Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Malware-bytes hanging computer [Solved]

Started by Snypa86 , Oct 30 2011 12:10 PM

This topic is locked

#16
michaelg9

Posted 22 November 2011 - 06:53 AM

Trusted Helper

Malware Removal
2,949 posts

Check in C:\ for a text file named tdsskiller*.txt, where in the place of the asterisk there will be some numbers. If it's there, open it and post it contents here

#17
Snypa86

Posted 22 November 2011 - 09:34 AM

Member

Topic Starter
Member
58 posts

15:18:37.0583 5376 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
15:18:38.0048 5376 ============================================================
15:18:38.0048 5376 Current date / time: 2011/11/21 15:18:38.0048
15:18:38.0048 5376 SystemInfo:
15:18:38.0048 5376
15:18:38.0048 5376 OS Version: 6.0.6002 ServicePack: 2.0
15:18:38.0048 5376 Product type: Workstation
15:18:38.0049 5376 ComputerName: DARRON-PC
15:18:38.0049 5376 UserName: Darron
15:18:38.0049 5376 Windows directory: C:\Windows
15:18:38.0049 5376 System windows directory: C:\Windows
15:18:38.0049 5376 Running under WOW64
15:18:38.0049 5376 Processor architecture: Intel x64
15:18:38.0049 5376 Number of processors: 2
15:18:38.0049 5376 Page size: 0x1000
15:18:38.0049 5376 Boot type: Normal boot
15:18:38.0049 5376 ============================================================
15:18:38.0339 5376 Initialize success
15:18:48.0531 3400 ============================================================
15:18:48.0531 3400 Scan started
15:18:48.0531 3400 Mode: Manual;
15:18:48.0531 3400 ============================================================
15:18:48.0948 3400 22481826 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\22481826.sys
15:18:48.0951 3400 22481826 - ok
15:18:48.0994 3400 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
15:18:48.0996 3400 ACPI - ok
15:18:49.0100 3400 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:18:49.0101 3400 adfs - ok
15:18:49.0173 3400 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
15:18:49.0177 3400 adp94xx - ok
15:18:49.0248 3400 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
15:18:49.0250 3400 adpahci - ok
15:18:49.0271 3400 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
15:18:49.0272 3400 adpu160m - ok
15:18:49.0345 3400 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
15:18:49.0347 3400 adpu320 - ok
15:18:49.0483 3400 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
15:18:49.0486 3400 AFD - ok
15:18:49.0607 3400 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
15:18:49.0615 3400 AgereSoftModem - ok
15:18:49.0670 3400 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
15:18:49.0671 3400 agp440 - ok
15:18:49.0751 3400 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
15:18:49.0752 3400 aic78xx - ok
15:18:49.0816 3400 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
15:18:49.0816 3400 aliide - ok
15:18:49.0920 3400 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
15:18:49.0921 3400 amdide - ok
15:18:49.0963 3400 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
15:18:49.0964 3400 AmdK8 - ok
15:18:50.0033 3400 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
15:18:50.0034 3400 androidusb - ok
15:18:50.0109 3400 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
15:18:50.0110 3400 arc - ok
15:18:50.0185 3400 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
15:18:50.0186 3400 arcsas - ok
15:18:50.0280 3400 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
15:18:50.0280 3400 aswFsBlk - ok
15:18:50.0331 3400 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
15:18:50.0332 3400 aswMonFlt - ok
15:18:50.0349 3400 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
15:18:50.0350 3400 aswRdr - ok
15:18:50.0493 3400 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
15:18:50.0497 3400 aswSnx - ok
15:18:50.0553 3400 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
15:18:50.0556 3400 aswSP - ok
15:18:50.0615 3400 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
15:18:50.0616 3400 aswTdi - ok
15:18:50.0703 3400 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
15:18:50.0703 3400 AsyncMac - ok
15:18:50.0753 3400 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
15:18:50.0753 3400 atapi - ok
15:18:50.0859 3400 AtiHdmiService (1251677c31ca7d08795a6ee939f2e605) C:\Windows\system32\drivers\AtiHdmi.sys
15:18:50.0860 3400 AtiHdmiService - ok
15:18:51.0029 3400 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys
15:18:51.0066 3400 atikmdag - ok
15:18:51.0182 3400 Beep - ok
15:18:51.0260 3400 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
15:18:51.0261 3400 blbdrive - ok
15:18:51.0297 3400 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
15:18:51.0299 3400 bowser - ok
15:18:51.0401 3400 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
15:18:51.0402 3400 BrFiltLo - ok
15:18:51.0427 3400 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
15:18:51.0427 3400 BrFiltUp - ok
15:18:51.0509 3400 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
15:18:51.0510 3400 Brserid - ok
15:18:51.0540 3400 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
15:18:51.0541 3400 BrSerWdm - ok
15:18:51.0567 3400 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
15:18:51.0568 3400 BrUsbMdm - ok
15:18:51.0589 3400 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
15:18:51.0589 3400 BrUsbSer - ok
15:18:51.0622 3400 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
15:18:51.0623 3400 BTHMODEM - ok
15:18:51.0650 3400 catchme - ok
15:18:51.0763 3400 CAXHWAZL (c25362669072f6aa8d4c3415d8b30b7a) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
15:18:51.0766 3400 CAXHWAZL - ok
15:18:51.0808 3400 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
15:18:51.0809 3400 cdfs - ok
15:18:51.0859 3400 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
15:18:51.0861 3400 cdrom - ok
15:18:51.0911 3400 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
15:18:51.0912 3400 circlass - ok
15:18:51.0960 3400 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
15:18:51.0963 3400 CLFS - ok
15:18:52.0098 3400 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
15:18:52.0099 3400 CmBatt - ok
15:18:52.0144 3400 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
15:18:52.0144 3400 cmdide - ok
15:18:52.0175 3400 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
15:18:52.0175 3400 Compbatt - ok
15:18:52.0196 3400 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
15:18:52.0197 3400 crcdisk - ok
15:18:52.0347 3400 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
15:18:52.0349 3400 DfsC - ok
15:18:52.0488 3400 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
15:18:52.0489 3400 disk - ok
15:18:52.0562 3400 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
15:18:52.0563 3400 drmkaud - ok
15:18:52.0645 3400 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
15:18:52.0651 3400 DXGKrnl - ok
15:18:52.0688 3400 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
15:18:52.0690 3400 E1G60 - ok
15:18:52.0749 3400 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
15:18:52.0750 3400 Ecache - ok
15:18:52.0832 3400 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
15:18:52.0832 3400 ElbyCDIO - ok
15:18:52.0873 3400 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
15:18:52.0876 3400 elxstor - ok
15:18:52.0937 3400 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
15:18:52.0937 3400 ErrDev - ok
15:18:52.0988 3400 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
15:18:52.0989 3400 exfat - ok
15:18:53.0034 3400 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
15:18:53.0035 3400 fastfat - ok
15:18:53.0142 3400 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
15:18:53.0143 3400 fdc - ok
15:18:53.0202 3400 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
15:18:53.0203 3400 FileInfo - ok
15:18:53.0232 3400 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
15:18:53.0233 3400 Filetrace - ok
15:18:53.0282 3400 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:18:53.0283 3400 flpydisk - ok
15:18:53.0323 3400 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
15:18:53.0326 3400 FltMgr - ok
15:18:53.0356 3400 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
15:18:53.0357 3400 Fs_Rec - ok
15:18:53.0386 3400 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
15:18:53.0387 3400 gagp30kx - ok
15:18:53.0442 3400 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:18:53.0443 3400 GEARAspiWDM - ok
15:18:53.0607 3400 Hardlock (091582da724f54830012e3faaf2f1d1a) C:\Windows\system32\drivers\hardlock.sys
15:18:53.0610 3400 Hardlock - ok
15:18:53.0663 3400 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
15:18:53.0665 3400 HdAudAddService - ok
15:18:53.0718 3400 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:18:53.0724 3400 HDAudBus - ok
15:18:53.0748 3400 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
15:18:53.0750 3400 HidBth - ok
15:18:53.0777 3400 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
15:18:53.0777 3400 HidIr - ok
15:18:53.0839 3400 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
15:18:53.0840 3400 HidUsb - ok
15:18:53.0882 3400 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
15:18:53.0883 3400 HpCISSs - ok
15:18:53.0962 3400 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:18:53.0964 3400 HSFHWAZL - ok
15:18:54.0054 3400 HSF_DPV (c8ecf7d2fd3f20078dfb3bd5f1e51f23) C:\Windows\system32\DRIVERS\CAX_DPV.sys
15:18:54.0063 3400 HSF_DPV - ok
15:18:54.0113 3400 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
15:18:54.0118 3400 HTTP - ok
15:18:54.0152 3400 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
15:18:54.0153 3400 i2omp - ok
15:18:54.0198 3400 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
15:18:54.0199 3400 i8042prt - ok
15:18:54.0238 3400 iaStor (16a4671255cfb842225f0fdb6dbdb414) C:\Windows\system32\DRIVERS\iaStor.sys
15:18:54.0240 3400 iaStor - ok
15:18:54.0280 3400 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
15:18:54.0282 3400 iaStorV - ok
15:18:54.0350 3400 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
15:18:54.0351 3400 iirsp - ok
15:18:54.0426 3400 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
15:18:54.0426 3400 int15 - ok
15:18:54.0498 3400 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
15:18:54.0499 3400 intelide - ok
15:18:54.0535 3400 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
15:18:54.0536 3400 intelppm - ok
15:18:54.0600 3400 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:18:54.0602 3400 IpFilterDriver - ok
15:18:54.0644 3400 IpInIp - ok
15:18:54.0685 3400 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
15:18:54.0686 3400 IPMIDRV - ok
15:18:54.0739 3400 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
15:18:54.0740 3400 IPNAT - ok
15:18:54.0786 3400 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
15:18:54.0786 3400 IRENUM - ok
15:18:54.0804 3400 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
15:18:54.0805 3400 isapnp - ok
15:18:54.0882 3400 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
15:18:54.0884 3400 iScsiPrt - ok
15:18:54.0934 3400 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
15:18:54.0935 3400 iteatapi - ok
15:18:54.0976 3400 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
15:18:54.0977 3400 iteraid - ok
15:18:55.0012 3400 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
15:18:55.0013 3400 kbdclass - ok
15:18:55.0061 3400 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:18:55.0061 3400 kbdhid - ok
15:18:55.0113 3400 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
15:18:55.0117 3400 KSecDD - ok
15:18:55.0154 3400 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
15:18:55.0155 3400 ksthunk - ok
15:18:55.0209 3400 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
15:18:55.0210 3400 lltdio - ok
15:18:55.0259 3400 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
15:18:55.0260 3400 LSI_FC - ok
15:18:55.0294 3400 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
15:18:55.0295 3400 LSI_SAS - ok
15:18:55.0342 3400 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
15:18:55.0343 3400 LSI_SCSI - ok
15:18:55.0373 3400 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
15:18:55.0374 3400 luafv - ok
15:18:55.0427 3400 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:18:55.0428 3400 mdmxsdk - ok
15:18:55.0475 3400 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
15:18:55.0476 3400 megasas - ok
15:18:55.0537 3400 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
15:18:55.0540 3400 MegaSR - ok
15:18:55.0575 3400 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
15:18:55.0576 3400 Modem - ok
15:18:55.0620 3400 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
15:18:55.0621 3400 monitor - ok
15:18:55.0640 3400 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
15:18:55.0641 3400 mouclass - ok
15:18:55.0677 3400 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
15:18:55.0678 3400 mouhid - ok
15:18:55.0696 3400 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
15:18:55.0697 3400 MountMgr - ok
15:18:55.0750 3400 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
15:18:55.0751 3400 mpio - ok
15:18:55.0786 3400 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
15:18:55.0787 3400 mpsdrv - ok
15:18:55.0823 3400 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
15:18:55.0824 3400 Mraid35x - ok
15:18:55.0867 3400 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
15:18:55.0868 3400 MRxDAV - ok
15:18:55.0928 3400 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:18:55.0930 3400 mrxsmb - ok
15:18:55.0973 3400 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:18:55.0976 3400 mrxsmb10 - ok
15:18:55.0998 3400 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:18:55.0999 3400 mrxsmb20 - ok
15:18:56.0034 3400 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
15:18:56.0035 3400 msahci - ok
15:18:56.0064 3400 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
15:18:56.0065 3400 msdsm - ok
15:18:56.0110 3400 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
15:18:56.0111 3400 Msfs - ok
15:18:56.0156 3400 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
15:18:56.0157 3400 msisadrv - ok
15:18:56.0199 3400 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
15:18:56.0200 3400 MSKSSRV - ok
15:18:56.0237 3400 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
15:18:56.0238 3400 MSPCLOCK - ok
15:18:56.0268 3400 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
15:18:56.0269 3400 MSPQM - ok
15:18:56.0304 3400 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
15:18:56.0307 3400 MsRPC - ok
15:18:56.0357 3400 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
15:18:56.0358 3400 mssmbios - ok
15:18:56.0423 3400 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
15:18:56.0424 3400 MSTEE - ok
15:18:56.0471 3400 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
15:18:56.0473 3400 Mup - ok
15:18:56.0523 3400 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
15:18:56.0525 3400 NativeWifiP - ok
15:18:56.0581 3400 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
15:18:56.0586 3400 NDIS - ok
15:18:56.0638 3400 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
15:18:56.0639 3400 NdisTapi - ok
15:18:56.0657 3400 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
15:18:56.0658 3400 Ndisuio - ok
15:18:56.0701 3400 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
15:18:56.0702 3400 NdisWan - ok
15:18:56.0718 3400 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
15:18:56.0720 3400 NDProxy - ok
15:18:56.0755 3400 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
15:18:56.0756 3400 NetBIOS - ok
15:18:56.0803 3400 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
15:18:56.0805 3400 netbt - ok
15:18:56.0963 3400 NETw4v64 (520d367b45b12a75022b0070fff2b937) C:\Windows\system32\DRIVERS\NETw4v64.sys
15:18:56.0982 3400 NETw4v64 - ok
15:18:57.0175 3400 NETw5v64 (2bdcb7b7917380794c9d87ac2153ce33) C:\Windows\system32\DRIVERS\NETw5v64.sys
15:18:57.0204 3400 NETw5v64 - ok
15:18:57.0460 3400 NETwLv64 (54762e37f65c20652532dbdac53698f6) C:\Windows\system32\DRIVERS\NETwLv64.sys
15:18:57.0513 3400 NETwLv64 - ok
15:18:57.0579 3400 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
15:18:57.0580 3400 nfrd960 - ok
15:18:57.0617 3400 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
15:18:57.0618 3400 Npfs - ok
15:18:57.0680 3400 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
15:18:57.0681 3400 nsiproxy - ok
15:18:57.0756 3400 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
15:18:57.0765 3400 Ntfs - ok
15:18:57.0903 3400 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
15:18:57.0904 3400 NuidFltr - ok
15:18:57.0929 3400 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
15:18:57.0930 3400 Null - ok
15:18:57.0959 3400 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
15:18:57.0961 3400 nvraid - ok
15:18:57.0991 3400 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
15:18:57.0992 3400 nvstor - ok
15:18:58.0032 3400 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
15:18:58.0033 3400 nv_agp - ok
15:18:58.0043 3400 NwlnkFlt - ok
15:18:58.0055 3400 NwlnkFwd - ok
15:18:58.0122 3400 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
15:18:58.0124 3400 ohci1394 - ok
15:18:58.0175 3400 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
15:18:58.0176 3400 Parport - ok
15:18:58.0208 3400 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
15:18:58.0210 3400 partmgr - ok
15:18:58.0290 3400 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
15:18:58.0292 3400 pci - ok
15:18:58.0309 3400 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
15:18:58.0310 3400 pciide - ok
15:18:58.0342 3400 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
15:18:58.0343 3400 pcmcia - ok
15:18:58.0387 3400 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
15:18:58.0392 3400 PEAUTH - ok
15:18:58.0523 3400 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
15:18:58.0525 3400 PptpMiniport - ok
15:18:58.0557 3400 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
15:18:58.0558 3400 Processor - ok
15:18:58.0615 3400 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
15:18:58.0616 3400 PSched - ok
15:18:58.0669 3400 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
15:18:58.0677 3400 ql2300 - ok
15:18:58.0722 3400 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
15:18:58.0724 3400 ql40xx - ok
15:18:58.0761 3400 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
15:18:58.0762 3400 QWAVEdrv - ok
15:18:58.0773 3400 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
15:18:58.0774 3400 RasAcd - ok
15:18:58.0859 3400 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:18:58.0860 3400 Rasl2tp - ok
15:18:58.0900 3400 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
15:18:58.0901 3400 RasPppoe - ok
15:18:58.0947 3400 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
15:18:58.0948 3400 RasSstp - ok
15:18:58.0984 3400 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
15:18:58.0987 3400 rdbss - ok
15:18:59.0009 3400 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:18:59.0010 3400 RDPCDD - ok
15:18:59.0048 3400 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
15:18:59.0051 3400 rdpdr - ok
15:18:59.0062 3400 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
15:18:59.0063 3400 RDPENCDD - ok
15:18:59.0100 3400 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
15:18:59.0101 3400 RDPWD - ok
15:18:59.0179 3400 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:18:59.0180 3400 RimUsb - ok
15:18:59.0234 3400 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:18:59.0235 3400 RimVSerPort - ok
15:18:59.0274 3400 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
15:18:59.0276 3400 ROOTMODEM - ok
15:18:59.0301 3400 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
15:18:59.0302 3400 rspndr - ok
15:18:59.0348 3400 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
15:18:59.0351 3400 RTL8169 - ok
15:18:59.0376 3400 RTSTOR (0851174830dafad4eacc4dd818d803d1) C:\Windows\system32\drivers\RTSTOR64.SYS
15:18:59.0378 3400 RTSTOR - ok
15:18:59.0443 3400 s115bus (e0f0977caafdf719929c8ca02a1c5147) C:\Windows\system32\DRIVERS\s115bus.sys
15:18:59.0445 3400 s115bus - ok
15:18:59.0499 3400 s115mdfl (136328e6c3086a19eb3154058bc7b3a3) C:\Windows\system32\DRIVERS\s115mdfl.sys
15:18:59.0500 3400 s115mdfl - ok
15:18:59.0563 3400 s115mdm (54552277de7eae1a2e108a4cff7abb07) C:\Windows\system32\DRIVERS\s115mdm.sys
15:18:59.0564 3400 s115mdm - ok
15:18:59.0616 3400 s115mgmt (e9b3966836cb9c2107264e44249267df) C:\Windows\system32\DRIVERS\s115mgmt.sys
15:18:59.0617 3400 s115mgmt - ok
15:18:59.0679 3400 s115obex (f6ab3b6e35981c4f3fed4198d3f29674) C:\Windows\system32\DRIVERS\s115obex.sys
15:18:59.0681 3400 s115obex - ok
15:18:59.0729 3400 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
15:18:59.0730 3400 sbp2port - ok
15:18:59.0814 3400 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:18:59.0815 3400 secdrv - ok
15:18:59.0876 3400 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
15:18:59.0877 3400 Serenum - ok
15:18:59.0899 3400 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
15:18:59.0900 3400 Serial - ok
15:18:59.0925 3400 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
15:18:59.0926 3400 sermouse - ok
15:18:59.0979 3400 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
15:18:59.0980 3400 sffdisk - ok
15:19:00.0015 3400 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
15:19:00.0016 3400 sffp_mmc - ok
15:19:00.0057 3400 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
15:19:00.0057 3400 sffp_sd - ok
15:19:00.0090 3400 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
15:19:00.0091 3400 sfloppy - ok
15:19:00.0117 3400 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
15:19:00.0118 3400 SiSRaid2 - ok
15:19:00.0148 3400 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
15:19:00.0149 3400 SiSRaid4 - ok
15:19:00.0186 3400 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
15:19:00.0188 3400 Smb - ok
15:19:00.0226 3400 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
15:19:00.0227 3400 spldr - ok
15:19:00.0286 3400 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
15:19:00.0290 3400 srv - ok
15:19:00.0337 3400 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
15:19:00.0339 3400 srv2 - ok
15:19:00.0378 3400 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
15:19:00.0380 3400 srvnet - ok
15:19:00.0430 3400 ssadbus (c1212ba5ab6783191899d194672a5b5c) C:\Windows\system32\DRIVERS\ssadbus.sys
15:19:00.0431 3400 ssadbus - ok
15:19:00.0490 3400 ssadmdfl (eb270596d4117c4306442f36ef2c290e) C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:19:00.0491 3400 ssadmdfl - ok
15:19:00.0525 3400 ssadmdm (e29027dfaec246299d1cf88627c5cbe6) C:\Windows\system32\DRIVERS\ssadmdm.sys
15:19:00.0526 3400 ssadmdm - ok
15:19:00.0579 3400 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
15:19:00.0581 3400 sscdbus - ok
15:19:00.0625 3400 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:19:00.0626 3400 sscdmdfl - ok
15:19:00.0679 3400 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
15:19:00.0681 3400 sscdmdm - ok
15:19:00.0781 3400 STHDA (ef5536527a1def7161ef832dbc74ac47) C:\Windows\system32\drivers\stwrt64.sys
15:19:00.0784 3400 STHDA - ok
15:19:00.0831 3400 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
15:19:00.0832 3400 StillCam - ok
15:19:00.0884 3400 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
15:19:00.0885 3400 swenum - ok
15:19:00.0924 3400 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
15:19:00.0925 3400 Symc8xx - ok
15:19:00.0959 3400 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
15:19:00.0960 3400 Sym_hi - ok
15:19:00.0991 3400 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
15:19:00.0993 3400 Sym_u3 - ok
15:19:01.0030 3400 SynTP (6149bb382bff81c0b453048cb048b81e) C:\Windows\system32\DRIVERS\SynTP.sys
15:19:01.0032 3400 SynTP - ok
15:19:01.0125 3400 Tcpip (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
15:19:01.0134 3400 Tcpip - ok
15:19:01.0192 3400 Tcpip6 (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
15:19:01.0201 3400 Tcpip6 - ok
15:19:01.0242 3400 tcpipreg (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
15:19:01.0245 3400 tcpipreg - ok
15:19:01.0263 3400 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
15:19:01.0264 3400 TDPIPE - ok
15:19:01.0291 3400 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
15:19:01.0292 3400 TDTCP - ok
15:19:01.0334 3400 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
15:19:01.0335 3400 tdx - ok
15:19:01.0371 3400 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
15:19:01.0373 3400 TermDD - ok
15:19:01.0426 3400 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:19:01.0428 3400 tssecsrv - ok
15:19:01.0447 3400 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
15:19:01.0448 3400 tunmp - ok
15:19:01.0543 3400 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
15:19:01.0545 3400 tunnel - ok
15:19:01.0577 3400 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
15:19:01.0579 3400 uagp35 - ok
15:19:01.0622 3400 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
15:19:01.0625 3400 udfs - ok
15:19:01.0668 3400 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
15:19:01.0669 3400 uliagpkx - ok
15:19:01.0699 3400 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
15:19:01.0701 3400 uliahci - ok
15:19:01.0734 3400 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
15:19:01.0736 3400 UlSata - ok
15:19:01.0768 3400 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
15:19:01.0770 3400 ulsata2 - ok
15:19:01.0804 3400 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
15:19:01.0806 3400 umbus - ok
15:19:01.0885 3400 USBAAPL64 - ok
15:19:01.0940 3400 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
15:19:01.0941 3400 usbaudio - ok
15:19:01.0992 3400 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
15:19:01.0994 3400 usbccgp - ok
15:19:02.0034 3400 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
15:19:02.0036 3400 usbcir - ok
15:19:02.0078 3400 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
15:19:02.0079 3400 usbehci - ok
15:19:02.0105 3400 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
15:19:02.0108 3400 usbhub - ok
15:19:02.0142 3400 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
15:19:02.0143 3400 usbohci - ok
15:19:02.0191 3400 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
15:19:02.0192 3400 usbprint - ok
15:19:02.0259 3400 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
15:19:02.0260 3400 usbscan - ok
15:19:02.0306 3400 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:19:02.0307 3400 USBSTOR - ok
15:19:02.0323 3400 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
15:19:02.0325 3400 usbuhci - ok
15:19:02.0379 3400 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
15:19:02.0381 3400 usbvideo - ok
15:19:02.0437 3400 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
15:19:02.0439 3400 usb_rndisx - ok
15:19:02.0497 3400 UVCFTR (fa3ca291f80ee13a1ac210492a7dfbb9) C:\Windows\system32\Drivers\UVCFTR_S.SYS
15:19:02.0498 3400 UVCFTR - ok
15:19:02.0546 3400 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
15:19:02.0547 3400 VClone - ok
15:19:02.0597 3400 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
15:19:02.0599 3400 vga - ok
15:19:02.0615 3400 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
15:19:02.0616 3400 VgaSave - ok
15:19:02.0648 3400 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
15:19:02.0649 3400 viaide - ok
15:19:02.0679 3400 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
15:19:02.0681 3400 volmgr - ok
15:19:02.0725 3400 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
15:19:02.0729 3400 volmgrx - ok
15:19:02.0781 3400 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
15:19:02.0783 3400 volsnap - ok
15:19:02.0840 3400 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
15:19:02.0842 3400 vsmraid - ok
15:19:02.0889 3400 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
15:19:02.0890 3400 WacomPen - ok
15:19:02.0933 3400 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:02.0935 3400 Wanarp - ok
15:19:02.0940 3400 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:19:02.0942 3400 Wanarpv6 - ok
15:19:02.0967 3400 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
15:19:02.0968 3400 Wd - ok
15:19:03.0012 3400 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
15:19:03.0018 3400 Wdf01000 - ok
15:19:03.0079 3400 winachsf (40efee2fd560eb0438f3aebd5bf751b4) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
15:19:03.0084 3400 winachsf - ok
15:19:03.0150 3400 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
15:19:03.0151 3400 WmiAcpi - ok
15:19:03.0211 3400 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
15:19:03.0212 3400 WpdUsb - ok
15:19:03.0258 3400 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
15:19:03.0260 3400 ws2ifsl - ok
15:19:03.0331 3400 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys
15:19:03.0332 3400 WSDPrintDevice - ok
15:19:03.0388 3400 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:19:03.0391 3400 WUDFRd - ok
15:19:03.0423 3400 XAudio (c22b223cc6d58e921d78e173172f66f5) C:\Windows\system32\DRIVERS\xaudio64.sys
15:19:03.0424 3400 XAudio - ok
15:19:03.0475 3400 MBR (0x1B8) (3f52334f255df9dc66b0111a308bfa16) \Device\Harddisk0\DR0
15:19:04.0169 3400 \Device\Harddisk0\DR0 - ok
15:19:04.0223 3400 Boot (0x1200) (4e9c16917553fa9795b267d2165e1ab3) \Device\Harddisk0\DR0\Partition0
15:19:04.0224 3400 \Device\Harddisk0\DR0\Partition0 - ok
15:19:04.0227 3400 ============================================================
15:19:04.0227 3400 Scan finished
15:19:04.0227 3400 ============================================================
15:19:04.0241 1156 Detected object count: 0
15:19:04.0241 1156 Actual detected object count: 0
15:20:03.0608 4172 Deinitialize success

#18
michaelg9

Posted 24 November 2011 - 02:16 PM

Trusted Helper

Malware Removal
2,949 posts

Hello,

Sorry for the late reply. I don't think you are actually infected. What symptoms does your computer have? Are there any search engine redirects?

Next:

Run a full scan with avast and tell me what it finds. If it finds anything then delete it and tell me what was that.

Next:

Double-click My Computer, and then right-click the hard disk that you want to check. C:
Click Properties, and then click Tools.
Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed
Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Next:

1. Open the Start Menu.

2. Click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)
Posted Image

3. In the elevated command prompt, type sfc /scannow and press Enter. (see screenshot below)
NOTE: This may take a little bit to finish.
Posted Image

4. When the scan is complete, copy the line below and paste it at the command prompt. Then press Enter

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >%userprofile%\Desktop\sfcdetails.txt

5. The file sfcdetails.txt will now be on your desktop. Please open it , Edit | select all | copy and paste it in your next reply.

Then do this:

Click Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)

Next:

Please download GetPartitions from the link bellow. You must right click on the link and choose Save as.... Save it as GetPartitions.bat on your desktop

getpartitions.bat

Double click it to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator").
It will produce C:\DiskReport.txt log please post results from that log here to me.

Next:

Please download the Event Viewer Tool by Vino Rosso and save it to your Desktop
Right-click VEW.exe and Run AS Administrator
Under 'Select log to query', select:
System
Under 'Select type to list', select:
Error
Warning
Then use the 'Number of events' as follows:
Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.

Next:

Get Process Explorer
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
Close all other programs.
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a minute for things to settle down.
File, Save As, Save.
Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Next:

Download Speccy (Look in the upper right for the Download Latest Version button)
Download, Save and Install it.
Run Speccy by right clicking and Run As Administrator.
When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives.
OK. Attach the file to your next post.

Edited by michaelg9, 28 November 2011 - 06:25 AM.
Added a new scan

#19
Snypa86

Posted 24 November 2011 - 02:18 PM

Member

Topic Starter
Member
58 posts

Will do these next operations. My problem is that whenever I initiate a scan its never completes. It hangs and I end up having to power down the computer using the power button. It did this with malwarebytes, avast and even the one you recommended called kaspersy.

#20
michaelg9

Posted 25 November 2011 - 02:41 PM

Trusted Helper

Malware Removal
2,949 posts

OK, follow the steps and we'll see. Do you hear any strange metallic sounds coming out of your computer / Hard Drive?

#21
Snypa86

Posted 28 November 2011 - 02:25 AM

Member

Topic Starter
Member
58 posts

No strange metal Sounds. Avast stopped at87%.Will complete the other tasks and let you know.

#22
Snypa86

Posted 28 November 2011 - 10:25 AM

Member

Topic Starter
Member
58 posts

SFC /SCANOW

2011-11-28 03:33:27, Info CSI 00000006 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:27, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:30, Info CSI 00000009 [SR] Verify complete
2011-11-28 03:33:30, Info CSI 0000000a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:30, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:32, Info CSI 0000000d [SR] Verify complete
2011-11-28 03:33:32, Info CSI 0000000e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:32, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:34, Info CSI 00000011 [SR] Verify complete
2011-11-28 03:33:35, Info CSI 00000012 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:35, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:37, Info CSI 00000015 [SR] Verify complete
2011-11-28 03:33:37, Info CSI 00000016 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:37, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:40, Info CSI 00000019 [SR] Verify complete
2011-11-28 03:33:40, Info CSI 0000001a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:40, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:42, Info CSI 0000001d [SR] Verify complete
2011-11-28 03:33:43, Info CSI 0000001e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:43, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:45, Info CSI 00000021 [SR] Verify complete
2011-11-28 03:33:45, Info CSI 00000022 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:45, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:47, Info CSI 00000025 [SR] Verify complete
2011-11-28 03:33:48, Info CSI 00000026 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:48, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:50, Info CSI 00000029 [SR] Verify complete
2011-11-28 03:33:50, Info CSI 0000002a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:50, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:52, Info CSI 0000002d [SR] Verify complete
2011-11-28 03:33:52, Info CSI 0000002e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:52, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:54, Info CSI 00000031 [SR] Verify complete
2011-11-28 03:33:55, Info CSI 00000032 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:55, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:57, Info CSI 00000035 [SR] Verify complete
2011-11-28 03:33:57, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:33:57, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2011-11-28 03:33:59, Info CSI 00000039 [SR] Verify complete
2011-11-28 03:34:00, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:00, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:02, Info CSI 0000003d [SR] Verify complete
2011-11-28 03:34:02, Info CSI 0000003e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:02, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:04, Info CSI 00000041 [SR] Verify complete
2011-11-28 03:34:05, Info CSI 00000042 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:05, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:07, Info CSI 00000045 [SR] Verify complete
2011-11-28 03:34:07, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:07, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:09, Info CSI 00000049 [SR] Verify complete
2011-11-28 03:34:09, Info CSI 0000004a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:09, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:12, Info CSI 0000004d [SR] Verify complete
2011-11-28 03:34:12, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:12, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:14, Info CSI 00000051 [SR] Verify complete
2011-11-28 03:34:14, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:14, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:18, Info CSI 00000055 [SR] Verify complete
2011-11-28 03:34:18, Info CSI 00000056 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:18, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:21, Info CSI 00000059 [SR] Verify complete
2011-11-28 03:34:22, Info CSI 0000005a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:22, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:24, Info CSI 0000005d [SR] Verify complete
2011-11-28 03:34:25, Info CSI 0000005e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:25, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:27, Info CSI 00000061 [SR] Verify complete
2011-11-28 03:34:27, Info CSI 00000062 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:27, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:29, Info CSI 00000065 [SR] Verify complete
2011-11-28 03:34:30, Info CSI 00000066 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:30, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:32, Info CSI 00000069 [SR] Verify complete
2011-11-28 03:34:32, Info CSI 0000006a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:32, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:35, Info CSI 0000006d [SR] Verify complete
2011-11-28 03:34:35, Info CSI 0000006e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:35, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:38, Info CSI 00000071 [SR] Verify complete
2011-11-28 03:34:38, Info CSI 00000072 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:38, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:40, Info CSI 00000075 [SR] Verify complete
2011-11-28 03:34:41, Info CSI 00000076 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:41, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:43, Info CSI 00000079 [SR] Verify complete
2011-11-28 03:34:43, Info CSI 0000007a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:43, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:46, Info CSI 0000007d [SR] Verify complete
2011-11-28 03:34:46, Info CSI 0000007e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:46, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:51, Info CSI 00000081 [SR] Verify complete
2011-11-28 03:34:51, Info CSI 00000082 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:51, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
2011-11-28 03:34:58, Info CSI 00000085 [SR] Verify complete
2011-11-28 03:34:58, Info CSI 00000086 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:34:58, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:04, Info CSI 0000008b [SR] Verify complete
2011-11-28 03:35:04, Info CSI 0000008c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:04, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:11, Info CSI 00000090 [SR] Verify complete
2011-11-28 03:35:11, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:11, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:17, Info CSI 00000096 [SR] Verify complete
2011-11-28 03:35:17, Info CSI 00000097 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:17, Info CSI 00000098 [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:24, Info CSI 0000009a [SR] Verify complete
2011-11-28 03:35:25, Info CSI 0000009b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:25, Info CSI 0000009c [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:35, Info CSI 000000be [SR] Verify complete
2011-11-28 03:35:35, Info CSI 000000bf [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:35, Info CSI 000000c0 [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:41, Info CSI 000000c5 [SR] Verify complete
2011-11-28 03:35:42, Info CSI 000000c6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:42, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:48, Info CSI 000000c9 [SR] Verify complete
2011-11-28 03:35:48, Info CSI 000000ca [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:48, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2011-11-28 03:35:55, Info CSI 000000cd [SR] Verify complete
2011-11-28 03:35:55, Info CSI 000000ce [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:35:55, Info CSI 000000cf [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:04, Info CSI 000000d1 [SR] Verify complete
2011-11-28 03:36:05, Info CSI 000000d2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:05, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:16, Info CSI 000000eb [SR] Verify complete
2011-11-28 03:36:16, Info CSI 000000ec [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:16, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:29, Info CSI 000000ef [SR] Verify complete
2011-11-28 03:36:29, Info CSI 000000f0 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:29, Info CSI 000000f1 [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:45, Info CSI 000000f3 [SR] Verify complete
2011-11-28 03:36:46, Info CSI 000000f4 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:46, Info CSI 000000f5 [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:52, Info CSI 000000f7 [SR] Verify complete
2011-11-28 03:36:52, Info CSI 000000f8 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:52, Info CSI 000000f9 [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:55, Info CSI 000000fb [SR] Verify complete
2011-11-28 03:36:55, Info CSI 000000fc [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:55, Info CSI 000000fd [SR] Beginning Verify and Repair transaction
2011-11-28 03:36:58, Info CSI 000000ff [SR] Verify complete
2011-11-28 03:36:58, Info CSI 00000100 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:36:58, Info CSI 00000101 [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:07, Info CSI 0000010d [SR] Verify complete
2011-11-28 03:37:07, Info CSI 0000010e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:07, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:15, Info CSI 00000118 [SR] Verify complete
2011-11-28 03:37:15, Info CSI 00000119 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:15, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:19, Info CSI 0000011c [SR] Verify complete
2011-11-28 03:37:19, Info CSI 0000011d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:19, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:24, Info CSI 00000120 [SR] Verify complete
2011-11-28 03:37:25, Info CSI 00000121 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:25, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:31, Info CSI 00000124 [SR] Verify complete
2011-11-28 03:37:31, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:31, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:42, Info CSI 00000129 [SR] Verify complete
2011-11-28 03:37:42, Info CSI 0000012a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:42, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:48, Info CSI 0000012d [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2011-11-28 03:37:48, Info CSI 00000130 [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2011-11-28 03:37:49, Info CSI 00000133 [SR] Verify complete
2011-11-28 03:37:49, Info CSI 00000134 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:49, Info CSI 00000135 [SR] Beginning Verify and Repair transaction
2011-11-28 03:37:53, Info CSI 00000137 [SR] Verify complete
2011-11-28 03:37:54, Info CSI 00000138 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:37:54, Info CSI 00000139 [SR] Beginning Verify and Repair transaction
2011-11-28 03:38:02, Info CSI 0000013b [SR] Verify complete
2011-11-28 03:38:03, Info CSI 0000013c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:38:03, Info CSI 0000013d [SR] Beginning Verify and Repair transaction
2011-11-28 03:38:08, Info CSI 0000013f [SR] Verify complete
2011-11-28 03:38:08, Info CSI 00000140 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:38:08, Info CSI 00000141 [SR] Beginning Verify and Repair transaction
2011-11-28 03:38:20, Info CSI 0000014c [SR] Verify complete
2011-11-28 03:38:20, Info CSI 0000014d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:38:20, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2011-11-28 03:38:32, Info CSI 0000015d [SR] Verify complete
2011-11-28 03:38:32, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:38:32, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:00, Info CSI 00000161 [SR] Verify complete
2011-11-28 03:39:00, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:00, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:12, Info CSI 00000165 [SR] Verify complete
2011-11-28 03:39:12, Info CSI 00000166 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:12, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:24, Info CSI 00000169 [SR] Verify complete
2011-11-28 03:39:24, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:24, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:36, Info CSI 0000016d [SR] Verify complete
2011-11-28 03:39:36, Info CSI 0000016e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:36, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:44, Info CSI 00000171 [SR] Verify complete
2011-11-28 03:39:44, Info CSI 00000172 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:44, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:51, Info CSI 00000175 [SR] Verify complete
2011-11-28 03:39:52, Info CSI 00000176 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:52, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2011-11-28 03:39:57, Info CSI 0000017b [SR] Verify complete
2011-11-28 03:39:58, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:39:58, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2011-11-28 03:40:14, Info CSI 0000017f [SR] Verify complete
2011-11-28 03:40:14, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:40:14, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2011-11-28 03:40:21, Info CSI 00000183 [SR] Verify complete
2011-11-28 03:40:21, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:40:21, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2011-11-28 03:40:30, Info CSI 00000187 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:40:33, Info CSI 00000189 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:40:33, Info CSI 0000018a [SR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR"
2011-11-28 03:40:35, Info CSI 0000018c [SR] Verify complete
2011-11-28 03:40:35, Info CSI 0000018d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:40:35, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2011-11-28 03:40:45, Info CSI 00000190 [SR] Verify complete
2011-11-28 03:40:45, Info CSI 00000191 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:40:45, Info CSI 00000192 [SR] Beginning Verify and Repair transaction
2011-11-28 03:40:55, Info CSI 00000194 [SR] Verify complete
2011-11-28 03:40:56, Info CSI 00000195 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:40:56, Info CSI 00000196 [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:09, Info CSI 00000199 [SR] Verify complete
2011-11-28 03:41:10, Info CSI 0000019a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:10, Info CSI 0000019b [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:10, Info CSI 0000019d [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:41:20, Info CSI 0000019f [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:41:20, Info CSI 000001a0 [SR] This component was referenced by [l:164{82}]"Package_27_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-126_neutral_GDR"
2011-11-28 03:41:20, Info CSI 000001a3 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"termsrv.dll"; source file in store is also corrupted
2011-11-28 03:41:20, Info CSI 000001a5 [SR] Verify complete
2011-11-28 03:41:20, Info CSI 000001a6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:20, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:28, Info CSI 000001a9 [SR] Verify complete
2011-11-28 03:41:28, Info CSI 000001aa [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:28, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:36, Info CSI 000001ae [SR] Verify complete
2011-11-28 03:41:37, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:37, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:45, Info CSI 000001b6 [SR] Verify complete
2011-11-28 03:41:46, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:46, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2011-11-28 03:41:55, Info CSI 000001ba [SR] Verify complete
2011-11-28 03:41:55, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:41:55, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:07, Info CSI 000001be [SR] Verify complete
2011-11-28 03:42:08, Info CSI 000001bf [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:08, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:17, Info CSI 000001c2 [SR] Verify complete
2011-11-28 03:42:17, Info CSI 000001c3 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:17, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:19, Info CSI 000001c6 [SR] Verify complete
2011-11-28 03:42:20, Info CSI 000001c7 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:20, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:29, Info CSI 000001ca [SR] Verify complete
2011-11-28 03:42:30, Info CSI 000001cb [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:30, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:39, Info CSI 000001ce [SR] Verify complete
2011-11-28 03:42:40, Info CSI 000001cf [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:40, Info CSI 000001d0 [SR] Beginning Verify and Repair transaction
2011-11-28 03:42:47, Info CSI 000001d2 [SR] Verify complete
2011-11-28 03:42:48, Info CSI 000001d3 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:42:48, Info CSI 000001d4 [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:08, Info CSI 000001d6 [SR] Verify complete
2011-11-28 03:43:08, Info CSI 000001d7 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:08, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:12, Info CSI 000001da [SR] Verify complete
2011-11-28 03:43:12, Info CSI 000001db [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:12, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:18, Info CSI 000001de [SR] Verify complete
2011-11-28 03:43:19, Info CSI 000001df [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:19, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:30, Info CSI 000001eb [SR] Verify complete
2011-11-28 03:43:30, Info CSI 000001ec [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:30, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:37, Info CSI 000001ef [SR] Verify complete
2011-11-28 03:43:38, Info CSI 000001f0 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:38, Info CSI 000001f1 [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:44, Info CSI 000001f3 [SR] Verify complete
2011-11-28 03:43:45, Info CSI 000001f4 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:45, Info CSI 000001f5 [SR] Beginning Verify and Repair transaction
2011-11-28 03:43:54, Info CSI 000001f7 [SR] Verify complete
2011-11-28 03:43:55, Info CSI 000001f8 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:43:55, Info CSI 000001f9 [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:02, Info CSI 000001fb [SR] Verify complete
2011-11-28 03:44:03, Info CSI 000001fc [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:03, Info CSI 000001fd [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:05, Info CSI 000001ff [SR] Verify complete
2011-11-28 03:44:05, Info CSI 00000200 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:05, Info CSI 00000201 [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:13, Info CSI 00000205 [SR] Verify complete
2011-11-28 03:44:13, Info CSI 00000206 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:13, Info CSI 00000207 [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:22, Info CSI 0000020c [SR] Verify complete
2011-11-28 03:44:22, Info CSI 0000020d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:22, Info CSI 0000020e [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:41, Info CSI 00000218 [SR] Verify complete
2011-11-28 03:44:42, Info CSI 00000219 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:42, Info CSI 0000021a [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:52, Info CSI 00000226 [SR] Verify complete
2011-11-28 03:44:52, Info CSI 00000227 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:52, Info CSI 00000228 [SR] Beginning Verify and Repair transaction
2011-11-28 03:44:57, Info CSI 0000022a [SR] Verify complete
2011-11-28 03:44:58, Info CSI 0000022b [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:44:58, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:03, Info CSI 00000230 [SR] Verify complete
2011-11-28 03:45:03, Info CSI 00000231 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:03, Info CSI 00000232 [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:09, Info CSI 00000235 [SR] Verify complete
2011-11-28 03:45:09, Info CSI 00000236 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:09, Info CSI 00000237 [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:19, Info CSI 0000025c [SR] Verify complete
2011-11-28 03:45:20, Info CSI 0000025d [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:20, Info CSI 0000025e [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:24, Info CSI 00000260 [SR] Verify complete
2011-11-28 03:45:24, Info CSI 00000261 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:24, Info CSI 00000262 [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:30, Info CSI 00000264 [SR] Verify complete
2011-11-28 03:45:30, Info CSI 00000265 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:30, Info CSI 00000266 [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:36, Info CSI 00000268 [SR] Verify complete
2011-11-28 03:45:37, Info CSI 00000269 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:37, Info CSI 0000026a [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:45, Info CSI 0000027b [SR] Verify complete
2011-11-28 03:45:45, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:45, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2011-11-28 03:45:56, Info CSI 00000283 [SR] Verify complete
2011-11-28 03:45:56, Info CSI 00000284 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:45:56, Info CSI 00000285 [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:04, Info CSI 0000028f [SR] Verify complete
2011-11-28 03:46:05, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:05, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:08, Info CSI 00000293 [SR] Verify complete
2011-11-28 03:46:09, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:09, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:20, Info CSI 00000299 [SR] Verify complete
2011-11-28 03:46:20, Info CSI 0000029a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:20, Info CSI 0000029b [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:27, Info CSI 0000029d [SR] Verify complete
2011-11-28 03:46:27, Info CSI 0000029e [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:27, Info CSI 0000029f [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:34, Info CSI 000002a1 [SR] Verify complete
2011-11-28 03:46:34, Info CSI 000002a2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:34, Info CSI 000002a3 [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:39, Info CSI 000002a5 [SR] Verify complete
2011-11-28 03:46:39, Info CSI 000002a6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:39, Info CSI 000002a7 [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:47, Info CSI 000002ab [SR] Verify complete
2011-11-28 03:46:47, Info CSI 000002ac [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:46:47, Info CSI 000002ad [SR] Beginning Verify and Repair transaction
2011-11-28 03:46:59, Info CSI 000002c7 [SR] Verify complete
2011-11-28 03:47:00, Info CSI 000002c8 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:47:00, Info CSI 000002c9 [SR] Beginning Verify and Repair transaction
2011-11-28 03:47:28, Info CSI 000002cb [SR] Verify complete
2011-11-28 03:47:28, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:47:28, Info CSI 000002cd [SR] Beginning Verify and Repair transaction
2011-11-28 03:47:34, Info CSI 000002cf [SR] Verify complete
2011-11-28 03:47:35, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:47:35, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2011-11-28 03:47:43, Info CSI 000002d3 [SR] Verify complete
2011-11-28 03:47:43, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:47:43, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2011-11-28 03:47:50, Info CSI 000002d7 [SR] Verify complete
2011-11-28 03:47:50, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:47:50, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:03, Info CSI 000002dc [SR] Verify complete
2011-11-28 03:48:03, Info CSI 000002dd [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:03, Info CSI 000002de [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:09, Info CSI 000002e0 [SR] Verify complete
2011-11-28 03:48:09, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:09, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:17, Info CSI 000002e4 [SR] Verify complete
2011-11-28 03:48:17, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:17, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:23, Info CSI 000002e8 [SR] Verify complete
2011-11-28 03:48:23, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:23, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:29, Info CSI 000002ed [SR] Verify complete
2011-11-28 03:48:29, Info CSI 000002ee [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:29, Info CSI 000002ef [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:35, Info CSI 000002f1 [SR] Verify complete
2011-11-28 03:48:35, Info CSI 000002f2 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:35, Info CSI 000002f3 [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:43, Info CSI 000002f5 [SR] Verify complete
2011-11-28 03:48:43, Info CSI 000002f6 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:43, Info CSI 000002f7 [SR] Beginning Verify and Repair transaction
2011-11-28 03:48:50, Info CSI 000002fc [SR] Verify complete
2011-11-28 03:48:50, Info CSI 000002fd [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:48:50, Info CSI 000002fe [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:00, Info CSI 00000301 [SR] Verify complete
2011-11-28 03:49:00, Info CSI 00000302 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:49:00, Info CSI 00000303 [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:06, Info CSI 00000305 [SR] Verify complete
2011-11-28 03:49:06, Info CSI 00000306 [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:49:06, Info CSI 00000307 [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:16, Info CSI 00000309 [SR] Verify complete
2011-11-28 03:49:16, Info CSI 0000030a [SR] Verifying 100 (0x0000000000000064) components
2011-11-28 03:49:16, Info CSI 0000030b [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:24, Info CSI 0000030d [SR] Verify complete
2011-11-28 03:49:24, Info CSI 0000030e [SR] Verifying 89 (0x0000000000000059) components
2011-11-28 03:49:24, Info CSI 0000030f [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:32, Info CSI 00000311 [SR] Verify complete
2011-11-28 03:49:32, Info CSI 00000312 [SR] Repairing 4 components
2011-11-28 03:49:32, Info CSI 00000313 [SR] Beginning Verify and Repair transaction
2011-11-28 03:49:32, Info CSI 00000315 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:49:32, Info CSI 00000317 [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:49:32, Info CSI 00000319 [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2011-11-28 03:49:32, Info CSI 0000031c [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:49:32, Info CSI 0000031d [SR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR"
2011-11-28 03:49:32, Info CSI 0000031f [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2011-11-28 03:49:32, Info CSI 00000322 [SR] Cannot repair member file [l:22{11}]"termsrv.dll" of Microsoft-Windows-TerminalServices-RemoteConnectionManager, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-11-28 03:49:32, Info CSI 00000323 [SR] This component was referenced by [l:164{82}]"Package_27_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-126_neutral_GDR"
2011-11-28 03:49:32, Info CSI 00000326 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"termsrv.dll"; source file in store is also corrupted
2011-11-28 03:49:32, Info CSI 00000328 [SR] Repair complete
2011-11-28 03:49:33, Info CSI 00000329 [SR] Committing transaction
2011-11-28 03:49:33, Info CSI 0000032d [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

DRIVERS:

vclone.sys

DISK REPORT

Microsoft DiskPart version 6.0.6002
Copyright © 1999-2007 Microsoft Corporation.
On computer: DARRON-PC

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 E DVD-ROM 0 B No Media
Volume 2 F DVD-ROM 0 B No Media
Volume 3 C OS NTFS Partition 285 GB Healthy System

EVENT VIEWER TOOL

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 28/11/2011 10:53:10 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/11/2011 6:39:26 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 28/11/2011 6:38:39 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: Beep

Log: 'System' Date/Time: 28/11/2011 6:38:38 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxecCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 28/11/2011 6:38:38 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxecCATSCustConnectService service to connect.

Log: 'System' Date/Time: 28/11/2011 6:38:38 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The int15 service failed to start due to the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 28/11/2011 6:38:38 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Hardlock service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Log: 'System' Date/Time: 26/11/2011 5:52:48 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 26/11/2011 5:52:44 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: Beep

Log: 'System' Date/Time: 26/11/2011 5:52:42 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxecCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 26/11/2011 5:52:42 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxecCATSCustConnectService service to connect.

Log: 'System' Date/Time: 26/11/2011 5:52:42 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The int15 service failed to start due to the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 26/11/2011 5:52:42 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Hardlock service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Log: 'System' Date/Time: 26/11/2011 5:51:51 PM
Type: Error Category: 0
Event: 19 Source: Microsoft-Windows-PrintSpooler
The print spooler failed to share printer Lexmark Pro800-Pro900 Series with shared resource name Lexmark Pro800-Pro900 Series. Error 2114. The printer cannot be used by others on the network.

Log: 'System' Date/Time: 26/11/2011 5:51:07 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 10:04:52 AM on 11/26/2011 was unexpected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/11/2011 12:44:51 PM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:15:00 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:12:32 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:11:28 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:09:21 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:06:52 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:04:35 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:04:15 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:02:48 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:02:32 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:01:43 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:00:55 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 8:00:02 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 7:57:43 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 7:56:32 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 7:56:17 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 7:54:51 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 7:53:43 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 28/11/2011 6:38:30 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001F3C9EE039. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 27/11/2011 11:52:59 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 28/11/2011 10:54:49 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/11/2011 8:00:33 AM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL PolicyAgent. The first four bytes (DWORD) of the Data section contains the Windows error code.

Log: 'Application' Date/Time: 28/11/2011 8:00:33 AM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 28/11/2011 8:00:32 AM
Type: Error Category: 0
Event: 1023 Source: Microsoft-Windows-Perflib
Windows cannot load the extensible counter DLL EmdCache. The first four bytes (DWORD) of the Data section contains the Windows error code.

Log: 'Application' Date/Time: 26/11/2011 5:56:38 PM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\USERS\DARRON\DOWNLOADS\TL-WN723N_V1_101217.ZIP.CRDOWNLOAD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/11/2011 6:38:36 AM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance ACT7 is not valid.

Log: 'Application' Date/Time: 27/11/2011 11:52:57 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 0 user registry handles leaked from \Registry\User\S-1-5-21-2670984328-1985135284-1998418574-1000:

Log: 'Application' Date/Time: 26/11/2011 6:29:28 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
Windows (3480) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 360095744 (0x000000001576a000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (588 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 26/11/2011 5:52:17 PM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance ACT7 is not valid.

Log: 'Application' Date/Time: 25/11/2011 11:38:39 PM
Type: Warning Category: 0
Event: 12289 Source: Microsoft-Windows-Defrag
Volume C: was not defragmented. Reason: The volume is marked as dirty. you must run chkdsk on the volume to correct any problems before you attempt to defragment it again.

PROCESS EXPLORER

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 95.38 0 K 24 K
procexp64.exe 4472 3.85 21,344 K 30,748 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
svchost.exe 1272 0.77 15,348 K 22,664 K Host Process for Windows Services Microsoft Corporation
csrss.exe 736 < 0.01 11,432 K 14,844 K Client Server Runtime Process Microsoft Corporation
MouseWithoutBorders.exe 2132 < 0.01 43,200 K 40,100 K Mouse without Borders Microsoft
System 4 < 0.01 0 K 58,124 K
wmpnetwk.exe 2464 < 0.01 16,940 K 26,144 K Windows Media Player Network Sharing Service Microsoft Corporation
MouseWithoutBorders.exe 2624 < 0.01 38,432 K 35,920 K Mouse without Borders Microsoft
AppleMobileDeviceService.exe 2160 < 0.01 4,676 K 10,096 K MobileDeviceService Apple Inc.
csrss.exe 660 < 0.01 2,888 K 8,032 K Client Server Runtime Process Microsoft Corporation
svchost.exe 1052 < 0.01 37,216 K 50,356 K Host Process for Windows Services Microsoft Corporation
explorer.exe 3436 < 0.01 44,260 K 65,316 K Windows Explorer Microsoft Corporation
spoolsv.exe 1996 < 0.01 13,288 K 21,716 K Spooler SubSystem App Microsoft Corporation
sqlservr.exe 2612 < 0.01 49,212 K 12,792 K SQL Server Windows NT Microsoft Corporation
taskeng.exe 3704 < 0.01 11,432 K 13,944 K Task Scheduler Engine Microsoft Corporation
svchost.exe 300 < 0.01 6,248 K 10,556 K Host Process for Windows Services Microsoft Corporation
Dropbox.exe 1092 < 0.01 49,060 K 52,536 K Dropbox Dropbox, Inc.
lsass.exe 784 < 0.01 6,028 K 2,380 K Local Security Authority Process Microsoft Corporation
svchost.exe 3580 < 0.01 5,828 K 8,800 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 3016 < 0.01 117,504 K 75,044 K Microsoft Windows Search Indexer Microsoft Corporation
HP1006MC.EXE 2336 < 0.01 2,400 K 5,792 K SMLMProxy Module Software 2000 Limited
svchost.exe 1040 < 0.01 146,124 K 154,668 K Host Process for Windows Services Microsoft Corporation
svchost.exe 988 < 0.01 19,456 K 19,216 K Host Process for Windows Services Microsoft Corporation
AvastSvc.exe 1588 < 0.01 41,232 K 7,640 K avast! Service AVAST Software
DDHelper.exe 4136 < 0.01 1,928 K 6,252 K Drag/Drop Helper DDHelper
ETService.exe 2368 < 0.01 36,516 K 26,948 K Acer Empowering Technology Framework Service
WLIDSVC.EXE 2952 < 0.01 10,320 K 17,620 K Microsoft® Windows Live ID Service Microsoft Corp.
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
XAudio64.exe 3092 1,940 K 3,856 K Modem Audio Service Conexant Systems, Inc.
wuauclt.exe 4540 3,724 K 6,948 K Windows Update Microsoft Corporation
wmpnscfg.exe 4536 2,608 K 6,720 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
WmiPrvSE.exe 5752 4,196 K 7,816 K WMI Provider Host Microsoft Corporation
WLIDSVCM.EXE 1796 2,108 K 4,356 K Microsoft® Windows Live ID Service Monitor Microsoft Corp.
winlogon.exe 876 3,468 K 8,468 K Windows Logon Application Microsoft Corporation
wininit.exe 724 2,296 K 5,860 K Windows Start-Up Application Microsoft Corporation
taskeng.exe 1448 3,528 K 8,312 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 4976 2,560 K 6,268 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1460 32,384 K 35,644 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2020 12,324 K 17,888 K Host Process for Windows Services Microsoft Corporation
svchost.exe 980 4,276 K 8,708 K Host Process for Windows Services Microsoft Corporation
svchost.exe 536 80,860 K 42,020 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1212 3,136 K 6,840 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2724 3,684 K 7,764 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2520 1,804 K 3,868 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2640 1,924 K 4,608 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2700 1,776 K 4,192 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2860 6,016 K 9,088 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2924 1,664 K 3,644 K Host Process for Windows Services Microsoft Corporation
svchost.exe 3652 3,044 K 35,388 K Host Process for Windows Services Microsoft Corporation
sqlwriter.exe 2800 4,876 K 9,564 K SQL Server VSS Writer - 64 Bit Microsoft Corporation
sqlbrowser.exe 2748 1,836 K 5,020 K SQL Browser Service EXE Microsoft Corporation
smss.exe 516 496 K 1,028 K Windows Session Manager Microsoft Corporation
SLsvc.exe 1252 8,512 K 13,420 K Microsoft Software Licensing Service Microsoft Corporation
services.exe 772 3,456 K 8,752 K Services and Controller app Microsoft Corporation
SDWinSec.exe 3148 8,276 K 13,056 K Spybot-S&D Security Center integration Safer Networking Ltd.
procexp.exe 5212 3,016 K 10,644 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
notepad.exe 4708 2,484 K 5,752 K Notepad Microsoft Corporation
lxecmon.exe 2356 6,608 K 10,740 K Printer Device Monitor
lxeccoms.exe 2552 6,080 K 11,532 K Printer Communication System
lsm.exe 792 4,016 K 7,340 K Local Session Manager Service Microsoft Corporation
jusched.exe 4100 1,636 K 4,824 K Java™ Update Scheduler Sun Microsystems, Inc.
GoogleCrashHandler.exe 5036 5,956 K 2,424 K Google Installer Google Inc.
ehtray.exe 2060 2,704 K 2,664 K Media Center Tray Applet Microsoft Corporation
ehmsas.exe 4300 2,108 K 5,532 K Media Center Media Status Aggregator Service Microsoft Corporation
dwm.exe 608 2,164 K 5,124 K Desktop Window Manager Microsoft Corporation
audiodg.exe 1184 14,032 K 16,584 K Windows Audio Device Graph Isolation Microsoft Corporation
atiesrxx.exe 720 2,108 K 4,824 K AMD External Events Service Module AMD
atieclxx.exe 1408 4,172 K 6,528 K AMD External Events Client Module AMD

SPECCY

Summary
Operating System
MS Windows Vista Home Premium 64-bit SP2
CPU
Intel Mobile Core 2 Duo T6400 @ 2.00GHz 50 °C
Penryn 45nm Technology
RAM
4.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Motherboard
Gateway 61 °C
Graphics
Generic PnP Monitor (1280x800@60Hz)
ATI Mobility Radeon HD 2600 (Gateway 2000) 60 °C
Hard Drives
313GB Western Digital WDC WD3200BEVT-22ZCT0 (SATA) 38 °C
Optical Drives
Optiarc DVD RW AD-7563A ATA Device
ELBY CLONEDRIVE SCSI CdRom Device
ELBY CLONEDRIVE SCSI CdRom Device
Audio
SigmaTel High Definition Audio CODEC
Operating System
MS Windows Vista Home Premium 64-bit SP2
Installation Date: 03 July 2009, 01:52

Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Notify prior to download
Windows Defender
Windows Defender Enabled
Environment Variables
USERPROFILE C:\Users\Darron
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Darron\AppData\Local\Temp
TMP C:\Users\Darron\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\Windows Live\Shared
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
PROCESSOR_REVISION 170a
NUMBER_OF_PROCESSORS 2
TRACE_FORMAT_SEARCH_PATH \\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
DFSTRACINGON FALSE
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
asl.log Destination=file
Battery
AC line Online
Battery full time Unknown
Battery Charge % 100 %
Battery State High
Amount of time remaining (sec) Unknown
Power Profile
Active power scheme Portable/Laptop
Hibernation Disabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 15 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 30 min
Turn Off Hard Disk after: (On Battery Power) 5 min
Suspend after: (On AC Power) 20 min
Suspend after: (On Battery Power) 5 min
Screen saver Disabled
Uptime
Current Session
Current Time 11/28/2011 10:59:34 AM
Current Uptime 33780 sec (0 d, 09 h, 23 m, 00 s)
Last Boot Time 11/28/2011 1:36:34 AM
TimeZone
TimeZone GMT -5 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
GoogleUpdateTaskMachineUA 11/28/2011 11:16 AM;Every 1 hour(s) from 8:16 AM for 24 hour(s) every day, starting 10/20/2011
GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000UA 11/28/2011 11:36 AM;Every 1 hour(s) from 8:36 AM for 24 hour(s) every day, starting 10/21/2011
GoogleUpdateTaskMachineCore 11/29/2011 8:16 AM;Run at user logon
GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000Core 11/29/2011 8:36 AM;At 8:36 AM every day, starting 10/21/2011
Process List
applemobiledeviceservice.exe
Process ID 2160
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 9.86 MB
Peak Memory Usage 9.87 MB
atieclxx.exe
Process ID 1408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 6.38 MB
Peak Memory Usage 6.47 MB
atiesrxx.exe
Process ID 720
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 4.71 MB
Peak Memory Usage 4.71 MB
audiodg.exe
Process ID 1184
avastsvc.exe
Process ID 1588
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
Memory Usage 29 MB
Peak Memory Usage 68 MB
csrss.exe
Process ID 660
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 7.86 MB
Peak Memory Usage 7.87 MB
csrss.exe
Process ID 736
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
ddhelper.exe
Process ID 4136
User Darron
Domain Darron-PC
Path C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe
Memory Usage 6.11 MB
Peak Memory Usage 6.17 MB
dropbox.exe
Process ID 1092
User Darron
Domain Darron-PC
Path C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe
Memory Usage 51 MB
Peak Memory Usage 51 MB
dwm.exe
Process ID 608
User Darron
Domain Darron-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 5.00 MB
Peak Memory Usage 5.95 MB
ehmsas.exe
Process ID 4300
User Darron
Domain Darron-PC
Path C:\Windows\ehome\ehmsas.exe
Memory Usage 5.41 MB
Peak Memory Usage 5.43 MB
ehtray.exe
Process ID 2060
User Darron
Domain Darron-PC
Path C:\Windows\ehome\ehtray.exe
Memory Usage 2.60 MB
Peak Memory Usage 7.04 MB
etservice.exe
Process ID 2368
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
explorer.exe
Process ID 3436
User Darron
Domain Darron-PC
Path C:\Windows\Explorer.EXE
Memory Usage 64 MB
Peak Memory Usage 67 MB
googlecrashhandler.exe
Process ID 5036
User Darron
Domain Darron-PC
Path C:\Users\Darron\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
Memory Usage 2.37 MB
Peak Memory Usage 8.93 MB
hp1006mc.exe
Process ID 2336
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
Memory Usage 5.66 MB
Peak Memory Usage 5.68 MB
jusched.exe
Process ID 4100
User Darron
Domain Darron-PC
Path C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Memory Usage 4.71 MB
Peak Memory Usage 4.75 MB
lsass.exe
Process ID 784
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 3.79 MB
Peak Memory Usage 12 MB
lsm.exe
Process ID 792
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 7.21 MB
Peak Memory Usage 7.23 MB
lxeccoms.exe
Process ID 2552
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lxeccoms.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
lxecmon.exe
Process ID 2356
User Darron
Domain Darron-PC
Path C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
Memory Usage 10 MB
Peak Memory Usage 11 MB
mousewithoutborders.exe
Process ID 2624
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
Memory Usage 37 MB
Peak Memory Usage 38 MB
mousewithoutborders.exe
Process ID 2132
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
Memory Usage 39 MB
Peak Memory Usage 40 MB
notepad.exe
Process ID 4708
User Darron
Domain Darron-PC
Path C:\Windows\System32\notepad.exe
Memory Usage 5.62 MB
Peak Memory Usage 5.62 MB
sdwinsec.exe
Process ID 3148
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
searchfilterhost.exe
Process ID 5540
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 9.79 MB
Peak Memory Usage 9.82 MB
searchindexer.exe
Process ID 3016
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 74 MB
Peak Memory Usage 74 MB
searchprotocolhost.exe
Process ID 3772
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
services.exe
Process ID 772
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 8.68 MB
Peak Memory Usage 8.87 MB
slsvc.exe
Process ID 1252
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 13 MB
Peak Memory Usage 16 MB
smss.exe
Process ID 516
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.00 MB
Peak Memory Usage 1.00 MB
speccy64.exe
Process ID 6040
User Darron
Domain Darron-PC
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
spoolsv.exe
Process ID 1996
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
sqlbrowser.exe
Process ID 2748
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
Memory Usage 4.90 MB
Peak Memory Usage 4.94 MB
sqlservr.exe
Process ID 2612
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
Memory Usage 12 MB
Peak Memory Usage 39 MB
sqlwriter.exe
Process ID 2800
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Memory Usage 9.34 MB
Peak Memory Usage 9.39 MB
svchost.exe
Process ID 2724
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.61 MB
Peak Memory Usage 7.79 MB
svchost.exe
Process ID 2860
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.88 MB
Peak Memory Usage 8.89 MB
svchost.exe
Process ID 2924
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.56 MB
Peak Memory Usage 3.57 MB
svchost.exe
Process ID 3652
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 35 MB
svchost.exe
Process ID 3580
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.58 MB
Peak Memory Usage 8.68 MB
svchost.exe
Process ID 1052
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 50 MB
Peak Memory Usage 50 MB
svchost.exe
Process ID 980
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.79 MB
Peak Memory Usage 9.14 MB
svchost.exe
Process ID 300
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 41 MB
Peak Memory Usage 118 MB
svchost.exe
Process ID 988
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 1040
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 149 MB
Peak Memory Usage 247 MB
svchost.exe
Process ID 1212
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.70 MB
Peak Memory Usage 6.73 MB
svchost.exe
Process ID 1272
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
svchost.exe
Process ID 1460
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 45 MB
svchost.exe
Process ID 2020
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 2520
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.78 MB
Peak Memory Usage 3.78 MB
svchost.exe
Process ID 2640
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.50 MB
Peak Memory Usage 4.50 MB
svchost.exe
Process ID 2700
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.09 MB
Peak Memory Usage 4.09 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 3704
User Darron
Domain Darron-PC
Path C:\Windows\system32\taskeng.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
taskeng.exe
Process ID 1448
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 8.12 MB
Peak Memory Usage 8.48 MB
wininit.exe
Process ID 724
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 5.72 MB
Peak Memory Usage 5.81 MB
winlogon.exe
Process ID 876
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 8.27 MB
Peak Memory Usage 8.85 MB
wlidsvc.exe
Process ID 2952
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 17 MB
Peak Memory Usage 18 MB
wlidsvcm.exe
Process ID 1796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 4.25 MB
Peak Memory Usage 4.27 MB
wmiprvse.exe
Process ID 3748
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 9.83 MB
Peak Memory Usage 9.83 MB
wmiprvse.exe
Process ID 5752
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 7.89 MB
Peak Memory Usage 7.93 MB
wmpnetwk.exe
Process ID 2464
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
wmpnscfg.exe
Process ID 4536
User Darron
Domain Darron-PC
Path C:\Program Files\Windows Media Player\wmpnscfg.exe
Memory Usage 6.56 MB
Peak Memory Usage 6.58 MB
wuauclt.exe
Process ID 4540
User Darron
Domain Darron-PC
Path C:\Windows\system32\wuauclt.exe
Memory Usage 6.79 MB
Peak Memory Usage 6.80 MB
xaudio64.exe
Process ID 3092
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DRIVERS\xaudio64.exe
Memory Usage 3.77 MB
Peak Memory Usage 3.77 MB
Hotfixes
11/20/2011 Security Update for Windows Vista for x64-based Systems (KB2588516)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/20/2011 Update for Windows Vista for x64-based Systems (KB2641690)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
11/20/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [November 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
11/20/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.2100.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/20/2011 Security Update for Windows Vista for x64-based Systems (KB2620704)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/20/2011 Windows Malicious Software Removal Tool x64 - November 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/1/2011 Security Update for Microsoft Silverlight (KB2617986)
This security update to Silverlight includes fixes outlined in
KBs 2604930 and 2617986. This update is backward compatible with
web applications built using previous versions of Silverlight.
11/1/2011 Windows Malicious Software Removal Tool x64 - October 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/1/2011 Security Update for Windows Vista for x64-based Systems (KB2567053)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Update for Windows Vista for x64-based Systems (KB2616676)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64 (KB2572075)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows Vista for x64-based Systems (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows Vista for x64-based Systems (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2572078)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2596560)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
11/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.998.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/1/2011 The 2007 Microsoft Office Suite Service Pack 3 (SP3)
Service Pack 3 provides the latest updates to the 2007 Microsoft
Office Suite. This update also applies to Microsoft Office Project,
Microsoft Office SharePoint Designer, Microsoft Office Visio,
and Visual Web Developer.
11/1/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [October 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows Vista for x64-based Systems (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2586448)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
9/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2389.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/14/2011 Security Update for Microsoft Office 2007 System (KB2553090)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Security Update for Microsoft Office 2003 (KB2584052)
A security vulnerability exists in Microsoft Office 2003 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Security Update for Microsoft Office Excel 2007 (KB2553073)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Security Update for Microsoft Office Groove 2007 (KB2552997)
A security vulnerability exists in Microsoft Groove 2007 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553110)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
9/14/2011 Security Update for Microsoft Office 2007 System (KB2553089)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
Microsoft has released an update for Microsoft Office File Validation
2010, 32-bit Edition. This update provides the latest fixes to
Microsoft Office File Validation 2010, 32-bit Edition. Additionally,
this update contains stability and performance improvements.
9/14/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
9/14/2011 Update for Microsoft Office Outlook 2007 (KB2583910)
Microsoft has released an update for Microsoft Office Outlook
2007. This update provides the latest fixes to Microsoft Office
Outlook 2007. Additionally, this update contains stability and
performance improvements.
9/14/2011 Security Update for Microsoft Office 2007 System (KB2584063)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/14/2011 Windows Malicious Software Removal Tool x64 - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2089.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1823.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1554.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
9/9/2011 Update for Windows Vista for x64-based Systems (KB2607712)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
8/31/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1045.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.775.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/29/2011 Microsoft Office File Validation Add-in
Microsoft Office File Validation is a security add-in for Office
2003 and 2007. Office File Validation is used to validate that
Binary File Format files conform to the Microsoft Office File
Format. The user will be notified of possible security risks
if files fail to conform to the format.
8/29/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2533523)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
8/29/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
8/24/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2586924)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
8/24/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [August 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
8/24/2011 Update for Windows Vista for x64-based Systems (KB2570791)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
8/24/2011 Security Update for Windows Vista for x64-based Systems (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/24/2011 Update Rollup for ActiveX Killbits for Windows Vista for x64-based Systems (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/24/2011 Update for Windows Vista for x64-based Systems (KB2563227)
Install this update to resolve performance and reliability issues
in Windows. By applying this update, you can achieve better performance
and responsiveness in various scenarios. For a complete listing
of the issues that are included in this update, see the associated
Microsoft Knowledge Base article for more information. After
you install this item, you may have to restart your computer.
8/24/2011 Security Update for Windows Vista for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/24/2011 Security Update for Windows Vista for x64-based Systems (KB2563894)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/24/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64-based Systems (KB2539633)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/24/2011 Windows Malicious Software Removal Tool x64 - August 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/24/2011 Security Update for Windows Vista for x64-based Systems (KB2556532)
A security issue has been identified that could allow an authenticated
local attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/24/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.490.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/24/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2559049)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/24/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2539636)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/4/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.869.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
8/4/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2478660)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/4/2011 Update for Windows Vista for x64-based Systems (KB2533623)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/4/2011 Windows Malicious Software Removal Tool x64 - July 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/4/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [July 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
8/4/2011 Security Update for Windows Vista for x64-based Systems (KB2555917)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/4/2011 Update for Windows Vista for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/4/2011 Security Update for Windows Vista for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/4/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553975)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
8/4/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/4/2011 Update for Windows Vista for x64-based Systems (KB2541763)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/4/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/4/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2518866)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/4/2011 Security Update for Windows Vista for x64-based Systems (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Windows Malicious Software Removal Tool x64 - June 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/21/2011 Security Update for Microsoft Office InfoPath 2007 (KB2510061)
A security vulnerability exists in Microsoft Office InfoPath
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
6/21/2011 Security Update for Microsoft Office Excel 2007 (KB2541007)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
6/21/2011 Update for Microsoft Office 2003 (KB2543854)
Microsoft has released an update for Microsoft Office 2003. This
update decreases installation failures for updates installed
on Microsoft Office 2003.
6/21/2011 Update for Microsoft Office 2007 System (KB2539530)
Microsoft has released an update for Microsoft Office 2007 System.
This update provides the latest fixes to Microsoft Office 2007
System. Additionally, this update adds support for the new Indian
rupee currency symbol.
6/21/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Security Update for Microsoft Silverlight (KB2512827)
This security update to Silverlight includes fixes outlined in
KBs 2514842 and 2512827. This update is backward compatible with
web applications built using previous versions of Silverlight.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2503665)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.2171.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/21/2011 Update for Microsoft Office 2003 (KB2539581)
Microsoft has released an update for Microsoft Office 2003. This
update provides the latest fixes to Microsoft Office 2003. Additionally,
this update adds support for the new Indian rupee currency symbol.
6/21/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
6/21/2011 Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB2530548)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2525694)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [June 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/21/2011 Security Update for Windows Vista for x64-based Systems (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
6/21/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1687.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/10/2011 Update for Windows Vista for x64-based Systems (KB2505189)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/10/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1413.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
6/10/2011 Update for Windows Vista for x64-based Systems (KB2522422)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/10/2011 Update for Windows Vista for x64-based Systems (KB2492386)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
6/10/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2467174)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/10/2011 Windows Internet Explorer 9 for Windows Vista for x64-based systems
Windows Internet Explorer 9 delivers web sites and applications
that look and perform like native PC applications through the
power of Windows.

Fast: Internet Explorer 9 is all-around fast.
Designed to take full advantage of your PC’s hardware through
Windows, Internet Explorer 9 delivers graphically rich and immersive
experiences that are as fast and responsive as native applications
installed on your PC.

Clean: Internet Explorer puts the focus
on the Web sites you love with a clean look and increased viewing
area that makes your Web sites shine. Intuitive and seamless
integration with Windows Vista provides one-click access to Web
applications pinned directly to your Taskbar.

Trusted: Internet
Explorer is the trusted way to the Web because it has a robust
set of built-in security, privacy and reliability technologies
that keep you safer and your browsing experience uninterrupted.

Interoperable: Support for HTML5 and modern Web standards architected
to take advantage of the GPU means that the same mark-up not
only works across the Web, but runs faster and delivers a richer
experience through Windows and Internet Explorer 9.
5/17/2011 Update for Microsoft Office Outlook 2007 (KB2509470)
Microsoft has released an update for Microsoft Office Outlook
2007. This update provides the latest fixes to Microsoft Office
Outlook 2007. Additionally, this update contains stability and
performance improvements.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Security Update for Microsoft Office Excel 2007 (KB2464583)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/17/2011 Update for Windows Vista for x64-based Systems (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2412687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB2508272)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
5/17/2011 Update for Microsoft Office 2007 System (KB2508958)
Microsoft has released an update for Microsoft Office 2007 System.
This update decreases installation failures for updates installed
on Microsoft Office 2007 System.
5/17/2011 Security Update for Microsoft Office 2003 (KB2509503)
A security vulnerability exists in Microsoft Office 2003 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/17/2011 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2449742)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
5/17/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [May 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
5/17/2011 Windows Malicious Software Removal Tool x64 - May 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/17/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/17/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2536413)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Update for Windows Vista for x64-based Systems (KB2506014)
An issue has been identified that could allow a user with administrative
permissions to load an unsigned driver. This update resolves
that issue. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/17/2011 Word Viewer 2003 Service Pack 3 (SP3)
Microsoft Office Word Viewer 2003 Service Pack 3 (SP3) contains
significant security enhancements. Some of the fixes included
with SP3 have been previously released as separate updates. This
service pack combines them into one update.
5/17/2011 Security Update for Microsoft Office 2007 System (KB2509488)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2503658)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/17/2011 Security Update for Microsoft Office 2003 (KB951535)
A security vulnerability exists in Microsoft Office 2003 that
could allow information disclosure. This update resolves that
issue.
5/17/2011 Security Update for Microsoft Word Viewer (KB2345009)
This update resolves a vulnerability, that exists in Microsoft
Office 2003, that could allow arbitrary code to run when a maliciously
modified file is opened.
5/17/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2506223)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Security Update for Microsoft Office 2003 (KB972580)
A security vulnerability exists in Microsoft Office 2003 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves the vulnerability so that
Microsoft Office 2003 documents are handled appropriately.
5/17/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2497640)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
5/17/2011 Security Update for Microsoft Office 2003 (KB2288613)
A security vulnerability exists in Microsoft Office 2003 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/17/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
A security vulnerability exists in Microsoft Office PowerPoint
Viewer 2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2446708)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
5/17/2011 Security Update for Windows Vista for x64-based Systems (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1631.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/16/2011 Update for Microsoft Silverlight (KB2526954)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
4/26/2011 Update for Microsoft Silverlight (KB2495644)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
3/13/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.1138.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/13/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.1126.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/12/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.1103.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/11/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.1050.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/11/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.1034.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.989.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.99.965.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2011 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.97.840.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2011 Windows Malicious Software Removal Tool x64 - March 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/10/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [March 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
3/10/2011 Security Update for Windows Vista for x64-based Systems (KB2481109)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/10/2011 Security Update for Windows Vista for x64-based Systems (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/10/2011 Microsoft Security Essentials - KB2267621
You may not be running an anti-malware solution and this may
leave your PC vulnerable to viruses, spyware and other malicious
software. Microsoft Security Essentials is a free anti-malware
software offered to Windows users who have purchased a Genuine
copy of Windows. Microsoft Security Essentials is licensed for
use on home PCs and by small businesses with 10 or fewer PCs.
You can download alternative languages directly from www.microsoft.com/security_essentials
with the “more information” link below.
3/10/2011 Security Update for Groove 2007 (KB2494047)
A security vulnerability exists in Microsoft Groove 2007 that
could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
3/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.800.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/6/2011 Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332)
This service pack upgrades all Microsoft SQL Server 2005 Express
Edition instances and components to Service Pack 4 (SP4). If
you need additional installation options, you should download
this service pack at the Microsoft Download Center. For more
information, see Microsoft Knowledge Base article 2463332.
3/6/2011 Update for Microsoft Silverlight (KB2477244)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
3/6/2011 Update for Windows Vista for x64-based Systems (KB971029)
Install this update to restrict AutoRun entries in the AutoPlay
dialog to only CD and DVD drives. After you install this item,
you may have to restart your computer.
3/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.567.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
3/6/2011 Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista for x64-based Systems (KB968930)
The Windows Management Framework Core package includes Windows
PowerShell 2.0 and Windows Remote Management (WinRM) 2.0. For
more information on the Windows Management Framework, see http://support.micro....com/kb/968929.
2/18/2011 Update for Windows Mail Junk E-mail Filter for x64-based Systems [February 2011] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer
2/18/2011 Windows Live Essentials 2011 (KB2434419)
Do more with Windows on your PC with free programs from Microsoft
for photos, movies, instant messaging, email, social networking,
and more. Get it all in one simple download.
Windows Live Essentials
includes Messenger, Photo Gallery, Mail, Movie Maker, Writer,
Family Safety, and Windows Live Mesh, plus Bing Bar, Messenger
Companion, Microsoft Outlook Hotmail Connector, Microsoft Outlook
Social Connector Provider for Windows Live Messenger, and Microsoft
Silverlight.
Installing this update will replace your Windows
Live Toolbar with Bing Bar.
2/18/2011 Windows Malicious Software Removal Tool x64 - February 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/18/2011 Security Update for Windows Vista for x64-based Systems (KB2479628)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2011 Platform Update Supplement for Windows Vista for x64-based Systems (KB2117917)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/18/2011 Security Update for Windows Vista for x64-based Systems (KB2483185)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1752.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/18/2011 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2482017)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/18/2011 Security Update for Windows Vista for x64-based Systems (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/18/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2492475)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
2/18/2011 Security Update for Windows Vista for x64-based Systems (KB2485376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/1/2011 Windows Malicious Software Removal Tool x64 - January 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/1/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2483110)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
2/1/2011 Security Update for Windows Vista for x64-based Systems (KB2419640)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.757.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
2/1/2011 Update for Microsoft Office Outlook 2007 (KB2412171)
This update provides the latest fixes related to stability and
performance improvements for Microsoft Office Outlook 2007.
2/1/2011 Security Update for Windows Vista for x64-based Systems (KB2478935)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/8/2011 Realtek driver update for Realtek PCIe FE Family Controller
This driver was provided by Realtek for support of Realtek PCIe
FE Family Controller
1/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3426.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
1/2/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.2986.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/18/2010 Update for Internet Explorer for Windows Vista for x64-based Systems (KB2467659)
Install this update to resolve issues in Internet Explorer. For
a complete listing of the issues that are included in this update,
see the associated Microsoft Knowledge Base article for more
information. After you install this item, you may have to restart
your computer.
12/18/2010 Security Update for Microsoft Office Publisher 2007 (KB2284697)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/18/2010 Security Update for Windows Vista for x64-based Systems (KB2296199)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/18/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [December 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
12/18/2010 Windows Malicious Software Removal Tool x64 - December 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/18/2010 Security Update for Windows Vista for x64-based Systems (KB2442962)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/18/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB2447568)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
12/18/2010 Security Update for Windows Vista for x64-based Systems (KB2436673)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/18/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2416400)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/18/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2466076)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
12/18/2010 Security Update for Microsoft Office 2007 System (KB2288931)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/18/2010 Security Update for Windows Vista for x64-based Systems (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/18/2010 Update for Windows Vista for x64-based Systems (KB2443685)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
12/18/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1996.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/18/2010 Security Update for Windows Vista for x64-based Systems (KB2305420)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1764.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/19/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.191.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/11/2010 Security Update for Microsoft Office 2007 System (KB2289158)
A security vulnerability exists in the 2007 Microsoft Office
System and the Compatibility Pack for the 2007 Office system
that could allow remote code execution. This update resolves
that vulnerability.
11/11/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2443839)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
11/11/2010 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
A security vulnerability exists in Microsoft Office PowerPoint
Viewer 2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/11/2010 Windows Malicious Software Removal Tool x64 - November 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/11/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [November 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
11/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1456.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/3/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.948.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/3/2010 Update for Windows Vista for x64-based Systems (KB2388210)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
10/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.284.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for Microsoft Office Excel 2007 (KB2345035)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB979688)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for the 2007 Microsoft Office System (KB2344875)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/13/2010 Security Update for the 2007 Microsoft Office System (KB2345043)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB981957)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2360131)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/13/2010 Security Update for Microsoft Office Word 2007 (KB2344993)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2010 Security Update for .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2160841)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
10/13/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2410711)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
10/13/2010 Update for Windows Vista for x64-based Systems (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB2207566)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
10/13/2010 Windows Malicious Software Removal Tool x64 - October 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/13/2010 Security Update for Windows Vista for x64-based Systems (KB2281679)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/6/2010 Update for Windows Vista for x64-based Systems (KB2158563)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
10/6/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB2362765)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
10/6/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 for x64-based Systems (KB2416473)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
10/6/2010 Update for Microsoft Silverlight (KB2416427)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
10/6/2010 Security Update for Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB2416470)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
9/16/2010 Security Update for Windows Vista for x64-based Systems (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Windows Vista for x64-based Systems (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [September 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
9/16/2010 Security Update for the 2007 Microsoft Office System (KB2288621)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
9/16/2010 Windows Malicious Software Removal Tool x64 - September 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/16/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2291599)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
9/16/2010 Update for the 2007 Microsoft Office System (KB2284654)
Microsoft has released an update for 2007 Microsoft Office System.
This update is an accumulation of the latest fixes, including
solutions for stability and performance with Visual Studio.
9/16/2010 Update for Windows Vista for x64-based Systems (KB2141007)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
9/16/2010 Security Update for Windows Vista for x64-based Systems (KB981322)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Security Update for Microsoft Office Outlook 2007 (KB2288953)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/25/2010 Microsoft .NET Framework 4 Client Profile for Windows Vista x64-based Systems (KB982670)
The Microsoft .NET Framework 4 Client Profile provides a subset
of features from the .NET Framework 4. The Client Profile is
designed to run client applications and to enable the fastest
possible deployment for Windows Presentation Foundation (WPF)
and Windows Forms technology.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB978886)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB982664)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB982214)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB2160329)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB982799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 for x64-based Systems (KB983589)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB981852)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2279264)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
8/22/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [August 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB981997)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2183461)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/22/2010 Realtek - Network - Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Realtek Network software update released in October, 2008
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB2079403)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista for x64-based Systems (KB968930)
The Windows Management Framework Core package includes Windows
PowerShell 2.0 and Windows Remote Management (WinRM) 2.0. For
more information on the Windows Management Framework, see http://support.micro....com/kb/968929.
8/22/2010 Security Update for the 2007 Microsoft Office System (KB2277947)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
8/22/2010 Security Update for Windows Vista for x64-based Systems (KB980436)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/22/2010 Windows Malicious Software Removal Tool x64 - August 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/22/2010 Security Update for Microsoft Office Word 2007 (KB2251419)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/3/2010 Security Update for Windows Vista for x64-based Systems (KB2286198)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/22/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB982632)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
7/22/2010 Update for Windows Vista for x64-based Systems (KB982519)
Install this update to resolve issues with non-compatible applications.
For complete details of this update, see the associated Knowledge
Base Article. After you install this item, you may have to restart
your computer.
7/22/2010 Security Update for Windows Vista for x64-based Systems (KB980218)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/22/2010 Windows Malicious Software Removal Tool x64 - July 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/22/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB982381)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
7/22/2010 Security Update for Windows Vista for x64-based Systems (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/22/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB980195)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
7/22/2010 Security Update for the 2007 Microsoft Office System (KB982312)
A security vulnerability exists in the 2007 Microsoft Office
System and the Compatibility Pack for the 2007 Office system
that could allow remote code execution. This update resolves
that vulnerability.
7/22/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [July 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
7/22/2010 Update for Microsoft Office OneNote 2007 (KB980729)
Microsoft has released an update for Microsoft Office OneNote
2007. This update provides the latest fixes to Microsoft Office
OneNote 2007. Additionally, this update contains stability and
performance improvements.
7/22/2010 Security Update for Microsoft Office Excel 2007 (KB982308)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
7/22/2010 Security Update for Windows Vista for x64-based Systems (KB979559)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/22/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update for x64-based Systems (KB982525)
This update addresses a set of known issues of the Microsoft
.NET Framework 3.5 Service Pack 1. After you install this item,
you may have to restart your computer.
7/22/2010 Security Update for Microsoft Office InfoPath 2007 (KB979441)
A security vulnerability exists in Microsoft Office InfoPath
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/22/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update for x64-based Systems (KB982536)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
7/22/2010 Security Update for Microsoft Office PowerPoint 2007 (KB982158)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/22/2010 Cumulative Update for Media Center for Windows Vista for x64-based Systems (KB982480)
Install this update to resolve issues with Media Center for Windows
Vista. For a complete listing of the issues that are included
in this cumulative update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
7/22/2010 Update for Windows Vista for x64-based Systems (KB980248)
Install this update to remove the Windows File Protection from
applicable Windows font files. This update is necessary so the
Office 2010 installer can update the fonts. After you install
this item, you may have to restart your computer.
7/22/2010 Security Update for Microsoft Office Access 2007 (KB979440)
A security vulnerability exists in Microsoft Office Access 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
7/22/2010 Security Update for Windows Vista for x64-based Systems (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/22/2010 Security Update for the 2007 Microsoft Office System (KB976321)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/22/2010 Security Update for Microsoft Office Publisher 2007 (KB982124)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/22/2010 Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update for x64-based Systems (KB979910)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
7/22/2010 Update for Windows Vista for x64-based Systems (KB981793)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
7/22/2010 Security Update for Microsoft Office Word 2007 (KB982135)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
7/22/2010 Security Update for the 2007 Microsoft Office System (KB982331)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
7/22/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2202131)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
7/22/2010 Security Update for Microsoft Office Outlook 2007 (KB980376)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
7/16/2010 Update for Microsoft Silverlight (KB982926)
This update to Silverlight improves security and reliability,
and adds a variety of performance and functional enhancements
including support for web-conferencing, printing support and
improved support for video, networking and rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
4/23/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB980302)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB978338)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB981332)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Windows Malicious Software Removal Tool x64 - April 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/23/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [April 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB977816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB980182)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/23/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB980302)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
4/23/2010 Update for the 2007 Microsoft Office System (KB981715)
Microsoft has released an update for the 2007 Microsoft Office
System. This update provides the latest fixes to the 2007 Microsoft
Office System. Additionally, this update contains stability and
performance improvements.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB978338)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB981332)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Update for Microsoft Office OneNote 2007 (KB980729)
Microsoft has released an update for Microsoft Office OneNote
2007. This update provides the latest fixes to Microsoft Office
OneNote 2007. Additionally, this update contains stability and
performance improvements.
4/23/2010 Windows Malicious Software Removal Tool x64 - April 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/23/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [April 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Microsoft Office Publisher 2007 (KB980470)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Security Update for Windows Vista for x64-based Systems (KB977816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB980182)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/23/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB981433)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
3/11/2010 Windows Malicious Software Removal Tool x64 - March 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/11/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [March 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
3/11/2010 Update for Windows Vista for x64-based Systems (KB973917)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
3/11/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
3/11/2010 Security Update for Microsoft Office Excel 2007 (KB978382)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
3/11/2010 Security Update for the 2007 Microsoft Office System (KB978380)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
3/11/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB979895)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
3/11/2010 Security Update for Movie Maker 6.0 for Windows Vista for x64-based Systems (KB975561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/5/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
2/24/2010 Update for Rights Management Services Client for Windows Vista for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
2/24/2010 Update for Windows Vista for x64-based Systems (KB975929)
Both the Meiryo UI font and the Meiryo UI Bold font are included
in this update. These new fonts let an application optimally
display Kana characters in the Ribbon UI component and in other
parts of the user interface, especially in areas where text area
is limited. After you install this item, you may have to restart
your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
2/24/2010 Update for Windows Vista for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
2/13/2010 Security Update for Windows Vista for x64-based Systems (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/13/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [February 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
2/13/2010 Windows Malicious Software Removal Tool x64 - February 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/13/2010 Security Update for Windows Vista for x64-based Systems (KB971468)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/13/2010 Security Update for Windows Vista for x64-based Systems (KB978251)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/13/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB977719)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
2/13/2010 Security Update for Windows Vista for x64-based Systems (KB974145)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/13/2010 Security Update for Windows Vista for x64-based Systems (KB977165)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/13/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB978262)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
2/6/2010 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB978207)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/6/2010 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB978506)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
1/23/2010 Update for Microsoft Silverlight (KB979202)
This update to Silverlight includes functional, performance,
reliability and security improvements. This update is backward
compatible with web applications built using previous versions
of Silverlight.
1/13/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB977839)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
1/12/2010 Security Update for Windows Vista for x64-based Systems (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/12/2010 Update for Windows Mail Junk E-mail Filter for x64-based Systems [January 2010] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
1/12/2010 Windows Malicious Software Removal Tool x64 - January 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/6/2010 Update for Microsoft Office InfoPath 2007 (KB976416)
Microsoft has released an update for Microsoft Office InfoPath
2007. This update provides the latest fixes to Microsoft Office
InfoPath 2007. Additionally, this update contains stability and
performance improvements.
12/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.1143.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.992.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/17/2009 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB976884)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
12/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.833.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
12/8/2009 Update for Windows Vista for x64-based Systems (KB971737)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
12/8/2009 Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB976325)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/8/2009 Security Update for Windows Vista for x64-based Systems (KB974318)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/8/2009 Update for Windows Mail Junk E-mail Filter for x64-based Systems [December 2009] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
12/8/2009 Update for Windows Vista for x64-based Systems (KB970430)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
12/8/2009 Windows Malicious Software Removal Tool x64 - December 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/8/2009 Update for Windows Vista for x64-based Systems (KB973917)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
12/4/2009 Platform Update for Windows Vista x64-based Systems (KB971644)
The Platform Update for Windows Vista is a collection of runtime
libraries that make it easy for developers to target a wider
customer base. After you install this item, you may have to restart
your computer.
12/4/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 for x64-based Systems (KB974470)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/4/2009 Update for Windows Vista for x64-based Systems (KB960362)
The Windows Ribbon and Animation Manager Library contains the
Windows Ribbon API, a command framework that enables developers
to quickly and easily create rich ribbon experiences in their
applications, and the Windows Animation Manager API, an animation
framework for managing the scheduling and execution of user interface
element animations. After you install this item, you may have
to restart your computer.
12/3/2009 Windows Vista Service Pack 2 for x64-based Systems (KB948465)
Windows Vista Service Pack 2 is an update to Windows Vista that
includes all of the updates that have been delivered since Service
Pack 1, as well as support for new types of hardware and emerging
hardware standards. After you install this item, you may have
to restart your computer. This update is provided to you and
licensed under the Windows Vista License Terms.
12/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.346.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/28/2009 CXT - Network - HDAUDIO Soft Data Fax Modem with SmartCP
CXT Network software update released in November, 2008
11/28/2009 Realtek - Network - Realtek PCIe FE Family Controller
Realtek Network software update released in September, 2009
11/28/2009 Intel driver update for Intel® PRO/Wireless 3945ABG Network Connection
This driver was provided by Intel for support of Intel® PRO/Wireless
3945ABG Network Connection
11/28/2009 ATI Technologies Inc. - Display - ATI Mobility Radeon HD 2600
ATI Technologies Inc. Display software update released in June,
2009
11/24/2009 Update for Windows Vista for x64-based Systems (KB976098)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2009. After you install this item, you
may have to restart your computer.
11/24/2009 Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
11/24/2009 Update for Windows Vista for x64-based Systems (KB973687)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer.
11/24/2009 Update for Windows Vista for x64-based Systems (KB976470)
Install this update to resolve an issue in which the "Date and
Time" window of Control Panel will incorrectly display an error
message. After you install this item, you may have to restart
your computer.
11/16/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.995.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/14/2009 Security Update for SQL Server 2005 Service Pack 3 (KB970892)
A security issue has been identified in the SQL Server 2005 Service
Pack 3 that could allow an attacker to compromise your system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/14/2009 Security Update for Microsoft Visual C++ 2008 Redistributable Package (KB973924)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2008 Redistributable Package and gain complete control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
11/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.881.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
11/10/2009 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB975960)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
11/10/2009 Update for Microsoft Office Word 2007 (KB974561)
Microsoft has released an update for Microsoft Office Word 2007.
This update provides the latest fixes to Microsoft Office Word
2007. Additionally, this update contains stability and performance
improvements.
11/10/2009 Security Update for Windows Vista for x64-based Systems (KB973565)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/10/2009 Security Update for Windows Vista for x64-based Systems (KB969947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/10/2009 Security Update for the 2007 Microsoft Office System (KB973704)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
11/10/2009 Windows Malicious Software Removal Tool x64 - November 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/10/2009 Security Update for Microsoft Office Excel 2007 (KB973593)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/10/2009 Update for Windows Mail Junk E-mail Filter for x64-based Systems [November 2009] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
11/10/2009 Update for Microsoft Office Word 2007 (KB974561)
Microsoft has released an update for Microsoft Office Word 2007.
This update provides the latest fixes to Microsoft Office Word
2007. Additionally, this update contains stability and performance
improvements.
11/10/2009 Security Update for Windows Vista for x64-based Systems (KB973565)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/10/2009 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB975960)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
11/10/2009 Security Update for Microsoft Office Excel 2007 (KB973593)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/10/2009 Windows Malicious Software Removal Tool x64 - November 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/10/2009 Security Update for the 2007 Microsoft Office System (KB973704)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
11/10/2009 Update for Windows Mail Junk E-mail Filter for x64-based Systems [November 2009] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
11/4/2009 Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB976749)
Install this update to resolve issues that may occur after installing
the Internet Explorer cumulative security update issued as MS09-054
(http://www.microsoft...n/ms09-054.mspx).
After you install this item, you may have to restart your computer.
11/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.443.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/30/2009 Windows Update Agent 7.4.7600.226
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
10/29/2009 Update for Windows Vista for x64-based Systems (KB972145)
Install this update to resolve a compliance issue with Windows
Media Player and Set Program Access and Computer Defaults. After
you install this item, you may have to restart your computer.
10/29/2009 Update for Internet Explorer 8 Compatibility View List for Windows Vista for x64-based Systems (KB975364)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
10/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.18.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/19/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.940.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/19/2009 Security Update for Jscript 5.8 for Windows Vista for x64-based Systems (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/18/2009 Internet Explorer 8 for Windows Vista for x64-based Systems
Internet Explorer 8 is the latest version of the familiar Web
browser that you are most comfortable using. Internet Explorer
8 helps you get everything that you want from the Web faster,
easier, and more privately and securely than ever. After you
install this item, you may have to restart your computer. This
update is provided to you and licensed under the Windows Vista
License Terms.
10/18/2009 Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895)
Microsoft Other hardware software update released in May, 2009
10/16/2009 Security Update for Windows Vista for x64-based Systems (KB971486)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/16/2009 Cumulative Update for Media Center for Windows Vista for x64-based Systems (KB974306)
Install this update to resolve issues with Media Center for Windows
Vista. For a complete listing of the issues that are included
in this cumulative update, see Microsoft Knowledge Base article
974306. After you install this item, you may have to restart
your computer.
10/16/2009 Update for Windows Mail Junk E-mail Filter for x64-based Systems [October 2009] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
10/16/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista for x64-based Systems (KB954155)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/16/2009 Security Update for Windows Vista for x64-based Systems (KB958869)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/16/2009 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
A security vulnerability exists in Microsoft Office Visio Viewer
2007 that could allow arbitrary code to run when a maliciously
modified web page is opened. This update resolves that vulnerability.
10/16/2009 Security Update for the 2007 Microsoft Office System (KB972581)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that the 2007 Microsoft Office System documents are handled
appropriately.
10/16/2009 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB974810)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
10/16/2009 Security Update for Windows Vista for x64-based Systems (KB975467)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
10/16/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista for x64-based Systems (KB974455)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/16/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB973525)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
10/16/2009 Security Update for Windows Vista for x64-based Systems (KB975517)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/16/2009 Security Update for the 2007 Microsoft Office System (KB974234)
This update resolves a problem that can cause programs that use
the Outlook View Control with Forms 2.0, such as Microsoft Office
Outlook with Business Contact Manager, to stop functioning as
expected after Security Update for Microsoft Office Outlook 2007
(KB972363) is installed.
10/16/2009 Security Update for Windows Vista for x64-based Systems (KB974571)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
10/16/2009 Windows Malicious Software Removal Tool x64 - October 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/16/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista Service Pack 1 and Windows Server 2008 for x64-based Systems (KB974469)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/16/2009 Security Update for Microsoft Office Outlook 2007 (KB972363)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
web page is opened. This update resolves that vulnerability.
10/16/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.841.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/14/2009 Security Update for the 2007 Microsoft Office System (KB969679)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/14/2009 Security Update for Microsoft Office Publisher 2007 (KB969693)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that Microsoft Office Publisher 2007 documents are handled
appropriately.
10/14/2009 Security Update for Microsoft Office Excel 2007 (KB969682)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves the vulnerability so that
Microsoft Office Excel 2007 documents are handled appropriately.
10/14/2009 Security Update for the 2007 Microsoft Office System (KB969613)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
10/14/2009 Security Update for Microsoft PowerPoint 2007 (KB957789)
A security vulnerability exists in Microsoft PowerPoint 2007
that could allow arbitrary code to run when a maliciously modified
document is opened. This update resolves that vulnerability.
10/14/2009 Security Update for the 2007 Microsoft Office System (KB969559)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that the 2007 Microsoft Office System documents are handled
appropriately.
10/14/2009 Security Update for Microsoft Office Word 2007 (KB969604)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves the vulnerability so that
Microsoft Office Word 2007 documents are handled appropriately.
10/13/2009 Update for Microsoft Office PowerPoint 2007 Help (KB963669)
This update installs the latest assistance content for the Microsoft
Office PowerPoint 2007 Help file and the Office PowerPoint 2007
Developer Help file.
10/13/2009 Update for Microsoft Office Word 2007 Help (KB963665)
This update installs the latest assistance content for the Microsoft
Office Word 2007 Help file and the Office Word 2007 Developer
Help file.
10/13/2009 Update for Microsoft Office Outlook 2007 Help (KB963677)
This update installs the latest assistance content for the Microsoft
Office Outlook 2007 Help file and the Office Outlook 2007 Developer
Help file.
10/13/2009 Update for Microsoft Office Excel 2007 Help (KB963678)
This update installs the latest assistance content for the Microsoft
Office Excel 2007 Help file and the Office Excel 2007 Developer
Help file.
10/13/2009 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
Service Pack 2 provides the latest updates to the 2007 Microsoft
Office Suite. This update also applies to Microsoft Office Project,
Microsoft Office SharePoint Designer, Microsoft Expression Web,
Microsoft Office Visio, and Visual Web Developer.
10/13/2009 Update for Microsoft Office Access 2007 Help (KB963663)
This update installs the latest assistance content for the Microsoft
Office Access 2007 Help file and the Office Access 2007 Developer
Help file.
10/13/2009 Update for Microsoft Office OneNote 2007 Help (KB963670)
This update installs the latest assistance content for the Microsoft
Office OneNote 2007 Help file.
10/13/2009 Update for Microsoft Office Publisher 2007 Help (KB963667)
This update installs the latest assistance content for the Microsoft
Office Publisher 2007 Help file and the Office Publisher 2007
Developer Help file.
10/13/2009 Update for the 2007 Microsoft Office System Help for Common Features (KB963673)
This update installs the latest assistance content for the Microsoft
Office 2007 Help file.
10/13/2009 Update for the 2007 Microsoft Office System (KB967642)
This update fixes an error that may occur when installing the
Microsoft Office suite Service Packs.
10/13/2009 Update for Microsoft Office InfoPath 2007 Help (KB963662)
This update installs the latest assistance content for the Microsoft
Office InfoPath 2007 Help file and the Office InfoPath 2007 Developer
Help file.
10/13/2009 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB973514)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
10/13/2009 Update for Microsoft Script Editor Help (KB963671)
This update installs the latest assistance content for the Microsoft
Script Editor Help file that is included with the 2007 Office
System.
10/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.698.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/12/2009 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x64 (KB963707)
The update to .NET Framework 3.5 Service Pack 1 for the .NET
Framework Assistant 1.0 for Firefox addresses several compatibility
issues with version 1.0 of the extension.
10/12/2009 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2005 Service Pack 1 Redistributable Package and gain complete
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
10/11/2009 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2005 Service Pack 1 Redistributable Package and gain complete
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
10/10/2009 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x64 (KB963707)
The update to .NET Framework 3.5 Service Pack 1 for the .NET
Framework Assistant 1.0 for Firefox addresses several compatibility
issues with version 1.0 of the extension.
10/10/2009 Intel driver update for Intel® PRO/Wireless 3945ABG Network Connection
This driver was provided by Intel for support of Intel® PRO/Wireless
3945ABG Network Connection
10/10/2009 ATI Technologies Inc. - Display - ATI Mobility Radeon HD 2600
ATI Technologies Inc. Display software update released in June,
2009
10/10/2009 Windows Malicious Software Removal Tool x64 - September 2009 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/10/2009 Update for Windows Vista for x64-based Systems (KB955430)
Install this update to enable future updates to install successfully
on all editions of Windows Vista. This update may be required
before selected future updates can be installed. After you install
this item, it cannot be removed. This update is provided to you
and licensed under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB958687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Update for Windows Vista for x64-based Systems (KB972036)
Install this update to resolve issues with non-compatible applications
for Windows Vista. For complete details of this update, see Knowledge
Base Article KB972036. After you install this item, you may have
to restart your computer.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB961501)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB970238)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Update for Windows Vista for x64-based Systems (KB968389)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB960803)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB973768)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB960225)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system. This update is provided to you and
licensed under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB959426)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista for x64-based Systems (KB973346)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system that is running
Microsoft Internet Explorer and gain control over it. You can
help protect your system by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
This update is provided to you and licensed under the Windows
Vista License Terms.
10/10/2009 Cumulative Update for Media Center for Windows Vista for x64-based Systems (KB967632)
Install this update to resolve issues with Media Center for Windows
Vista. For a complete listing of the issues that are included
in this cumulative update, see Microsoft Knowledge Base article
967632. After you install this item, you may have to restart
your computer. This update is provided to you and licensed under
the Windows Vista License Terms.
10/10/2009 Update for Windows Vista for x64-based Systems (KB970653)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2009. After you install this item, you
may have to restart your computer.
10/10/2009 Update for Windows Vista for x64-based Systems (KB959108)
Install this update to resolve an issue with the Microsoft Customer
Experience Improvement Program. After you install this item,
you may have to restart your computer. This update is provided
to you and licensed under the Windows Vista License Terms.
10/10/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x64
The Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and the .NET Framework 3.0
subcomponents. The .NET Framework 3.5 Family Update provides
important application compatibility updates. This update is provided
to you and licensed under the Windows Vista and Windows Server
2008 License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB956744)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB968537)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB956572)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Jscript 5.7 for Windows Vista for x64-based Systems (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Update for Windows Mail Junk E-mail Filter for x64-based Systems [September 2009] (KB905866)
Install this update for Windows Mail to revise the definition
files that are used to detect e-mail messages that should be
considered junk e-mail or that may contain phishing content.
After you install this item, you may have to restart your computer.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB958624)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista for x64-based Systems (KB968816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB973507)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB961371)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB967723)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista x64-based Systems (KB972260)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer. This update is provided
to you and licensed under the Windows Vista License Terms.
10/10/2009 Update for Windows Vista for x64-based Systems (KB973879)
Install this update if you are receiving a "Stop 0x0000003E"
error message when you try to install Windows Vista Service Pack
2 or Windows Server 2008 Service Pack 2 on a computer that has
multiple processors. After you install this item, you may have
to restart your computer.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB971657)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.543.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB952004)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system. This update is provided to you and licensed
under the Windows Vista License Terms.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB971557)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB973540)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Security Update for Windows Vista for x64-based Systems (KB970710)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2009 Hotfix for Windows (KB954708)
Fix for KB954708
10/10/2009 Windows Update Agent 7.2.6001.788
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
System Folders
Path for burning CD C:\Users\Darron\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Darron\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Darron\Desktop
Physical Desktop C:\Users\Darron\Desktop
User Favorites C:\Users\Darron\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Darron\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Darron\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Darron\AppData\Local
Windows directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
Intel® Core™2 Duo CPU T6400 @ 2.00GHz
Intel® Core™2 Duo CPU T6400 @ 2.00GHz
ACPI Thermal Zone
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
ACPI Lid
ACPI Power Button
ACPI Sleep Button
ACPI Fixed Feature Button
PCI bus
Mobile Intel® PM965/GM965/GL960 Express Processor to DRAM Controller - 2A00
Intel® ICH8 Family PCI Express Root Port 3 - 2843
Intel® 82801 PCI Bridge - 2448
Intel® ICH8 Family SMBus Controller - 283E
Motherboard resources
Mobile Intel® PM965/GM965/GL960 Express PCI Express Root Port - 2A01
ATI Mobility Radeon HD 2600
Generic PnP Monitor
High Definition Audio Controller
ATI High Definition Audio Device
Intel® ICH8 Family USB Universal Host Controller - 2834
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2835
USB Root Hub
USB Human Interface Device
HID-compliant mouse
Intel® ICH8 Family USB2 Enhanced Host Controller - 283A
USB Root Hub
USB Composite Device
Gateway USB 2.0 Webcam
High Definition Audio Controller
SigmaTel High Definition Audio CODEC
HDAUDIO Soft Data Fax Modem with SmartCP
Intel® ICH8 Family PCI Express Root Port 1 - 283F
Realtek PCIe FE Family Controller
Intel® ICH8 Family PCI Express Root Port 2 - 2841
Intel® PRO/Wireless 3945ABG Network Connection
Intel® ICH8 Family USB Universal Host Controller - 2830
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2831
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2832
USB Root Hub
Intel® ICH8 Family USB2 Enhanced Host Controller - 2836
USB Root Hub
USB Mass Storage Device
Intel® ICH8M LPC Interface Controller - 2815
Direct memory access controller
Intel® 82802 Firmware Hub Device
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
System CMOS/real time clock
System timer
Standard PS/2 Keyboard
Synaptics PS/2 Port Pointing Device
Microsoft ACPI-Compliant Embedded Controller
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Intel® ICH8M Ultra ATA Storage Controllers - 2850
IDE Channel
IDE Channel
Optiarc DVD RW AD-7563A ATA Device
Intel® 82801HEM/HBM SATA AHCI Controller
WDC WD3200BEVT-22ZCT0
Services
Running AMD External Events Utility
Running Apple Mobile Device
Running Application Experience
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Empowering Technology Service
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP Network Devices Support
Running HsfXAudioService
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running lxec_device
Running Multimedia Class Scheduler
Running Net Driver HPZ12
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Networking Identity Manager
Running Plug and Play
Running Pml Driver HPZ12
Running PnP-X IP Bus Enumerator
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running SBSD Security Center Service
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SQL Server (ACT7)
Running SQL Server Browser
Running SQL Server VSS Writer
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Terminal Services Configuration
Running Themes
Running UPnP Device Host
Running User Profile Service
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Search
Running Windows Time
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Running XAudioService
Stopped Adobe SwitchBoard
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped FLEXnet Licensing Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped hpqcxs08
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped iPod Service
Stopped Link-Layer Topology Discovery Mapper
Stopped lxecCATSCustConnectService
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Mouse without Borders Service
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped SQL Server Active Directory Helper
Stopped Symantec Core LC
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Extender Service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Center Service Launcher
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
CPU
Intel Mobile Core 2 Duo T6400
Cores 2
Threads 2
Name Intel Mobile Core 2 Duo T6400
Code Name Penryn
Package Socket P (478)
Technology 45nm
Specification Intel® Core™2 Duo CPU T6400 @ 2.00GHz
Family 6
Extended Family 6
Model 7
Extended Model 17
Stepping A
Revision R0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, Intel 64
Virtualization Unsupported
Hyperthreading Not supported
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Stock Core Speed 2000 MHz
Stock Bus Speed 200 MHz
Average Temperature 50 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2048 KBytes
Core 0
Core Speed 1994.9 MHz
Multiplier x 6.0
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Temperature 50 °C
Thread 1
APIC ID 0
Core 1
Core Speed 1994.9 MHz
Multiplier x 6.0
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Temperature 50 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 4096 MBytes
Channels # Dual
DRAM Frequency 332.5 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Physical Memory
Memory Usage 43 %
Total Physical 4.00 GB
Available Physical 2.26 GB
Total Virtual 8.19 GB
Available Virtual 6.35 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 2048 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T5663QZ3-CE6
Serial Number 61869A85
Week/year 14 / 09
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 15
tRC 20
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 2048 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T5663QZ3-CE6
Serial Number 61869A4D
Week/year 14 / 09
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 15
tRC 20
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Gateway
Version 91.28
Chipset Vendor Intel
Chipset Model PM965
Chipset Revision C0
Southbridge Vendor Intel
Southbridge Model 82801HBM (ICH8-ME)
Southbridge Revision B2
System Temperature 61 °C
BIOS
Brand Gateway
Version 91.28
Date 03/11/2009
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI Slot J8B3
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Unknown
Bus Width 32 bit
Slot Designation PCI Slot S9B1
Slot Number 1
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage In Use
Bus Width 32 bit
Slot Designation PEG Slot J6B2
Slot Number 2
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI Express Slot J6B1
Slot Number 3
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI Express Slot J6D1
Slot Number 4
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI Express Slot J8B4
Slot Number 5
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI Express Slot J8D1
Slot Number 6
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI Express Slot J7B1
Slot Number 7
Graphics
Monitor
Name Generic PnP Monitor on ATI Mobility Radeon HD 2600
Current Resolution 1280x800 pixels
Work Resolution 1280x772 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI Mobility Radeon HD 2600
GPU M76
Device ID 1002-9581
Subvendor Gateway 2000 (107B)
Current Performance Level Level 1
Current GPU Clock 506 MHz
Current Memory Clock 1206 MHz
Voltage 0.900 V
Technology 66 nm
Die Size 153 nm²
Transistors 390 M
Release Date 2007
DirectX Support 10.0
DirectX Shader Model 4.0
OpenGL Support 2.0
Bios Core Clock 500.00
Bios Mem Clock 600.00
Temperature 61 °C
Core Voltage 0.900 V
BIOS Version BK-ATI VER010.073.000.004.027998
ROPs 4
Shaders 120 unified
Bus Width 128 Bit
Pixel Fillrate 1.2 GPixels/s
Texture Fillrate 1.2 GTexels/s
Count of performance levels : 1
Level 1
GPU Clock 506 MHz
Memory Clock 1206 MHz
OpenGL
Version 2.1.8784
Vendor ATI Technologies Inc.
Renderer ATI Mobility Radeon HD 2600
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 8192
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMDX_vertex_shader_tessellator
GL_AMD_draw_buffers_blend
GL_AMD_performance_monitor
GL_ARB_color_buffer_float
GL_ARB_copy_buffer
GL_ARB_depth_buffer_float
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_instanced
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_instanced_arrays
GL_ARB_map_buffer_range
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_shader_objects
GL_ARB_shader_texture_lod
GL_ARB_shading_language_100
GL_ARB_shadow
GL_ARB_shadow_ambient
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_compression
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_non_power_of_two
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_snorm
GL_ARB_transpose_matrix
GL_ARB_vertex_array_object
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_envmap_bumpmap
GL_ATI_fragment_shader
GL_ATI_meminfo
GL_ATI_separate_stencil
GL_ATI_texture_compression_3dc
GL_ATI_texture_env_combine3
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_copy_buffer
GL_EXT_copy_texture
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_EXT_subtexture
GL_EXT_texgen_reflection
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_rectangle
GL_EXT_texture_sRGB
GL_EXT_texture_shared_exponent
GL_EXT_texture_snorm
GL_EXT_texture_swizzle
GL_EXT_transform_feedback
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_blend_square
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_primitive_restart
GL_NV_texgen_reflection
GL_SGIS_generate_mipmap
GL_SGIS_texture_edge_clamp
GL_SGIS_texture_lod
GL_SUN_multi_draw_arrays
GL_WIN_swap_hint
WGL_EXT_swap_control
GLU Extensions
GL_EXT_bgra
Hard Drives
WDC WD3200BEVT-22ZCT0
Manufacturer Western Digital
Form Factor GB/2.5-inch
Business Unit/Brand Mobile/WD Scorpio®
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
LBA Size 48-bit LBA
Power On Count 1340 times
Power On Time 590.6 days
Speed, Expressed in Revolutions Per Minute (rpm) 5400
Features S.M.A.R.T., APM, AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 313GB
Real size 320,072,933,376 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 000000006B
03 Spin-Up Time 192 (185) Data 0000000556
04 Start/Stop Count 097 (097) Data 0000000CAC
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 100 (253) Data 0000000000
09 Power-On Hours (POH) 081 (081) Data 000000375E
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 000000053C
C0 Power-off Retract Count 200 (200) Data 000000002F
C1 Load/Unload Cycle Count 184 (184) Data 000000C6FA
C2 Temperature 109 (095) Data 0000000026
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000001
C6 Uncorrectable Sector Count 100 (253) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (253) Data 0000000000
Temperature 38 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 13.0 GB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 4EB838DA
Size 285GB
Used Space 169GB (60%)
Free Space 116GB (40%)
Optical Drives
Optiarc DVD RW AD-7563A ATA Device
Media Type DVD Writer
Name Optiarc DVD RW AD-7563A ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
ELBY CLONEDRIVE SCSI CdRom Device
Media Type DVD-ROM
Name ELBY CLONEDRIVE SCSI CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 4
SCSI Target Id 0
Status OK
ELBY CLONEDRIVE SCSI CdRom Device
Media Type DVD-ROM
Name ELBY CLONEDRIVE SCSI CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive F:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 4
SCSI Target Id 1
Status OK
Audio
Sound Cards
ATI High Definition Audio Device
SigmaTel High Definition Audio CODEC
Playback Devices
Digital Output Device (SPDIF Out) (SigmaTel High Definition Audio CODEC)
Speakers / Headphones (SigmaTel High Definition Audio CODEC) (default)
Recording Device
Digital Mic (SigmaTel High Definition Audio CODEC)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Synaptics PS/2 Port Pointing Device
Device Kind Mouse
Device Name Synaptics PS/2 Port Pointing Device
Location plugged into PS/2 mouse port
Driver
Date 11-17-2006
Version 9.1.3.0
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Windows\SysWOW64\SynCOM.dll
File C:\Windows\SysWOW64\SynCtrl.dll
File C:\Windows\SysWOW64\SynTPCOM.dll
File C:\Windows\system32\SynTPCo4.dll
File C:\Windows\system32\WdfCoInstaller01000.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor CyberDoor
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Photosmart C7200 series
Device Kind Camera/scanner
Device Name Photosmart C7200 series
Location ip:192.168.1.74,subnet:192.168.1.0/24
Driver
Date 3-10-2007
Version 8.0.0.0
File system32\DRIVERS\serscan.sys
Gateway USB 2.0 Webcam
Device Kind Camera/scanner
Device Name Gateway USB 2.0 Webcam
Vendor Unknown
Comment Gateway USB 2.0 Webcam
Location 0000.001a.0007.003.000.000.000.000.000
Driver
Date 5-24-2007
Version 6.2.218.524
File C:\Windows\system32\drivers\UVCFTR_S.SYS
File C:\Windows\system32\drivers\usbvideo.sys
Printers
CutePDF Writer
Printer Port CPW2:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name CutePDF Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
Fax Lexmark Pro900 Series
Printer Port Fax Lexmark Pro900 Series
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Color
Status Unknown
Driver
Driver Name Fax Lexmark Pro800-Pro900 Series Printer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
HP LaserJet P1005
Printer Port USB002
Print Processor HP1006S
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet P1005 (v8.01)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\HP1006K.DLL
HP psc 2400 Series
Printer Port USB001
Print Processor hpzpplhn
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP psc 2400 Series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Lexmark Pro800-Pro900 Series (Default Printer)
Share Name Lexmark Pro800-Pro900 Series
Printer Port 192.168.1.104
Print Processor Lexmark Pro800-Pro900 Series Print Processor
Availability Always
Priority 1
Duplex Long-edge binding
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Lexmark Pro800-Pro900 Series (v4.150)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\lxecdr.dll
Lexmark Pro900 Series (USB)
Printer Port USB003
Print Processor Lexmark Pro800-Pro900 Series Print Processor
Availability Always
Priority 1
Duplex Long-edge binding
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Lexmark Pro800-Pro900 Series (v4.150)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\lxecdr.dll
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.1.109
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
Preferred DNS server 192.168.1.254
DHCP Enabled
DHCP server 0.0.0.0
External IP Address 99.66.20.78
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Broadcast node
Link Speed 0 kbps
Computer Name
NetBIOS Name DARRON-PC
DNS Name Darron-PC
Domain Name Darron-PC
Remote Desktop
Console
State Active
Domain Darron-PC
RDP-Tcp
State Listen
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (2WIRE526)
SSID 2WIRE526
Frequency 2452000 kHz
Channel Number 9
Name No name
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Disabled
Media Sharing Disabled
Adapters List
Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.1.109
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
Realtek PCIe FE Family Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Network Shares
Public C:\Users\Public
Lexmark Pro800-Pro900 Series Lexmark Pro800-Pro900 Series,LocalsplOnly
Current TCP Connections
AppleMobileDeviceService.exe (2160)
Local 127.0.0.1:27015 LISTEN
AvastSvc.exe (1588)
Local 127.0.0.1:12465 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12080 ESTABLISHED Remote 127.0.0.1:56289 (Querying... )
Local 127.0.0.1:12080 LISTEN
Local 127.0.0.1:12025 LISTEN
Local 192.168.1.109:56290 ESTABLISHED Remote 199.47.216.144:80 (Querying... ) (HTTP)
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:12563 LISTEN
C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe (1092)
Local 0.0.0.0:17500 LISTEN
Local 127.0.0.1:19872 ESTABLISHED Remote 127.0.0.1:49168 (Querying... )
Local 127.0.0.1:49168 ESTABLISHED Remote 127.0.0.1:19872 (Querying... )
Local 127.0.0.1:56289 ESTABLISHED Remote 127.0.0.1:12080 (Querying... )
Local 192.168.1.109:56762 CLOSE-WAIT Remote 107.20.249.66:443 (Querying... ) (HTTPS)
Local 192.168.1.109:49169 CLOSE-WAIT Remote 199.47.216.174:443 (Querying... ) (HTTPS)
MouseWithoutBorders.exe (2132)
Local 192.168.1.109:42674 SYN-SENT Remote 192.168.1.89:15101 (Querying... )
Local 192.168.1.109:15101 LISTEN
Local 192.168.1.109:15100 LISTEN
System Process
Local 192.168.1.109:50947 TIME-WAIT Remote 173.194.64.106:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50959 TIME-WAIT Remote 174.133.64.236:80 (Querying... ) (HTTP)
Local 192.168.1.109:50956 TIME-WAIT Remote 74.125.227.12:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50955 TIME-WAIT Remote 173.194.64.104:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50954 TIME-WAIT Remote 74.125.157.125:5222 (Querying... )
Local 192.168.1.109:50953 TIME-WAIT Remote 74.125.227.11:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50952 TIME-WAIT Remote 173.194.64.103:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50951 TIME-WAIT Remote 74.125.227.2:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50949 TIME-WAIT Remote 74.125.157.125:5222 (Querying... )
Local 192.168.1.109:50950 TIME-WAIT Remote 173.194.64.99:443 (Querying... ) (HTTPS)
Local 192.168.1.109:50948 TIME-WAIT Remote 74.125.227.14:443 (Querying... ) (HTTPS)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local [00:00:00:00:00:00:00:00]:2869 LISTEN
Local 0.0.0.0:2869 LISTEN
Local [00:00:00:00:00:00:00:00]:445 LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:10243 LISTEN
Local [00:00:00:00:00:00:00:00]:10243 LISTEN
Local 192.168.1.109:139 (NetBIOS session service) LISTEN
Local [00:00:00:00:00:00:00:00]:5357 LISTEN
lsass.exe (784)
Local 0.0.0.0:49154 LISTEN
Local [00:00:00:00:00:00:00:00]:49154 LISTEN
services.exe (772)
Local 0.0.0.0:49157 LISTEN
Local [00:00:00:00:00:00:00:00]:49157 LISTEN
spoolsv.exe (1996)
Local 0.0.0.0:49156 LISTEN
Local [00:00:00:00:00:00:00:00]:49156 LISTEN
sqlservr.exe (2612)
Local 0.0.0.0:53544 LISTEN
Local [00:00:00:00:00:00:00:00]:53544 LISTEN
svchost.exe (1052)
Local 0.0.0.0:49155 LISTEN
Local [00:00:00:00:00:00:00:00]:49155 LISTEN
svchost.exe (1460)
Local 0.0.0.0:3389 LISTEN
Local [00:00:00:00:00:00:00:00]:3389 LISTEN
svchost.exe (300)
Local 0.0.0.0:135 (DCE) LISTEN
Local [00:00:00:00:00:00:00:00]:135 LISTEN
svchost.exe (988)
Local 0.0.0.0:49153 LISTEN
Local [00:00:00:00:00:00:00:00]:49153 LISTEN
wininit.exe (724)
Local 0.0.0.0:49152 LISTEN
Local [00:00:00:00:00:00:00:00]:49152 LISTEN
wmpnetwk.exe (2464)
Local [00:00:00:00:00:00:00:00]:554 LISTEN
Local 0.0.0.0:554 LISTEN

#23
michaelg9

Posted 28 November 2011 - 11:08 AM

Trusted Helper

Malware Removal
2,949 posts

Hello
There is a corrupted system file
Do you have your Windows CD?

#24
Snypa86

Posted 28 November 2011 - 12:09 PM

Member

Topic Starter
Member
58 posts

My laptop didn't come with a CD, However I do have a Genuine copy of windows XP cd. Would that work or would i need to use the recovery partition that computers today comes with. I'm not even sure if mine has that or not. Let me know what file it is. Thanx

#25
michaelg9

Posted 29 November 2011 - 11:22 AM

Trusted Helper

Malware Removal
2,949 posts

Hello

The file is named termsrv.dll

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

RESTORE::
c:\windows\system32\termsrv.dll

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

If ComboFix asks you to update, select YES

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

#26
Snypa86

Posted 29 November 2011 - 01:17 PM

Member

Topic Starter
Member
58 posts

ComboFix 11-11-29.04 - Darron 11/29/2011 13:22:38.2.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.1880 [GMT -5:00]
Running from: c:\users\Darron\Desktop\ComboFix.exe
Command switches used :: c:\users\Darron\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-29 )))))))))))))))))))))))))))))))
.
.
2011-11-29 18:42 . 2011-11-29 18:42 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBE3ABB5-34B2-4880-A4E2-64624045C5C6}\offreg.dll
2011-11-29 18:40 . 2011-11-29 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-28 15:58 . 2011-11-28 15:58 -------- d-----w- c:\program files\Speccy
2011-11-23 06:23 . 2011-11-23 06:23 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-11-23 03:36 . 2011-11-23 03:36 -------- d-----w- c:\program files (x86)\uTorrent
2011-11-23 03:35 . 2011-11-23 03:35 -------- d-----w- c:\users\Darron\AppData\Local\uTorrent
2011-11-21 06:21 . 2011-11-21 06:21 -------- d-----w- c:\program files (x86)\Conduit
2011-11-21 06:21 . 2011-11-21 16:05 -------- d-----w- c:\users\Darron\AppData\Local\Conduit
2011-11-20 19:23 . 2011-11-20 19:23 -------- d-----w- C:\found.000
2011-11-20 16:58 . 2011-10-18 06:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBE3ABB5-34B2-4880-A4E2-64624045C5C6}\mpengine.dll
2011-11-20 16:55 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-20 16:55 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-11-20 16:55 . 2011-09-20 21:06 1423744 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-20 16:55 . 2011-09-20 14:04 40448 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-20 16:55 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-20 16:55 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
2011-11-20 16:55 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-17 17:45 . 2011-11-17 17:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-17 17:45 . 2011-11-18 00:58 460888 ----a-w- c:\windows\system32\drivers\22481826.sys
2011-11-17 17:17 . 2011-11-17 17:17 -------- dc----w- C:\_OTL
2011-11-16 18:08 . 2011-11-29 18:45 -------- d-----w- c:\users\Darron\AppData\Local\temp
2011-11-06 05:35 . 2009-05-18 17:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-06 05:35 . 2008-04-17 16:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-11-06 05:35 . 2008-04-17 16:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files\iPod
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files\iTunes
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files (x86)\iTunes
2011-11-06 05:31 . 2011-11-06 05:31 -------- d-----w- c:\program files\Common Files\Apple
2011-11-05 20:57 . 2011-11-29 05:23 -------- d-----w- c:\users\Darron\AppData\Roaming\uTorrent
2011-11-01 16:14 . 2011-08-25 16:19 332288 ----a-w- c:\windows\system32\oleacc.dll
2011-11-01 16:14 . 2011-08-25 16:14 238080 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-01 16:14 . 2011-08-25 16:20 735744 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-11-01 16:14 . 2011-08-25 16:15 555520 ----a-w- c:\windows\SysWow64\UIAutomationCore.dll
2011-11-01 16:14 . 2011-08-25 16:19 847360 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-01 16:14 . 2011-08-25 16:14 563712 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-01 16:14 . 2011-08-25 13:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-01 16:14 . 2011-08-25 13:31 4096 ----a-w- c:\windows\SysWow64\oleaccrc.dll
2011-11-01 16:14 . 2011-09-06 13:56 2764288 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 16:12 . 2011-07-29 16:08 375808 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-01 16:12 . 2011-07-29 16:01 293376 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-01 16:12 . 2011-07-29 16:08 289792 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-01 16:12 . 2011-07-29 16:06 73216 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-01 16:12 . 2011-07-29 16:06 100352 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-01 16:12 . 2011-07-29 16:01 217088 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-01 16:12 . 2011-07-29 16:00 57856 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-01 16:12 . 2011-07-29 16:00 69632 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2011-10-30 23:57 . 2011-10-30 23:57 -------- d-----w- c:\users\Darron\AppData\Roaming\Adobe Mini Bridge CS5
2011-10-30 23:57 . 2011-10-30 23:57 -------- d-----w- c:\users\Darron\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2010-10-23 20:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-10-23 20:42 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-01-14 03:22 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-03-22 08:02 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-10-23 20:43 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-10-23 20:43 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-10-23 20:43 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-10-23 20:43 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2010-10-23 20:43 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-20 17:37 . 2011-09-01 19:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-15 04:38 . 2011-10-15 04:38 413696 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{FD1E77D4-327F-4E24-9240-C82902068033}\BlackBerry.exe
2011-10-11 17:32 . 2011-10-11 17:32 69632 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
2011-10-11 17:32 . 2011-10-11 17:32 69632 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\DesktopMgr.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe
2011-08-31 21:00 . 2010-01-06 18:05 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-02-18 . 53AE63B98BB1C3D7F6A2D70BDD12D5D5 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll
[7] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[-] 2008-02-18 . 53AE63B98BB1C3D7F6A2D70BDD12D5D5 . 546816 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-16_17.56.03 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-04 21:27 . 2011-11-15 06:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-11-04 21:27 . 2011-11-18 17:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2008-01-21 03:20 . 2011-11-29 18:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-21 03:20 . 2011-11-29 18:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-21 03:20 . 2011-11-29 18:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-11-29 18:45 78952 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2011-11-29 18:45 94500 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-10-10 01:19 . 2011-11-29 18:45 18832 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2670984328-1985135284-1998418574-1000_UserData.bin
- 2009-10-10 01:21 . 2011-11-16 17:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-10 01:21 . 2011-11-29 18:43 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-10 01:21 . 2011-11-16 17:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-10 01:21 . 2011-11-29 18:43 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-28 23:55 . 2011-11-28 23:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011112820111129\index.dat
+ 2011-11-18 17:38 . 2011-11-18 17:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011111820111119\index.dat
- 2009-10-10 01:21 . 2011-11-16 17:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-10 01:21 . 2011-11-29 18:43 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-29 18:42 . 2011-11-29 18:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-16 17:55 . 2011-11-16 17:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-29 18:42 . 2011-11-29 18:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-16 17:55 . 2011-11-16 17:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-11 01:40 . 2011-11-27 19:25 389386 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2006-11-02 12:46 . 2011-11-15 19:36 651460 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2011-11-28 16:19 651460 c:\windows\system32\perfh009.dat
- 2006-11-02 12:46 . 2011-11-15 19:36 121702 c:\windows\system32\perfc009.dat
+ 2006-11-02 12:46 . 2011-11-28 16:19 121702 c:\windows\system32\perfc009.dat
- 2009-10-19 02:38 . 2011-11-16 17:55 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-19 02:38 . 2011-11-29 18:43 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-02-19 16:11 . 2011-11-16 17:53 437272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-19 16:11 . 2011-11-29 18:41 437272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-23 21:36 . 2011-11-23 21:36 333824 c:\windows\Installer\1252f16.msi
+ 2006-11-02 12:33 . 2011-11-22 04:22 11272192 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2006-11-02 12:33 . 2011-11-02 08:43 11272192 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2006-11-02 12:35 . 2011-11-20 16:56 52174280 c:\windows\system32\mrt.exe
- 2011-02-19 16:11 . 2011-11-16 17:54 29818644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2670984328-1985135284-1998418574-1000-12288.dat
+ 2011-02-19 16:11 . 2011-11-29 18:41 29818644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2670984328-1985135284-1998418574-1000-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 135664]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 MouseWithoutBordersSvc;Mouse without Borders Service;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [2011-08-31 17920]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 135664]
R3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw4v64.sys [x]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [x]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [x]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [x]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [x]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 22481826;22481826;c:\windows\system32\DRIVERS\22481826.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ETService;Empowering Technology Service;c:\program files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-07-16 24576]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 27648]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 MSSQL$ACT7;SQL Server (ACT7);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 NETwLv64; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETwLv64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 04:32]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 04:32]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000Core.job
- c:\users\Darron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 01:41]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000UA.job
- c:\users\Darron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 01:41]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0709&m=m-6888u
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: DOWNLOADWITH - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.1.254
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe
.
**************************************************************************
.
Completion time: 2011-11-29 14:12:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-29 19:12
ComboFix2.txt 2011-11-16 18:08
.
Pre-Run: 130,024,398,848 bytes free
Post-Run: 130,080,788,480 bytes free
.
- - End Of File - - C1CB884015C82A63443528ED289A3F4E

#27
michaelg9

Posted 30 November 2011 - 10:31 AM

Trusted Helper

Malware Removal
2,949 posts

Hello

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Folder::
c:\program files (x86)\Conduit
c:\users\Darron\AppData\Local\Conduit
c:\users\Darron\AppData\Roaming\uTorrent

FCopy::
c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll | C:\Windows\SysNative\termsrv.dll
c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll | c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll

RegLockDel::
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*]
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*\OpenWithList]

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

If combofix asks you to update select YES

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Next:

Posted Image

OTL Custom Scan

Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top, make sure Stadard output is selected.
Select Scan all users
Check the boxes beside LOP Check and Purity Check.
Under the Custom Scans/Fixes box copy and paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
termsrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
Under Extra Registry Select Use Safelist
Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open OTL.Txt and Extras.txt in Notepad windows.
Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them with your next reply.

Next:

Delete AVP from your computer and download a new copy:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post

Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image

Next:

We fixed at step1 the corrupted file, this was all I found on your computer, so now please tell me if the scan completed and how's your computer running and if it has any other problems

#28
Snypa86

Posted 30 November 2011 - 05:21 PM

Member

Topic Starter
Member
58 posts

COMBO

ComboFix 11-11-30.01 - Darron 11/30/2011 11:40:22.3.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.2041 [GMT -5:00]
Running from: c:\users\Darron\Desktop\ComboFix.exe
Command switches used :: c:\users\Darron\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\users\Darron\AppData\Local\Conduit
c:\users\Darron\AppData\Roaming\uTorrent
c:\users\Darron\AppData\Roaming\uTorrent\[ UsaBit.com ] - The.Debt.DVDRip.XviD-DiAMOND.torrent
c:\users\Darron\AppData\Roaming\uTorrent\11-11-11.2011.DVDRip.XVID.AC3.UNE-CM8.torrent
c:\users\Darron\AppData\Roaming\uTorrent\apps\3609FC884502A1DF0AA5D9D160C827BB1BD51FC9.btapp
c:\users\Darron\AppData\Roaming\uTorrent\apps\4585805A0BEAAAA6F570825EB241201C227B5E09.btapp
c:\users\Darron\AppData\Roaming\uTorrent\Cars 2 (2011) DVDRip XviD-MAXSPEED.torrent
c:\users\Darron\AppData\Roaming\uTorrent\Conan the Barbarian (2011) DVDRip XviD-MAXSPEED.torrent
c:\users\Darron\AppData\Roaming\uTorrent\Crazy.Stupid.Love.DVDRip.XviD-TWiZTED.torrent
c:\users\Darron\AppData\Roaming\uTorrent\dht.dat
c:\users\Darron\AppData\Roaming\uTorrent\dht.dat.old
c:\users\Darron\AppData\Roaming\uTorrent\dlimagecache\10E6FBE4D921B475FA5FEC6E9A535A540D6FEED1
c:\users\Darron\AppData\Roaming\uTorrent\dlimagecache\2D78C93EC367E6C1D9894103FA04B3BE5B20A84E
c:\users\Darron\AppData\Roaming\uTorrent\dlimagecache\BBEEC0395D21A2A7F91889D7C7509F3D5D46FC05
c:\users\Darron\AppData\Roaming\uTorrent\Easy Worship (2009).torrent
c:\users\Darron\AppData\Roaming\uTorrent\ie\ie.1320532335.tmp
c:\users\Darron\AppData\Roaming\uTorrent\ie\ie.1320532727.tmp
c:\users\Darron\AppData\Roaming\uTorrent\Killer Elite 2011 HDRip Cropped XVID AC3 BHRG.torrent
c:\users\Darron\AppData\Roaming\uTorrent\One Day[2011]BRRip XviD-ExtraTorrentRG.torrent
c:\users\Darron\AppData\Roaming\uTorrent\Our.Idiot.Brother.BDRip.XviD-DiAMOND.torrent
c:\users\Darron\AppData\Roaming\uTorrent\Puncture[2011]BRRip XviD-ExtraTorrentRG.torrent
c:\users\Darron\AppData\Roaming\uTorrent\resume.dat
c:\users\Darron\AppData\Roaming\uTorrent\resume.dat.old
c:\users\Darron\AppData\Roaming\uTorrent\rss.dat
c:\users\Darron\AppData\Roaming\uTorrent\rss.dat.old
c:\users\Darron\AppData\Roaming\uTorrent\settings.dat
c:\users\Darron\AppData\Roaming\uTorrent\settings.dat.old
c:\users\Darron\AppData\Roaming\uTorrent\The.Devil's.Double.2011.BDRip-HDT.avi.torrent
c:\users\Darron\AppData\Roaming\uTorrent\Trespass.2011.720p.BDRiP.XViD.AC3-FLAWL3SS.torrent
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll --> c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-30 )))))))))))))))))))))))))))))))
.
.
2011-11-30 17:05 . 2011-11-30 17:05 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBE3ABB5-34B2-4880-A4E2-64624045C5C6}\offreg.dll
2011-11-30 17:03 . 2011-11-30 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-29 19:12 . 2011-11-30 17:07 -------- d-----w- c:\users\Darron\AppData\Local\temp
2011-11-28 15:58 . 2011-11-28 15:58 -------- d-----w- c:\program files\Speccy
2011-11-23 06:23 . 2011-11-23 06:23 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-11-23 03:36 . 2011-11-23 03:36 -------- d-----w- c:\program files (x86)\uTorrent
2011-11-23 03:35 . 2011-11-23 03:35 -------- d-----w- c:\users\Darron\AppData\Local\uTorrent
2011-11-20 19:23 . 2011-11-20 19:23 -------- d-----w- C:\found.000
2011-11-20 16:58 . 2011-10-18 06:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBE3ABB5-34B2-4880-A4E2-64624045C5C6}\mpengine.dll
2011-11-20 16:55 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-20 16:55 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-11-20 16:55 . 2011-09-20 21:06 1423744 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-20 16:55 . 2011-09-20 14:04 40448 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-20 16:55 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-20 16:55 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
2011-11-20 16:55 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-17 17:45 . 2011-11-17 17:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-17 17:45 . 2011-11-18 00:58 460888 ----a-w- c:\windows\system32\drivers\22481826.sys
2011-11-17 17:17 . 2011-11-17 17:17 -------- dc----w- C:\_OTL
2011-11-06 05:35 . 2009-05-18 17:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-06 05:35 . 2008-04-17 16:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-11-06 05:35 . 2008-04-17 16:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files\iPod
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files\iTunes
2011-11-06 05:35 . 2011-11-06 05:35 -------- d-----w- c:\program files (x86)\iTunes
2011-11-06 05:31 . 2011-11-06 05:31 -------- d-----w- c:\program files\Common Files\Apple
2011-11-01 16:14 . 2011-08-25 16:19 332288 ----a-w- c:\windows\system32\oleacc.dll
2011-11-01 16:14 . 2011-08-25 16:14 238080 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-01 16:14 . 2011-08-25 16:20 735744 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-11-01 16:14 . 2011-08-25 16:15 555520 ----a-w- c:\windows\SysWow64\UIAutomationCore.dll
2011-11-01 16:14 . 2011-08-25 16:19 847360 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-01 16:14 . 2011-08-25 16:14 563712 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-01 16:14 . 2011-08-25 13:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-11-01 16:14 . 2011-08-25 13:31 4096 ----a-w- c:\windows\SysWow64\oleaccrc.dll
2011-11-01 16:14 . 2011-09-06 13:56 2764288 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 16:12 . 2011-07-29 16:08 375808 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-01 16:12 . 2011-07-29 16:01 293376 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-01 16:12 . 2011-07-29 16:08 289792 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-01 16:12 . 2011-07-29 16:06 73216 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-01 16:12 . 2011-07-29 16:06 100352 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-01 16:12 . 2011-07-29 16:01 217088 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-01 16:12 . 2011-07-29 16:00 57856 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-01 16:12 . 2011-07-29 16:00 69632 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2010-10-23 20:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-10-23 20:42 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-01-14 03:22 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-03-22 08:02 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-10-23 20:43 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-10-23 20:43 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-10-23 20:43 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-10-23 20:43 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2010-10-23 20:43 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-20 17:37 . 2011-09-01 19:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-15 04:38 . 2011-10-15 04:38 413696 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{FD1E77D4-327F-4E24-9240-C82902068033}\BlackBerry.exe
2011-10-11 17:32 . 2011-10-11 17:32 69632 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
2011-10-11 17:32 . 2011-10-11 17:32 69632 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\DesktopMgr.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe
2011-10-11 17:32 . 2011-10-11 17:32 49152 ----a-r- c:\users\Darron\AppData\Roaming\Microsoft\Installer\{5B7CF62F-D339-4FAA-A610-372ED5A2787F}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-02-18 . 53AE63B98BB1C3D7F6A2D70BDD12D5D5 . 546816 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
[7] 2008-01-21 . F870A5589D6A94B426EFB13689023946 . 546816 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
[-] 2008-02-18 . 53AE63B98BB1C3D7F6A2D70BDD12D5D5 . 546816 . . [6.0.6001.18000] .. c:\windows\system32\termsrv.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-16_17.56.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-04 21:27 . 2011-11-18 17:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-11-04 21:27 . 2011-11-15 06:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-01-21 03:20 . 2011-11-30 17:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-01-21 03:20 . 2011-11-30 17:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-21 03:20 . 2011-11-16 17:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 03:20 . 2011-11-30 17:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-11-30 17:07 78968 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-01-21 02:23 . 2011-11-30 17:07 78968 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2011-11-30 17:07 94500 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2011-11-30 17:07 94500 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-10-10 01:19 . 2011-11-30 17:07 18864 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2670984328-1985135284-1998418574-1000_UserData.bin
+ 2009-10-10 01:19 . 2011-11-30 17:07 18864 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2670984328-1985135284-1998418574-1000_UserData.bin
+ 2009-10-10 01:21 . 2011-11-30 17:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-10 01:21 . 2011-11-30 17:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-10 01:21 . 2011-11-16 17:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-10 01:21 . 2011-11-30 17:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-10 01:21 . 2011-11-30 17:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-10 01:21 . 2011-11-16 17:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-28 23:55 . 2011-11-28 23:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011112820111129\index.dat
+ 2011-11-28 23:55 . 2011-11-28 23:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011112820111129\index.dat
+ 2011-11-18 17:38 . 2011-11-18 17:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011111820111119\index.dat
+ 2011-11-18 17:38 . 2011-11-18 17:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012011111820111119\index.dat
- 2009-10-10 01:21 . 2011-11-16 17:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-10 01:21 . 2011-11-30 17:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-10 01:21 . 2011-11-30 17:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-30 17:07 . 2011-11-30 17:07 9560 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_48.bin
+ 2011-11-30 17:07 . 2011-11-30 17:07 9560 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_48.bin
+ 2011-11-30 17:07 . 2011-11-30 17:07 4280 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_32.bin
+ 2011-11-30 17:07 . 2011-11-30 17:07 4280 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_32.bin
+ 2011-11-30 17:07 . 2011-11-30 17:07 2456 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_24.bin
+ 2011-11-30 17:07 . 2011-11-30 17:07 2456 c:\windows\system32\networklist\icons\{C1730FAE-2D70-48DC-8B34-C4A76475CC8F}_24.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 9560 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_48.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 9560 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_48.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 4280 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_32.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 4280 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_32.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 2456 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_24.bin
+ 2011-11-29 22:32 . 2011-11-29 22:32 2456 c:\windows\system32\networklist\icons\{0F7B1BAC-1D86-40B2-A689-476CE1B0B864}_24.bin
- 2011-11-16 17:55 . 2011-11-16 17:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-30 17:05 . 2011-11-30 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-30 17:05 . 2011-11-30 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-16 17:55 . 2011-11-16 17:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-11 01:40 . 2011-11-30 15:46 389386 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-10-11 01:40 . 2011-11-30 15:46 389386 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 12:46 . 2011-11-30 03:24 651460 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2011-11-30 03:24 651460 c:\windows\system32\perfh009.dat
- 2006-11-02 12:46 . 2011-11-15 19:36 651460 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2011-11-30 03:24 121702 c:\windows\system32\perfc009.dat
- 2006-11-02 12:46 . 2011-11-15 19:36 121702 c:\windows\system32\perfc009.dat
+ 2006-11-02 12:46 . 2011-11-30 03:24 121702 c:\windows\system32\perfc009.dat
- 2009-10-19 02:38 . 2011-11-16 17:55 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-19 02:38 . 2011-11-30 17:05 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-19 02:38 . 2011-11-30 17:05 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-02-19 16:11 . 2011-11-30 17:03 437272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-02-19 16:11 . 2011-11-16 17:53 437272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-23 21:36 . 2011-11-23 21:36 333824 c:\windows\Installer\1252f16.msi
+ 2006-11-02 12:33 . 2011-11-22 04:22 11272192 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2006-11-02 12:33 . 2011-11-22 04:22 11272192 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2006-11-02 12:33 . 2011-11-02 08:43 11272192 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2006-11-02 12:35 . 2011-11-20 16:56 52174280 c:\windows\system32\mrt.exe
+ 2006-11-02 12:35 . 2011-11-20 16:56 52174280 c:\windows\system32\mrt.exe
+ 2011-02-19 16:11 . 2011-11-30 17:03 29832842 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2670984328-1985135284-1998418574-1000-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 135664]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 MouseWithoutBordersSvc;Mouse without Borders Service;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [2011-08-31 17920]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 135664]
R3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw4v64.sys [x]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [x]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [x]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [x]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [x]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 22481826;22481826;c:\windows\system32\DRIVERS\22481826.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ETService;Empowering Technology Service;c:\program files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-07-16 24576]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 27648]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 MSSQL$ACT7;SQL Server (ACT7);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 NETwLv64; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETwLv64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 04:32]
.
2011-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 04:32]
.
2011-11-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000Core.job
- c:\users\Darron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 01:41]
.
2011-11-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000UA.job
- c:\users\Darron\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 01:41]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Darron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0709&m=m-6888u
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: DOWNLOADWITH - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.1.254
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*)"/*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe
.
**************************************************************************
.
Completion time: 2011-11-30 12:27:00 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-30 17:26
ComboFix2.txt 2011-11-29 19:12
ComboFix3.txt 2011-11-16 18:08
.
Pre-Run: 127,180,005,376 bytes free
Post-Run: 127,283,548,160 bytes free
.
- - End Of File - - 6E2BB9A872BD98AB814CAF06136AEFDC

OTL

OTL logfile created on: 11/30/2011 1:22:19 PM - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Darron\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 54.35% Memory free
8.19 Gb Paging File | 6.31 Gb Available in Paging File | 77.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.09 Gb Total Space | 117.40 Gb Free Space | 41.18% Space Free | Partition Type: NTFS

Computer Name: DARRON-PC | User Name: Darron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/11/15 09:22:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
PRC - [2011/05/25 15:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/05/02 09:48:08 | 000,216,064 | ---- | M] (DDHelper) -- C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe
PRC - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/15 00:39:54 | 000,420,920 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/15 00:39:53 | 003,702,840 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/15 00:38:16 | 000,122,952 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/15 00:38:15 | 000,222,280 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/15 00:38:14 | 001,746,504 | ---- | M] () -- C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/14 14:08:30 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device)
SRV:64bit: - [2010/04/14 14:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV:64bit: - [2009/06/25 22:48:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008/07/16 13:00:00 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/01/29 08:24:38 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)
SRV - [2011/08/31 16:34:02 | 000,017,920 | ---- | M] (Microsoft) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe -- (MouseWithoutBordersSvc)
SRV - [2010/04/14 14:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeccoms.exe -- (lxec_device)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/11 14:22:50 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/04 15:26:34 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/04 03:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2007/06/04 22:13:44 | 000,867,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 12:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 12:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 12:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 12:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 12:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 12:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/17 19:58:04 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\22481826.sys -- (22481826)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/10/07 07:11:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwLv64.sys -- (NETwLv64) Intel®
DRV:64bit: - [2010/07/20 05:38:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010/07/20 05:38:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010/07/20 05:38:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/07/20 05:38:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010/06/23 09:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2010/04/26 21:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/04/26 21:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/04/26 21:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/30 09:32:44 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/25 23:24:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/09 00:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/11/04 03:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 08:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 08:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 08:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/06/27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/05/20 17:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/02/29 01:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/20 21:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/03 19:57:26 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2007/10/30 21:44:38 | 003,197,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw4v64.sys -- (NETw4v64) Intel®
DRV:64bit: - [2007/09/30 02:03:32 | 000,384,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2007/07/26 20:50:24 | 000,391,680 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007/05/23 20:47:28 | 000,020,784 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/04/23 13:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/23 13:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007/04/23 13:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007/04/23 13:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007/04/23 13:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV:64bit: - [2006/11/17 01:22:06 | 000,297,272 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2006/06/18 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2005/06/14 12:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2008/07/16 12:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2004/07/14 11:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\hardlock.sys -- (Hardlock)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0709&m=m-6888u
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...=0709&m=m-6888u

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Darron\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Darron\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

[2009/10/15 11:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darron\AppData\Roaming\Mozilla\Extensions
[2009/10/15 11:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darron\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Darron\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Darron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Chrome Refresh = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aifhnlnghddfdaccgbbpbhjfkmncekmn\1.7_0\
CHR - Extension: Turn Off the Lights = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.23_0\
CHR - Extension: Brushed = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: Air Transporter 3D = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadmcjlkjdnbjcdldpfhakfmfedgadjh\1.0.3_0\
CHR - Extension: Auto HD for YouTube = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaielpkecabnggniojjhghggjedkecfj\2.5_0\
CHR - Extension: InvisibleHand = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko\3.3.14_0\
CHR - Extension: Webpages CSS Styler = C:\Users\Darron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbkhlepfbkdbmiogammhjnibakamiehg\1.9.1_0\

O1 HOSTS File: ([2011/11/30 12:06:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - Startup: C:\Users\Darron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Darron\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2670984328-1985135284-1998418574-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: DOWNLOADWITH - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: DOWNLOADWITH - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{152FC9C2-BCAE-427D-A325-2A710891001B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CA007C9-AB9C-470E-B19A-76AC652BD1CB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43AEFF13-4E04-4A60-9DE8-BF66552EF0B7}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cf - No CLSID value found
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Darron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Darron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/30 13:30:22 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2011/11/30 12:27:15 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\temp
[2011/11/30 11:40:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative
[2011/11/30 10:47:16 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E25F4264-B57E-4D5E-A688-8FF18FD8E521}
[2011/11/30 10:47:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{8C2AF865-2E1F-4A9D-A77E-EDB27D56152B}
[2011/11/29 19:15:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{42BDF922-9507-4C5D-9761-670AA7A0EACB}
[2011/11/29 19:15:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A298927D-5C2E-4C52-BBB5-5BA7D325221F}
[2011/11/29 18:31:05 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BE725741-D2B7-420E-A073-BBA97C7386A2}
[2011/11/29 02:40:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4E2E762A-B70C-48EA-B808-361806481C30}
[2011/11/29 02:40:00 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{34117242-C771-4DD5-8EC5-67CD72F1164D}
[2011/11/28 14:39:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1F57BEF6-459F-4FEE-922F-2C4421E40422}
[2011/11/28 14:39:23 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B4BB5E17-1F6A-41D1-A5FF-62F914976767}
[2011/11/28 10:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/11/28 10:53:21 | 004,845,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Darron\Desktop\procexp.exe
[2011/11/28 10:51:36 | 000,061,440 | ---- | C] ( ) -- C:\Users\Darron\Desktop\VEW.exe
[2011/11/28 02:38:56 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{AE817FED-7583-4A74-88A8-71851C22D77C}
[2011/11/28 02:38:32 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0BEF834C-BB2E-467E-8934-DAC465BF69AA}
[2011/11/27 14:28:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{95CE190B-5436-4BCB-ACE3-6E6365007BD1}
[2011/11/27 14:28:31 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DD6F45B7-39F5-4303-9852-FC026B3264C8}
[2011/11/26 00:50:11 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E7D60AB0-2789-4A0E-A850-1C8351D08213}
[2011/11/26 00:49:47 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{76BE20E0-A9BE-4487-B11D-3A89B1012F3A}
[2011/11/25 12:49:21 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D55EF5DF-1849-4D10-B382-412177297F7A}
[2011/11/25 12:49:07 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DE468982-D99B-49BD-8FAB-C21701E20EE7}
[2011/11/24 22:38:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{5A3F122D-DAF8-47EC-8F16-2A8D39FAB9E4}
[2011/11/24 22:38:30 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DFE324B6-753A-4275-9376-C43DF7712D5D}
[2011/11/24 03:57:30 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{842D6F53-5619-4927-B478-E2DEA6F911E5}
[2011/11/24 03:57:08 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E143B6E8-CB35-48F0-BBEC-49E3F3EBEC58}
[2011/11/23 14:07:28 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F415AC7F-23B4-4174-B52A-BC8309B2DDFA}
[2011/11/23 14:07:04 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F5FAD3F5-799E-4EEE-8D7F-683F9946D040}
[2011/11/23 01:23:07 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/11/22 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/11/22 22:35:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\uTorrent
[2011/11/22 15:00:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2AC8F3E2-286C-44DA-898A-61D986FF4598}
[2011/11/22 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B9A63835-D71C-4FA0-904C-C6BAFA050813}
[2011/11/22 02:59:36 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A2FFC6B1-37E6-4C3C-81D8-380972763282}
[2011/11/22 02:59:10 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{40C0F2C4-F17F-4A16-ABFE-245B92E1D346}
[2011/11/21 14:58:45 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E80D5247-9D65-419D-8D1E-BF20524DEAC0}
[2011/11/21 14:58:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CF2DACC0-0302-4FA4-8DB6-FFCB00CAD2A4}
[2011/11/21 14:58:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\Desktop\tdsskiller
[2011/11/21 02:36:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{779B4A63-4B91-4290-AAB3-37A727635F33}
[2011/11/21 02:35:49 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{C6569961-D5DF-4ABC-B0E5-F3790CDD317D}
[2011/11/20 14:35:24 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{AE66123E-7D44-4938-9AAC-3D5157F4E224}
[2011/11/20 14:35:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{38A951D0-83C2-4427-955B-104E360FE976}
[2011/11/20 14:23:21 | 000,000,000 | ---D | C] -- C:\found.000
[2011/11/20 14:23:21 | 000,000,000 | ---D | C] -- \found.000
[2011/11/19 13:39:16 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D7229AB4-C0DB-41B4-A2D8-811ED058E2E3}
[2011/11/19 13:38:54 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E47E7177-6B60-4917-957C-9B7A9D32D380}
[2011/11/19 01:38:40 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F0DF38A9-EC46-4609-B547-323A7E70B791}
[2011/11/19 01:38:18 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CC9CD894-9985-4066-9017-5C1289B5D0BD}
[2011/11/18 13:38:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F0DEA2B1-E37B-4092-B56C-13812FAD0BC6}
[2011/11/18 01:16:18 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2CDEB39C-C776-41F8-8B6A-A3565EBCF26A}
[2011/11/18 01:16:08 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{1E25EAE4-03EB-46A4-89A3-94562DB1E4E8}
[2011/11/17 12:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/11/17 12:45:19 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\22481826.sys
[2011/11/17 12:33:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{11772946-5210-4C8C-8822-5594B9A04D5B}
[2011/11/17 12:33:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4D2BBBEF-9913-413B-A382-61CD70695C79}
[2011/11/17 12:17:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/17 12:17:30 | 000,000,000 | ---D | C] -- \_OTL
[2011/11/16 23:12:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{9372FFAB-E6E3-4F55-8BF1-D0A7AABBEC69}
[2011/11/16 23:11:38 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{19105E37-785C-42BE-A95C-5DEA04721752}
[2011/11/16 12:25:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/16 12:25:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/16 12:25:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/16 12:25:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/16 12:25:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/16 12:25:38 | 000,000,000 | ---D | C] -- \Qoobox
[2011/11/16 12:23:02 | 004,321,132 | R--- | C] (Swearware) -- C:\Users\Darron\Desktop\ComboFix.exe
[2011/11/16 11:11:05 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{968E812D-C826-4210-9C86-AEF3D9DB5CBA}
[2011/11/16 11:10:55 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{17C3BFF5-2083-4E03-AAFC-B306F99F777F}
[2011/11/15 19:36:59 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{3ED27406-13B9-45A9-9758-CA32217BCCAF}
[2011/11/15 19:36:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B90D6854-7E7F-4603-A193-F47DA1BADFD9}
[2011/11/15 10:11:27 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Darron\Desktop\aswMBR.exe
[2011/11/15 09:22:32 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
[2011/11/15 07:35:56 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2AC54AD9-5E59-4509-9F4C-A9DA5D8BF6AD}
[2011/11/15 07:35:46 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0EA39C71-CFE1-4356-BCE6-B06ACE8FE62E}
[2011/11/14 13:34:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{465A9AFE-D4C7-4C9F-BC84-9A8C25F22CD9}
[2011/11/14 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FBC9C177-8A6D-48FE-A2B6-C5FBEC7BA715}
[2011/11/14 01:33:36 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DDB63B26-4F8E-4305-937A-9E7E671DB46B}
[2011/11/14 01:33:13 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{A44C19B7-C506-4367-AF3D-182966FCBD01}
[2011/11/13 13:33:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{4D2C5984-387A-4F11-BF86-96054B9F39C4}
[2011/11/13 13:32:35 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DC2A9E16-90F4-4CDB-8FEB-C68B830A1941}
[2011/11/12 14:01:10 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{8A47663F-6683-437C-B76A-CE9CE061F489}
[2011/11/12 14:00:47 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FEF24643-6407-4BCF-A017-88E1F543D31E}
[2011/11/12 02:00:33 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{F0CF85B7-A2F5-4311-B5AD-3EFE6BD52D31}
[2011/11/12 02:00:11 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{34303754-D6BC-4285-9E28-1FA41833EC01}
[2011/11/11 13:59:57 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{7DF6A279-D76A-499D-8D03-4C8A17FCB972}
[2011/11/11 13:59:18 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0B383D6D-5CB6-4387-A669-D7C05976C7D9}
[2011/11/11 01:59:02 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{9AF3E265-8EBB-4490-B396-D9FC0EE2E6D6}
[2011/11/11 01:58:39 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{CCBAC2F6-F556-4A15-9665-EFFA8357C334}
[2011/11/10 13:58:14 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FFC46D14-E72C-4C41-BB8A-184508A0E829}
[2011/11/10 13:57:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{480DF76D-3C13-4221-B765-52608BFBF9F5}
[2011/11/09 13:05:12 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{DDB1D389-BB7C-4950-B095-B7EFC651621B}
[2011/11/09 13:04:51 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{FF316FDC-100A-445A-984A-490001B2BEC6}
[2011/11/09 01:04:19 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{83ED5959-6BB6-4903-8718-2B9021F1CD76}
[2011/11/09 01:03:56 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{964B69C7-49AD-4143-96BF-7FEC223E842D}
[2011/11/08 13:03:31 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{2E95747F-6534-41FC-A6B5-990BAB7C3965}
[2011/11/08 13:03:08 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{EE5A2701-C7B4-4DD6-AEDC-1A5B0BA1F9B6}
[2011/11/08 01:02:29 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{7C142703-54D7-44D6-884B-1179BBC3F45E}
[2011/11/08 01:02:07 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{53C8D488-264A-421E-876F-A9C60C18B5E6}
[2011/11/07 11:28:27 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{34104D89-097B-4DD7-B115-B6B17D2615C3}
[2011/11/07 11:28:05 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B7E9034F-9CEE-4CB8-A9D7-C751E5AEBE45}
[2011/11/06 01:58:26 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{0C76A9C8-9C0C-437A-B044-9954A8A68A92}
[2011/11/06 01:58:03 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{810C32ED-5D85-44D6-87C7-01F942D9181B}
[2011/11/06 00:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/11/06 00:35:58 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/11/06 00:35:58 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/11/06 00:35:58 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/11/06 00:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/11/06 00:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/11/06 00:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/11/06 00:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/11/05 09:39:29 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BB053754-3A5C-43E9-9E33-C7A289873AEF}
[2011/11/05 09:38:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{EBA86BD4-E3E6-41DA-959F-9742875C717E}
[2011/11/04 09:56:31 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{E02FA0D5-A21C-4A98-8C55-29AC99FFD064}
[2011/11/04 09:56:06 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{BD4EEED1-A2F8-4803-9B3E-C0E4C511362F}
[2011/11/03 16:19:01 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B0F79C27-D8E8-4138-B249-054599EC0A15}
[2011/11/03 16:18:51 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{B98D4B05-C03B-418F-9256-71A761D14FF0}
[2011/11/02 16:47:15 | 000,000,000 | ---D | C] -- C:\Users\Darron\Desktop\Business Plan Stuff
[2011/11/02 13:45:52 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{246A2DA1-1486-471B-832C-EBB6F059ED07}
[2011/11/02 13:45:28 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{7BE1E65A-2CAB-45B9-A38F-2A157350D901}
[2011/11/01 23:16:09 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{9181B2C0-441C-4D43-BE22-76E0BAED0CDF}
[2011/11/01 23:15:58 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{3CC4EDFF-A472-4535-BBCC-91642A80A7BD}
[2011/11/01 11:17:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/11/01 11:17:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/01 11:17:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/11/01 11:17:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/01 11:17:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/01 11:17:08 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/11/01 11:17:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/11/01 11:17:06 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/11/01 11:17:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/01 11:14:28 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/11/01 11:14:27 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2011/11/01 11:14:27 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/11/01 11:14:26 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/11/01 11:14:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/11/01 11:14:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2011/11/01 11:12:06 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/11/01 11:12:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/11/01 11:12:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/11/01 11:12:05 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/11/01 11:12:05 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011/11/01 11:12:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011/11/01 11:12:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011/11/01 11:12:05 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011/11/01 10:48:00 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{05E033E5-84E3-44F5-8837-982188E59538}
[2011/11/01 10:47:50 | 000,000,000 | ---D | C] -- C:\Users\Darron\AppData\Local\{D1D262AE-37C9-44C3-B9CE-4F8BBE8BCAA9}
[2011/07/05 15:08:06 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011/07/05 15:08:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011/07/05 15:08:06 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011/07/05 15:08:06 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011/07/05 15:08:05 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011/07/05 15:08:05 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011/07/05 15:08:05 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011/07/05 15:08:05 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011/07/05 15:08:05 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011/07/05 15:08:05 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011/07/05 15:08:05 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011/07/05 15:08:05 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[2009/11/13 09:05:59 | 021,044,640 | ---- | C] (Sage Software ) -- C:\Users\Darron\AppData\Roaming\ACT1200HotFix_SS.exe

========== Files - Modified Within 30 Days ==========

[2011/11/30 13:15:59 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/30 12:36:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000UA.job
[2011/11/30 12:12:19 | 000,651,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/30 12:12:19 | 000,121,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/30 12:12:18 | 000,768,952 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/30 12:06:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/30 12:05:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2011/11/30 12:05:31 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/30 12:05:19 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/30 12:05:19 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/30 12:05:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/30 11:37:18 | 004,321,132 | R--- | M] (Swearware) -- C:\Users\Darron\Desktop\ComboFix.exe
[2011/11/30 10:51:49 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670984328-1985135284-1998418574-1000Core.job
[2011/11/29 18:09:08 | 000,215,040 | ---- | M] () -- C:\Users\Darron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/29 04:02:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/11/28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/28 13:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/11/28 13:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/11/28 12:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/11/28 12:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/11/28 12:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/11/28 12:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/11/28 12:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/11/28 12:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/11/28 10:58:19 | 000,000,746 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/28 10:53:45 | 004,845,856 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Darron\Desktop\procexp.exe
[2011/11/28 10:51:30 | 000,061,440 | ---- | M] ( ) -- C:\Users\Darron\Desktop\VEW.exe
[2011/11/23 01:23:24 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/11/17 19:58:04 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\22481826.sys
[2011/11/16 17:20:40 | 000,187,632 | ---- | M] () -- C:\Users\Darron\Desktop\IMG-20111103-00106-1.jpg
[2011/11/16 13:31:48 | 000,008,926 | ---- | M] () -- C:\Users\Darron\Desktop\Label.png
[2011/11/16 11:39:20 | 000,080,384 | ---- | M] () -- C:\Users\Darron\Desktop\MBRCheck.exe
[2011/11/15 10:11:34 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Darron\Desktop\aswMBR.exe
[2011/11/15 09:22:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Darron\Desktop\OTL.exe
[2011/11/15 01:43:43 | 003,193,190 | ---- | M] () -- C:\Users\Darron\Desktop\Southwern Wine & Spirits career.pdf
[2011/11/09 14:16:53 | 000,009,267 | ---- | M] () -- C:\Users\Darron\Desktop\try.jpg
[2011/11/09 14:11:45 | 000,003,110 | ---- | M] () -- C:\Users\Darron\Desktop\barcode-image.jpg
[2011/11/08 17:10:15 | 000,074,074 | ---- | M] () -- C:\Users\Darron\Desktop\Google Trends.JPG
[2011/11/07 19:58:26 | 000,061,924 | ---- | M] () -- C:\Users\Darron\Desktop\IMG_2671.jpg
[2011/11/02 18:31:31 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\pool.bin
[2011/11/01 13:54:59 | 004,922,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/01 11:43:31 | 000,002,499 | ---- | M] () -- C:\Users\Public\Desktop\VitalSource Bookshelf.lnk

========== Files Created - No Company Name ==========

[2011/11/28 10:58:19 | 000,000,746 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/16 17:20:46 | 000,187,632 | ---- | C] () -- C:\Users\Darron\Desktop\IMG-20111103-00106-1.jpg
[2011/11/16 12:25:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/16 12:25:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/16 12:25:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/16 12:25:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/16 12:25:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/16 11:38:47 | 000,080,384 | ---- | C] () -- C:\Users\Darron\Desktop\MBRCheck.exe
[2011/11/15 01:44:05 | 003,193,190 | ---- | C] () -- C:\Users\Darron\Desktop\Southwern Wine & Spirits career.pdf
[2011/11/09 14:16:53 | 000,009,267 | ---- | C] () -- C:\Users\Darron\Desktop\try.jpg
[2011/11/09 14:11:53 | 000,003,110 | ---- | C] () -- C:\Users\Darron\Desktop\barcode-image.jpg
[2011/11/08 17:10:13 | 000,074,074 | ---- | C] () -- C:\Users\Darron\Desktop\Google Trends.JPG
[2011/11/07 19:58:31 | 000,061,924 | ---- | C] () -- C:\Users\Darron\Desktop\IMG_2671.jpg
[2011/11/04 11:32:21 | 000,008,926 | ---- | C] () -- C:\Users\Darron\Desktop\Label.png
[2011/10/05 16:23:08 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\W32mkrc.dll
[2011/10/05 16:23:07 | 000,038,400 | ---- | C] () -- C:\Windows\SysWow64\OC25JPN.DLL
[2011/10/05 16:23:06 | 000,014,256 | ---- | C] () -- C:\Windows\SysWow64\VAJP2.DLL
[2011/10/05 16:22:58 | 000,000,255 | ---- | C] () -- C:\Windows\NSFASTW.INI
[2011/10/05 14:19:14 | 000,002,048 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\A&I Book Creator Prefs
[2011/09/28 10:53:41 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2011/07/28 11:29:00 | 000,001,332 | ---- | C] () -- \initdb526.ora
[2011/07/27 17:13:57 | 000,001,397 | ---- | C] () -- \newinitDB504.ora
[2011/07/27 17:13:57 | 000,001,332 | ---- | C] () -- \initfile.ora
[2011/07/05 15:08:06 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011/07/05 15:08:06 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011/07/05 15:08:06 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011/07/05 15:08:06 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011/07/05 15:08:06 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011/07/05 15:08:06 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011/07/05 15:08:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011/07/05 15:08:06 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011/07/05 15:04:49 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011/07/05 15:04:48 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011/02/22 00:42:43 | 000,000,600 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\winscp.rnd
[2011/02/14 03:32:58 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/02/14 03:32:09 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/14 03:32:01 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/02/14 03:32:01 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/02/14 03:32:01 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/14 03:31:54 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/01/02 13:41:22 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010/10/15 02:07:05 | 000,000,701 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\init.dll
[2010/10/15 02:07:05 | 000,000,006 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\SYSTEM32.dll
[2010/10/15 02:06:54 | 000,000,701 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\sound.dll
[2010/10/15 02:05:09 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010/10/13 21:52:46 | 000,001,456 | ---- | C] () -- C:\Users\Darron\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/10/12 18:09:28 | 000,000,132 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/08/16 13:17:23 | 000,000,732 | ---- | C] () -- C:\Users\Darron\AppData\Local\d3d9caps64.dat
[2009/12/08 14:10:45 | 000,130,503 | ---- | C] () -- C:\Windows\hpoins21.dat
[2009/12/08 14:10:45 | 000,008,138 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2009/12/08 14:10:38 | 000,355,416 | ---- | C] () -- \hpzids40.dll
[2009/12/03 12:43:20 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 12:42:10 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 12:41:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/13 09:11:25 | 000,787,200 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/26 20:18:09 | 000,026,311 | ---- | C] () -- C:\Users\Darron\AppData\Roaming\UserTile.png
[2009/10/24 15:06:39 | 000,000,256 | ---- | C] () -- \pool.bin
[2009/10/22 19:28:33 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2009/10/14 22:14:47 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX.INI
[2009/10/11 16:19:14 | 000,000,268 | RH-- | C] () -- C:\Users\Darron\AppData\Roaming\Rock
[2009/10/10 20:39:53 | 000,001,356 | ---- | C] () -- C:\Users\Darron\AppData\Local\d3d9caps.dat
[2009/10/10 14:37:19 | 000,215,040 | ---- | C] () -- C:\Users\Darron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/03 00:49:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/03/04 13:53:58 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/04 13:09:41 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2009/03/04 13:09:40 | 000,333,257 | RHS- | C] () -- \bootmgr
[2009/03/04 13:06:36 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/07 21:03:36 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\REWCACHE.DAT
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/09/23 02:39:38 | 000,894,976 | ---- | C] () -- \msdia80.dll

========== LOP Check ==========

[2009/11/17 16:10:18 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\.myibay
[2011/10/05 14:18:46 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\A&I Book Creator
[2009/11/13 09:05:40 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\ACT
[2011/01/09 00:32:44 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Ashampoo
[2011/03/03 16:53:02 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/30 12:07:16 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Dropbox
[2011/05/29 12:56:31 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\DRPSu
[2011/09/09 03:51:25 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\F6F31246D56317A2310463B7840217AF
[2009/10/30 11:51:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\GARMIN
[2011/06/29 13:56:05 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\GetRightToGo
[2011/07/02 11:23:33 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\HandBrake
[2011/06/27 19:36:54 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\HDRsoft
[2011/07/05 18:59:23 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\ICAClient
[2009/11/13 09:19:26 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\IsolatedStorage
[2009/12/22 02:04:15 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Mipony
[2010/07/24 23:08:41 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\mjusbsp
[2010/10/25 13:17:13 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\MyScribe
[2009/10/14 21:59:10 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Nikon
[2010/01/12 21:57:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\OxelonMC
[2009/11/03 12:41:07 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\PeerNetworking
[2010/11/16 14:03:49 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Prish
[2011/07/14 16:14:52 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Pro800-Pro900 Series
[2010/10/09 12:15:30 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\QuickScan
[2011/06/29 14:45:37 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Red Kawa
[2010/11/17 12:27:21 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Research In Motion
[2011/08/12 01:07:55 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\rinsebyreal
[2011/09/28 10:53:24 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Softouch
[2011/08/17 14:39:47 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Solveig Multimedia
[2011/10/30 18:57:25 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/02/02 01:15:09 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\SWiSH Max3
[2011/02/18 13:48:05 | 000,000,000 | ---D | M] -- C:\Users\Darron\AppData\Roaming\Windows Live Writer
[2011/11/30 12:03:57 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 01:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\ERDNT\cache86\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 21:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 01:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 00:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 21:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 21:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache86\svchost.exe
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\ERDNT\cache64\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: TERMSRV.DLL >
[2008/02/17 22:06:54 | 000,546,816 | ---- | M] (Microsoft Corporation) MD5=53AE63B98BB1C3D7F6A2D70BDD12D5D5 -- C:\Windows\SysNative\termsrv.dll
[2008/02/17 22:06:54 | 000,546,816 | ---- | M] (Microsoft Corporation) MD5=53AE63B98BB1C3D7F6A2D70BDD12D5D5 -- C:\Windows\SysNative\termsrv.dll
[2008/01/20 21:48:12 | 000,546,816 | ---- | M] (Microsoft Corporation) MD5=F870A5589D6A94B426EFB13689023946 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll

< MD5 for: USERINIT.EXE >
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache86\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\ERDNT\cache64\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 21:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Darron\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/15 00:39:56 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Darron\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/15 00:39:56 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Darron\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/15 00:39:56 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Darron\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/15 00:39:56 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2011/06/10 13:53:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2011/06/10 13:53:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2011/06/10 13:53:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/06/10 13:53:02 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/06/10 13:53:02 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\DARRON\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2011/11/15 00:39:56 | 001,036,344 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/06/10 13:52:52 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/06/10 13:52:52 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/06/10 13:52:52 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/06/10 13:53:02 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/06/10 13:53:02 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA029835
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >

Michael, I really appreciate all the help. The computer remains in the same state basically since i opened this thread. The computer functions okay, but I am just unable to complete a scan without having to power down the computer using the button.
The scan stopped at 48%, the only thing that has been moving for the past hour was the duration. Files weren't being scanned and the percentage# wasn't moving to indicate that files were being scanned either. I did take a picture with my phone to indicate what took place just before powering it off using the button.
The file which the scan seemed to stop on was called mstsc.exe

Attached Thumbnails

#29
michaelg9

Posted 01 December 2011 - 06:54 AM

Trusted Helper

Malware Removal
2,949 posts

Hello
The corrupted file wasn't replaced.
Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL

:Services

:Reg

:Files

C:\Windows\SysNative\termsrv.dll|c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll /replace
C:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll|c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll /replace

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the log it will output after the fix

#30
Snypa86

Posted 01 December 2011 - 07:26 AM

Member

Topic Starter
Member
58 posts

All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File C:\Windows\SysNative\termsrv.dll successfully replaced with c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll
Unable to replace file: C:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_eca9565809c353e4\termsrv.dll with c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_eabddd4c0ca18898\termsrv.dll without a reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Darron
->Temp folder emptied: 106440950 bytes
->Temporary Internet Files folder emptied: 734652 bytes
->Java cache emptied: 1778409 bytes
->Google Chrome cache emptied: 19402770 bytes
->Flash cache emptied: 36675 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7433 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 104735721 bytes

Total Files Cleaned = 222.00 mb

[EMPTYFLASH]

User: All Users

User: AppData

User: Darron
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12012011_081731

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...