Windows Vista (KB953733)
8/13/2008 Update for Windows Vista (KB951072)
8/13/2008 Windows Malicious Software Removal Tool - August 2008 (KB890830)
8/13/2008 Security Update for Windows Vista (KB950974)
8/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB953838)
8/13/2008 Update for Windows Mail Junk E-mail Filter [August 2008] (KB905866)
8/13/2008 Update for Windows Vista (KB952287)
8/13/2008 Update for Windows Vista (KB951618)
8/13/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB953839)
8/13/2008 Security Update for Windows Mail for Windows Vista (KB951066)
8/12/2008 Windows Search 4.0 for Windows Vista (KB940157)
8/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.172.0)
8/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.72.0)
8/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.39.119.0)
7/30/2008 Definition Update for Windows Defender - KB915597 (Definition 1.39.25.0)
7/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1115.0)
7/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1028.0)
7/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.746.0)
7/11/2008 Update for Windows Vista (KB955020)
7/11/2008 Windows Malicious Software Removal Tool - July 2008 (KB890830)
7/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.579.0)
7/9/2008 Update for Windows Vista (KB952709)
7/9/2008 Security Update for Windows Vista (KB950582)
7/9/2008 Update for Windows Mail Junk E-mail Filter [July 2008] (KB905866)
7/9/2008 Update for Windows Vista (KB951978)
7/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.370.0)
7/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.271.0)
7/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.191.0)
6/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1.0)
6/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.563.0)
6/19/2008 Windows Vista Service Pack 1 (KB936330)
6/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.475.0)
6/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.347.0)
6/11/2008 Update for Windows Vista (KB952714)
6/11/2008 Update for Windows Mail Junk E-mail Filter [June 2008] (KB905866)
6/11/2008 Windows Malicious Software Removal Tool - June 2008 (KB890830)
6/11/2008 Security Update for Windows Vista (KB951376)
6/11/2008 Security Update for Windows Vista (KB950762)
6/11/2008 Security Update for Windows Vista (KB951698)
6/11/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB950759)
6/11/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB950760)
6/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.118.0)
6/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.24.0)
5/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9770.6)
5/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9763.8)
5/28/2008 Update for Windows Vista (KB947562)
5/22/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9751.9)
5/21/2008 Update for Windows Vista (KB940510)
5/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9738.0)
5/16/2008 Windows Malicious Software Removal Tool - May 2008 (KB890830)
5/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9651.0)
5/14/2008 Update for Windows Mail Junk E-mail Filter [May 2008] (KB905866)
5/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9607.0)
5/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9487.0)
5/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9443.0)
5/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9351.0)
5/1/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9309.0)
4/25/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9205.0)
4/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9142.0)
4/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8982.0)
4/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8888.0)
4/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8726.0)
4/10/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8683.0)
4/9/2008 Update for Windows Mail Junk E-mail Filter [April 2008] (KB905866)
4/9/2008 Security Update for ActiveX Killbits for Windows Vista (KB948881)
4/9/2008 Update for Windows Vista (KB938371)
4/9/2008 Security Update for Windows Vista (KB941693)
4/9/2008 Security Update for Windows Vista (KB948590)
4/9/2008 Windows Malicious Software Removal Tool - April 2008 (KB890830)
4/9/2008 Security Update for Windows Vista (KB945553)
4/9/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB947864)
4/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8557.0)
4/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8469.0)
4/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8330.0)
3/28/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8167.0)
3/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8083.0)
3/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7920.0)
3/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7831.0)
3/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7671.0)
3/12/2008 Windows Malicious Software Removal Tool - March 2008 (KB890830)
3/12/2008 Update for Windows Mail Junk E-mail Filter [March 2008] (KB905866)
3/12/2008 Update for Windows Vista (KB946041)
2/14/2008 Update for Windows Vista (KB937287)
2/13/2008 Security Update for Windows Vista (KB946026)
2/13/2008 Update for Windows Vista (KB938371)
2/13/2008 Windows Malicious Software Removal Tool - February 2008 (KB890830)
2/13/2008 Update for Windows Mail Junk E-mail Filter [February 2008] (KB905866)
2/13/2008 Update for Windows Vista (KB943899)
2/13/2008 Security Update for Windows Vista (KB946456)
2/13/2008 Update for Windows Vista (KB943302)
2/13/2008 Security Update for Windows Vista (KB943055)
2/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB944533)
1/9/2008 Update for Windows Mail Junk E-mail Filter [January 2008] (KB905866)
1/9/2008 Security Update for Windows Vista (KB941644)
1/9/2008 Windows Malicious Software Removal Tool - January 2008 (KB890830)
1/9/2008 Update for Windows Vista (KB943302)
1/9/2008 Update for Windows Vista (KB943899)
1/9/2008 Update for Windows Vista (KB943411)
12/12/2007 Security Update for Windows Vista (KB941568)
12/12/2007 Security Update for Windows Vista (KB941569)
12/12/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB942615)
12/12/2007 Security Update for Windows Vista (KB942624)
12/12/2007 Windows Malicious Software Removal Tool - December 2007 (KB890830)
12/12/2007 Update for Windows Mail Junk E-mail Filter [December 2007] (KB905866)
12/12/2007 Security Update for Windows Vista (KB943078)
12/12/2007 Update for Windows Vista (KB942763)
11/15/2007 Update for Windows (KB917607)
11/14/2007 Update for Windows Vista (KB941649)
11/14/2007 Windows Malicious Software Removal Tool - November 2007 (KB890830)
11/14/2007 Update for Windows Vista (KB941600)
11/14/2007 Update for Windows Mail Junk E-mail Filter [November 2007] (KB905866)
11/5/2007 Update for Windows Vista (KB939165)
10/31/2007 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB941833)
10/31/2007 Update for Windows Vista (KB938194)
10/31/2007 Update for .NET Framework 3.0: x86 (KB932471)
10/31/2007 Update for Windows Vista (KB933360)
10/31/2007 Update for Windows Mail Junk E-mail Filter [October 2007] (KB905866)
10/31/2007 Windows Malicious Software Removal Tool - October 2007 (KB890830)
10/31/2007 Update for Windows Vista (KB941651)
10/31/2007 Security Update for Microsoft .NET Framework, Version 2.0 (KB929916)
10/31/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB939653)
10/31/2007 Update for Windows Vista (KB938979)
10/31/2007 Security Update for Windows Mail for Windows Vista (KB941202)
10/31/2007 Security Update for Windows Vista (KB933729)
10/31/2007 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)
10/31/2007 NVIDIA Corporation driver update for NVIDIA MCP61 Serial ATA Controller
10/31/2007 Update for Windows Vista (KB939159)
10/31/2007 Windows Update software 7.0.6000.381
Services
Running Andrea RT Filters Service
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running dldf_device
Running dldfCATSCustConnectService
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP CUE DeviceDiscovery Service
Running HP Network Devices Support
Running hpqcxs08
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running Multimedia Class Scheduler
Running Net Driver HPZ12
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running NVIDIA Display Driver Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Pml Driver HPZ12
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running Protected Storage
Running ProtexisLicensing
Running Pure Networks Platform Service
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Roxio Hard Drive Watcher 9
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running UPnP Device Host
Running User Profile Service
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Search
Running Windows Time
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Running XAudioService
Stopped Application Layer Gateway Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped DSBrokerService
Stopped Function Discovery Provider Host
Stopped Health Key and Certificate Management
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped RoxMediaDB9
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped stllssvr
Stopped Terminal Services
Stopped Terminal Services Configuration
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
AMD Athlon™ 64 X2 Dual Core Processor 4000+
AMD Athlon™ 64 X2 Dual Core Processor 4000+
AMD AwayMode
ACPI Power Button
System board
ACPI Fan
ACPI Thermal Zone
ACPI Fixed Feature Button
PCI bus
PCI standard RAM Controller
NVIDIA nForce PCI System Management
PCI standard RAM Controller
NVIDIA nForce Networking Controller
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
AMD HyperTransport™ Configuration
AMD Address Map Configuration
AMD DRAM and HyperTransport™ Trace Mode Configuration
AMD Miscellaneous Configuration
Motherboard resources
Motherboard resources
PCI standard ISA bridge
Motherboard resources
Programmable interrupt controller
Direct memory access controller
System timer
High precision event timer
System CMOS/real time clock
System speaker
Numeric data processor
Standard OpenHCD USB Host Controller
USB Root Hub
USB Composite Device
USB Human Interface Device
HID-compliant mouse
USB Human Interface Device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
USB Human Interface Device
HID Keyboard Device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
PCI standard PCI-to-PCI bridge
Conexant D850 PCI V.92 Modem
High Definition Audio Controller
Realtek High Definition Audio
Standard Dual Channel PCI IDE Controller
IDE Channel
IDE Channel
NVIDIA MCP61 Serial ATA Controller
WDC WD25 00JS-75NCB3 SCSI Disk Device
NVIDIA GeForce 6150SE nForce 430
Generic PnP Monitor
CPU
AMD Athlon 64 X2 4000+
Cores 2
Threads 2
Name AMD Athlon 64 X2 4000+
Code Name Brisbane
Package Socket AM2 (940)
Technology 65nm
Specification AMD Athlon™ 64 X2 Dual Core Processor 4000+
Family F
Extended Family F
Model B
Extended Model 6B
Stepping 1
Revision BH-G1
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, AMD 64
Virtualization Supported, Enabled
Hyperthreading Not supported
Fan Speed 1746 RPM
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Stock Core Speed 2100 MHz
Stock Bus Speed 200 MHz
Average Temperature 48 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 512 KBytes
Core 0
Core Speed 2109.6 MHz
Multiplier x 10.5
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Temperature 47 °C
Thread 1
APIC ID 0
Core 1
Core Speed 2109.6 MHz
Multiplier x 10.5
Bus Speed 200.9 MHz
Rated Bus Speed 1004.6 MHz
Temperature 49 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 4
Used memory slots 2
Free memory slots 2
Memory
Type DDR2
Size 1024 MBytes
Channels # Dual
DRAM Frequency 301.4 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 21 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 62 %
Total Physical 957 MB
Available Physical 357 MB
Total Virtual 2.00 GB
Available Virtual 1.86 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 512 MBytes
Manufacturer MOSEL
Max Bandwidth PC2-5300 (333 MHz)
Part Number V916764K24QCFW-F5
Serial Number E5372C78
Week/year 38 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 512 MBytes
Manufacturer MOSEL
Max Bandwidth PC2-5300 (333 MHz)
Part Number V916764K24QCFW-F5
Serial Number E1372C79
Week/year 38 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Model 0RY206
Version 00
Chipset Vendor NVIDIA
Chipset Model MCP61
Chipset Revision A3
Southbridge Vendor NVIDIA
Southbridge Model MCP61
Southbridge Revision A2
System Temperature 30 °C
BIOS
Brand Dell Inc.
Version 1.0.6
Date 09/06/2007
Voltage
VIN0 1.712 V
MEMORY CONTROLLER 1.680 V
VIN2 1.528 V
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Data But Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage In Use
Data But Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI-X
Slot Type PCI-X
Slot Usage Available
Data But Width 8192 bit
Slot Designation PCIEX16
Slot Number 2
Slot PCI-X
Slot Type PCI-X
Slot Usage Available
Data But Width 256 bit
Slot Designation PCIEX1_1
Slot Number 3
Graphics
Monitor
Name DELL SE178WFP on NVIDIA GeForce 6150SE nForce 430
Current Resolution 1440x900 pixels
Work Resolution 1440x870 pixels
State enabled, primary, output devices support
Monitor Width 1440
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce 6150SE nForce 430
GPU MCP61P
Device ID 10DE-03D0
Revision A3
Subvendor Dell (1028)
Current Performance Level Level 1
Current GPU Clock 425 MHz
Current Memory Clock 100 MHz
DirectX Support 9.0c
DirectX Shader Model 3.0
OpenGL Support 2.0
Bus Interface FPCI
Driver nvlddmkm.sys
Driver version 8.15.11.9038
ForceWare version 175.16
BIOS Version 5.61.32.25.02
ROPs 2
Shaders Vertex 2/Pixel 2
Memory Type System
Physical Memory 64 MB
Virtual Memory 288 MB
Count of performance levels : 1
Level 0
GPU Clock 425 MHz
Memory Clock 100 MHz
Hard Drives
WDC WD25 00JS-75NCB3 SCSI Disk Device
Manufacturer Western Digital
Business Unit/Brand Mobile/WD Scorpio Free Fall Sensor (FFS)
Interface RAID
Capacity 244GB
Real size 250,000,000,000 bytes
RAID Type Hardware RAID
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #0, Partition #0
Size 47.0 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter D:
File System NTFS
Volume Serial Number E4297055
Size 10.00GB
Used Space 3.64GB (37%)
Free Space 6.36GB (63%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter C:
File System NTFS
Volume Serial Number DE2E5B91
Size 223GB
Used Space 28.0GB (13%)
Free Space 195GB (87%)
Optical Drives
No optical disk drives detected
Audio
Sound Card
Realtek High Definition Audio
Playback Device
Speakers (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Unknown
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Photosmart D110 series
Device Kind Camera/scanner
Device Name Photosmart D110 series
Location ip:192.168.1.103,subnet:192.168.1.0/24
Driver
Date 10-12-2009
Version 8.0.0.0
File system32\DRIVERS\serscan.sys
Network
You are connected to the internet
Connected through NVIDIA nForce Networking Controller
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 209.94.172.166
Alternate DNS server 209.94.172.167
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 209.94.169.102
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name WESCORNWELL-PC
DNS Name WesCornwell-PC
Domain Name WesCornwell-PC
Remote Desktop
Console
State Active
Domain WesCornwell-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Disabled
Adapters List
NVIDIA nForce Networking Controller
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
Quicken - HP Deskjet 990c Quicken - HP Deskjet 990c,LocalsplOnly
  • 0

#15
RKinner
Posted 29 August 2011 - 08:50 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Looks like the cleaning was a good idea. It's running a lot cooler now (unless you just turned it on).

As for the DVD/CD, I don't think it's a software problem. Windows would detect the DVD and reinstall it at boot if it had been uninstalled. You might boot into the BIOS setup and see if the BIOS detects it (it will be in the boot order if it does). If it's not there then the only thing you can do is replace it. If it's the standard size DVD they are not too expensive:
$25.99 at amazon. This one is SATA (small cable)
http://www.amazon.co...4671953&sr=1-11
$26.81 at Amazon. IDE (Wide ribbon cable)
http://www.amazon.co...4672418&sr=1-14
I've seen them for less. Should be a simple change out


Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP