Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow, Sluggish Laptop


  • Please log in to reply

#1
TomNeedsHelp

TomNeedsHelp

    Member

  • Member
  • PipPip
  • 51 posts
Hello Again,

I have used G2G before and was very happy with the help received.

Today is a Medion Laptop (MD 96340) with a AMD Athlon 64 X2 1.7Ghz with 2 GB ram running VISTA sp1 (32 bit).

This computer is ~5 years old, and has always been very responsive. Lately, it has been slowing down, taking several minutes to start up, and several more minutes to shut down. While running Firefox, will frequently get the Program Not Responding message, but it will eventually finish what it is doing.

Could someone take a look at the below Old Timer logs and let me know if there is anything seriously wrong.

Thanks in advance,

Tom

OTL logfile created on: 11/12/2011 2:52:33 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Diane and Tom\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 43.84% Memory free
3.99 Gb Paging File | 2.67 Gb Available in Paging File | 66.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 125.71 Gb Total Space | 26.70 Gb Free Space | 21.24% Space Free | Partition Type: NTFS
Drive D: | 23.32 Gb Total Space | 16.40 Gb Free Space | 70.31% Space Free | Partition Type: FAT32

Computer Name: BUNTINGS-PC | User Name: Buntings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/12 14:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Diane and Tom\Desktop\OTL.exe
PRC - [2011/10/18 19:11:01 | 002,042,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2011/09/29 01:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe
PRC - [2011/04/20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe
PRC - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
PRC - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
PRC - [2010/06/17 03:59:28 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
PRC - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/08/18 17:25:51 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/18 17:25:50 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/18 17:25:45 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/18 17:25:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/18 17:25:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/11/10 12:23:40 | 000,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2007/09/10 21:26:38 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007/09/10 21:26:38 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007/02/15 13:52:16 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynMedion.exe
PRC - [2007/02/15 10:07:16 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/23 20:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 20:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/11/22 12:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/19 18:45:07 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/29 01:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/22 10:37:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011/07/22 10:31:48 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011/07/22 10:29:17 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/04/20 17:49:26 | 000,978,944 | ---- | M] () -- C:\Program Files\ControlCenter4\BrImgProc.dll
MOD - [2011/03/15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007/08/08 19:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006/11/22 12:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006/11/22 12:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
MOD - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/05/30 10:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe -- (tgsrvc_ncnetworksdm) SupportSoft Repair Service (ncnetworksdm)
SRV - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe -- (sprtsvc_ncnetworksdm) SupportSoft Sprocket Service (ncnetworksdm)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/08/18 17:25:35 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/18 17:25:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/11/10 12:23:50 | 005,117,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/11/10 12:23:42 | 000,243,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2009/08/18 17:25:51 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/18 17:25:51 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/08 15:48:01 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/08/07 19:23:28 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2008/07/08 12:39:28 | 000,031,712 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psmounter.sys -- (PSMounter)
DRV - [2008/05/20 08:32:40 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2008/01/19 00:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2007/07/05 04:57:54 | 000,873,472 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athru6.sys -- (athrusb6)
DRV - [2007/07/03 02:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/05/03 20:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/03/27 17:46:40 | 000,008,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flash.sys -- (flash)
DRV - [2007/02/07 20:35:10 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/01/13 03:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/01/08 21:34:04 | 000,449,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/15 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/09/15 01:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2003/04/28 13:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-890929848-333396877-4107253412-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/channel/START
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: [email protected]:3.011.025.005
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/21 17:50:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVG\AVG8\Toolbar\Firefox\[email protected] [2011/08/20 12:09:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/18 19:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/18 19:24:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/19 20:35:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter

[2010/04/26 06:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Extensions
[2010/04/26 06:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\extensions
[2010/04/26 06:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/26 06:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\extensions\staged-xpis
[2011/10/18 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/21 17:50:14 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2011/08/20 12:09:45 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="[email protected]" em:name="AVG Security Toolbar" em:version="7.005.030.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\[email protected]
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" File not found
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [NCNETWORKSDM] C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-890929848-333396877-4107253412-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKLM..\RunOnce: [BrURL] C:\Windows\System32\url.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-890929848-333396877-4107253412-1000..\RunOnce: [avg_spchecker] C:\Program Files\AVG\AVG8\Notification\SPChecker.exe ()
O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Buntings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Diane and Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{269C98C8-5A53-483A-9110-E60F1092E133}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CF0EAC-4D0B-4854-A45D-503F9F03CB3C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) -C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9233610e-85a9-11dc-a0fa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9233610e-85a9-11dc-a0fa-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{9233610e-85a9-11dc-a0fa-806e6f6e6963}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{9233610e-85a9-11dc-a0fa-806e6f6e6963}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/11 15:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011/11/11 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2011/11/11 15:48:52 | 000,000,000 | ---D | C] -- C:\Brother
[2011/11/11 15:48:48 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\System32\BRCrypt.dll
[2011/11/11 15:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02
[2011/11/11 15:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2011/11/11 15:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\ControlCenter4
[2011/11/11 15:46:52 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\System32\BrMfNt.dll
[2011/11/11 15:46:49 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrfxD05c.dll
[2011/11/11 15:46:42 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrMuSNMP.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\BrWiaNCp.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrNetSti.dll
[2011/11/11 15:46:42 | 000,051,200 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\System32\Brnsplg.dll
[2011/11/11 15:46:36 | 001,475,072 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrWi209d.dll
[2011/11/11 15:46:36 | 000,217,088 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrJDec.dll
[2011/11/11 15:45:15 | 000,217,088 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011/11/11 15:45:15 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011/11/11 15:45:14 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011/11/11 15:45:14 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011/11/11 15:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011/11/11 15:43:34 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\InstallShield
[2011/11/09 22:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2007/08/13 09:24:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2011/11/12 15:00:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7FB78F2C-93B6-4536-BCC9-82B6D778C10C}.job
[2011/11/12 15:00:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5E6EAA57-BFDD-4667-81A9-193F34933CC1}.job
[2011/11/12 14:31:50 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/12 14:31:50 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/12 14:27:48 | 086,184,203 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/11/12 14:24:38 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 14:24:37 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 14:24:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/11 15:52:54 | 000,000,247 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | M] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:48:54 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini
[2011/10/19 18:45:07 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/10/18 19:24:27 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/11/11 15:52:54 | 000,000,247 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:46:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011/11/11 15:46:49 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/10/18 19:24:27 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/18 19:24:26 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/17 02:11:34 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/12 22:03:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/12 22:03:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2007/12/28 23:09:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/11/15 19:34:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2007/11/06 16:53:14 | 000,000,456 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\wklnhst.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.001
[2007/10/28 11:25:43 | 000,007,680 | ---- | C] () -- C:\Users\Buntings\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/14 11:04:24 | 000,008,064 | ---- | C] () -- C:\Windows\System32\drivers\flash.sys
[2007/08/13 11:25:08 | 000,087,312 | ---- | C] () -- C:\Windows\mws.exe
[2007/08/13 10:30:45 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007/08/13 09:32:08 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/08/13 09:24:35 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/13 08:51:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/08/13 08:51:09 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2006/12/11 13:24:21 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,436,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/01/17 02:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2004/08/09 02:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[1999/10/26 11:00:00 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT

< End of report >


OTL Extras logfile created on: 11/12/2011 2:52:34 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Diane and Tom\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 43.84% Memory free
3.99 Gb Paging File | 2.67 Gb Available in Paging File | 66.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 125.71 Gb Total Space | 26.70 Gb Free Space | 21.24% Space Free | Partition Type: NTFS
Drive D: | 23.32 Gb Total Space | 16.40 Gb Free Space | 70.31% Space Free | Partition Type: FAT32

Computer Name: BUNTINGS-PC | User Name: Buntings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB17E1E-F513-461B-BC22-A1BBAAAEF791}" = lport=2869 | protocol=6 | dir=in | app=system |
"{352668C5-B94F-48E9-AECD-4C602AC1DEC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CA68763-7AA9-42A1-A2F2-B62E02AE869B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5386AB1B-3D4B-437B-A132-3873F919F184}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5CA91DA3-B13C-4EB8-8160-B54F40F4E54A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{B46DE099-40C9-42E2-8AFB-2EEA9EA99D38}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E609CB50-EA3F-440C-84BE-4CAEBAE02B63}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E703148-094E-48D1-A8F4-5A52DDDD78F3}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{41068137-0C62-47D2-8422-66E0DC4D3F69}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4222EDBA-8B1B-4F5A-83F8-7E9736C703A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{586734ED-1863-4EDB-86E1-8DE719C26BB6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6363BF71-EF02-4064-BF1B-500C9D96024D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{800AEA1B-F761-4667-ACCC-6D1B42027F65}" = protocol=6 | dir=out | app=system |
"{8A979B2F-5B63-4736-8D0C-225414E218CF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{91BA79F2-1BFC-4D1F-87C5-CB84DCC2AED8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{941A8B81-A22E-43D2-A384-C6A316A8DB57}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A37F6F8D-B1D5-4081-8B82-82541133C220}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{C22FBC1E-1D9E-4028-B6D3-C7FFE095DF3D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CC2E557D-913B-4B36-9231-D360770473BE}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{D021A16E-159C-4D27-82DE-1B1E6309634D}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{D5B8696F-676E-4DE9-95AB-F7889E8D0AAA}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{DB057F0E-A2B1-4F3F-9C01-30F78412A1EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{024A1111-42D5-446A-8ED5-F533EB14CD47}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{1F9EC1DA-B5D7-46B3-941E-15B7D60D7F81}C:\program files\games\3d-battleship4\3d-battleship4.exe" = protocol=6 | dir=in | app=c:\program files\games\3d-battleship4\3d-battleship4.exe |
"TCP Query User{4E57F849-D1CA-465C-8430-0A3725F86703}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{93DA955B-8E45-49B5-A952-0E2B8511CA9A}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{A532B8E9-82C4-4E43-9943-CF2317877609}C:\program files\pocket tanks\pockettanks.exe" = protocol=6 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |
"TCP Query User{BFE19EAE-BD6D-43B2-AFE9-8392A1EA68C9}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=6 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"TCP Query User{CC87F737-1AC0-4664-B75B-B70B62FEBBC0}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{0FE3BDEC-64FE-4665-8348-9E1B6DF9DD6C}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{1E624FFE-6C55-48B0-8B91-7DE418301096}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{59B2578C-AA85-4C56-B524-FCB98015EF22}C:\program files\games\3d-battleship4\3d-battleship4.exe" = protocol=17 | dir=in | app=c:\program files\games\3d-battleship4\3d-battleship4.exe |
"UDP Query User{88636CEA-FB09-4F92-AE16-371B8AD4FC01}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=17 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"UDP Query User{910D0CB6-BCBE-4BA1-9701-F54CAEE1517A}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{C28C0AF8-7221-459B-944F-E86E510DB354}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EF2A9C1E-F2A4-400D-B2F5-C7CF78297671}C:\program files\pocket tanks\pockettanks.exe" = protocol=17 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{01C76294-8CF2-4A76-AD7B-9958F8FF44E2}" = OpenOffice.org 2.3
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1EDFA38A-2FEB-4E62-82C9-DA415C0EEF33}" = IEEE 802.11g Wireless LAN driver
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FA1102F-DE05-4E79-8CED-E5BAABFC2FEF}" = Starshine Episode 2
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Suyin Live Camera
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite MFC-7460DN
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63B75E16-F290-4FCD-AF67-A9134CD01033}" = Nero 7 Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{704C2901-0E9C-4E4B-862B-2001DACA314B}" = Spinco Download Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{931ECD9B-B64B-4D09-B97E-052E0783D2A7}" = Macrium Reflect - Free Edition
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A7123032-A8DA-48AC-9F5D-0A3B14698375}" = Starshine Episode 3
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = SUYIN webcam
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4ECF493-29C4-4CB7-903E-90C28F3D0C00}" = Starshine Episode 4
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = NEF Codec
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.0
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG8Uninstall" = AVG Free 8.5
"HashCalc_is1" = HashCalc 2.02
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Verizon High Speed Internet_is1" = Verizon High Speed Internet
"VLC media player" = VideoLAN VLC media player 0.8.6i
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zune" = Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/16/2009 4:02:15 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application SJ2.exe, version 8.5.1.102, time stamp 0x3c3c17bf,
faulting module Sound Control.x32, version 8.5.1.102, time stamp 0x3c3c18cf, exception
code 0xc0000005, fault offset 0x0000577f, process id 0x3b4, application start time
0x01c9eeb8143e0966.

Error - 6/17/2009 5:56:59 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application SJ2.exe, version 8.5.1.102, time stamp 0x3c3c17bf,
faulting module IML32.dll, version 8.5.1.102, time stamp 0x3c3c1247, exception
code 0xc0000005, fault offset 0x0006dd3e, process id 0x3a8, application start time
0x01c9ef964809beb5.

Error - 6/18/2009 9:45:45 AM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xc80, application start time
0x01c9f01b13bef5b9.

Error - 6/25/2009 11:22:09 PM | Computer Name = Buntings-PC | Source = VSS | ID = 8194
Description =

Error - 6/25/2009 11:28:24 PM | Computer Name = Buntings-PC | Source = VSS | ID = 8194
Description =

Error - 7/1/2009 1:14:38 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xd64, application start time
0x01c9fa6f69584051.

Error - 7/4/2009 3:18:04 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xf30, application start time
0x01c9fcdc2782828d.

Error - 7/7/2009 4:59:40 PM | Computer Name = Buntings-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/7/2009 8:31:44 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0x1364, application start time
0x01c9ff6377bd8865.

Error - 7/7/2009 8:34:02 PM | Computer Name = Buntings-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 11/11/2011 4:39:08 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 11/11/2011 5:06:54 PM | Computer Name = Buntings-PC | Source = HTTP | ID = 15016
Description =

Error - 11/11/2011 5:08:09 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/11/2011 5:08:09 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 11/11/2011 11:06:50 PM | Computer Name = Buntings-PC | Source = HTTP | ID = 15016
Description =

Error - 11/11/2011 11:07:30 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/11/2011 11:07:30 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 11/12/2011 3:24:33 PM | Computer Name = Buntings-PC | Source = HTTP | ID = 15016
Description =

Error - 11/12/2011 3:25:03 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/12/2011 3:25:03 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
We need to update your anti-virus. You are two generations behind. I want to install the free Avast for now. IF you don't like it you can uninstall it and get the latest version of AVG instead but please wait until we are done.

Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free Avast installer.
http://www.avast.com...ivirus-download
Uninstall AVG

Run the Avg Remover

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)
Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find? I think a text version of the report can be found at:
C:\ProgramData\Alwil Software\Avast5\report\aswboot.txt Please copy and paste it if you can find it.

Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK



Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-890929848-333396877-4107253412-1004\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" File not found
O4 - HKLM..\RunOnce: [BrURL] C:\Windows\System32\url.dll (Microsoft Corporation)

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
     
:Commands
[RESETHOSTS]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

If one of the following will not run then just skip to the next one then go back and try the things that wouldn't run again after finishing the others.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix.==> Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted



Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply. If Combofix does not restart your PC on its own please restart it before going on.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Ron
  • 0

#3
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Sorry for the delay, but that was a lot of progs to download and run.

For the Avast logs, I could not find the actual log. The program did say that it had found 10 infected files. Nothing critical though.

Malwarebytes Log: A log file never opened. It said that it had completed scanning. Only thing it reported was the TDSKiller file.

ComboFix:

ComboFix 11-11-13.03 - Buntings 11/14/2011 19:05:32.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1918.1065 [GMT -5:00]
Running from: c:\users\Buntings\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Words
c:\users\Diane and Tom\avira_antivir_personal_en.exe
c:\users\Diane and Tom\cstbwin4136en.exe
c:\users\Diane and Tom\Firefox Setup 7.0.1.exe
c:\users\Diane and Tom\MediaPortalSetup_1.1.3.exe
c:\users\Diane and Tom\xbmc-10.1.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-15 to 2011-11-15 )))))))))))))))))))))))))))))))
.
.
2011-11-15 00:20 . 2011-11-15 00:20 -------- d-----w- c:\users\Diane and Tom\AppData\Local\temp
2011-11-15 00:20 . 2011-11-15 00:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-15 00:20 . 2011-11-15 00:20 -------- d-----w- c:\users\Boys\AppData\Local\temp
2011-11-14 23:55 . 2011-11-14 23:55 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C48E32D-7114-4629-9851-D208AB4C695E}\offreg.dll
2011-11-14 03:58 . 2011-11-14 03:58 -------- d-----w- c:\users\Buntings\AppData\Roaming\Malwarebytes
2011-11-14 03:58 . 2011-11-14 03:58 -------- d-----w- c:\programdata\Malwarebytes
2011-11-14 03:58 . 2011-11-14 03:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-14 03:58 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-14 03:45 . 2011-11-14 03:45 -------- d-----w- C:\_OTL
2011-11-13 22:23 . 2011-09-06 21:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-13 22:23 . 2011-09-06 21:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-13 22:23 . 2011-09-06 21:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-13 22:23 . 2011-09-06 21:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-13 22:23 . 2011-09-06 21:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-13 22:23 . 2011-09-06 21:36 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-13 22:21 . 2011-09-06 21:45 41184 ----a-w- c:\windows\avastSS.scr
2011-11-13 22:21 . 2011-09-06 21:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-13 22:21 . 2011-11-13 22:21 -------- d-----w- c:\programdata\AVAST Software
2011-11-13 22:21 . 2011-11-13 22:21 -------- d-----w- c:\program files\AVAST Software
2011-11-13 22:05 . 2011-11-13 22:06 -------- d-----w- c:\users\Buntings\AppData\Roaming\ControlCenter4
2011-11-11 22:00 . 2011-11-11 21:55 -------- d-----w- c:\users\Diane and Tom\AppData\Roaming\ControlCenter4
2011-11-11 20:48 . 2011-11-11 20:48 -------- d-----w- C:\Brother
2011-11-11 20:48 . 2006-07-07 17:40 73728 ------w- c:\windows\system32\BRCrypt.dll
2011-11-11 20:48 . 2011-11-11 20:48 -------- d-----w- c:\program files\Browny02
2011-11-11 20:48 . 2011-11-11 20:48 -------- d-----w- c:\programdata\ControlCenter4
2011-11-11 20:47 . 2011-11-11 20:48 -------- d-----w- c:\program files\ControlCenter4
2011-11-11 20:44 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C48E32D-7114-4629-9851-D208AB4C695E}\mpengine.dll
2011-11-11 20:43 . 2011-11-11 20:43 -------- d-----w- c:\users\Buntings\AppData\Roaming\InstallShield
2011-11-11 20:20 . 2011-11-11 20:40 -------- d-----w- c:\users\Diane and Tom\New Folder
2011-11-10 03:19 . 2011-11-10 03:19 -------- d-----r- c:\users\Diane and Tom\AppData\Roaming\Brother
2011-11-10 03:17 . 2011-11-11 20:21 -------- d-----w- c:\programdata\Brother
2011-10-19 00:24 . 2011-09-29 06:53 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-10-19 00:24 . 2011-09-29 06:53 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-10-19 00:24 . 2011-09-29 06:53 773080 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-10-19 00:24 . 2011-09-29 06:53 1833944 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-10-19 00:24 . 2011-09-29 06:53 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-10-19 00:24 . 2011-09-29 06:53 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-10-19 00:24 . 2011-09-29 06:53 478168 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-10-19 00:24 . 2011-09-29 06:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-10-19 00:24 . 2011-09-29 00:26 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-10-19 00:24 . 2011-09-29 00:26 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-10-16 23:55 . 2011-10-16 23:55 18139008 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 23:45 . 2011-06-18 05:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 04:38 . 2011-09-06 04:36 13183812 ----a-w- c:\users\Diane and Tom\MediaPortalSetup_1.1.3.exe.part
2011-09-29 06:53 . 2011-10-19 00:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-15 857648]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-11-09 86016]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-11-10 157312]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-13 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-13 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-01-13 81920]
"NCNETWORKSDM"="c:\program files\NCNETWORKSDM\bin\sprtcmd.exe" [2010-06-17 206120]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\Buntings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-12-24 01:05 143360 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyApp]
2007-04-16 22:24 192512 ----a-w- c:\program files\Launch Manager\HotkeyApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 22:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
2006-12-26 18:23 180224 ----a-w- c:\program files\Launch Manager\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]
2007-05-04 00:33 2629632 ----a-w- c:\program files\Notebook Hardware Control\nhc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2008-11-10 17:23 157312 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R1 mailKmd;mailKmd; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:\windows\system32\DRIVERS\athru6.sys [2007-07-05 873472]
R3 flash;flash;c:\windows\system32\drivers\flash.sys [2007-03-27 8064]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2008-07-08 31712]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\DRIVERS\pssnap.sys [2008-05-20 15328]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2008-08-06 216032]
S2 sprtsvc_ncnetworksdm;SupportSoft Sprocket Service (ncnetworksdm);c:\program files\NCNETWORKSDM\bin\sprtsvc.exe [2010-06-17 206120]
S2 tgsrvc_ncnetworksdm;SupportSoft Repair Service (ncnetworksdm);c:\program files\NCNETWORKSDM\bin\tgsrvc.exe [2010-06-17 185640]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-01-09 449024]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2006-11-18 118784]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-15 c:\windows\Tasks\User_Feed_Synchronization-{5E6EAA57-BFDD-4667-81A9-193F34933CC1}.job
- c:\windows\system32\msfeedssync.exe [2008-08-05 07:33]
.
2011-11-15 c:\windows\Tasks\User_Feed_Synchronization-{7FB78F2C-93B6-4536-BCC9-82B6D778C10C}.job
- c:\windows\system32\msfeedssync.exe [2008-08-05 07:33]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
.
.
------- File Associations -------
.
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
AddRemove-HashCalc_is1 - c:\program files\HashCalc\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 19:20
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2011-11-14 19:24:25
ComboFix-quarantined-files.txt 2011-11-15 00:24
.
Pre-Run: 26,465,812,480 bytes free
Post-Run: 41,108,140,032 bytes free
.
- - End Of File - - 454BA51D5CAF37E18A99382607919E68


TDSKiller:

19:28:10.0469 1240 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
19:28:10.0547 1240 ============================================================
19:28:10.0547 1240 Current date / time: 2011/11/14 19:28:10.0547
19:28:10.0547 1240 SystemInfo:
19:28:10.0547 1240
19:28:10.0547 1240 OS Version: 6.0.6001 ServicePack: 1.0
19:28:10.0547 1240 Product type: Workstation
19:28:10.0547 1240 ComputerName: BUNTINGS-PC
19:28:10.0547 1240 UserName: Buntings
19:28:10.0547 1240 Windows directory: C:\Windows
19:28:10.0547 1240 System windows directory: C:\Windows
19:28:10.0547 1240 Processor architecture: Intel x86
19:28:10.0547 1240 Number of processors: 2
19:28:10.0547 1240 Page size: 0x1000
19:28:10.0547 1240 Boot type: Normal boot
19:28:10.0547 1240 ============================================================
19:28:11.0046 1240 Initialize success
19:28:24.0010 1388 ============================================================
19:28:24.0010 1388 Scan started
19:28:24.0010 1388 Mode: Manual;
19:28:24.0010 1388 ============================================================
19:28:24.0556 1388 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
19:28:24.0571 1388 ACPI - ok
19:28:24.0634 1388 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:28:24.0649 1388 adp94xx - ok
19:28:24.0727 1388 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:28:24.0727 1388 adpahci - ok
19:28:24.0790 1388 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:28:24.0790 1388 adpu160m - ok
19:28:24.0837 1388 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:28:24.0837 1388 adpu320 - ok
19:28:24.0946 1388 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
19:28:24.0961 1388 AFD - ok
19:28:25.0008 1388 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:28:25.0008 1388 aic78xx - ok
19:28:25.0071 1388 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
19:28:25.0071 1388 aliide - ok
19:28:25.0117 1388 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:28:25.0117 1388 amdagp - ok
19:28:25.0164 1388 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
19:28:25.0180 1388 amdide - ok
19:28:25.0242 1388 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:28:25.0242 1388 AmdK7 - ok
19:28:25.0289 1388 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
19:28:25.0289 1388 AmdK8 - ok
19:28:25.0398 1388 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:28:25.0398 1388 arc - ok
19:28:25.0461 1388 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:28:25.0461 1388 arcsas - ok
19:28:25.0523 1388 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys
19:28:25.0539 1388 aswFsBlk - ok
19:28:25.0585 1388 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys
19:28:25.0601 1388 aswMonFlt - ok
19:28:25.0632 1388 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys
19:28:25.0632 1388 aswRdr - ok
19:28:25.0679 1388 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys
19:28:25.0695 1388 aswSnx - ok
19:28:25.0757 1388 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys
19:28:25.0773 1388 aswSP - ok
19:28:25.0804 1388 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys
19:28:25.0804 1388 aswTdi - ok
19:28:25.0851 1388 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:28:25.0851 1388 AsyncMac - ok
19:28:25.0897 1388 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
19:28:25.0897 1388 atapi - ok
19:28:25.0975 1388 athrusb (d89391d3eb1dd7f0b857f3255a2dac7e) C:\Windows\system32\DRIVERS\athrusb.sys
19:28:25.0991 1388 athrusb - ok
19:28:26.0069 1388 athrusb6 (be701d39fb0543083ddf74227638bcf3) C:\Windows\system32\DRIVERS\athru6.sys
19:28:26.0100 1388 athrusb6 - ok
19:28:26.0225 1388 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:28:26.0225 1388 Beep - ok
19:28:26.0256 1388 blbdrive - ok
19:28:26.0319 1388 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
19:28:26.0334 1388 bowser - ok
19:28:26.0381 1388 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:28:26.0381 1388 BrFiltLo - ok
19:28:26.0412 1388 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:28:26.0412 1388 BrFiltUp - ok
19:28:26.0443 1388 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:28:26.0443 1388 Brserid - ok
19:28:26.0475 1388 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:28:26.0490 1388 BrSerWdm - ok
19:28:26.0521 1388 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:28:26.0521 1388 BrUsbMdm - ok
19:28:26.0553 1388 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:28:26.0553 1388 BrUsbSer - ok
19:28:26.0599 1388 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:28:26.0599 1388 BTHMODEM - ok
19:28:26.0693 1388 catchme - ok
19:28:26.0755 1388 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:28:26.0755 1388 cdfs - ok
19:28:26.0833 1388 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
19:28:26.0833 1388 cdrom - ok
19:28:26.0896 1388 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:28:26.0896 1388 circlass - ok
19:28:26.0943 1388 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
19:28:26.0958 1388 CLFS - ok
19:28:27.0021 1388 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:28:27.0021 1388 CmBatt - ok
19:28:27.0067 1388 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
19:28:27.0067 1388 cmdide - ok
19:28:27.0114 1388 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:28:27.0114 1388 Compbatt - ok
19:28:27.0145 1388 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:28:27.0145 1388 crcdisk - ok
19:28:27.0177 1388 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:28:27.0177 1388 Crusoe - ok
19:28:27.0255 1388 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
19:28:27.0255 1388 DfsC - ok
19:28:27.0333 1388 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
19:28:27.0348 1388 disk - ok
19:28:27.0411 1388 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
19:28:27.0426 1388 dot4 - ok
19:28:27.0473 1388 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:28:27.0473 1388 Dot4Print - ok
19:28:27.0504 1388 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
19:28:27.0504 1388 dot4usb - ok
19:28:27.0567 1388 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:28:27.0567 1388 drmkaud - ok
19:28:27.0645 1388 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
19:28:27.0660 1388 DXGKrnl - ok
19:28:27.0738 1388 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:28:27.0738 1388 E1G60 - ok
19:28:27.0816 1388 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
19:28:27.0816 1388 Ecache - ok
19:28:27.0894 1388 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:28:27.0910 1388 elxstor - ok
19:28:28.0019 1388 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
19:28:28.0019 1388 exfat - ok
19:28:28.0066 1388 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
19:28:28.0081 1388 fastfat - ok
19:28:28.0113 1388 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:28:28.0113 1388 fdc - ok
19:28:28.0191 1388 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
19:28:28.0206 1388 FETNDIS - ok
19:28:28.0237 1388 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:28:28.0253 1388 FileInfo - ok
19:28:28.0300 1388 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:28:28.0300 1388 Filetrace - ok
19:28:28.0362 1388 flash (af9c417c8f6c8bf4411cb601df318c07) C:\Windows\system32\drivers\flash.sys
19:28:28.0362 1388 flash - ok
19:28:28.0393 1388 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:28:28.0393 1388 flpydisk - ok
19:28:28.0440 1388 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
19:28:28.0440 1388 FltMgr - ok
19:28:28.0471 1388 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:28:28.0471 1388 Fs_Rec - ok
19:28:28.0518 1388 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:28:28.0518 1388 gagp30kx - ok
19:28:28.0565 1388 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:28:28.0565 1388 GEARAspiWDM - ok
19:28:28.0659 1388 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:28:28.0659 1388 HdAudAddService - ok
19:28:28.0737 1388 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:28:28.0737 1388 HDAudBus - ok
19:28:28.0768 1388 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:28:28.0768 1388 HidBth - ok
19:28:28.0799 1388 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:28:28.0799 1388 HidIr - ok
19:28:28.0861 1388 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
19:28:28.0861 1388 HidUsb - ok
19:28:28.0924 1388 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\Windows\system32\drivers\Hotkey.sys
19:28:28.0924 1388 Hotkey - ok
19:28:28.0971 1388 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:28:28.0971 1388 HpCISSs - ok
19:28:29.0033 1388 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
19:28:29.0049 1388 HTTP - ok
19:28:29.0064 1388 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:28:29.0064 1388 i2omp - ok
19:28:29.0158 1388 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:28:29.0158 1388 i8042prt - ok
19:28:29.0205 1388 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:28:29.0205 1388 iaStorV - ok
19:28:29.0251 1388 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:28:29.0251 1388 iirsp - ok
19:28:29.0423 1388 IntcAzAudAddService (aef2fa29204056b81bc4cbf30260dee1) C:\Windows\system32\drivers\RTKVHDA.sys
19:28:29.0454 1388 IntcAzAudAddService - ok
19:28:29.0517 1388 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
19:28:29.0517 1388 intelide - ok
19:28:29.0548 1388 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:28:29.0548 1388 intelppm - ok
19:28:29.0626 1388 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:28:29.0626 1388 IpFilterDriver - ok
19:28:29.0657 1388 IpInIp - ok
19:28:29.0688 1388 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:28:29.0688 1388 IPMIDRV - ok
19:28:29.0751 1388 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:28:29.0751 1388 IPNAT - ok
19:28:29.0829 1388 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:28:29.0829 1388 IRENUM - ok
19:28:29.0860 1388 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:28:29.0860 1388 isapnp - ok
19:28:29.0938 1388 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
19:28:29.0938 1388 iScsiPrt - ok
19:28:29.0969 1388 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:28:29.0969 1388 iteatapi - ok
19:28:30.0000 1388 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:28:30.0000 1388 iteraid - ok
19:28:30.0047 1388 Iviaspi (5dce7eed60bae992bab7f5ff1ce60641) C:\Windows\system32\drivers\iviaspi.sys
19:28:30.0047 1388 Iviaspi - ok
19:28:30.0109 1388 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:28:30.0109 1388 kbdclass - ok
19:28:30.0141 1388 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
19:28:30.0141 1388 kbdhid - ok
19:28:30.0203 1388 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
19:28:30.0219 1388 KSecDD - ok
19:28:30.0281 1388 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:28:30.0281 1388 lltdio - ok
19:28:30.0343 1388 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:28:30.0343 1388 LSI_FC - ok
19:28:30.0390 1388 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:28:30.0390 1388 LSI_SAS - ok
19:28:30.0437 1388 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:28:30.0437 1388 LSI_SCSI - ok
19:28:30.0515 1388 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:28:30.0515 1388 luafv - ok
19:28:30.0531 1388 mailKmd - ok
19:28:30.0577 1388 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
19:28:30.0577 1388 MBAMProtector - ok
19:28:30.0624 1388 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:28:30.0624 1388 megasas - ok
19:28:30.0671 1388 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:28:30.0671 1388 Modem - ok
19:28:30.0749 1388 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:28:30.0749 1388 monitor - ok
19:28:30.0780 1388 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:28:30.0780 1388 mouclass - ok
19:28:30.0811 1388 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:28:30.0811 1388 mouhid - ok
19:28:30.0858 1388 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:28:30.0874 1388 MountMgr - ok
19:28:30.0905 1388 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:28:30.0905 1388 mpio - ok
19:28:30.0967 1388 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:28:30.0967 1388 mpsdrv - ok
19:28:30.0999 1388 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:28:30.0999 1388 Mraid35x - ok
19:28:31.0030 1388 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
19:28:31.0045 1388 MRxDAV - ok
19:28:31.0092 1388 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:28:31.0092 1388 mrxsmb - ok
19:28:31.0155 1388 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:28:31.0170 1388 mrxsmb10 - ok
19:28:31.0233 1388 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:28:31.0233 1388 mrxsmb20 - ok
19:28:31.0279 1388 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
19:28:31.0279 1388 msahci - ok
19:28:31.0373 1388 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:28:31.0373 1388 msdsm - ok
19:28:31.0435 1388 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:28:31.0435 1388 Msfs - ok
19:28:31.0513 1388 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:28:31.0513 1388 msisadrv - ok
19:28:31.0591 1388 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:28:31.0591 1388 MSKSSRV - ok
19:28:31.0638 1388 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:28:31.0638 1388 MSPCLOCK - ok
19:28:31.0701 1388 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:28:31.0701 1388 MSPQM - ok
19:28:31.0779 1388 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
19:28:31.0779 1388 MsRPC - ok
19:28:31.0810 1388 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:28:31.0810 1388 mssmbios - ok
19:28:31.0841 1388 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:28:31.0841 1388 MSTEE - ok
19:28:31.0888 1388 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
19:28:31.0888 1388 Mup - ok
19:28:31.0966 1388 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
19:28:31.0966 1388 NativeWifiP - ok
19:28:32.0059 1388 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
19:28:32.0059 1388 NDIS - ok
19:28:32.0106 1388 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:28:32.0122 1388 NdisTapi - ok
19:28:32.0169 1388 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:28:32.0169 1388 Ndisuio - ok
19:28:32.0215 1388 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
19:28:32.0215 1388 NdisWan - ok
19:28:32.0278 1388 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:28:32.0278 1388 NDProxy - ok
19:28:32.0356 1388 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:28:32.0371 1388 NetBIOS - ok
19:28:32.0418 1388 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
19:28:32.0418 1388 netbt - ok
19:28:32.0496 1388 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:28:32.0496 1388 nfrd960 - ok
19:28:32.0559 1388 nhcDriverDevice (37260a293b6a89373ae76791e6cc5a12) C:\Windows\system32\drivers\nhcDriver.sys
19:28:32.0559 1388 nhcDriverDevice - ok
19:28:32.0605 1388 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
19:28:32.0621 1388 Npfs - ok
19:28:32.0683 1388 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:28:32.0683 1388 nsiproxy - ok
19:28:32.0761 1388 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
19:28:32.0808 1388 Ntfs - ok
19:28:32.0839 1388 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:28:32.0839 1388 ntrigdigi - ok
19:28:32.0871 1388 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:28:32.0871 1388 Null - ok
19:28:32.0964 1388 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
19:28:32.0980 1388 NVENETFD - ok
19:28:33.0214 1388 nvlddmkm (e70d10238e1c7463728d56920d1eb186) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:28:33.0307 1388 nvlddmkm - ok
19:28:33.0370 1388 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:28:33.0370 1388 nvraid - ok
19:28:33.0432 1388 nvsmu (adfdd343b1d3a9e061f17c730f1e83dc) C:\Windows\system32\DRIVERS\nvsmu.sys
19:28:33.0432 1388 nvsmu - ok
19:28:33.0479 1388 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:28:33.0479 1388 nvstor - ok
19:28:33.0541 1388 nvstor32 (a1ce1a6fd74c046f029448fcfa5e386d) C:\Windows\system32\DRIVERS\nvstor32.sys
19:28:33.0541 1388 nvstor32 - ok
19:28:33.0573 1388 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:28:33.0588 1388 nv_agp - ok
19:28:33.0604 1388 NwlnkFlt - ok
19:28:33.0619 1388 NwlnkFwd - ok
19:28:33.0697 1388 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
19:28:33.0697 1388 ohci1394 - ok
19:28:33.0760 1388 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
19:28:33.0760 1388 Parport - ok
19:28:33.0791 1388 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
19:28:33.0791 1388 partmgr - ok
19:28:33.0822 1388 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
19:28:33.0838 1388 Parvdm - ok
19:28:33.0885 1388 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
19:28:33.0885 1388 pci - ok
19:28:33.0947 1388 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:28:33.0963 1388 pciide - ok
19:28:33.0994 1388 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:28:34.0009 1388 pcmcia - ok
19:28:34.0072 1388 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:28:34.0103 1388 PEAUTH - ok
19:28:34.0197 1388 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:28:34.0212 1388 PptpMiniport - ok
19:28:34.0243 1388 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:28:34.0243 1388 Processor - ok
19:28:34.0337 1388 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
19:28:34.0337 1388 PSched - ok
19:28:34.0384 1388 PSMounter (cb1b0d6e0392165c61a34a762b7b91b5) C:\Windows\system32\drivers\psmounter.sys
19:28:34.0384 1388 PSMounter - ok
19:28:34.0446 1388 pssnap (599dac0114eaf8edaf88b44d0c6183f6) C:\Windows\system32\DRIVERS\pssnap.sys
19:28:34.0446 1388 pssnap - ok
19:28:34.0524 1388 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:28:34.0540 1388 ql2300 - ok
19:28:34.0587 1388 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:28:34.0587 1388 ql40xx - ok
19:28:34.0665 1388 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:28:34.0665 1388 QWAVEdrv - ok
19:28:34.0836 1388 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
19:28:34.0914 1388 R300 - ok
19:28:34.0961 1388 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:28:34.0977 1388 RasAcd - ok
19:28:35.0023 1388 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:28:35.0023 1388 Rasl2tp - ok
19:28:35.0086 1388 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
19:28:35.0086 1388 RasPppoe - ok
19:28:35.0117 1388 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
19:28:35.0117 1388 RasSstp - ok
19:28:35.0179 1388 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
19:28:35.0195 1388 rdbss - ok
19:28:35.0242 1388 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:28:35.0242 1388 RDPCDD - ok
19:28:35.0304 1388 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:28:35.0304 1388 rdpdr - ok
19:28:35.0320 1388 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:28:35.0335 1388 RDPENCDD - ok
19:28:35.0398 1388 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
19:28:35.0398 1388 RDPWD - ok
19:28:35.0476 1388 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:28:35.0476 1388 rimmptsk - ok
19:28:35.0507 1388 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:28:35.0507 1388 rimsptsk - ok
19:28:35.0538 1388 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
19:28:35.0538 1388 rismxdp - ok
19:28:35.0585 1388 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:28:35.0601 1388 rspndr - ok
19:28:35.0647 1388 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:28:35.0647 1388 sbp2port - ok
19:28:35.0741 1388 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
19:28:35.0741 1388 sdbus - ok
19:28:35.0772 1388 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:28:35.0772 1388 secdrv - ok
19:28:35.0819 1388 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
19:28:35.0835 1388 Serenum - ok
19:28:35.0866 1388 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
19:28:35.0866 1388 Serial - ok
19:28:35.0913 1388 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:28:35.0913 1388 sermouse - ok
19:28:35.0975 1388 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
19:28:35.0991 1388 sffdisk - ok
19:28:36.0006 1388 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
19:28:36.0022 1388 sffp_mmc - ok
19:28:36.0037 1388 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:28:36.0037 1388 sffp_sd - ok
19:28:36.0084 1388 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
19:28:36.0084 1388 sfloppy - ok
19:28:36.0131 1388 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:28:36.0131 1388 SiSRaid2 - ok
19:28:36.0178 1388 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:28:36.0178 1388 SiSRaid4 - ok
19:28:36.0240 1388 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
19:28:36.0240 1388 Smb - ok
19:28:36.0334 1388 smserial (d9bfd2298f5cf116d8eaae3b02dcee2e) C:\Windows\system32\DRIVERS\smserial.sys
19:28:36.0334 1388 smserial - ok
19:28:36.0459 1388 SNP2UVC (53d1e2ecbf26b313ffdd2b8ba3d2f66e) C:\Windows\system32\DRIVERS\snp2uvc.sys
19:28:36.0505 1388 SNP2UVC - ok
19:28:36.0568 1388 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:28:36.0568 1388 spldr - ok
19:28:36.0646 1388 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
19:28:36.0661 1388 srv - ok
19:28:36.0708 1388 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
19:28:36.0708 1388 srv2 - ok
19:28:36.0786 1388 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
19:28:36.0786 1388 srvnet - ok
19:28:36.0849 1388 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
19:28:36.0849 1388 StillCam - ok
19:28:36.0927 1388 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:28:36.0927 1388 swenum - ok
19:28:36.0973 1388 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:28:36.0973 1388 Symc8xx - ok
19:28:37.0005 1388 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:28:37.0005 1388 Sym_hi - ok
19:28:37.0036 1388 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:28:37.0036 1388 Sym_u3 - ok
19:28:37.0083 1388 SynTP (3196c5df63d5e86fc0041ae0c816b80f) C:\Windows\system32\DRIVERS\SynTP.sys
19:28:37.0098 1388 SynTP - ok
19:28:37.0192 1388 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
19:28:37.0207 1388 Tcpip - ok
19:28:37.0254 1388 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
19:28:37.0270 1388 Tcpip6 - ok
19:28:37.0317 1388 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
19:28:37.0332 1388 tcpipreg - ok
19:28:37.0395 1388 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:28:37.0395 1388 TDPIPE - ok
19:28:37.0426 1388 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:28:37.0426 1388 TDTCP - ok
19:28:37.0473 1388 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
19:28:37.0488 1388 tdx - ok
19:28:37.0535 1388 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
19:28:37.0551 1388 TermDD - ok
19:28:37.0629 1388 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:28:37.0629 1388 tssecsrv - ok
19:28:37.0691 1388 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:28:37.0691 1388 tunmp - ok
19:28:37.0722 1388 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
19:28:37.0722 1388 tunnel - ok
19:28:37.0769 1388 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
19:28:37.0769 1388 uagp35 - ok
19:28:37.0816 1388 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
19:28:37.0831 1388 udfs - ok
19:28:37.0909 1388 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:28:37.0909 1388 uliagpkx - ok
19:28:37.0941 1388 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:28:37.0956 1388 uliahci - ok
19:28:37.0987 1388 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:28:38.0003 1388 UlSata - ok
19:28:38.0050 1388 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:28:38.0050 1388 ulsata2 - ok
19:28:38.0097 1388 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:28:38.0112 1388 umbus - ok
19:28:38.0175 1388 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
19:28:38.0175 1388 USBAAPL - ok
19:28:38.0221 1388 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:28:38.0221 1388 usbccgp - ok
19:28:38.0268 1388 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:28:38.0268 1388 usbcir - ok
19:28:38.0346 1388 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
19:28:38.0346 1388 usbehci - ok
19:28:38.0440 1388 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
19:28:38.0455 1388 usbhub - ok
19:28:38.0502 1388 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
19:28:38.0502 1388 usbohci - ok
19:28:38.0565 1388 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:28:38.0565 1388 usbprint - ok
19:28:38.0627 1388 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:28:38.0643 1388 usbscan - ok
19:28:38.0689 1388 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:28:38.0689 1388 USBSTOR - ok
19:28:38.0736 1388 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
19:28:38.0736 1388 usbuhci - ok
19:28:38.0799 1388 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
19:28:38.0799 1388 usbvideo - ok
19:28:38.0845 1388 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:28:38.0845 1388 vga - ok
19:28:38.0892 1388 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:28:38.0892 1388 VgaSave - ok
19:28:38.0939 1388 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:28:38.0939 1388 viaagp - ok
19:28:38.0970 1388 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:28:38.0986 1388 ViaC7 - ok
19:28:39.0033 1388 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
19:28:39.0033 1388 viaide - ok
19:28:39.0079 1388 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:28:39.0095 1388 volmgr - ok
19:28:39.0157 1388 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
19:28:39.0173 1388 volmgrx - ok
19:28:39.0220 1388 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
19:28:39.0220 1388 volsnap - ok
19:28:39.0267 1388 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:28:39.0267 1388 vsmraid - ok
19:28:39.0329 1388 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:28:39.0329 1388 WacomPen - ok
19:28:39.0376 1388 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:28:39.0376 1388 Wanarp - ok
19:28:39.0391 1388 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:28:39.0391 1388 Wanarpv6 - ok
19:28:39.0438 1388 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:28:39.0438 1388 Wd - ok
19:28:39.0501 1388 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:28:39.0516 1388 Wdf01000 - ok
19:28:39.0641 1388 WinUSB (f03110711b17ad31271cb2baf0dbb2b1) C:\Windows\system32\DRIVERS\WinUSB.sys
19:28:39.0657 1388 WinUSB - ok
19:28:39.0703 1388 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:28:39.0703 1388 WmiAcpi - ok
19:28:39.0781 1388 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
19:28:39.0797 1388 WpdUsb - ok
19:28:39.0844 1388 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:28:39.0859 1388 ws2ifsl - ok
19:28:39.0922 1388 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:28:39.0922 1388 WUDFRd - ok
19:28:39.0984 1388 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:28:40.0000 1388 \Device\Harddisk0\DR0 - ok
19:28:40.0031 1388 Boot (0x1200) (3c1eb7a2fe215d8e79f9f0ccec919746) \Device\Harddisk0\DR0\Partition0
19:28:40.0031 1388 \Device\Harddisk0\DR0\Partition0 - ok
19:28:40.0031 1388 Boot (0x1200) (199f89aea0e344ff19daf609ef0136cd) \Device\Harddisk0\DR0\Partition1
19:28:40.0031 1388 \Device\Harddisk0\DR0\Partition1 - ok
19:28:40.0031 1388 ============================================================
19:28:40.0031 1388 Scan finished
19:28:40.0031 1388 ============================================================
19:28:40.0062 2820 Detected object count: 0
19:28:40.0062 2820 Actual detected object count: 0
19:29:34.0896 0420 Deinitialize success


ASWMbr: Fix button NOT enebled

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-14 19:30:59
-----------------------------
19:30:59.182 OS Version: Windows 6.0.6001 Service Pack 1
19:30:59.182 Number of processors: 2 586 0x6801
19:30:59.182 ComputerName: BUNTINGS-PC UserName: Buntings
19:31:00.898 Initialize success
19:31:01.678 AVAST engine defs: 11111401
19:32:14.639 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
19:32:14.639 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 6
19:32:16.714 Disk 0 MBR read successfully
19:32:16.714 Disk 0 MBR scan
19:32:16.761 Disk 0 Windows VISTA default MBR code
19:32:16.777 Disk 0 scanning sectors +312576705
19:32:16.886 Disk 0 scanning C:\Windows\system32\drivers
19:32:34.186 Service scanning
19:32:36.058 Modules scanning
19:32:42.142 Scan finished successfully
19:33:11.954 Disk 0 MBR has been saved successfully to "C:\Users\Buntings\Desktop\MBR.dat"
19:33:11.954 The log file has been saved successfully to "C:\Users\Buntings\Desktop\aswMBR.txt"


OTL:

OTL logfile created on: 11/14/2011 8:01:02 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Buntings\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.93% Memory free
3.98 Gb Paging File | 2.76 Gb Available in Paging File | 69.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 125.71 Gb Total Space | 38.11 Gb Free Space | 30.31% Space Free | Partition Type: NTFS
Drive D: | 23.32 Gb Total Space | 16.40 Gb Free Space | 70.31% Space Free | Partition Type: FAT32

Computer Name: BUNTINGS-PC | User Name: Buntings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/12 14:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
PRC - [2011/09/29 01:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 16:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe
PRC - [2011/04/20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe
PRC - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
PRC - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
PRC - [2010/06/17 03:59:28 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
PRC - [2010/06/10 13:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2008/11/10 12:23:40 | 000,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2007/09/10 21:26:38 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007/09/10 21:26:38 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007/02/15 13:52:16 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynMedion.exe
PRC - [2007/02/15 10:07:16 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/22 12:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006/11/02 07:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/19 18:45:07 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/29 01:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/22 10:37:51 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011/07/22 10:31:48 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011/07/22 10:29:17 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/03/15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007/08/08 19:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006/11/22 12:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006/11/22 12:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
MOD - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe -- (tgsrvc_ncnetworksdm) SupportSoft Repair Service (ncnetworksdm)
SRV - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe -- (sprtsvc_ncnetworksdm) SupportSoft Sprocket Service (ncnetworksdm)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2008/11/10 12:23:50 | 005,117,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/11/10 12:23:42 | 000,243,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/08/07 19:23:28 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2008/07/08 12:39:28 | 000,031,712 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psmounter.sys -- (PSMounter)
DRV - [2008/05/20 08:32:40 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2008/01/19 00:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2007/07/05 04:57:54 | 000,873,472 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athru6.sys -- (athrusb6)
DRV - [2007/07/03 02:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/05/03 20:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/03/27 17:46:40 | 000,008,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flash.sys -- (flash)
DRV - [2007/02/07 20:35:10 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/01/13 03:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/01/08 21:34:04 | 000,449,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/15 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/09/15 01:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2003/04/28 13:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: [email protected]:3.011.025.005
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVG\AVG8\Toolbar\Firefox\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/13 17:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/18 19:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/18 19:24:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/19 20:35:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter

[2010/04/26 06:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Extensions
[2011/11/13 17:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\extensions
[2011/10/18 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/13 17:21:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/11/14 19:20:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NCNETWORKSDM] C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Buntings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Diane and Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{269C98C8-5A53-483A-9110-E60F1092E133}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CF0EAC-4D0B-4854-A45D-503F9F03CB3C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/14 19:56:40 | 004,307,416 | ---- | C] (Piriform Ltd) -- C:\Users\Buntings\Desktop\spsetup113.exe
[2011/11/14 19:54:58 | 004,845,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Buntings\Desktop\procexp.exe
[2011/11/14 19:51:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/14 19:24:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/14 19:24:27 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Local\temp
[2011/11/14 19:00:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/14 19:00:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/14 19:00:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/14 18:59:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/14 18:59:49 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/11/14 18:59:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/13 22:58:48 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\Malwarebytes
[2011/11/13 22:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/13 22:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/13 22:58:36 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/11/13 22:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/13 22:56:21 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Buntings\Desktop\aswMBR.exe
[2011/11/13 22:55:57 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Buntings\Desktop\tdsskiller.exe
[2011/11/13 22:55:28 | 004,292,963 | R--- | C] (Swearware) -- C:\Users\Buntings\Desktop\ComboFix.exe
[2011/11/13 22:53:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Buntings\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/13 22:45:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/13 22:40:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
[2011/11/13 17:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/11/13 17:23:24 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/11/13 17:23:23 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/11/13 17:23:19 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/11/13 17:23:17 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/11/13 17:23:16 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/11/13 17:23:14 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/11/13 17:21:34 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/13 17:21:32 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/11/13 17:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/11/13 17:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/13 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\ControlCenter4
[2011/11/11 15:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011/11/11 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2011/11/11 15:48:52 | 000,000,000 | ---D | C] -- C:\Brother
[2011/11/11 15:48:48 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\System32\BRCrypt.dll
[2011/11/11 15:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02
[2011/11/11 15:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2011/11/11 15:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\ControlCenter4
[2011/11/11 15:46:52 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\System32\BrMfNt.dll
[2011/11/11 15:46:49 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrfxD05c.dll
[2011/11/11 15:46:42 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrMuSNMP.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\BrWiaNCp.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrNetSti.dll
[2011/11/11 15:46:42 | 000,051,200 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\System32\Brnsplg.dll
[2011/11/11 15:46:36 | 001,475,072 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrWi209d.dll
[2011/11/11 15:46:36 | 000,217,088 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrJDec.dll
[2011/11/11 15:45:15 | 000,217,088 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011/11/11 15:45:15 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011/11/11 15:45:14 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011/11/11 15:45:14 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011/11/11 15:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011/11/11 15:43:34 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\InstallShield
[2011/11/09 22:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2007/08/13 09:24:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2011/11/14 20:10:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5E6EAA57-BFDD-4667-81A9-193F34933CC1}.job
[2011/11/14 19:58:43 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 19:58:42 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 19:56:49 | 004,307,416 | ---- | M] (Piriform Ltd) -- C:\Users\Buntings\Desktop\spsetup113.exe
[2011/11/14 19:55:18 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7FB78F2C-93B6-4536-BCC9-82B6D778C10C}.job
[2011/11/14 19:55:13 | 004,845,856 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Buntings\Desktop\procexp.exe
[2011/11/14 19:52:47 | 000,013,166 | ---- | M] () -- C:\Users\Buntings\AppData\Roaming\nvModes.001
[2011/11/14 19:52:06 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 19:52:06 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 19:52:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 19:33:11 | 000,000,512 | ---- | M] () -- C:\Users\Buntings\Desktop\MBR.dat
[2011/11/14 19:20:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/11/14 19:18:15 | 000,013,166 | ---- | M] () -- C:\Users\Buntings\AppData\Roaming\nvModes.dat
[2011/11/13 22:58:40 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 22:56:27 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Buntings\Desktop\aswMBR.exe
[2011/11/13 22:56:00 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Buntings\Desktop\tdsskiller.exe
[2011/11/13 22:55:37 | 004,292,963 | R--- | M] (Swearware) -- C:\Users\Buntings\Desktop\ComboFix.exe
[2011/11/13 22:54:20 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Buntings\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/13 17:23:26 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/13 17:23:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/11/12 14:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
[2011/11/11 15:52:54 | 000,000,247 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | M] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:48:54 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini
[2011/10/19 18:45:07 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/10/18 19:24:27 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011/11/14 19:33:11 | 000,000,512 | ---- | C] () -- C:\Users\Buntings\Desktop\MBR.dat
[2011/11/14 19:00:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/14 19:00:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/14 19:00:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/14 19:00:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/14 19:00:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/13 22:58:40 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 17:23:26 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/11 15:52:54 | 000,000,247 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:46:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011/11/11 15:46:49 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/10/18 19:24:27 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/18 19:24:26 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/17 02:11:34 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/12 22:03:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/12 22:03:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2007/12/28 23:09:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/11/15 19:34:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2007/11/06 16:53:14 | 000,000,456 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\wklnhst.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.001
[2007/10/28 11:25:43 | 000,007,680 | ---- | C] () -- C:\Users\Buntings\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/14 11:04:24 | 000,008,064 | ---- | C] () -- C:\Windows\System32\drivers\flash.sys
[2007/08/13 11:25:08 | 000,087,312 | ---- | C] () -- C:\Windows\mws.exe
[2007/08/13 10:30:45 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007/08/13 09:32:08 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/08/13 09:24:35 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/13 08:51:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/08/13 08:51:09 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2006/12/11 13:24:21 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,436,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/01/17 02:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2004/08/09 02:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[1999/10/26 11:00:00 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT

< End of report >

OTL Extras:

OTL Extras logfile created on: 11/14/2011 8:01:02 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Buntings\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 44.93% Memory free
3.98 Gb Paging File | 2.76 Gb Available in Paging File | 69.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 125.71 Gb Total Space | 38.11 Gb Free Space | 30.31% Space Free | Partition Type: NTFS
Drive D: | 23.32 Gb Total Space | 16.40 Gb Free Space | 70.31% Space Free | Partition Type: FAT32

Computer Name: BUNTINGS-PC | User Name: Buntings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB17E1E-F513-461B-BC22-A1BBAAAEF791}" = lport=2869 | protocol=6 | dir=in | app=system |
"{352668C5-B94F-48E9-AECD-4C602AC1DEC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CA68763-7AA9-42A1-A2F2-B62E02AE869B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5386AB1B-3D4B-437B-A132-3873F919F184}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5CA91DA3-B13C-4EB8-8160-B54F40F4E54A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{B46DE099-40C9-42E2-8AFB-2EEA9EA99D38}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E609CB50-EA3F-440C-84BE-4CAEBAE02B63}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E703148-094E-48D1-A8F4-5A52DDDD78F3}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{41068137-0C62-47D2-8422-66E0DC4D3F69}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4222EDBA-8B1B-4F5A-83F8-7E9736C703A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{586734ED-1863-4EDB-86E1-8DE719C26BB6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6363BF71-EF02-4064-BF1B-500C9D96024D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{800AEA1B-F761-4667-ACCC-6D1B42027F65}" = protocol=6 | dir=out | app=system |
"{8A979B2F-5B63-4736-8D0C-225414E218CF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{91BA79F2-1BFC-4D1F-87C5-CB84DCC2AED8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{941A8B81-A22E-43D2-A384-C6A316A8DB57}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A37F6F8D-B1D5-4081-8B82-82541133C220}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{C22FBC1E-1D9E-4028-B6D3-C7FFE095DF3D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CC2E557D-913B-4B36-9231-D360770473BE}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{D021A16E-159C-4D27-82DE-1B1E6309634D}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{D5B8696F-676E-4DE9-95AB-F7889E8D0AAA}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{DB057F0E-A2B1-4F3F-9C01-30F78412A1EC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{024A1111-42D5-446A-8ED5-F533EB14CD47}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{1F9EC1DA-B5D7-46B3-941E-15B7D60D7F81}C:\program files\games\3d-battleship4\3d-battleship4.exe" = protocol=6 | dir=in | app=c:\program files\games\3d-battleship4\3d-battleship4.exe |
"TCP Query User{4E57F849-D1CA-465C-8430-0A3725F86703}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{93DA955B-8E45-49B5-A952-0E2B8511CA9A}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{A532B8E9-82C4-4E43-9943-CF2317877609}C:\program files\pocket tanks\pockettanks.exe" = protocol=6 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |
"TCP Query User{BFE19EAE-BD6D-43B2-AFE9-8392A1EA68C9}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=6 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"TCP Query User{CC87F737-1AC0-4664-B75B-B70B62FEBBC0}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{0FE3BDEC-64FE-4665-8348-9E1B6DF9DD6C}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{1E624FFE-6C55-48B0-8B91-7DE418301096}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{59B2578C-AA85-4C56-B524-FCB98015EF22}C:\program files\games\3d-battleship4\3d-battleship4.exe" = protocol=17 | dir=in | app=c:\program files\games\3d-battleship4\3d-battleship4.exe |
"UDP Query User{88636CEA-FB09-4F92-AE16-371B8AD4FC01}C:\program files\common files\ahead\nero web\setupx.exe" = protocol=17 | dir=in | app=c:\program files\common files\ahead\nero web\setupx.exe |
"UDP Query User{910D0CB6-BCBE-4BA1-9701-F54CAEE1517A}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{C28C0AF8-7221-459B-944F-E86E510DB354}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EF2A9C1E-F2A4-400D-B2F5-C7CF78297671}C:\program files\pocket tanks\pockettanks.exe" = protocol=17 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{01C76294-8CF2-4A76-AD7B-9958F8FF44E2}" = OpenOffice.org 2.3
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1EDFA38A-2FEB-4E62-82C9-DA415C0EEF33}" = IEEE 802.11g Wireless LAN driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FA1102F-DE05-4E79-8CED-E5BAABFC2FEF}" = Starshine Episode 2
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34F0D55F-C386-4195-9A5B-961D3F6ACD46}" = InterVideo MediaOne Gallery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Suyin Live Camera
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite MFC-7460DN
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63B75E16-F290-4FCD-AF67-A9134CD01033}" = Nero 7 Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{704C2901-0E9C-4E4B-862B-2001DACA314B}" = Spinco Download Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{931ECD9B-B64B-4D09-B97E-052E0783D2A7}" = Macrium Reflect - Free Edition
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A7123032-A8DA-48AC-9F5D-0A3B14698375}" = Starshine Episode 3
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = SUYIN webcam
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4ECF493-29C4-4CB7-903E-90C28F3D0C00}" = Starshine Episode 4
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = NEF Codec
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.0
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Verizon High Speed Internet_is1" = Verizon High Speed Internet
"VLC media player" = VideoLAN VLC media player 0.8.6i
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zune" = Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/17/2009 5:56:59 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application SJ2.exe, version 8.5.1.102, time stamp 0x3c3c17bf,
faulting module IML32.dll, version 8.5.1.102, time stamp 0x3c3c1247, exception
code 0xc0000005, fault offset 0x0006dd3e, process id 0x3a8, application start time
0x01c9ef964809beb5.

Error - 6/18/2009 9:45:45 AM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xc80, application start time
0x01c9f01b13bef5b9.

Error - 6/25/2009 11:22:09 PM | Computer Name = Buntings-PC | Source = VSS | ID = 8194
Description =

Error - 6/25/2009 11:28:24 PM | Computer Name = Buntings-PC | Source = VSS | ID = 8194
Description =

Error - 7/1/2009 1:14:38 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xd64, application start time
0x01c9fa6f69584051.

Error - 7/4/2009 3:18:04 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0xf30, application start time
0x01c9fcdc2782828d.

Error - 7/7/2009 4:59:40 PM | Computer Name = Buntings-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/7/2009 8:31:44 PM | Computer Name = Buntings-PC | Source = Application Error | ID = 1000
Description = Faulting application E_FBIN9FA.EXE, version 4.2.0.0, time stamp 0x40458740,
faulting module ADVAPI32.dll, version 6.0.6000.16386, time stamp 0x4549bcd2, exception
code 0xc0000005, fault offset 0x000183c6, process id 0x1364, application start time
0x01c9ff6377bd8865.

Error - 7/7/2009 8:34:02 PM | Computer Name = Buntings-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/8/2009 3:38:05 PM | Computer Name = Buntings-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 11/14/2011 6:33:40 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 11/14/2011 7:55:43 PM | Computer Name = Buntings-PC | Source = HTTP | ID = 15016
Description =

Error - 11/14/2011 7:57:08 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/14/2011 7:57:08 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 11/14/2011 8:05:21 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/14/2011 8:14:04 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/14/2011 8:20:43 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 11/14/2011 8:52:09 PM | Computer Name = Buntings-PC | Source = HTTP | ID = 15016
Description =

Error - 11/14/2011 8:53:35 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/14/2011 8:53:35 PM | Computer Name = Buntings-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

Process Expl:

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 87.05 0 K 24 K
procexp.exe 5500 6.86 18,896 K 32,436 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 3132 3.81 59,728 K 30,996 K Desktop Window Manager Microsoft Corporation
Interrupts n/a 1.52 0 K 0 K Hardware Interrupts and DPCs
explorer.exe 3192 0.76 31,348 K 42,628 K Windows Explorer Microsoft Corporation
SynTPEnh.exe 3700 < 0.01 2,428 K 5,516 K Synaptics TouchPad Enhancements Synaptics, Inc.
System 4 < 0.01 0 K 22,228 K
csrss.exe 700 < 0.01 1,932 K 7,284 K Client Server Runtime Process Microsoft Corporation
taskeng.exe 3168 < 0.01 9,600 K 8,788 K Task Scheduler Engine Microsoft Corporation
svchost.exe 2412 < 0.01 7,340 K 7,732 K Host Process for Windows Services Microsoft Corporation
wmpnetwk.exe 2056 < 0.01 6,356 K 10,652 K Windows Media Player Network Sharing Service Microsoft Corporation
csrss.exe 636 < 0.01 1,688 K 4,764 K Client Server Runtime Process Microsoft Corporation
AvastUI.exe 2300 < 0.01 5,700 K 3,092 K avast! Antivirus AVAST Software
svchost.exe 1540 < 0.01 17,124 K 14,416 K Host Process for Windows Services Microsoft Corporation
AvastSvc.exe 1648 < 0.01 24,264 K 27,324 K avast! Service AVAST Software
iPodService.exe 3060 < 0.01 3,116 K 4,952 K iPodService Module (32-bit) Apple Inc.
soffice.bin 2892 < 0.01 8,180 K 17,780 K OpenOffice.org 2.3 OpenOffice.org
svchost.exe 1156 < 0.01 17,484 K 13,420 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1020 < 0.01 4,068 K 6,260 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1244 < 0.01 61,488 K 66,004 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2644 < 0.01 40,360 K 12,304 K Microsoft Windows Search Indexer Microsoft Corporation
svchost.exe 1208 < 0.01 67,416 K 69,064 K Host Process for Windows Services Microsoft Corporation
AppleMobileDeviceService.exe 2060 < 0.01 3,628 K 5,608 K MobileDeviceService Apple Inc.
iTunesHelper.exe 1356 < 0.01 7,272 K 7,864 K iTunesHelper Apple Inc.
spoolsv.exe 312 < 0.01 7,916 K 10,092 K Spooler SubSystem App Microsoft Corporation
ZuneLauncher.exe 3984 1,648 K 3,380 K Zune Auto-Launcher Microsoft Corporation
wuauclt.exe 5528 2,884 K 5,872 K Windows Update Microsoft Corporation
wpcumi.exe 3888 3,204 K 5,332 K Windows Parental Control Notifications Microsoft Corporation
wmpnscfg.exe 3412 1,972 K 5,520 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
WmiPrvSE.exe 5980 3,264 K 6,000 K WMI Provider Host Microsoft Corporation
WisLMSvc.exe 3816 2,788 K 4,420 K Wistron Corp.
winlogon.exe 788 2,272 K 4,808 K Windows Logon Application Microsoft Corporation
wininit.exe 688 1,692 K 3,720 K Windows Start-Up Application Microsoft Corporation
WButton.exe 3756 2,160 K 5,260 K WButton MFC Application
ULCDRSvr.exe 2596 664 K 1,796 K ULCDRSvr Ulead Systems, Inc.
tgsrvc.exe 2452 1,924 K 4,580 K SupportSoft Repair Service SupportSoft, Inc.
taskeng.exe 1692 2,096 K 5,792 K Task Scheduler Engine Microsoft Corporation
SynMedion.exe 3716 1,268 K 3,228 K Medion Custom PlugIn Application Synaptics, Inc.
svchost.exe 1056 75,872 K 28,608 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1400 8,068 K 11,852 K Host Process for Windows Services Microsoft Corporation
svchost.exe 948 3,312 K 5,732 K Host Process for Windows Services Microsoft Corporation
svchost.exe 380 24,160 K 21,400 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2316 2,776 K 5,348 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2620 1,244 K 3,560 K Host Process for Windows Services Microsoft Corporation
sprtsvc.exe 2392 4,540 K 1,592 K SupportSoft Agent Service SupportSoft, Inc.
sprtcmd.exe 728 13,764 K 1,888 K SupportSoft, Inc.
soffice.exe 2084 2,020 K 3,488 K OpenOffice.org 2.3 OpenOffice.org
smss.exe 560 292 K 704 K Windows Session Manager Microsoft Corporation
sm56hlpr.exe 3764 1,880 K 4,168 K Application executable file Motorola Inc.
SLsvc.exe 1368 5,632 K 6,364 K Microsoft Software Licensing Service Microsoft Corporation
services.exe 732 3,296 K 6,592 K Services and Controller app Microsoft Corporation
rundll32.exe 1596 2,908 K 3,688 K Windows host process (Rundll32) Microsoft Corporation
RtHDVCpl.exe 3488 8,600 K 5,520 K HD Audio Control Panel Realtek Semiconductor
ReflectService.exe 2328 1,592 K 4,196 K Reflect Service - Enables mounting of images
plugin-container.exe 2356 12,832 K 15,888 K Plugin Container for Firefox Mozilla Corporation
notepad.exe 5572 1,668 K 4,960 K Notepad Microsoft Corporation
mDNSResponder.exe 2096 2,200 K 4,748 K Bonjour Service Apple Inc.
mbamservice.exe 4448 107,280 K 41,728 K Malwarebytes' Anti-Malware Malwarebytes Corporation
mbamgui.exe 2504 2,624 K 5,272 K Malwarebytes' Anti-Malware Malwarebytes Corporation
LSSrvc.exe 2284 1,280 K 3,056 K Hewlett-Packard Company
lsm.exe 756 2,572 K 4,696 K Local Session Manager Service Microsoft Corporation
lsass.exe 748 3,664 K 7,424 K Local Security Authority Process Microsoft Corporation
LaunchAp.exe 3732 2,188 K 4,220 K LaunchAp MFC Application
iviRegMgr.exe 2264 1,144 K 3,372 K RegMgr Module InterVideo
firefox.exe 3376 89,816 K 106,032 K Firefox Mozilla Corporation
ehtray.exe 2628 1,704 K 1,476 K Media Center Tray Applet Microsoft Corporation
ehmsas.exe 2984 1,360 K 3,804 K Media Center Media Status Aggregator Service Microsoft Corporation
BrYNSvc.exe 2404 10,792 K 7,812 K BrYNCSvc Brother Industries, Ltd.
BrStMonW.exe 2312 2,984 K 6,832 K Brother Status Monitor Application Brother Industries, Ltd.
BrCtrlCntr.exe 2440 2,080 K 4,624 K ControlCenter Main Process Brother Industries, Ltd.
BrCcUxSys.exe 3452 1,896 K 4,384 K ControlCenter UX System Brother Industries, Ltd.
audiodg.exe 1336 15,812 K 12,848 K Windows Audio Device Graph Isolation Microsoft Corporation

Speccy:

Summary
Operating System
MS Windows Vista Home Premium 32-bit SP1
CPU
AMD Turion 64 Mobile TK-53 61 °C
Tyler 65nm Technology
RAM
2.00 GB Dual-Channel DDR2 @ 321MHz (5-5-5-15)
Motherboard
MEDION WAM2070 (U1) 64 °C
Graphics
Generic PnP Monitor ([email protected])
128MB GeForce Go 6150 (Wistron) 83 °C
Hard Drives
156GB Western Digital WDC WD16 00BEVS-22RST SCSI Disk Device (Fibre)
Optical Drives
HL-DT-ST DVDRAM GSA-T20N ATA Device
Audio
Realtek High Definition Audio
Operating System
MS Windows Vista Home Premium 32-bit SP1
Installation Date: 28 October 2007, 19:04
Serial Number:
Windows Security Center
User Account Control (UAC) Enabled
Notify level 3 - Always Notify
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Enabled
Company Name AVG Technologies
Display Name AVG Anti-Virus Free
Product Version 8.5
Environment Variables
USERPROFILE C:\Users\Buntings
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Buntings\AppData\Local\Temp
TMP C:\Users\Buntings\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path
C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Ulead Systems\MPEG
C:\Program Files\QuickTime\QTSystem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 15
PROCESSOR_IDENTIFIER x86 Family 15 Model 104 Stepping 1, AuthenticAMD
PROCESSOR_REVISION 6801
NUMBER_OF_PROCESSORS 2
asl.log Destination=file
CLASSPATH
.
C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
QTJAVA C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
TimeZone
TimeZone GMT -5 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Scheduler
Process List
applemobiledeviceservice.exe
Process ID 2060
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 5.48 MB
Peak Memory Usage 7.33 MB
audiodg.exe
Process ID 1336
avastsvc.exe
Process ID 1648
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 27 MB
Peak Memory Usage 103 MB
avastui.exe
Process ID 2300
User Buntings
Domain Buntings-PC
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 3.02 MB
Peak Memory Usage 8.18 MB
brccuxsys.exe
Process ID 3452
User Buntings
Domain Buntings-PC
Path C:\Program Files\ControlCenter4\BrCcUxSys.exe
Memory Usage 4.28 MB
Peak Memory Usage 5.90 MB
brctrlcntr.exe
Process ID 2440
User Buntings
Domain Buntings-PC
Path C:\Program Files\ControlCenter4\BrCtrlCntr.exe
Memory Usage 4.52 MB
Peak Memory Usage 6.11 MB
brstmonw.exe
Process ID 2312
User Buntings
Domain Buntings-PC
Path C:\Program Files\Browny02\Brother\BrStMonW.exe
Memory Usage 6.67 MB
Peak Memory Usage 8.23 MB
brynsvc.exe
Process ID 2404
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Browny02\BrYNSvc.exe
Memory Usage 7.70 MB
Peak Memory Usage 8.27 MB
csrss.exe
Process ID 636
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.66 MB
Peak Memory Usage 4.85 MB
csrss.exe
Process ID 700
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 7.21 MB
Peak Memory Usage 12 MB
dwm.exe
Process ID 3132
User Buntings
Domain Buntings-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 30 MB
Peak Memory Usage 44 MB
ehmsas.exe
Process ID 2984
User Buntings
Domain Buntings-PC
Path C:\Windows\ehome\ehmsas.exe
Memory Usage 3.71 MB
Peak Memory Usage 4.21 MB
ehtray.exe
Process ID 2628
User Buntings
Domain Buntings-PC
Path C:\Windows\ehome\ehtray.exe
Memory Usage 1.44 MB
Peak Memory Usage 5.53 MB
explorer.exe
Process ID 3192
User Buntings
Domain Buntings-PC
Path C:\Windows\Explorer.EXE
Memory Usage 42 MB
Peak Memory Usage 47 MB
firefox.exe
Process ID 3376
User Buntings
Domain Buntings-PC
Path C:\Program Files\Mozilla Firefox\firefox.exe
Memory Usage 103 MB
Peak Memory Usage 119 MB
ipodservice.exe
Process ID 3060
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 4.84 MB
Peak Memory Usage 5.54 MB
ituneshelper.exe
Process ID 1356
User Buntings
Domain Buntings-PC
Path C:\Program Files\iTunes\iTunesHelper.exe
Memory Usage 7.68 MB
Peak Memory Usage 12 MB
iviregmgr.exe
Process ID 2264
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
Memory Usage 3.29 MB
Peak Memory Usage 3.61 MB
launchap.exe
Process ID 3732
User Buntings
Domain Buntings-PC
Path C:\Program Files\Launch Manager\LaunchAp.exe
Memory Usage 4.12 MB
Peak Memory Usage 5.58 MB
lsass.exe
Process ID 748
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 7.30 MB
Peak Memory Usage 8.30 MB
lsm.exe
Process ID 756
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.55 MB
Peak Memory Usage 5.50 MB
lssrvc.exe
Process ID 2284
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Memory Usage 2.98 MB
Peak Memory Usage 3.70 MB
mbamgui.exe
Process ID 2504
User Buntings
Domain Buntings-PC
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Memory Usage 5.15 MB
Peak Memory Usage 6.56 MB
mbamservice.exe
Process ID 4448
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
Memory Usage 42 MB
Peak Memory Usage 158 MB
mdnsresponder.exe
Process ID 2096
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 4.64 MB
Peak Memory Usage 5.44 MB
notepad.exe
Process ID 5572
User Buntings
Domain Buntings-PC
Path C:\Windows\notepad.exe
Memory Usage 4.84 MB
Peak Memory Usage 4.88 MB
plugin-container.exe
Process ID 2356
User Buntings
Domain Buntings-PC
Path C:\Program Files\Mozilla Firefox\plugin-container.exe
Memory Usage 16 MB
Peak Memory Usage 19 MB
reflectservice.exe
Process ID 2328
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Macrium\Reflect\ReflectService.exe
Memory Usage 4.10 MB
Peak Memory Usage 4.35 MB
rthdvcpl.exe
Process ID 3488
User Buntings
Domain Buntings-PC
Path C:\Windows\RtHDVCpl.exe
Memory Usage 5.41 MB
Peak Memory Usage 7.76 MB
rundll32.exe
Process ID 1596
User Buntings
Domain Buntings-PC
Path C:\Windows\System32\rundll32.exe
Memory Usage 3.60 MB
Peak Memory Usage 4.64 MB
searchfilterhost.exe
Process ID 4892
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 6.48 MB
Peak Memory Usage 6.48 MB
searchindexer.exe
Process ID 2644
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
searchprotocolhost.exe
Process ID 5380
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
services.exe
Process ID 732
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 6.57 MB
Peak Memory Usage 7.50 MB
slsvc.exe
Process ID 1368
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 6.21 MB
Peak Memory Usage 12 MB
sm56hlpr.exe
Process ID 3764
User Buntings
Domain Buntings-PC
Path C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
Memory Usage 4.07 MB
Peak Memory Usage 4.96 MB
smss.exe
Process ID 560
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 704 KB
Peak Memory Usage 756 KB
soffice.bin
Process ID 2892
User Buntings
Domain Buntings-PC
Path C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
Memory Usage 17 MB
Peak Memory Usage 21 MB
soffice.exe
Process ID 2084
User Buntings
Domain Buntings-PC
Path C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
Memory Usage 3.41 MB
Peak Memory Usage 4.63 MB
speccy.exe
Process ID 5264
User Buntings
Domain Buntings-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 17 MB
Peak Memory Usage 18 MB
spoolsv.exe
Process ID 312
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 9.90 MB
Peak Memory Usage 13 MB
sprtcmd.exe
Process ID 728
User Buntings
Domain Buntings-PC
Path C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
Memory Usage 1.84 MB
Peak Memory Usage 11 MB
sprtsvc.exe
Process ID 2392
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
Memory Usage 1.55 MB
Peak Memory Usage 7.47 MB
svchost.exe
Process ID 380
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 48 MB
svchost.exe
Process ID 1400
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 1020
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.18 MB
Peak Memory Usage 6.86 MB
svchost.exe
Process ID 1056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 29 MB
Peak Memory Usage 113 MB
svchost.exe
Process ID 1156
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 1208
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 67 MB
Peak Memory Usage 155 MB
svchost.exe
Process ID 948
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.93 MB
Peak Memory Usage 6.21 MB
svchost.exe
Process ID 2620
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.48 MB
Peak Memory Usage 3.48 MB
svchost.exe
Process ID 2316
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.22 MB
Peak Memory Usage 6.13 MB
svchost.exe
Process ID 2412
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.55 MB
Peak Memory Usage 8.99 MB
svchost.exe
Process ID 1540
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 1244
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 65 MB
Peak Memory Usage 406 MB
synmedion.exe
Process ID 3716
User Buntings
Domain Buntings-PC
Path C:\Program Files\Synaptics\SynTP\SynMedion.exe
Memory Usage 3.15 MB
Peak Memory Usage 3.93 MB
syntpenh.exe
Process ID 3700
User Buntings
Domain Buntings-PC
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 5.39 MB
Peak Memory Usage 6.70 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 1692
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 5.66 MB
Peak Memory Usage 5.73 MB
taskeng.exe
Process ID 3168
User Buntings
Domain Buntings-PC
Path C:\Windows\system32\taskeng.exe
Memory Usage 8.58 MB
Peak Memory Usage 10 MB
tgsrvc.exe
Process ID 2452
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
Memory Usage 4.47 MB
Peak Memory Usage 5.29 MB
ulcdrsvr.exe
Process ID 2596
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Memory Usage 1.75 MB
Peak Memory Usage 2.11 MB
wbutton.exe
Process ID 3756
User Buntings
Domain Buntings-PC
Path C:\Program Files\Launch Manager\WButton.exe
Memory Usage 5.14 MB
Peak Memory Usage 6.37 MB
wininit.exe
Process ID 688
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 3.63 MB
Peak Memory Usage 4.74 MB
winlogon.exe
Process ID 788
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 4.70 MB
Peak Memory Usage 6.82 MB
wislmsvc.exe
Process ID 3816
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Launch Manager\WisLMSvc.exe
Memory Usage 4.32 MB
Peak Memory Usage 5.05 MB
wmiprvse.exe
Process ID 5980
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 5.96 MB
Peak Memory Usage 5.96 MB
wmiprvse.exe
Process ID 5432
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 6.81 MB
Peak Memory Usage 6.81 MB
wmpnetwk.exe
Process ID 2056
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 10 MB
Peak Memory Usage 15 MB
wmpnscfg.exe
Process ID 3412
User Buntings
Domain Buntings-PC
Path C:\Program Files\Windows Media Player\wmpnscfg.exe
Memory Usage 5.40 MB
Peak Memory Usage 5.40 MB
wpcumi.exe
Process ID 3888
User Buntings
Domain Buntings-PC
Path C:\Windows\System32\wpcumi.exe
Memory Usage 5.21 MB
Peak Memory Usage 6.31 MB
wuauclt.exe
Process ID 5528
User Buntings
Domain Buntings-PC
Path C:\Windows\system32\wuauclt.exe
Memory Usage 5.73 MB
Peak Memory Usage 5.75 MB
zunelauncher.exe
Process ID 3984
User Buntings
Domain Buntings-PC
Path C:\Program Files\Zune\ZuneLauncher.exe
Memory Usage 3.30 MB
Peak Memory Usage 4.33 MB
Hotfixes
11/11/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1674.0)
11/11/2011 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
11/11/2011 Windows Malicious Software Removal Tool - November 2011 (KB890830)
11/11/2011 Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
11/11/2011 Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
11/11/2011 Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
11/11/2011 Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
11/11/2011 Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
11/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1462.0)
11/7/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.1237.0)
10/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.502.0)
10/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.115.250.0)
10/19/2011 Windows Malicious Software Removal Tool - October 2011 (KB890830)
10/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1886.0)
10/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.1136.0)
10/2/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.631.0)
10/2/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
9/29/2011 Definition Update for Windows Defender - KB915597 (Definition 1.113.359.0)
9/20/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2630.0)
9/18/2011 Security Update for Microsoft Office 2007 System (KB2553090)
9/18/2011 Update for Microsoft Office 2010 (KB2553092), 32-Bit Edition
9/18/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
9/18/2011 Update for Microsoft Office 2010 (KB2566458), 32-Bit Edition
9/18/2011 Security Update for Microsoft Office 2007 System (KB2553089)
9/18/2011 Security Update for Microsoft Excel 2010 (KB2553070), 32-Bit Edition
9/18/2011 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
9/18/2011 Security Update for Microsoft Office 2010 (KB2584066), 32-Bit Edition
9/18/2011 Security Update for Microsoft SharePoint Workspace 2010 (KB2566445), 32-Bit Edition
9/18/2011 Security Update for Microsoft Office 2010 (KB2553096), 32-Bit Edition
9/18/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
9/18/2011 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
9/18/2011 Security Update for Microsoft Office 2010 (KB2553091), 32-Bit Edition
9/18/2011 Security Update for Microsoft Office 2007 System (KB2584063)
9/18/2011 Update for Outlook Social Connector 2010 (KB2583935), 32-Bit Edition
9/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2389.0)
9/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.2089.0)
9/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1823.0)
9/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1554.0)
9/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1301.0)
9/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1045.0)
8/27/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.775.0)
8/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.216.0)
8/18/2011 Security Update for Windows Vista (KB2536276)
8/18/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
8/18/2011 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
8/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.35.0)
8/17/2011 Security Update for Windows Vista (KB2555917)
8/17/2011 Update for Windows Mail Junk E-mail Filter [July 2011] (KB905866)
8/17/2011 Windows Malicious Software Removal Tool - July 2011 (KB890830)
8/17/2011 Update for Windows Vista (KB2533623)
8/17/2011 Security Update for Windows Vista (KB2507938)
7/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.116.0)
7/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.2067.0)
7/21/2011 Security Update for Windows Vista (KB2507938)
7/21/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
7/21/2011 Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2478659)
7/21/2011 Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2518865)
7/21/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
7/21/2011 Update for Windows Vista (KB2541763)
7/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1308.0)
6/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.49.0)
6/17/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.2171.0)
6/17/2011 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2530548)
6/17/2011 Security Update for Windows Vista (KB2535512)
6/17/2011 Windows Malicious Software Removal Tool - June 2011 (KB890830)
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
6/17/2011 Update for Microsoft Office 2010 (KB2523113), 32-Bit Edition
6/17/2011 Security Update for Windows Vista (KB2503665)
6/17/2011 Security Update for Microsoft InfoPath 2010 (KB2510065), 32-Bit Edition
6/17/2011 Security Update for Windows Vista (KB2536275)
6/17/2011 Security Update for Internet Explorer 7 for Windows Vista (KB2544521)
6/17/2011 Security Update for Windows Vista (KB2476490)
6/17/2011 Security Update for Microsoft Excel 2010 (KB2523021), 32-Bit Edition
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
6/17/2011 Security Update for Windows Vista (KB2544893)
6/17/2011 Security Update for Windows Vista (KB2536276)
6/17/2011 Update for Windows Mail Junk E-mail Filter [June 2011] (KB905866)
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
6/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1913.0)
6/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1687.0)
6/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1413.0)
6/3/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.1184.0)
6/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.929.0)
5/28/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.646.0)
5/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.365.0)
5/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.105.124.0)
5/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1875.0)
5/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1631.0)
5/12/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
5/12/2011 Update for Windows Mail Junk E-mail Filter [May 2011] (KB905866)
5/12/2011 Security Update for Microsoft Office 2007 System (KB2540162)
5/11/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1349.0)
5/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1139.0)
5/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.900.0)
5/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.682.0)
5/1/2011 Update for Windows Vista (KB2492386)
5/1/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/27/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.468.0)
4/23/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.286.0)
4/21/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
4/19/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.42.0)
4/17/2011 Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2449741)
4/17/2011 Security Update for Windows Vista (KB2507618)
4/17/2011 Security Update for Windows Vista (KB2511455)
4/17/2011 Security Update for Windows Vista (KB2506212)
4/17/2011 Security Update for Windows Vista (KB2508429)
4/17/2011 Security Update for Windows Vista (KB2509553)
4/17/2011 Update for Outlook Social Connector 2010 (KB2441641), 32-Bit Edition
4/17/2011 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2497640)
4/17/2011 Security Update for Windows Vista (KB2506223)
4/17/2011 Security Update for Windows Vista (KB2510581)
4/17/2011 Security Update for Microsoft Excel 2010 (KB2466146), 32-Bit Edition
4/17/2011 Security Update for Windows Vista (KB2503658)
4/17/2011 Security Update for Windows Vista (KB2412687)
4/17/2011 Security Update for Microsoft Office 2007 System (KB2464635)
4/17/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708)
4/17/2011 Security Update for Microsoft Office 2007 System (KB2509488)
4/17/2011 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272)
4/17/2011 Update for Windows Mail Junk E-mail Filter [April 2011] (KB905866)
4/17/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
4/17/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
4/17/2011 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
4/17/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
4/17/2011 Security Update for Microsoft PowerPoint 2010 (KB2519975), 32-Bit Edition
4/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1523.0)
4/16/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1291.0)
4/9/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.1074.0)
4/6/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.822.0)
4/3/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.609.0)
3/25/2011 Definition Update for Windows Defender - KB915597 (Definition 1.101.118.0)
3/25/2011 Update for Windows Vista (KB2524375)
3/24/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1684.0)
3/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1460.0)
3/18/2011 Update for Windows Vista (KB971029)
3/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1226.0)
3/12/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.1034.0)
3/12/2011 Update for Microsoft OneNote 2010 (KB2493983), 32-Bit Edition
3/12/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
3/12/2011 Update for Windows Mail Junk E-mail Filter [March 2011] (KB905866)
3/12/2011 Security Update for Windows Vista (KB2479943)
3/12/2011 Update for Microsoft Office 2010 (KB2494150), 32-Bit Edition
3/12/2011 Security Update for Windows Vista (KB2481109)
3/12/2011 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
3/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.800.0)
3/5/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.567.0)
3/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.322.0)
2/27/2011 Update for Windows Vista (KB971029)
2/25/2011 Definition Update for Windows Defender - KB915597 (Definition 1.99.94.0)
2/25/2011 Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930)
2/22/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.2292.0)
2/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.2020.0)
2/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1752.0)
2/13/2011 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
2/13/2011 Security Update for Windows Vista (KB2479628)
2/13/2011 Security Update for Windows Vista (KB2393802)
2/13/2011 Update for Windows Mail Junk E-mail Filter [February 2011] (KB905866)
2/13/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
2/13/2011 Security Update for Windows Vista (KB2483185)
2/13/2011 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2482017)
2/13/2011 Security Update for Windows Vista (KB2485376)
2/11/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.1491.0)
2/4/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.984.0)
2/1/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.757.0)
1/28/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.544.0)
1/26/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.286.0)
1/21/2011 Definition Update for Windows Defender - KB915597 (Definition 1.97.22.0)
1/18/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.4180.0)
1/16/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
1/16/2011 Security Update for Windows Vista (KB2419640)
1/16/2011 Security Update for Windows Vista (KB2478935)
1/16/2011 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
1/15/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3914.0)
1/8/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3426.0)
1/4/2011 Definition Update for Windows Defender - KB915597 (Definition 1.95.3177.0)
12/30/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2722.0)
12/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2533.0)
12/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.2197.0)
12/21/2010 Security Update for Windows Vista (KB2423089)
12/21/2010 Security Update for Windows Vista (KB2436673)
12/21/2010 Security Update for Microsoft Office 2010 (KB2289078), 32-Bit Edition
12/21/2010 Security Update for Windows Vista (KB2305420)
12/21/2010 Security Update for Windows Vista (KB2442962)
12/21/2010 Security Update for Windows Vista (KB2296199)
12/21/2010 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2416400)
12/21/2010 Security Update for Microsoft Publisher 2010 (KB2409055), 32-Bit Edition
12/21/2010 Update for Windows Vista (KB2443685)
12/21/2010 Update for Microsoft OneNote 2010 (KB2433299), 32-Bit Edition
12/21/2010 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
12/21/2010 Update for Internet Explorer for Windows Vista (KB2467659)
12/21/2010 Update for Windows Mail Junk E-mail Filter [December 2010] (KB905866)
12/21/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
12/21/2010 Update for Microsoft Office 2010 File Validation (KB2413186), 32-Bit Edition
12/21/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1996.0)
12/10/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1522.0)
12/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1304.0)
12/4/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.1100.0)
12/2/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.861.0)
11/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.656.0)
11/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.422.0)
11/19/2010 Definition Update for Windows Defender - KB915597 (Definition 1.95.191.0)
11/18/2010 Update for Outlook Social Connector (KB2289116), 32-Bit Edition
11/18/2010 Security Update for Microsoft Office 2010 (KB2289161), 32-Bit Edition
11/18/2010 Security Update for Microsoft Word 2010 (KB2345000), 32-Bit Edition
11/18/2010 Update for Microsoft Office 2010 (KB2202188), 32-Bit Edition
11/18/2010 Update for Microsoft OneNote 2010 (KB2288640), 32-Bit Edition
11/18/2010 Definition Update for Microsoft Office 2010 (KB982726), 32-Bit Edition
11/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1985.0)
11/17/2010 Internet Explorer 8 for Windows Vista
11/13/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1733.0)
11/13/2010 Security Update for Microsoft Office 2007 System (KB2289158)
11/13/2010 Update for Windows Mail Junk E-mail Filter [November 2010] (KB905866)
11/13/2010 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
11/13/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
11/10/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.1456.0)
10/30/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.695.0)
10/27/2010 Update for Windows Vista (KB2388210)
10/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.468.0)
10/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.284.0)
10/19/2010 Definition Update for Windows Defender - KB915597 (Definition 1.93.26.0)
10/18/2010 Update for Windows Vista (KB980248)
10/17/2010 Security Update for Windows Vista (KB2378111)
10/17/2010 Update for Windows Vista (KB2345886)
10/17/2010 Security Update for the 2007 Microsoft Office System (KB2345043)
10/17/2010 Security Update for Windows Vista (KB2207566)
10/17/2010 Security Update for Windows Vista (KB979687)
10/17/2010 Security Update for Windows Vista (KB982132)
10/17/2010 Security Update for the 2007 Microsoft Office System (KB2344875)
10/17/2010 Security Update for Windows Vista (KB2387149)
10/17/2010 Security Update for Windows Vista (KB981957)
10/17/2010 Security Update for Windows Vista (KB2281679)
10/17/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
10/17/2010 Security Update for Windows Desktop Search 4.0 for Windows Vista (KB979688)
10/17/2010 Security Update for Windows Vista (KB2296011)
10/17/2010 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2360131)
10/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1817.0)
10/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1591.0)
10/13/2010 Security Update for Windows Vista (KB981322)
10/13/2010 Update for Windows Vista (KB2158563)
10/13/2010 Security Update for Windows Vista (KB978542)
10/13/2010 Security Update for Windows Vista (KB982665)
10/13/2010 Update for Windows Vista (KB952709)
10/13/2010 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2183461)
10/13/2010 Security Update for Windows Vista (KB980436)
10/13/2010 Security Update for Windows Vista (KB979482)
10/13/2010 Update for Windows Vista (KB982519)
10/13/2010 Security Update for Windows Vista (KB2347290)
10/13/2010 Security Update for Windows Vista (KB981997)
10/13/2010 Security Update for Windows Vista (KB975558)
10/13/2010 Security Update for Windows Vista (KB980218)
10/13/2010 Windows Search 4.0 for Windows Vista (KB940157)
10/13/2010 Security Update for Windows Vista (KB2160329)
10/13/2010 Security Update for Windows Vista (KB982799)
10/13/2010 Cumulative Update for Media Center for Windows Vista (KB982480)
10/13/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
10/13/2010 Security Update for Windows Vista (KB981852)
10/13/2010 Security Update for Windows Vista (KB975562)
10/13/2010 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2416474)
10/13/2010 Security Update for Windows Vista (KB2079403)
10/13/2010 Update for Windows Vista (KB957200)
10/13/2010 Update for Windows Vista (KB955302)
10/13/2010 Security Update for Windows Vista (KB982214)
10/13/2010 Microsoft .NET Framework 4 Client Profile for Windows Vista x86 (KB982670)
10/13/2010 Update for Windows Vista (KB951978)
10/13/2010 Update for Windows Mail Junk E-mail Filter [September 2010] (KB905866)
10/13/2010 Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB983588)
10/13/2010 Security Update for Windows Vista (KB2286198)
10/13/2010 Security Update for Windows Vista (KB978886)
10/13/2010 Update for Windows Vista (KB2141007)
10/7/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.1122.0)
10/7/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB980195)
10/7/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows Vista SP1 and Windows Server 2008 x86 (KB982535)
10/7/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows Vista SP1 and Windows Server 2008 x86 (KB956250)
10/7/2010 Microsoft .NET Framework 3.5 SP1 Security Update for Windows Vista SP1 and Windows Server 2008 x86 (KB979911)
10/4/2010 Windows Vista Service Pack 1 (KB936330)
10/4/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.961.0)
10/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.902.0)
9/28/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.724.0)
9/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.452.0)
9/21/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.253.0)
9/18/2010 Definition Update for Windows Defender - KB915597 (Definition 1.91.14.0)
9/18/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
9/15/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1620.0)
9/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1411.0)
9/9/2010 Office Genuine Advantage Notifications (KB949810)
9/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.1145.0)
9/5/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.901.0)
9/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.660.0)
8/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.207.0)
8/23/2010 Definition Update for Windows Defender - KB915597 (Definition 1.89.175.0)
8/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.2231.0)
8/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1998.0)
8/17/2010 Windows Malicious Software Removal Tool - August 2010 (KB890830)
8/14/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1828.0)
8/14/2010 Security Update for the 2007 Microsoft Office System (KB2277947)
8/13/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1764.0)
8/9/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1528.0)
8/3/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.1042.0)
7/30/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.836.0)
7/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.582.0)
7/23/2010 Update for Windows Vista (KB971737)
7/23/2010 Update for Windows Vista (KB970430)
7/22/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.362.0)
7/22/2010 Update for Windows Vista (KB968389)
7/19/2010 Definition Update for Windows Defender - KB915597 (Definition 1.87.146.0)
7/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.2136.0)
7/14/2010 Windows Malicious Software Removal Tool - July 2010 (KB890830)
7/13/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.1905.0)
7/9/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.1714.0)
7/6/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.1476.0)
7/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.1218.0)
6/29/2010 Definition Update for Windows Defender - KB915597 (Definition 1.85.967.0)
6/15/2010 Update for Windows Vista (KB968389)
6/15/2010 Office Genuine Advantage Notifications (KB949810)
6/11/2010 Security Update for the 2007 Microsoft Office System (KB982312)
6/11/2010 Windows Malicious Software Removal Tool - June 2010 (KB890830)
6/11/2010 Security Update for the 2007 Microsoft Office System (KB982331)
6/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.1506.0)
6/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.1268.0)
6/3/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.1076.0)
5/31/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.848.0)
5/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.642.0)
5/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.398.0)
5/20/2010 Definition Update for Windows Defender - KB915597 (Definition 1.83.160.0)
5/17/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.1898.0)
5/14/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.1622.0)
5/12/2010 Windows Malicious Software Removal Tool - May 2010 (KB890830)
5/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.1347.0)
5/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.1110.0)
5/6/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.874.0)
5/2/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.660.0)
4/27/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.438.0)
4/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.149.0)
4/21/2010 Definition Update for Windows Defender - KB915597 (Definition 1.81.0.0)
4/16/2010 Update for the 2007 Microsoft Office System (KB981715)
4/16/2010 Security Update for Windows Vista (KB980232)
4/16/2010 Security Update for Windows Vista (KB979683)
4/16/2010 Security Update for Windows Vista (KB981349)
4/16/2010 Windows Malicious Software Removal Tool - April 2010 (KB890830)
4/16/2010 Update for Windows Mail Junk E-mail Filter [April 2010] (KB905866)
4/16/2010 Security Update for Windows Vista (KB978601)
4/16/2010 Security Update for Windows Vista (KB977816)
4/16/2010 Security Update for Windows Vista (KB978338)
4/16/2010 Security Update for Windows Vista (KB979309)
4/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.1918.0)
4/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.1432.0)
4/4/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.953.0)
4/4/2010 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB980182)
3/31/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.702.0)
3/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.495.0)
3/20/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.130.0)
3/15/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.1038.0)
3/12/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.834.0)
3/12/2010 Update for the 2007 Microsoft Office System (KB977724)
3/11/2010 Security Update for Movie Maker 6.0 for Windows Vista (KB975561)
3/11/2010 Update for Windows Mail Junk E-mail Filter [March 2010] (KB905866)
3/11/2010 Security Update for Windows Vista (KB977165)
3/11/2010 Windows Malicious Software Removal Tool - March 2010 (KB890830)
3/11/2010 Security Update for the 2007 Microsoft Office System (KB978380)
3/11/2010 Update for Windows Vista (KB973917)
3/10/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.575.0)
3/6/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.353.0)
2/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.30.0)
2/25/2010 Update for Windows Vista (KB979306)
2/25/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.0.0)
2/25/2010 Update for Rights Management Services Client for Windows Vista (KB979099)
2/25/2010 Update for Windows Vista (KB975929)
2/24/2010 Update for Windows Vista (KB979306)
2/24/2010 Definition Update for Windows Defender - KB915597 (Definition 1.75.1050.0)
2/20/2010 Definition Update for Windows Defender - KB915597 (Definition 1.75.924.0)
2/20/2010 Security Update for Windows Vista (KB971468)
2/20/2010 Windows Malicious Software Removal Tool - February 2010 (KB890830)
2/20/2010 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB978262)
2/20/2010 Update for Windows Mail Junk E-mail Filter [February 2010] (KB905866)
2/20/2010 Security Update for Windows Vista (KB974145)
2/20/2010 Security Update for Windows Vista (KB975560)
2/20/2010 Security Update for Windows Vista (KB978251)
2/11/2010 Definition Update for Windows Defender - KB915597 (Definition 1.75.657.0)
2/8/2010 Definition Update for Windows Defender - KB915597 (Definition 1.75.517.0)
1/28/2010 Definition Update for Windows Defender - KB915597 (Definition 1.75.94.0)
1/23/2010 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB978207)
1/21/2010 Definition Update for Windows Defender - KB915597 (Definition 1.71.2521.0)
1/21/2010 Security Update for Windows Vista (KB972270)
1/21/2010 Update for Windows Mail Junk E-mail Filter [January 2010] (KB905866)
1/17/2010 Windows Malicious Software Removal Tool - January 2010 (KB890830)
1/16/2010 Update for Windows Mail Junk E-mail Filter [January 2010] (KB905866)
1/16/2010 Definition Update for Windows Defender - KB915597 (Definition 1.71.2204.0)
1/9/2010 Definition Update for Windows Defender - KB915597 (Definition 1.71.1885.0)
1/1/2010 Definition Update for Windows Defender - KB915597 (Definition 1.71.1568.0)
12/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.1433.0)
12/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.1326.0)
12/23/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB976325)
12/23/2009 Update for Windows Vista (KB973917)
12/23/2009 Windows Malicious Software Removal Tool - December 2009 (KB890830)
12/23/2009 Update for Windows Mail Junk E-mail Filter [December 2009] (KB905866)
12/23/2009 Security Update for Windows Vista (KB974318)
12/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.1143.0)
12/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.570.0)
12/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.471.0)
12/4/2009 Update for Windows Vista (KB973687)
12/4/2009 Update for Windows Vista (KB976098)
12/4/2009 Update for Windows Vista (KB976470)
12/4/2009 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
11/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.129.0)
11/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.71.26.0)
11/16/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.995.0)
11/16/2009 PowerPoint Viewer 2007 Service Pack 2 (SP2)
11/16/2009 Microsoft Office Compatibility Pack Service Pack 2 (SP2)
11/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.881.0)
11/12/2009 Security Update for the 2007 Microsoft Office System (KB973704)
11/12/2009 Windows Malicious Software Removal Tool - November 2009 (KB890830)
11/12/2009 Security Update for Windows Vista (KB969947)
11/12/2009 Update for Windows Mail Junk E-mail Filter [November 2009] (KB905866)
11/12/2009 Security Update for Windows Vista (KB973565)
11/11/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.725.0)
11/11/2009 Update for Internet Explorer 7 for Windows Vista (KB976749)
11/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.643.0)
11/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.443.0)
10/29/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.301.0)
10/28/2009 Update for Windows Vista (KB972145)
10/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.144.0)
10/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.69.18.0)
10/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.940.0)
10/21/2009 Windows Update Agent 7.4.7600.226
10/16/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.841.0)
10/16/2009 Security Update for Windows Vista (KB975467)
10/16/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB974455)
10/16/2009 Windows Malicious Software Removal Tool - October 2009 (KB890830)
10/16/2009 Security Update for Windows Vista (KB971486)
10/16/2009 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows Vista (KB974467)
10/16/2009 Update for Windows Mail Junk E-mail Filter [October 2009] (KB905866)
10/16/2009 Security Update for Windows Vista (KB958869)
10/16/2009 Cumulative Update for Media Center for Windows Vista (KB974306)
10/16/2009 Security Update for the 2007 Microsoft Office System (KB972581)
10/16/2009 Security Update for Windows Vista (KB974571)
10/16/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973525)
10/16/2009 Security Update for Windows Vista (KB975517)
10/16/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155)
10/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.698.0)
10/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.543.0)
10/5/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.379.0)
10/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.321.0)
9/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.136.0)
9/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.67.10.0)
9/21/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.957.0)
9/18/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.848.0)
9/18/2009 Security Update for Windows Vista (KB967723)
9/18/2009 Security Update for Windows Vista (KB970710)
9/18/2009 Security Update for Windows Media Format Runtime 11 for Windows Vista (KB968816)
9/18/2009 Windows Malicious Software Removal Tool - September 2009 (KB890830)
9/18/2009 Update for Windows Mail Junk E-mail Filter [September 2009] (KB905866)
9/18/2009 Security Update for Jscript 5.7 for Windows Vista (KB971961)
9/18/2009 Security Update for Windows Vista (KB973768)
9/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.586.0)
9/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.477.0)
9/4/2009 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
9/4/2009 Update for Windows Vista (KB972036)
9/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.330.0)
8/31/2009 Definition Update for Windows Defender - KB915597 (Definition 1.65.146.0)
8/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.2059.0)
8/26/2009 Update for Windows Vista (KB970653)
8/26/2009 Update for Windows Vista (KB972036)
8/25/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1861.0)
8/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1684.0)
8/19/2009 Update for Windows Vista (KB968389)
8/17/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1552.0)
8/16/2009 Security Update for Windows Vista (KB973507)
8/16/2009 Security Update for Windows Vista (KB971657)
8/16/2009 Security Update for Windows Vista (KB956744)
8/16/2009 Security Update for Windows Vista (KB971557)
8/16/2009 Security Update for Windows Vista (KB973540)
8/16/2009 Update for Windows Mail Junk E-mail Filter [August 2009] (KB905866)
8/16/2009 Windows Malicious Software Removal Tool - August 2009 (KB890830)
8/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1394.0)
8/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.1207.0)
8/10/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB972260)
8/10/2009 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
8/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.812.0)
7/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.63.422.0)
7/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1958.0)
7/18/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1700.0)
7/15/2009 Security Update for Windows Vista (KB961371)
7/15/2009 Update for Windows Mail Junk E-mail Filter [July 2009] (KB905866)
7/15/2009 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973346)
7/15/2009 Windows Malicious Software Removal Tool - July 2009 (KB890830)
7/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1497.0)
7/11/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1304.0)
7/6/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.1063.0)
7/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.835.0)
7/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.601.0)
6/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.61.369.0)
6/17/2009 Cumulative Update for Media Center for Windows Vista (KB967632)
6/16/2009 Cumulative Update for Media Center for Windows Vista (KB967632)
6/15/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1267.0)
6/15/2009 Cumulative Update for Media Center for Windows Vista (KB967632)
6/12/2009 Security Update for Windows Vista (KB968537)
6/12/2009 Security Update for the 2007 Microsoft Office System (KB969679)
6/12/2009 Security Update for Windows Vista (KB961501)
6/12/2009 Security Update for the 2007 Microsoft Office System (KB969613)
6/12/2009 Update for Windows Mail Junk E-mail Filter [June 2009] (KB905866)
6/12/2009 Windows Malicious Software Removal Tool - June 2009 (KB890830)
6/12/2009 Security Update for Windows Vista (KB970238)
6/12/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB969898)
6/12/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB969897)
6/11/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.1107.0)
6/8/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.918.0)
6/5/2009 Update for Windows Vista (KB955430)
6/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.789.0)
6/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.659.0)
5/28/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.458.0)
5/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.251.0)
5/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.59.52.0)
5/14/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1329.0)
5/14/2009 Security Update for the 2007 Microsoft Office System (KB969618)
5/14/2009 Security Update for PowerPoint Viewer 2007 (KB970059)
5/14/2009 Windows Malicious Software Removal Tool - May 2009 (KB890830)
5/14/2009 Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)
5/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.1094.0)
5/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.963.0)
5/4/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.806.0)
5/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.619.0)
4/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.57.408.0)
4/20/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1987.0)
4/18/2009 Security Update for Windows Vista (KB960803)
4/18/2009 Security Update for Windows Vista (KB952004)
4/18/2009 Update for Windows Mail Junk E-mail Filter [April 2009] (KB905866)
4/18/2009 Windows Malicious Software Removal Tool - April 2009 (KB890830)
4/18/2009 Security Update for Windows Vista (KB956572)
4/18/2009 Security Update for Windows Vista (KB959426)
4/18/2009 Security Update for 2007 Microsoft Office System (KB960003)
4/18/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB963027)
4/18/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1579.0)
4/16/2009 Hotfix for Windows (KB954708)
4/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.1119.0)
4/2/2009 Windows Malicious Software Removal Tool - March 2009 (KB890830)
4/2/2009 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
4/2/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.933.0)
3/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.736.0)
3/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.543.0)
3/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.314.0)
3/22/2009 Definition Update for Windows Defender - KB915597 (Definition 1.55.103.0)
3/12/2009 Update for Windows Vista (KB959772)
3/12/2009 Update for Windows Mail Junk E-mail Filter [March 2009] (KB905866)
3/12/2009 Security Update for Windows Vista (KB960225)
3/12/2009 Security Update for Windows Vista (KB958690)
3/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.431.0)
3/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.53.288.0)
3/3/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1279.0)
2/26/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.1145.0)
2/24/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.937.0)
2/17/2009 Cumulative Update for Media Center for Windows Vista (KB960544)
2/16/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.627.0)
2/13/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.484.0)
2/12/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)
2/11/2009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)
2/11/2009 Update Rollup for ActiveX Killbits for Windows Vista (KB960715)
2/11/2009 Update for Windows Mail Junk E-mail Filter [February 2009] (KB905866)
2/10/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.391.0)
2/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.51.303.0)
1/30/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2750.0)
1/27/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2551.0)
1/23/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2376.0)
1/19/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2195.0)
1/19/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.2011.0)
1/16/2009 Update for Windows Mail Junk E-mail Filter [January 2009] (KB905866)
1/16/2009 Security Update for Windows Vista (KB958687)
1/12/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1841.0)
1/9/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1662.0)
1/7/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1455.0)
1/7/2009 Hotfix for Windows (KB950051)
1/7/2009 Hotfix for Windows (KB950371)
1/1/2009 Definition Update for Windows Defender - KB915597 (Definition 1.49.1289.0)
1/1/2009 Zune Software 3.1
12/31/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.1123.0)
12/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.989.0)
12/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.864.0)
12/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.701.0)
12/18/2008 Security Update for Internet Explorer 7 in Windows Vista (KB960714)
12/16/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.523.0)
12/13/2008 Security Update for the 2007 Microsoft Office System (KB958439)
12/13/2008 Update for Windows Mail Junk E-mail Filter [December 2008] (KB905866)
12/13/2008 Security Update for Windows Vista (KB956802)
12/13/2008 Update for Windows Vista (KB957388)
12/13/2008 Update for Windows Vista (KB955839)
12/13/2008 Security Update for Windows Vista (KB958623)
12/13/2008 Security Update for Windows Vista (KB958624)
12/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB958215)
12/13/2008 Security Update for Windows Vista (KB952069)
12/13/2008 Security Update for the 2007 Microsoft Office System (KB956828)
12/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.369.0)
12/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.217.0)
12/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.49.88.0)
12/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.966.0)
12/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.966.0)
12/2/2008 Windows Update Agent 7.2.6001.788
11/30/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.864.0)
11/26/2008 Update for Windows Vista (KB959108)
11/26/2008 Update for Windows Vista (KB957321)
11/26/2008 Update for Windows Vista (KB959130)
11/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.708.0)
11/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.567.0)
11/19/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.487.0)
11/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.283.0)
11/13/2008 Security Update for Windows Vista (KB957097)
11/13/2008 Security Update for Windows Vista (KB955069)
11/13/2008 Security Update for Microsoft Office 2007 (KB951550)
11/13/2008 Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)
11/13/2008 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
11/13/2008 Security Update for Windows Vista (KB954459)
11/12/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.167.0)
11/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.47.15.0)
11/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1403.0)
11/4/2008 Cumulative Update for Media Center for Windows Vista (KB955519)
11/3/2008 Cumulative Update for Media Center for Windows Vista (KB955519)
10/31/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1246.0)
10/31/2008 Security Update for Windows Vista (KB953155)
10/25/2008 Security Update for Windows Vista (KB958644)
10/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.1012.0)
10/18/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.731.0)
10/15/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB956391)
10/15/2008 Update for Windows Mail Junk E-mail Filter [October 2008] (KB905866)
10/15/2008 Security Update for Windows Vista (KB954211)
10/15/2008 Security Update for 2007 Microsoft Office System (KB955936)
10/15/2008 Security Update for Windows Vista (KB957095)
10/15/2008 Security Update for Windows Vista (KB956841)
10/15/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB956390)
10/11/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.430.0)
10/8/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.280.0)
10/3/2008 Definition Update for Windows Defender - KB915597 (Definition 1.45.124.0)
9/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.801.0)
9/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.702.0)
9/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.309.0)
9/11/2008 Update for Windows Vista (KB954366)
9/11/2008 Security Update for the 2007 Microsoft Office System (KB954326)
9/11/2008 Security Update for Windows Vista (KB954154)
9/11/2008 Security Update for the 2007 Microsoft Office System (KB951944)
9/11/2008 Security Update for Windows Vista (KB938464)
9/11/2008 Update for Windows Mail Junk E-mail Filter [September 2008] (KB905866)
9/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.128.0)
9/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.43.73.0)
9/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.1074.0)
9/2/2008 Microsoft Office Compatibility Pack Service Pack 1 (SP1)
9/2/2008 Microsoft Office PowerPoint Viewer 2007 Service Pack 1 (SP1)
8/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.925.0)
8/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.794.0)
8/22/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.625.0)
8/21/2008 Windows Update Agent 7.2.6001.784
8/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.563.0)
8/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.365.0)
8/14/2008 Security Update for Windows Vista (KB953733)
8/14/2008 Update for Windows Vista (KB951072)
8/14/2008 Security Update for Windows Vista (KB950974)
8/14/2008 Security Update for 2007 Microsoft Office System (KB954038)
8/14/2008 Security Update for 2007 Microsoft Office System (KB951596)
8/14/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB953838)
8/14/2008 Update for Windows Mail Junk E-mail Filter [August 2008] (KB905866)
8/14/2008 Update for Windows Vista (KB952287)
8/14/2008 Update for Windows Vista (KB951618)
8/14/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB953839)
8/14/2008 Security Update for Windows Mail for Windows Vista (KB951066)
8/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.172.0)
8/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.41.72.0)
8/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.39.119.0)
7/22/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1028.0)
7/21/2008 Update for Windows Vista (KB955020)
7/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.746.0)
7/13/2008 Security Update for Windows Vista (KB950582)
7/13/2008 Update for Windows Mail Junk E-mail Filter [July 2008] (KB905866)
7/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.579.0)
7/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.271.0)
7/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.191.0)
6/29/2008 Update for Windows Vista (KB950124)
6/29/2008 Update for Windows Vista (KB950125)
6/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1.0)
6/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.37.1.0)
6/27/2008 Update for Windows Vista (KB950124)
6/27/2008 Update for Windows Vista (KB950125)
6/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.563.0)
6/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.475.0)
6/15/2008 Cumulative Update for Media Center for Windows Vista (KB950126)
6/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.347.0)
6/13/2008 Update for Windows Mail Junk E-mail Filter [June 2008] (KB905866)
6/13/2008 Windows Malicious Software Removal Tool - June 2008 (KB890830)
6/13/2008 Security Update for Windows Vista (KB951376)
6/13/2008 Security Update for Windows Vista (KB950762)
6/13/2008 Security Update for Windows Vista (KB951698)
6/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB950759)
6/13/2008 Cumulative Security Update for ActiveX Killbits for Windows Vista (KB950760)
6/11/2008 Update for Windows Vista (KB940510)
6/10/2008 Update for Windows Vista (KB940510)
6/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.118.0)
6/3/2008 Definition Update for Windows Defender - KB915597 (Definition 1.35.24.0)
5/30/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9770.6)
5/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9763.8)
5/28/2008 Update for Windows Vista (KB947562)
5/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9751.9)
5/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9738.0)
5/17/2008 Windows Malicious Software Removal Tool - May 2008 (KB890830)
5/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9651.0)
5/14/2008 Update for Windows Mail Junk E-mail Filter [May 2008] (KB905866)
5/14/2008 Security Update for Microsoft Office system 2007 (KB951808)
5/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.33.9607.0)
5/9/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9487.0)
5/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9443.0)
5/2/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9351.0)
4/30/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9309.0)
4/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.9205.0)
4/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8982.0)
4/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8888.0)
4/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8726.0)
4/10/2008 Update for Windows Media Format 11 SDK for Windows Vista (KB929399)
4/10/2008 Update for Windows Mail Junk E-mail Filter [April 2008] (KB905866)
4/10/2008 Security Update for ActiveX Killbits for Windows Vista (KB948881)
4/10/2008 Update for Windows Vista (KB938371)
4/10/2008 Security Update for Windows Vista (KB941693)
4/10/2008 Security Update for Windows Vista (KB948590)
4/10/2008 Windows Malicious Software Removal Tool - April 2008 (KB890830)
4/10/2008 Security Update for Windows Vista (KB945553)
4/10/2008 Update for Windows Vista (KB950127)
4/10/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB947864)
4/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8557.0)
4/3/2008 Definition Update for Windows Defender - KB915597 (Definition 1.31.8469.0)
3/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8167.0)
3/26/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.8083.0)
3/22/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7920.0)
3/13/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7671.0)
3/13/2008 Security Update for the 2007 Microsoft Office System (KB947801)
3/13/2008 Windows Malicious Software Removal Tool - March 2008 (KB890830)
3/13/2008 Update for Windows Mail Junk E-mail Filter [March 2008] (KB905866)
3/13/2008 Update for Windows Vista (KB946041)
3/6/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7418.0)
3/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7345.0)
2/28/2008 Definition Update for Windows Defender - KB915597 (Definition 1.29.7165.0)
2/27/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.7082.0)
2/25/2008 Zune Software 2.3 (KB933888)
2/21/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.6928.0)
2/20/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.6845.0)
2/17/2008 Cumulative Update for Media Center for Windows Vista (KB947172)
2/14/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.6677.0)
2/13/2008 Update for Windows Vista (KB937287)
2/13/2008 Security Update for Windows Vista (KB946026)
2/13/2008 Update for Windows Vista (KB938371)
2/13/2008 Windows Malicious Software Removal Tool - February 2008 (KB890830)
2/13/2008 Update for Windows Mail Junk E-mail Filter [February 2008] (KB905866)
2/13/2008 Update for Windows Vista (KB943899)
2/13/2008 Security Update for Windows Vista (KB946456)
2/13/2008 Update for Windows Vista (KB943302)
2/13/2008 Security Update for Windows Vista (KB943055)
2/13/2008 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB944533)
2/7/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.6443.0)
2/5/2008 Definition Update for Windows Defender - KB915597 (Definition 1.27.6340.0)
1/31/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.6101.0)
1/29/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.6025.0)
1/24/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5865.0)
1/23/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5778.0)
1/17/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5611.0)
1/15/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5547.0)
1/14/2008 Zune Software 2.12
1/14/2008 Zune Software 2.12
1/14/2008 Zune Software 2.12
1/10/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5399.0)
1/9/2008 Update for Windows Mail Junk E-mail Filter [January 2008] (KB905866)
1/9/2008 Security Update for Windows Vista (KB941644)
1/9/2008 Windows Malicious Software Removal Tool - January 2008 (KB890830)
1/9/2008 Update for Windows Vista (KB943302)
1/9/2008 Update for Windows Vista (KB943899)
1/9/2008 Update for Windows Vista (KB943411)
1/9/2008 Update for Windows Vista (KB935509)
1/4/2008 Definition Update for Windows Defender - KB915597 (Definition 1.24.5193.0)
12/27/2007 Definition Update for Windows Defender - KB915597 (Definition 1.24.5054.0)
12/27/2007 Definition Update for Windows Defender - KB915597 (Definition 1.24.4886.0)
12/15/2007 Definition Update for Windows Defender - KB915597 (Definition 1.23.4698.0)
12/13/2007 Security Update for Windows Vista (KB941568)
12/13/2007 Security Update for Windows Vista (KB941569)
12/13/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB942615)
12/13/2007 Security Update for Windows Vista (KB942624)
12/13/2007 Windows Malicious Software Removal Tool - December 2007 (KB890830)
12/13/2007 Update for Windows Mail Junk E-mail Filter [December 2007] (KB905866)
12/13/2007 Security Update for Windows Vista (KB943078)
12/13/2007 Update for Windows Vista (KB942763)
12/7/2007 Definition Update for Windows Defender - KB915597 (Definition 1.23.4526.0)
12/6/2007 Definition Update for Windows Defender - KB915597 (Definition 1.23.4485.0)
12/3/2007 Definition Update for Windows Defender - KB915597 (Definition 1.23.4365.0)
11/22/2007 Update for Windows Vista (KB938194)
11/22/2007 Update for Windows Vista (KB941649)
11/22/2007 Windows Malicious Software Removal Tool - November 2007 (KB890830)
11/22/2007 Update for Windows Vista (KB933360)
11/22/2007 Update for Windows Vista (KB941651)
11/22/2007 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB941833)
11/22/2007 Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB939653)
11/22/2007 Update for Windows Mail Junk E-mail Filter [November 2007] (KB905866)
11/22/2007 Cumulative Update for Media Center for Windows Vista (KB941229)
11/22/2007 Update for Windows Vista (KB938979)
11/22/2007 Security Update for Windows Mail for Windows Vista (KB941202)
11/22/2007 Security Update for Windows Vista (KB933729)
11/22/2007 Update for Windows Vista (KB939159)
11/22/2007 Definition Update for Windows Defender - KB915597 (Definition 1.23.4151.0)
11/22/2007 Windows Update software 7.0.6000.381
Battery
AC line Online
Battery full time Unknown
Battery Charge % 100 %
Battery State Unknown status
Amount of time remaining (sec) Unknown
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
ACPI Thermal Zone
ACPI Thermal Zone
AMD Athlon™ 64 X2 Dual-Core Processor TK-53
AMD Athlon™ 64 X2 Dual-Core Processor TK-53
Microsoft Windows Management Interface for ACPI
ACPI Lid
ACPI Sleep Button
ACPI Power Button
ACPI Fixed Feature Button
PCI bus
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard RAM Controller
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
PCI standard RAM Controller
NVIDIA nForce PCI System Management
NVIDIA nForce System Management Controller
NVIDIA nForce Networking Controller
AMD HyperTransport™ Configuration
AMD Address Map Configuration
AMD DRAM and HyperTransport™ Trace Mode Configuration
AMD Miscellaneous Configuration
Motherboard resources
Programmable interrupt controller
System timer
Direct memory access controller
System speaker
System CMOS/real time clock
Numeric data processor
High precision event timer
Standard PS/2 Keyboard
Synaptics PS/2 Port TouchPad
NVIDIA GeForce Go 6150
Generic PnP Monitor
PCI standard ISA bridge
Motherboard resources
Motherboard resources
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
SuyinCam
Atheros AR5007UG Wireless Network Adapter
Standard Dual Channel PCI IDE Controller
IDE Channel
IDE Channel
HL-DT-ST DVDRAM GSA-T20N ATA Device
NVIDIA nForce Serial ATA Controller
WDC WD16 00BEVS-22RST SCSI Disk Device
PCI standard PCI-to-PCI bridge
RICOH OHCI Compliant IEEE 1394 Host Controller
SDA Standard Compliant SD Host Controller
Ricoh MMC Host Controller
Ricoh Memory Stick Controller
Ricoh xD-Picture Card Controller
High Definition Audio Controller
Realtek High Definition Audio
Motorola SM56 Data Fax Modem
Microsoft ACPI-Compliant Embedded Controller
Direct Application Launch Button
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
Services
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running BrYNSvc
Running Certificate Propagation
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running IviRegMgr
Running KtmRm for Distributed Transaction Coordinator
Running LightScribeService Direct Disc Labeling Service
Running Macrium Reflect Image Mounting Service
Running MBAMService
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Parental Controls
Running Peer Networking Identity Manager
Running Plug and Play
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SSDP Discovery
Running Superfetch
Running SupportSoft Repair Service (ncnetworksdm)
Running SupportSoft Sprocket Service (ncnetworksdm)
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Terminal Services Configuration
Running Themes
Running Ulead Burning Helper
Running UPnP Device Host
Running User Profile Service
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Search
Running Windows Time
Running Windows Update
Running WisLMSvc
Running WLAN AutoConfig
Running Workstation
Stopped Application Layer Gateway Service
Stopped COM+ System Application
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped Health Key and Certificate Management
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped NBService
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped NMIndexingService
Stopped Office Source Engine
Stopped Office Software Protection Platform
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Extender Service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Center Service Launcher
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped Zune Network Sharing Service
Stopped Zune Wireless Configuration Service
CPU
AMD Turion 64 Mobile TK-53
Cores 2
Threads 2
Name AMD Turion 64 Mobile TK-53
Code Name Tyler
Package Socket S1 (638)
Technology 65nm
Specification AMD Athlon™ 64 X2 Dual-Core Processor TK-53
Family F
Extended Family F
Model 8
Extended Model 68
Stepping 1
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, AMD 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Bus Speed 200.9 MHz
Rated Bus Speed 803.7 MHz
Stock Core Speed 1700 MHz
Stock Bus Speed 200 MHz
Average Temperature 61 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 256 KBytes
Core 0
Core Speed 1607.4 MHz
Multiplier x 4.0
Bus Speed 200.9 MHz
Rated Bus Speed 803.7 MHz
Temperature 63 °C
Thread 1
APIC ID 0
Core 1
Core Speed 1707.9 MHz
Multiplier x 4.0
Bus Speed 200.9 MHz
Rated Bus Speed 803.7 MHz
Temperature 60 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 160.7 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 21 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 55 %
Total Physical 1.87 GB
Available Physical 851 MB
Total Virtual 3.98 GB
Available Virtual 2.79 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC2-5300 (333 MHz)
Part Number HYMP512S64CP8-Y5
Serial Number 00007041
Week/year 09 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC2-5300 (333 MHz)
Part Number HYMP512S64CP8-Y5
Serial Number 01008042
Week/year 09 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer MEDION
Model WAM2070 (U1)
Chipset Vendor NVIDIA
Chipset Model GeForce 6150
Chipset Revision A2
Southbridge Vendor NVIDIA
Southbridge Model nForce 410/430 MCP
Southbridge Revision A3
System Temperature 64 °C
BIOS
Brand Phoenix Technologies LTD
Version R01-B0M
Date 08/27/2007
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width 32 bit
Slot Designation PCMCIA Slot CBUS1
Slot Number 0
Graphics
Monitor
Name Generic PnP Monitor on NVIDIA GeForce Go 6150
Current Resolution 1280x800 pixels
Work Resolution 1280x770 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 59 Hz
Device \\.\DISPLAY1\Monitor0
GeForce Go 6150
GPU C51MV
Device ID 10DE-0244
Revision A3
Subvendor Wistron (17C0)
Current Performance Level Level 3
Current GPU Clock 425 MHz
Current Memory Clock 0 MHz
Technology 91 nm
Release Date 2006
DirectX Support 9.0c
DirectX Shader Model 3.0
OpenGL Support 2.0
Bus Interface FPCI
Temperature 84 °C
Driver nvlddmkm.sys
Driver version 7.15.10.9759
ForceWare version 97.59
BIOS Version 5.51.28.54.26
ROPs 2
Shaders Vertex 2/Pixel 2
Memory Type System
Physical Memory 128 MB
Virtual Memory 832 MB
Count of performance levels : 3
Level 1 - "Default"
GPU Clock 100 MHz
Memory Clock 0 MHz
Level 2 - "2D Desktop"
GPU Clock 350 MHz
Memory Clock 0 MHz
Level 3 - "3D Applications"
GPU Clock 425 MHz
Memory Clock 0 MHz
Hard Drives
WDC WD16 00BEVS-22RST SCSI Disk Device
Manufacturer Western Digital
Business Unit/Brand Enterprise/WD RE3; WD RE2 (3-platter)
RPM/Buffer Size or Attribute 10,000 RPM with 16 MB cache
Interface Fibre
Capacity 156GB
Real size 160,041,885,696 bytes
RAID Type None
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter D:
File System FAT32
Volume Serial Number 8D808F46
Size 23.3GB
Used Space 6.92GB (30%)
Free Space 16.4GB (70%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number FAC66DD3
Size 126GB
Used Space 88GB (70%)
Free Space 38.1GB (30%)
Optical Drives
HL-DT-ST DVDRAM GSA-T20N ATA Device
Media Type DVD Writer
Name HL-DT-ST DVDRAM GSA-T20N ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
Audio
Sound Card
Realtek High Definition Audio
Playback Devices
Realtek Digital Output (Realtek High Definition Audio)
Speakers (Realtek High Definition Audio) (default)
Speaker Configuration
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Location plugged into PS/2 mouse port
Driver
Date 2-15-2007
Version 9.1.17.0
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynMedion.exe
File C:\Windows\system32\SynTPCo4.dll
File C:\Windows\system32\WdfCoInstaller01000.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Brother MFC-7460DN LAN
Device Kind Camera/scanner
Device Name Brother MFC-7460DN LAN
Driver
Date 7-26-2010
Version 1.0.14.14
File C:\Windows\system32\BrWi209d.dll
File C:\Windows\system32\BrJDec.dll
File C:\Windows\TWAIN_32\BrSc09d\MF7460DNN\BrTwdFe.ds
File C:\Windows\TWAIN_32\BrSc09d\MF7460DNN\TWMF7460DNN.ini
File C:\Windows\TWAIN_32\BrSc09d\Common\BrTwds.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrTwdsUi.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrTwdScn.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrScnDev.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrStiIf.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrScnFlt.dll
File C:\Windows\TWAIN_32\BrSc09d\Common\BrTwJDec.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnBul.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnChn.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnCht.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnCze.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnDan.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnDut.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnEng.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnFin.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnFrc.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnFre.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnGer.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnHun.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnIta.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnJpn.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnKor.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnNor.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnPol.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnPor.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnPtb.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnRom.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnRus.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnSpa.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnSvk.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnSwe.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnTrk.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BRScnUsa.chm
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdBul.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdChn.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdCht.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdCze.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdDan.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdDut.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdEng.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdFin.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdfrc.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdFre.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdGer.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdHun.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdIta.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdJpn.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdKor.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdNor.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdPol.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdPor.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdPtb.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdRom.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdRus.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdSpa.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdSvk.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdSwe.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdTrk.dll
File C:\Windows\TWAIN_32\BrSc09d\Lang\BrTwdUsa.dll
File C:\Windows\system32\drivers\serscan.sys
SuyinCam
Device Kind Camera/scanner
Device Name SuyinCam
Vendor Unknown
Comment SuyinCam
Location Port_#0004.Hub_#0002
Driver
Date 2-7-2007
Version 5.7.23.0
File C:\Windows\system32\drivers\snp2uvc.sys
File C:\Windows\system32\drivers\sncduvc.sys
Network
You are connected to the internet
Connected through Atheros AR5007UG Wireless Network Adapter
IP Address 192.168.1.21
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 50.43.141.70
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name BUNTINGS-PC
DNS Name Buntings-PC
Domain Name Buntings-PC
Remote Desktop
Console
State Active
Domain Buntings-PC
RDP-Tcp
State Listen
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (Dairyland 123)
SSID Dairyland 123
Frequency 2452000 kHz
Channel Number 9
Name No name
Signal Strength/Quality 84
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Disabled
Adapters List
Atheros AR5007UG Wireless Network Adapter
IP Address 192.168.1.21
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
NVIDIA nForce Networking Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Network Shares
Public C:\Users\Public
Users C:\Users
F F:\
Send To OneNote 2010 Send To OneNote 2010,LocalsplOnly
HP psc 2200 Series HP psc 2200 Series,LocalsplOnly
Current TCP Connections
AppleMobileDeviceService.exe (2060)
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:49170 (Querying... )
Local 127.0.0.1:27015 LISTEN
AvastSvc.exe (1648)
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12563 LISTEN
Local 127.0.0.1:12465 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12080 LISTEN
Local 127.0.0.1:12025 LISTEN
C:\Program Files\Mozilla Firefox\firefox.exe (3376)
Local 127.0.0.1:49173 ESTABLISHED Remote 127.0.0.1:49174 (Querying... )
Local 127.0.0.1:49174 ESTABLISHED Remote 127.0.0.1:49173 (Querying... )
Local 127.0.0.1:49177 ESTABLISHED Remote 127.0.0.1:49178 (Querying... )
Local 127.0.0.1:49178 ESTABLISHED Remote 127.0.0.1:49177 (Querying... )
C:\Program Files\iTunes\iTunesHelper.exe (1356)
Local 127.0.0.1:49170 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
System Process
Local 192.168.1.21:49415 TIME-WAIT Remote 174.133.64.236:80 (Querying... ) (HTTP)
Local 192.168.1.21:49409 TIME-WAIT Remote 96.17.8.26:80 (Querying... ) (HTTP)
Local 192.168.1.21:49399 TIME-WAIT Remote 96.17.15.155:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 192.168.1.21:139 (NetBIOS session service) LISTEN
Local [00:00:00:00:00:00:00:00]:5357 LISTEN
Local [00:00:00:00:00:00:00:00]:445 LISTEN
lsass.exe (748)
Local 0.0.0.0:49156 LISTEN
Local [00:00:00:00:00:00:00:00]:49156 LISTEN
mDNSResponder.exe (2096)
Local 127.0.0.1:5354 LISTEN
services.exe (732)
Local [00:00:00:00:00:00:00:00]:49161 LISTEN
Local 0.0.0.0:49161 LISTEN
spoolsv.exe (312)
Local 0.0.0.0:49158 LISTEN
Local [00:00:00:00:00:00:00:00]:49158 LISTEN
svchost.exe (1020)
Local 0.0.0.0:135 (DCE) LISTEN
Local [00:00:00:00:00:00:00:00]:135 LISTEN
svchost.exe (1156)
Local 0.0.0.0:49153 LISTEN
Local [00:00:00:00:00:00:00:00]:49153 LISTEN
svchost.exe (1244)
Local 0.0.0.0:49155 LISTEN
Local [00:00:00:00:00:00:00:00]:49155 LISTEN
svchost.exe (1540)
Local 0.0.0.0:3389 LISTEN
Local [00:00:00:00:00:00:00:00]:3389 LISTEN
wininit.exe (688)
Local 0.0.0.0:49152 LISTEN
Local [00:00:00:00:00:00:00:00]:49152 LISTEN

One question, in the Speccy installer, why is the Google Tool Bar there? I try to keep most of that type stuff off the computer, but even the help programs want to include it?

Thanks,

Tom
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library

Driver::
mailKmd


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Turn off the laptop, take the main battery out. Turn on the laptop.

Run Process Explorer again as before and post the log.

You are running a bit hot. Get speedfan

http://www.almico.com/sfdownload.php

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

It will tell you your temps. If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop. What it does on a laptop if it works is turn the fan on full which seems to help. Do the temps drop?

Uninstall the Google toolbar. Didn't know they had started including it. We don't need speccy any more either.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#5
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
OK. Slight problem. When I dropped the CFScript on CF, it started, created a restore point and then has the message
"This usually takes 10 minutes or so. For hard to find, may take considerably longer"

Then it hangs. I have run it 3 times. For the first time I let it run about an hour, nothing changed, nothing happened, did a hard reboot. The second time it ran 2 hrs, same result. The third time I let it run all night, this morning it was still at the same point.

What would cause this to hang? I have disabled the Avast and have turned off the screensaver. No one touched it last night.
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
Don't know. It looked like it was just a leftover driver that we were trying to remove. You didn't turn the sandbox back on did you?:
Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

Right click on (My) Computer and select Manage (Continue) Then the Device Manager then (at the top) View, Show Hidden Devices. In the right pane find non-Plug and Play Devices and click on the + in front of it and look for mailKmd. If you find it then right click and Disable or Uninstall.
While in Device Manager do you see any other device marked with a red or yellow mark? What are they?

If you found mailKmnd: Clear the event logs again then reboot and run Vino's. Let's see if that fixed it.

Ron
  • 0

#7
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Please do not close. I have been too busy the last few days work on this, but hopefully can get back to this today or tonight.

Thank you,

Tom
  • 0

#8
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
OK.

Sped Fan takes forever to start. Also, it always wants to have confirmation when it runs. But, it does cool things down considerably. Within the first year that we had this computer, Medion replaced a fan. It used to get hot enough to be uncomfortable where your palm rests. It was under wqarranty then. It is starting to do that again, but the SpeedFan brings the temps down into the 50-60 range.

The sfc scannow came back with no integrity violations.

Sigverif returned 264, the most recent modified were on 7/25/2011, and they all relate to TWAIN, most are "Compiled HTML Help File"

While in Device Manager, I did not find the file mailKmnd. Also, there were no devices marked with a red or yellow mark.


Requested logs follow:

Process Explorer

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 95.50 0 K 24 K
System 4 < 0.01 0 K 1,972 K
Interrupts n/a 0.75 0 K 0 K Hardware Interrupts and DPCs
smss.exe 496 292 K 692 K Windows Session Manager Microsoft Corporation
csrss.exe 636 < 0.01 1,800 K 5,244 K Client Server Runtime Process Microsoft Corporation
csrss.exe 688 < 0.01 2,244 K 7,592 K Client Server Runtime Process Microsoft Corporation
wininit.exe 696 1,600 K 3,420 K Windows Start-Up Application Microsoft Corporation
services.exe 776 3,144 K 6,540 K Services and Controller app Microsoft Corporation
svchost.exe 940 < 0.01 3,476 K 6,428 K Host Process for Windows Services Microsoft Corporation
ehmsas.exe 324 1,312 K 3,752 K Media Center Media Status Aggregator Service Microsoft Corporation
WmiPrvSE.exe 5296 3,228 K 5,700 K WMI Provider Host Microsoft Corporation
dllhost.exe 4584 1,604 K 4,576 K COM Surrogate Microsoft Corporation
svchost.exe 1012 < 0.01 4,276 K 6,388 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1048 72,548 K 17,652 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1128 18,468 K 14,012 K Host Process for Windows Services Microsoft Corporation
audiodg.exe 1320 15,916 K 13,028 K Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1176 < 0.01 81,012 K 80,812 K Host Process for Windows Services Microsoft Corporation
dwm.exe 2108 0.75 76,320 K 62,912 K Desktop Window Manager Microsoft Corporation
svchost.exe 1216 < 0.01 64,240 K 67,884 K Host Process for Windows Services Microsoft Corporation
taskeng.exe 2060 < 0.01 10,020 K 9,348 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 840 2,112 K 5,752 K Task Scheduler Engine Microsoft Corporation
wuauclt.exe 5960 2,904 K 5,860 K Windows Update Microsoft Corporation
SLsvc.exe 1352 6,124 K 7,580 K Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1412 9,060 K 10,828 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1596 16,648 K 12,260 K Host Process for Windows Services Microsoft Corporation
AvastSvc.exe 1700 < 0.01 27,336 K 16,340 K avast! Service AVAST Software
spoolsv.exe 204 < 0.01 9,496 K 12,032 K Spooler SubSystem App Microsoft Corporation
svchost.exe 328 23,004 K 21,432 K Host Process for Windows Services Microsoft Corporation
AppleMobileDeviceService.exe 2196 < 0.01 3,628 K 6,320 K MobileDeviceService Apple Inc.
mDNSResponder.exe 2244 2,192 K 4,612 K Bonjour Service Apple Inc.
iviRegMgr.exe 2392 1,152 K 3,276 K RegMgr Module InterVideo
LSSrvc.exe 2412 1,292 K 2,992 K Hewlett-Packard Company
svchost.exe 2448 2,804 K 5,204 K Host Process for Windows Services Microsoft Corporation
ReflectService.exe 2484 1,600 K 4,208 K Reflect Service - Enables mounting of images
sprtsvc.exe 2556 4,484 K 1,684 K SupportSoft Agent Service SupportSoft, Inc.
svchost.exe 2604 < 0.01 7,980 K 7,276 K Host Process for Windows Services Microsoft Corporation
tgsrvc.exe 2664 1,920 K 4,456 K SupportSoft Repair Service SupportSoft, Inc.
ULCDRSvr.exe 2796 660 K 1,744 K ULCDRSvr Ulead Systems, Inc.
svchost.exe 2816 736 K 2,016 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2840 < 0.01 40,520 K 14,144 K Microsoft Windows Search Indexer Microsoft Corporation
BrYNSvc.exe 2432 14,428 K 8,200 K BrYNCSvc Brother Industries, Ltd.
wmpnetwk.exe 2892 < 0.01 5,756 K 8,676 K Windows Media Player Network Sharing Service Microsoft Corporation
WisLMSvc.exe 3448 2,780 K 4,400 K Wistron Corp.
iPodService.exe 3552 < 0.01 3,072 K 5,504 K iPodService Module (32-bit) Apple Inc.
svchost.exe 4160 1,952 K 5,172 K Host Process for Windows Services Microsoft Corporation
mbamservice.exe 4628 110,100 K 37,540 K Malwarebytes' Anti-Malware Malwarebytes Corporation
lsass.exe 788 3,520 K 7,384 K Local Security Authority Process Microsoft Corporation
lsm.exe 796 2,600 K 4,568 K Local Session Manager Service Microsoft Corporation
winlogon.exe 736 2,268 K 4,804 K Windows Logon Application Microsoft Corporation
explorer.exe 2140 < 0.01 35,432 K 49,216 K Windows Explorer Microsoft Corporation
RtHDVCpl.exe 3436 8,624 K 5,704 K HD Audio Control Panel Realtek Semiconductor
SynTPEnh.exe 3640 0.75 2,440 K 5,560 K Synaptics TouchPad Enhancements Synaptics, Inc.
SynMedion.exe 3732 1,272 K 3,196 K Medion Custom PlugIn Application Synaptics, Inc.
LaunchAp.exe 3648 2,196 K 4,416 K LaunchAp MFC Application
WButton.exe 3664 2,148 K 5,208 K WButton MFC Application
sm56hlpr.exe 3688 1,864 K 4,244 K Application executable file Motorola Inc.
wpcumi.exe 3708 3,212 K 5,316 K Windows Parental Control Notifications Microsoft Corporation
ZuneLauncher.exe 3748 1,648 K 3,352 K Zune Auto-Launcher Microsoft Corporation
sprtcmd.exe 3848 13,816 K 4,324 K SupportSoft, Inc.
iTunesHelper.exe 3880 < 0.01 7,224 K 9,312 K iTunesHelper Apple Inc.
BrStMonW.exe 3896 2,992 K 6,888 K Brother Status Monitor Application Brother Industries, Ltd.
AvastUI.exe 3904 < 0.01 12,160 K 9,264 K avast! Antivirus AVAST Software
mbamgui.exe 3952 2,660 K 5,428 K Malwarebytes' Anti-Malware Malwarebytes Corporation
ehtray.exe 3980 1,672 K 1,296 K Media Center Tray Applet Microsoft Corporation
wmpnscfg.exe 4048 2,012 K 4,632 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
firefox.exe 1084 < 0.01 123,064 K 140,408 K Firefox Mozilla Corporation
plugin-container.exe 3948 12,940 K 16,256 K Plugin Container for Firefox Mozilla Corporation
speedfan.exe 3620 < 0.01 10,856 K 18,128 K Almico Software (www.almico.com)
procexp.exe 5608 2.25 21,812 K 37,436 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
BrCtrlCntr.exe 2704 2,076 K 4,560 K ControlCenter Main Process Brother Industries, Ltd.
BrCcUxSys.exe 2096 1,908 K 4,516 K ControlCenter UX System Brother Industries, Ltd.
rundll32.exe 2996 2,912 K 3,716 K Windows host process (Rundll32) Microsoft Corporation
soffice.exe 1200 2,040 K 3,484 K OpenOffice.org 2.3 OpenOffice.org
soffice.bin 2920 < 0.01 7,624 K 17,292 K OpenOffice.org 2.3 OpenOffice.org

VEW-Apps

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 20/11/2011 5:13:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/11/2011 3:46:42 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 10:46:42.766]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 2:04:22 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 09:04:22.123]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 11:32:51 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 06:32:51.691]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 11:06:42 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 06:06:42.097]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 10:26:29 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 05:26:29.448]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 8:34:05 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/20 03:34:05.583]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 4:23:13 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 23:23:13.611]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 4:19:10 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 23:19:10.095]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 3:55:02 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 22:55:02.993]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 1:32:32 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 20:32:32.430]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 20/11/2011 12:55:22 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 19:55:22.706]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 19/11/2011 10:16:49 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 17:16:49.514]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 19/11/2011 9:18:34 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 16:18:34.755]: [00002292]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 19/11/2011 7:34:31 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/19 14:34:31.739]: [00002548]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 18/11/2011 2:22:28 AM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
STI BrtSTI: [2011/11/17 21:22:28.208]: [00002372]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.1.30]

Log: 'Application' Date/Time: 18/11/2011 12:00:43 AM
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .

Log: 'Application' Date/Time: 18/11/2011 12:00:42 AM
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .

Log: 'Application' Date/Time: 17/11/2011 11:52:54 PM
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .

Log: 'Application' Date/Time: 17/11/2011 11:52:53 PM
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .

Log: 'Application' Date/Time: 17/11/2011 11:52:51 PM
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 20/11/2011 9:37:08 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:37:08.900]: [00002096]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:37:08 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:37:08.900]: [00002096]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:51.038]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:51.038]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:51.038]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:51.023]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:28 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:28.808]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 9:36:28 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 16:36:28.808]: [00002704]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:49:47 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-890929848-333396877-4107253412-1004:
Process 3964 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary\Scanner
Process 3964 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary\Scanner
Process 3964 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary
Process 3964 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary
Process 3964 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary


Log: 'Application' Date/Time: 20/11/2011 3:35:50 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:50.387]: [00002396]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:50 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:50.387]: [00002396]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:49 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:49.186]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:49 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:49.186]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:49 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:49.170]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:49 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:49.170]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:17 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:17.392]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 20/11/2011 3:35:17 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/20 10:35:17.392]: [00003844]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 19/11/2011 7:47:10 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-890929848-333396877-4107253412-1004:
Process 3604 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary\Scanner
Process 3604 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary\Scanner
Process 3604 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary
Process 3604 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary
Process 3604 (\Device\HarddiskVolume1\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe) has opened key \REGISTRY\USER\S-1-5-21-890929848-333396877-4107253412-1004\Software\ahead\Nero Home\MediaLibrary


Log: 'Application' Date/Time: 19/11/2011 7:22:01 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/19 14:22:01.765]: [00002748]: RegOpenKeyEx failed

Log: 'Application' Date/Time: 19/11/2011 7:22:01 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
C4PRG BrtC4PRG: [2011/11/19 14:22:01.765]: [00002748]: RegOpenKeyEx failed


VEW-errors

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 20/11/2011 5:11:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/11/2011 9:36:32 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 20/11/2011 9:36:32 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 19/11/2011 7:50:30 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 19/11/2011 7:50:30 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 19/11/2011 7:20:47 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 19/11/2011 7:20:47 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 19/11/2011 6:10:49 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 19/11/2011 6:10:49 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 17/11/2011 11:34:17 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 17/11/2011 11:34:17 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 17/11/2011 11:17:09 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 17/11/2011 11:13:55 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 17/11/2011 11:13:55 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 17/11/2011 4:54:49 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: mailKmd

Log: 'System' Date/Time: 17/11/2011 4:54:49 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/11/2011 3:50:10 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 19/11/2011 7:47:31 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:44 PM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB2532531(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 19/11/2011 7:27:38 PM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2532531(Security Update) is not applicable for this system

Log: 'System' Date/Time: 19/11/2011 7:26:30 PM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2522422(Update) is not applicable for this system

Log: 'System' Date/Time: 19/11/2011 6:14:35 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 18/11/2011 3:01:15 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/11/2011 11:51:25 PM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2522422(Update) is not applicable for this system

Log: 'System' Date/Time: 17/11/2011 11:46:20 PM
Type: Warning Category: 0
Event: 4374 Source: Microsoft-Windows-Servicing
Windows Servicing identified that package KB2532531(Security Update) is not applicable for this system

Log: 'System' Date/Time: 17/11/2011 11:30:51 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/11/2011 7:25:08 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/11/2011 7:24:41 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB979910(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 17/11/2011 7:24:41 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB979910(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 17/11/2011 7:24:41 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB979910(Security Update) into Install Requested(Install Requested) state

Log: 'System' Date/Time: 17/11/2011 7:24:40 AM
Type: Warning Category: 0
Event: 4376 Source: Microsoft-Windows-Servicing
Servicing has required reboot to complete the operation of setting package KB979910(Security Update) into Install Requested(Install Requested) state

OTL

OTL logfile created on: 11/20/2011 5:19:49 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Buntings\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 43.53% Memory free
3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 125.71 Gb Total Space | 42.24 Gb Free Space | 33.60% Space Free | Partition Type: NTFS
Drive D: | 23.32 Gb Total Space | 16.40 Gb Free Space | 70.31% Space Free | Partition Type: FAT32

Computer Name: BUNTINGS-PC | User Name: Buntings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/12 14:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
PRC - [2011/11/03 03:29:04 | 004,657,048 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2011/09/29 01:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 16:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe
PRC - [2011/04/20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe
PRC - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
PRC - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
PRC - [2010/06/17 03:59:28 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
PRC - [2010/06/10 13:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/10 12:23:40 | 000,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2007/09/10 21:26:38 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007/09/10 21:26:38 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007/02/15 13:52:16 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynMedion.exe
PRC - [2007/02/15 10:07:16 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/22 12:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2006/11/02 07:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/20 16:42:18 | 000,192,512 | ---- | M] () -- C:\Users\Buntings\AppData\Local\temp\sfamcc00001.dll
MOD - [2011/11/20 16:42:18 | 000,172,032 | ---- | M] () -- C:\Users\Buntings\AppData\Local\temp\sfareca00001.dll
MOD - [2011/11/17 18:38:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/11/17 18:36:05 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/11/17 18:35:53 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/10/19 18:45:07 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/29 01:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/03/15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007/08/08 19:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006/11/22 12:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006/11/22 12:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006/11/22 12:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006/11/22 12:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006/11/22 12:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
MOD - [2006/11/09 16:37:52 | 000,086,016 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2005/07/25 15:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/06/17 03:59:54 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe -- (tgsrvc_ncnetworksdm) SupportSoft Repair Service (ncnetworksdm)
SRV - [2010/06/17 03:59:46 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe -- (sprtsvc_ncnetworksdm) SupportSoft Sprocket Service (ncnetworksdm)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2008/11/10 12:23:50 | 005,117,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/11/10 12:23:42 | 000,243,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/08/06 11:34:02 | 000,216,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/17 22:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006/09/29 01:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/08/07 19:23:28 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2008/07/08 12:39:28 | 000,031,712 | ---- | M] (Macrium Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psmounter.sys -- (PSMounter)
DRV - [2008/05/20 08:32:40 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2007/07/05 04:57:54 | 000,873,472 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athru6.sys -- (athrusb6)
DRV - [2007/07/03 02:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/05/03 20:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/03/27 17:46:40 | 000,008,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flash.sys -- (flash)
DRV - [2007/02/07 20:35:10 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/01/13 03:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/01/08 21:34:04 | 000,449,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2006/11/22 12:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/15 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/09/15 01:44:18 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2003/04/28 13:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: [email protected]:3.011.025.005
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVG\AVG8\Toolbar\Firefox\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/13 17:21:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/18 19:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/18 19:24:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/01/19 20:35:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter

[2010/04/26 06:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Extensions
[2011/11/13 17:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buntings\AppData\Roaming\Mozilla\Firefox\Profiles\xubfmwq8.default\extensions
[2011/10/18 19:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/13 17:21:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/11/14 19:20:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NCNETWORKSDM] C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Buntings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Diane and Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-890929848-333396877-4107253412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{269C98C8-5A53-483A-9110-E60F1092E133}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65CF0EAC-4D0B-4854-A45D-503F9F03CB3C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/20 17:16:40 | 000,000,000 | ---D | C] -- C:\Users\Buntings\Desktop\Next reply
[2011/11/17 18:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/11/16 09:43:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/11/16 09:43:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/11/16 09:43:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/11/16 08:48:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/11/16 00:48:36 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/11/16 00:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/11/16 00:39:07 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/11/16 00:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011/11/15 22:45:35 | 000,061,440 | ---- | C] ( ) -- C:\Users\Buntings\Desktop\VEW.exe
[2011/11/15 22:42:21 | 000,000,000 | R--D | C] -- C:\Users\Buntings\AppData\Roaming\Brother
[2011/11/14 20:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/11/14 19:56:40 | 004,307,416 | ---- | C] (Piriform Ltd) -- C:\Users\Buntings\Desktop\spsetup113.exe
[2011/11/14 19:54:58 | 004,845,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Buntings\Desktop\procexp.exe
[2011/11/14 19:51:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/14 19:24:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/14 19:24:27 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Local\temp
[2011/11/14 19:00:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/14 19:00:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/14 19:00:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/14 18:59:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/14 18:59:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/13 22:58:48 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\Malwarebytes
[2011/11/13 22:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/13 22:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/13 22:58:36 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/11/13 22:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/13 22:56:21 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Buntings\Desktop\aswMBR.exe
[2011/11/13 22:55:57 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Buntings\Desktop\tdsskiller.exe
[2011/11/13 22:55:28 | 004,292,963 | R--- | C] (Swearware) -- C:\Users\Buntings\Desktop\ComboFix.exe
[2011/11/13 22:53:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Buntings\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/13 22:45:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/13 22:40:44 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
[2011/11/13 17:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/11/13 17:23:24 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/11/13 17:23:23 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/11/13 17:23:19 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/11/13 17:23:17 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/11/13 17:23:16 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/11/13 17:23:14 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/11/13 17:21:34 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/11/13 17:21:32 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/11/13 17:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/11/13 17:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/13 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\ControlCenter4
[2011/11/11 15:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011/11/11 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2011/11/11 15:48:52 | 000,000,000 | ---D | C] -- C:\Brother
[2011/11/11 15:48:48 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\System32\BRCrypt.dll
[2011/11/11 15:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02
[2011/11/11 15:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2011/11/11 15:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\ControlCenter4
[2011/11/11 15:46:52 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\System32\BrMfNt.dll
[2011/11/11 15:46:49 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrfxD05c.dll
[2011/11/11 15:46:42 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrMuSNMP.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\BrWiaNCp.dll
[2011/11/11 15:46:42 | 000,074,752 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrNetSti.dll
[2011/11/11 15:46:42 | 000,051,200 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\System32\Brnsplg.dll
[2011/11/11 15:46:36 | 001,475,072 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrWi209d.dll
[2011/11/11 15:46:36 | 000,217,088 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BrJDec.dll
[2011/11/11 15:45:15 | 000,217,088 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011/11/11 15:45:15 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011/11/11 15:45:14 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011/11/11 15:45:14 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011/11/11 15:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011/11/11 15:43:34 | 000,000,000 | ---D | C] -- C:\Users\Buntings\AppData\Roaming\InstallShield
[2011/11/09 22:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2007/08/13 09:24:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2011/11/20 17:30:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5E6EAA57-BFDD-4667-81A9-193F34933CC1}.job
[2011/11/20 17:16:35 | 000,013,166 | ---- | M] () -- C:\Users\Buntings\AppData\Roaming\nvModes.001
[2011/11/20 16:41:55 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7FB78F2C-93B6-4536-BCC9-82B6D778C10C}.job
[2011/11/20 16:35:44 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/20 16:35:43 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/20 16:35:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/19 14:28:34 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/19 14:28:34 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/17 18:32:16 | 000,436,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/17 18:14:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/11/17 18:13:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/11/16 09:57:20 | 000,000,947 | ---- | M] () -- C:\Users\Buntings\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/16 00:41:43 | 244,601,858 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/16 00:39:09 | 000,000,808 | ---- | M] () -- C:\Users\Buntings\Desktop\SpeedFan.lnk
[2011/11/16 00:39:06 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011/11/15 22:45:35 | 000,061,440 | ---- | M] ( ) -- C:\Users\Buntings\Desktop\VEW.exe
[2011/11/15 22:44:09 | 002,108,256 | ---- | M] () -- C:\Users\Buntings\Desktop\installspeedfan445.exe
[2011/11/14 20:21:37 | 000,000,780 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/14 19:56:49 | 004,307,416 | ---- | M] (Piriform Ltd) -- C:\Users\Buntings\Desktop\spsetup113.exe
[2011/11/14 19:55:13 | 004,845,856 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Buntings\Desktop\procexp.exe
[2011/11/14 19:33:11 | 000,000,512 | ---- | M] () -- C:\Users\Buntings\Desktop\MBR.dat
[2011/11/14 19:20:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/11/14 19:18:15 | 000,013,166 | ---- | M] () -- C:\Users\Buntings\AppData\Roaming\nvModes.dat
[2011/11/13 22:58:40 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 22:56:27 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Buntings\Desktop\aswMBR.exe
[2011/11/13 22:56:00 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Buntings\Desktop\tdsskiller.exe
[2011/11/13 22:55:37 | 004,292,963 | R--- | M] (Swearware) -- C:\Users\Buntings\Desktop\ComboFix.exe
[2011/11/13 22:54:20 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Buntings\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/13 17:23:26 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/13 17:23:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/11/12 14:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buntings\Desktop\OTL.exe
[2011/11/11 15:52:54 | 000,000,247 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | M] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:48:54 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini

========== Files Created - No Company Name ==========

[2011/11/17 18:14:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/11/17 18:13:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/11/16 00:39:09 | 000,000,808 | ---- | C] () -- C:\Users\Buntings\Desktop\SpeedFan.lnk
[2011/11/16 00:38:57 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011/11/15 22:44:05 | 002,108,256 | ---- | C] () -- C:\Users\Buntings\Desktop\installspeedfan445.exe
[2011/11/14 20:21:37 | 000,000,780 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/11/14 19:33:11 | 000,000,512 | ---- | C] () -- C:\Users\Buntings\Desktop\MBR.dat
[2011/11/14 19:00:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/14 19:00:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/14 19:00:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/14 19:00:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/14 19:00:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/13 22:58:40 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/13 17:23:26 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/11/11 15:52:54 | 000,000,247 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/11/11 15:52:54 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/11/11 15:46:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011/11/11 15:46:49 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/06/17 02:11:34 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/18 18:13:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/10/18 18:13:48 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/12 22:03:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2007/12/28 23:09:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/11/15 19:34:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2007/11/06 16:53:14 | 000,000,456 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\wklnhst.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.dat
[2007/10/28 12:22:39 | 000,013,166 | ---- | C] () -- C:\Users\Buntings\AppData\Roaming\nvModes.001
[2007/10/28 11:25:43 | 000,007,680 | ---- | C] () -- C:\Users\Buntings\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/14 11:04:24 | 000,008,064 | ---- | C] () -- C:\Windows\System32\drivers\flash.sys
[2007/08/13 11:25:08 | 000,087,312 | ---- | C] () -- C:\Windows\mws.exe
[2007/08/13 10:30:45 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007/08/13 09:32:08 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/08/13 09:24:35 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/13 08:51:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/08/13 08:51:09 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2006/12/11 13:24:21 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,436,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/01/17 02:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2004/08/09 02:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[1999/10/26 11:00:00 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2007/12/01 11:36:59 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\BullGuard
[2011/11/15 21:33:55 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\ControlCenter4
[2007/11/14 19:36:34 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\InterVideo
[2010/06/28 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Opera
[2007/11/14 19:27:30 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Template
[2007/12/30 23:31:32 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Thunderbird
[2010/06/09 16:37:44 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Ulead Systems
[2007/11/21 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\BullGuard
[2011/11/15 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\ControlCenter4
[2010/11/19 17:07:55 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\InterVideo
[2008/01/25 20:40:39 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\RipIt4Me
[2010/12/20 23:47:06 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\SendSpace
[2007/12/30 23:14:16 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\Thunderbird
[2011/06/04 13:28:17 | 000,000,000 | ---D | M] -- C:\Users\Boys\AppData\Roaming\Ulead Systems
[2011/11/13 17:06:48 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\ControlCenter4
[2011/01/19 20:01:44 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\gtk-2.0
[2007/10/28 16:47:25 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\InterVideo
[2008/11/14 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\Opera
[2007/11/08 15:46:15 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\Template
[2007/12/30 22:57:45 | 000,000,000 | ---D | M] -- C:\Users\Buntings\AppData\Roaming\Thunderbird
[2007/12/02 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\BullGuard
[2011/11/06 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\Canon
[2011/11/11 16:55:22 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\ControlCenter4
[2011/01/19 21:20:29 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\gtk-2.0
[2007/11/20 23:02:06 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\InterVideo
[2008/01/13 20:41:54 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\Opera
[2008/06/28 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\PeerNetworking
[2008/01/26 11:48:28 | 000,000,000 | ---D | M] -- C:\Users\Diane and Tom\AppData\Roaming\Thunderbird
[2011/11/20 10:50:00 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/20 17:30:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5E6EAA57-BFDD-4667-81A9-193F34933CC1}.job
[2011/11/20 16:41:55 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7FB78F2C-93B6-4536-BCC9-82B6D778C10C}.job

========== Purity Check ==========



< End of report >

Thanks,
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
Brother MFL-Pro Suite MFC-7460DN appears to be throwing a lot of errors. Can you uninstall it for now?

Same for Nero 7 Essentials.

Get RegSeeker.
http://www.hoverdesk.net/freeware.htm
The download is where it says:
DOWNLOAD RegSeeker 1.55 (>20 languages included !)
It's a zip file so you have to save it then right click on it and Extract All then run regseeker.exe.

Select Find in Registry then have it look for mailKmd. You can then select all and then right click and delete selected. It puts a copy of the stuff it removes in the backups folder which it creates below the folder it is in so if it doesn't work you can go back and replace it.

RegSeeker also has a registry cleaner but I don't really trust registry cleaners so I'd rather you didn't use it.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Now run Vino's Event viewer as before and post the logs.
  • 0

#10
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Sorry for the delay again. Finally got to it.

Uninstalled Brother and Nero.

Ran Reg Seeker. Had to add 2 extra check marks, that were not default selected. It found 20+ instances of MailKmd. All deleted. Cleared the logs. Rebooted.

Ran the Event Viewer. Logs below:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 27/11/2011 9:13:43 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/11/2011 2:10:35 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/11/2011 2:07:36 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 27/11/2011 9:15:26 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Still cannot get SpeedFan to start automatically.

Tom
  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
I think that's a Vista/UAC/WindowsDefender thing with speedfan. It needs to Run As Admin but Vista/UAC/WindowsDefender doesn't like things that auto run with admin rights.

Is it running amy better?
  • 0

#12
TomNeedsHelp

TomNeedsHelp

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Yes, it does seem to be running faster now.
  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,786 posts
  • MVP
We need to cleanup System Restore:

Copy the following:

:Commands
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.



You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.

OTL has a cleanup tab if you go there it will remove itself and its logs.

To hide hidden files again (OTL may do it for you):

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.

If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.


If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP