Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SLOW computer with HIGH memory usage for no apparent reason


  • Please log in to reply

#1
Noob88

Noob88

    Member

  • Member
  • PipPip
  • 62 posts
Hi,

My laptop has been slowing down dramatically over the past few days to the point where I'm afraid to use any programs because it just freezes up the system. I have Windows 7 on my computer with 2gb of RAM. Upon start up, 50% of my physical memory (1gb), is eaten up even though I have nothing else running. Nothing heavy shows up under processes and if I try to run a program like photoshop, the laptop can't handle it. This had never occurred before. I've ran malware scans and my antivirus but that hasn't changed anything. Any help would be greatly appreciated. My employment search is at a standstill now because of this... thank you!

I had posted in the Windows 7 forum but was told to repost here.
Link to forum
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
Windows normally grabs a big chunk of memory when it starts so that's not your problem. I'm going to have you run some anti-malware scans then look for other problems.


ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.

Get the free version of Speccy:
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Ron
  • 0

#3
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Thanks RKinner for helping me out. Below are all the logs:


ComboFix
ComboFix 11-12-24.10 - Mike 12/25/2011 14:26:29.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.1282 [GMT -5:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AVSredirect.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-25 to 2011-12-25 )))))))))))))))))))))))))))))))
.
.
2011-12-24 21:28 . 2011-12-24 21:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-24 21:28 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-24 15:51 . 2011-12-25 14:50 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7FC7E6A-1493-44A9-B010-E3D0040FC4A3}\offreg.dll
2011-12-23 05:23 . 2011-12-23 05:23 -------- d-----w- C:\Boot
2011-12-20 23:52 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-20 23:52 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-20 23:52 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-20 23:52 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-20 23:49 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-20 23:49 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-20 22:32 . 2011-12-21 00:38 -------- d-----w- c:\program files\WinCleaner Memory Optimizer
2011-12-20 19:21 . 2011-12-20 19:21 -------- d-----w- c:\users\Mike\AppData\Roaming\SUPERAntiSpyware.com
2011-12-20 19:20 . 2011-12-24 21:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-12-20 19:20 . 2011-12-20 19:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-12-18 20:25 . 2007-05-17 22:30 318976 ----a-w- c:\windows\system32\avisynth.dll
2011-12-18 20:25 . 2004-02-22 15:11 719872 ----a-w- c:\windows\system32\devil.dll
2011-12-18 20:25 . 2004-01-25 05:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2011-12-18 20:25 . 2004-01-25 05:00 70656 ----a-w- c:\windows\system32\i420vfw.dll
2011-12-18 20:25 . 2011-12-18 20:25 -------- d-----w- c:\program files\AviSynth 2.5
2011-12-04 16:48 . 2011-12-04 16:48 -------- d-----w- c:\programdata\Installations
2011-12-04 16:22 . 2011-12-05 16:36 -------- d-----w- c:\users\Mike\AppData\Roaming\Samsung
2011-12-04 15:52 . 2011-12-20 19:17 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2011-12-04 15:52 . 2006-07-24 21:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-12-04 15:51 . 2011-12-20 19:13 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 00:21 . 2011-11-23 00:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-09 17:19 . 2011-10-09 17:19 1062984 ----a-w- c:\users\Mike\gotomypc_540.exe
2011-10-07 03:48 . 2011-11-25 16:12 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7FC7E6A-1493-44A9-B010-E3D0040FC4A3}\mpengine.dll
2011-10-03 09:06 . 2011-08-18 16:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-14 16:26 . 2011-05-08 01:05 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-06-25 16:30 1491928 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-06-25 1491928]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-06-25 1491928]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-27 61952]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Pavilion Webcam Tray Icon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Pavilion Webcam Tray Icon.lnk
backup=c:\windows\pss\HP Pavilion Webcam Tray Icon.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Mike^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2009-10-03 03:32 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2009-10-03 08:08 38768 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 16:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 07:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 08:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2011-12-07 03:43 3305248 ----a-w- c:\users\Mike\AppData\Local\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2006-12-11 19:11 82864 ----a-w- c:\program files\Lexmark 2400 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-11 01:34 136176 ----atw- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-23 23:30 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTrackingLEDM]
2009-10-15 22:43 30264 ----a-w- c:\program files\HP\HP UT LEDM\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-09-23 23:30 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-08-23 21:36 455968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCRCATS]
2006-11-21 20:27 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcrtime.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
2006-12-11 19:11 291760 ----a-w- c:\program files\Lexmark 2400 Series\lxcrmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-09-23 23:30 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-11-24 15:07 323640 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 17:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 17:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 136176]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 136176]
R3 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\Drivers\HPM1210FAX.sys [2010-04-28 13824]
R3 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 247352]
R3 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2010-04-28 17408]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-07 1343400]
R4 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-30 99896]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-10 218688]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-06-29 428200]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 21:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 01:29]
.
2011-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 01:29]
.
2011-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000Core.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 01:34]
.
2011-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000UA.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 01:34]
.
.
------- Supplementary Scan -------
.
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\68r2z81d.default\
FF - prefs.js: browser.startup.homepage - www.gmail.com
FF - prefs.js: network.proxy.type - 0
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-BuffaloTools - c:\program files\BUFFALO\BuffaloTools\BuffaloTools.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-25 14:36:50
ComboFix-quarantined-files.txt 2011-12-25 19:36
.
Pre-Run: 30,949,785,600 bytes free
Post-Run: 30,621,491,200 bytes free
.
- - End Of File - - 5E166FC3E3FE1769A79B2E0EDF582658

TDSKiller

14:49:30.0464 2668 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:49:30.0776 2668 ============================================================
14:49:30.0776 2668 Current date / time: 2011/12/25 14:49:30.0776
14:49:30.0776 2668 SystemInfo:
14:49:30.0776 2668
14:49:30.0776 2668 OS Version: 6.1.7601 ServicePack: 1.0
14:49:30.0776 2668 Product type: Workstation
14:49:30.0776 2668 ComputerName: MIKE-PC
14:49:30.0776 2668 UserName: Mike
14:49:30.0776 2668 Windows directory: C:\Windows
14:49:30.0776 2668 System windows directory: C:\Windows
14:49:30.0776 2668 Processor architecture: Intel x86
14:49:30.0776 2668 Number of processors: 2
14:49:30.0776 2668 Page size: 0x1000
14:49:30.0776 2668 Boot type: Normal boot
14:49:30.0776 2668 ============================================================
14:49:31.0509 2668 Initialize success
14:49:39.0465 1604 ============================================================
14:49:39.0465 1604 Scan started
14:49:39.0465 1604 Mode: Manual;
14:49:39.0465 1604 ============================================================
14:49:40.0074 1604 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:49:40.0089 1604 1394ohci - ok
14:49:40.0167 1604 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:49:40.0167 1604 ACPI - ok
14:49:40.0230 1604 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:49:40.0230 1604 AcpiPmi - ok
14:49:40.0339 1604 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:49:40.0339 1604 adp94xx - ok
14:49:40.0479 1604 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:49:40.0479 1604 adpahci - ok
14:49:40.0542 1604 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:49:40.0542 1604 adpu320 - ok
14:49:40.0651 1604 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:49:40.0651 1604 AFD - ok
14:49:40.0791 1604 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:49:40.0791 1604 agp440 - ok
14:49:40.0869 1604 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:49:40.0869 1604 aic78xx - ok
14:49:40.0979 1604 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:49:40.0979 1604 aliide - ok
14:49:41.0135 1604 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:49:41.0135 1604 amdagp - ok
14:49:41.0181 1604 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:49:41.0181 1604 amdide - ok
14:49:41.0259 1604 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:49:41.0259 1604 AmdK8 - ok
14:49:41.0306 1604 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:49:41.0306 1604 AmdPPM - ok
14:49:41.0384 1604 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
14:49:41.0400 1604 amdsata - ok
14:49:41.0525 1604 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:49:41.0525 1604 amdsbs - ok
14:49:41.0587 1604 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
14:49:41.0587 1604 amdxata - ok
14:49:41.0821 1604 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:49:41.0821 1604 AppID - ok
14:49:41.0977 1604 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:49:41.0977 1604 arc - ok
14:49:42.0039 1604 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:49:42.0039 1604 arcsas - ok
14:49:42.0180 1604 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:49:42.0180 1604 AsyncMac - ok
14:49:42.0242 1604 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:49:42.0242 1604 atapi - ok
14:49:42.0367 1604 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
14:49:42.0367 1604 avgntflt - ok
14:49:42.0492 1604 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
14:49:42.0507 1604 avipbb - ok
14:49:42.0617 1604 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:49:42.0617 1604 b06bdrv - ok
14:49:42.0695 1604 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:49:42.0710 1604 b57nd60x - ok
14:49:42.0835 1604 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:49:42.0835 1604 Beep - ok
14:49:42.0929 1604 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:49:42.0929 1604 blbdrive - ok
14:49:42.0991 1604 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:49:42.0991 1604 bowser - ok
14:49:43.0038 1604 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:49:43.0038 1604 BrFiltLo - ok
14:49:43.0085 1604 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:49:43.0085 1604 BrFiltUp - ok
14:49:43.0163 1604 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:49:43.0163 1604 Brserid - ok
14:49:43.0272 1604 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:49:43.0272 1604 BrSerWdm - ok
14:49:43.0319 1604 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:49:43.0319 1604 BrUsbMdm - ok
14:49:43.0365 1604 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:49:43.0365 1604 BrUsbSer - ok
14:49:43.0412 1604 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:49:43.0412 1604 BTHMODEM - ok
14:49:43.0568 1604 catchme - ok
14:49:43.0709 1604 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:49:43.0709 1604 cdfs - ok
14:49:43.0802 1604 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:49:43.0818 1604 cdrom - ok
14:49:43.0927 1604 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:49:43.0927 1604 circlass - ok
14:49:44.0005 1604 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:49:44.0005 1604 CLFS - ok
14:49:44.0348 1604 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:49:44.0348 1604 CmBatt - ok
14:49:44.0411 1604 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:49:44.0411 1604 cmdide - ok
14:49:44.0457 1604 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:49:44.0457 1604 CNG - ok
14:49:44.0551 1604 CnxtHdAudService (a4d44ab8423791db757b38150ec599a4) C:\Windows\system32\drivers\CHDRT32.sys
14:49:44.0551 1604 CnxtHdAudService - ok
14:49:44.0691 1604 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:49:44.0707 1604 Compbatt - ok
14:49:44.0801 1604 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:49:44.0801 1604 CompositeBus - ok
14:49:44.0894 1604 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:49:44.0894 1604 crcdisk - ok
14:49:45.0003 1604 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:49:45.0003 1604 CSC - ok
14:49:45.0144 1604 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:49:45.0144 1604 DfsC - ok
14:49:45.0237 1604 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:49:45.0237 1604 discache - ok
14:49:45.0331 1604 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:49:45.0331 1604 Disk - ok
14:49:45.0425 1604 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:49:45.0425 1604 drmkaud - ok
14:49:45.0518 1604 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:49:45.0518 1604 dtsoftbus01 - ok
14:49:45.0643 1604 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:49:45.0643 1604 DXGKrnl - ok
14:49:45.0768 1604 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\Windows\system32\DRIVERS\e100b325.sys
14:49:45.0768 1604 E100B - ok
14:49:45.0971 1604 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:49:46.0002 1604 ebdrv - ok
14:49:46.0095 1604 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:49:46.0111 1604 elxstor - ok
14:49:46.0205 1604 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:49:46.0205 1604 ErrDev - ok
14:49:46.0314 1604 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:49:46.0314 1604 exfat - ok
14:49:46.0376 1604 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:49:46.0376 1604 fastfat - ok
14:49:46.0454 1604 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:49:46.0454 1604 fdc - ok
14:49:46.0517 1604 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:49:46.0517 1604 FileInfo - ok
14:49:46.0595 1604 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:49:46.0595 1604 Filetrace - ok
14:49:46.0688 1604 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:49:46.0688 1604 flpydisk - ok
14:49:46.0766 1604 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:49:46.0766 1604 FltMgr - ok
14:49:46.0844 1604 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:49:46.0844 1604 FsDepends - ok
14:49:46.0907 1604 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:49:46.0907 1604 Fs_Rec - ok
14:49:47.0016 1604 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:49:47.0016 1604 fvevol - ok
14:49:47.0125 1604 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:49:47.0125 1604 gagp30kx - ok
14:49:47.0265 1604 HBtnKey (c172f0d0329e46513b09e1fc60a27b9d) C:\Windows\system32\DRIVERS\cpqbttn.sys
14:49:47.0265 1604 HBtnKey - ok
14:49:47.0359 1604 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:49:47.0359 1604 hcw85cir - ok
14:49:47.0453 1604 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:49:47.0453 1604 HdAudAddService - ok
14:49:47.0531 1604 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:49:47.0531 1604 HDAudBus - ok
14:49:47.0609 1604 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:49:47.0609 1604 HidBatt - ok
14:49:47.0687 1604 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:49:47.0687 1604 HidBth - ok
14:49:47.0811 1604 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:49:47.0811 1604 HidIr - ok
14:49:47.0905 1604 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:49:47.0905 1604 HidUsb - ok
14:49:48.0030 1604 HP1210FAX (7330493e27af4dc73de0f3293e8b5514) C:\Windows\system32\Drivers\HPM1210FAX.sys
14:49:48.0030 1604 HP1210FAX - ok
14:49:48.0217 1604 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:49:48.0217 1604 HpqKbFiltr - ok
14:49:48.0357 1604 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:49:48.0357 1604 HpSAMD - ok
14:49:48.0498 1604 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
14:49:48.0498 1604 HSF_DPV - ok
14:49:48.0638 1604 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
14:49:48.0638 1604 HSXHWAZL - ok
14:49:48.0747 1604 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:49:48.0763 1604 HTTP - ok
14:49:48.0857 1604 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:49:48.0857 1604 hwpolicy - ok
14:49:48.0935 1604 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
14:49:48.0935 1604 i8042prt - ok
14:49:49.0106 1604 ialm (85d42b7f0dd406adf5e3ec7659a279ec) C:\Windows\system32\DRIVERS\igxpmp32.sys
14:49:49.0122 1604 ialm - ok
14:49:49.0215 1604 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
14:49:49.0215 1604 iaStorV - ok
14:49:49.0527 1604 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:49:49.0574 1604 igfx - ok
14:49:49.0699 1604 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:49:49.0699 1604 iirsp - ok
14:49:49.0777 1604 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:49:49.0777 1604 intelide - ok
14:49:49.0855 1604 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:49:49.0871 1604 intelppm - ok
14:49:49.0933 1604 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:49.0933 1604 IpFilterDriver - ok
14:49:50.0027 1604 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:49:50.0027 1604 IPMIDRV - ok
14:49:50.0136 1604 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:49:50.0136 1604 IPNAT - ok
14:49:50.0214 1604 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:49:50.0214 1604 IRENUM - ok
14:49:50.0292 1604 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:49:50.0292 1604 isapnp - ok
14:49:50.0385 1604 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:49:50.0385 1604 iScsiPrt - ok
14:49:50.0495 1604 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:49:50.0495 1604 kbdclass - ok
14:49:50.0588 1604 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
14:49:50.0588 1604 kbdhid - ok
14:49:50.0682 1604 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
14:49:50.0682 1604 KSecDD - ok
14:49:50.0760 1604 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
14:49:50.0760 1604 KSecPkg - ok
14:49:50.0916 1604 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:49:50.0916 1604 lltdio - ok
14:49:51.0009 1604 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:49:51.0009 1604 LSI_FC - ok
14:49:51.0072 1604 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:49:51.0072 1604 LSI_SAS - ok
14:49:51.0150 1604 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:49:51.0150 1604 LSI_SAS2 - ok
14:49:51.0212 1604 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:49:51.0212 1604 LSI_SCSI - ok
14:49:51.0321 1604 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:49:51.0321 1604 luafv - ok
14:49:51.0399 1604 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:49:51.0399 1604 mdmxsdk - ok
14:49:51.0446 1604 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:49:51.0446 1604 megasas - ok
14:49:51.0555 1604 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:49:51.0555 1604 MegaSR - ok
14:49:51.0696 1604 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:49:51.0696 1604 Modem - ok
14:49:51.0743 1604 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:49:51.0743 1604 monitor - ok
14:49:51.0852 1604 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:49:51.0852 1604 mouclass - ok
14:49:51.0930 1604 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:49:51.0930 1604 mouhid - ok
14:49:52.0039 1604 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:49:52.0039 1604 mountmgr - ok
14:49:52.0148 1604 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:49:52.0148 1604 mpio - ok
14:49:52.0226 1604 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:49:52.0226 1604 mpsdrv - ok
14:49:52.0304 1604 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:49:52.0304 1604 MRxDAV - ok
14:49:52.0413 1604 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:52.0413 1604 mrxsmb - ok
14:49:52.0507 1604 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:52.0507 1604 mrxsmb10 - ok
14:49:52.0585 1604 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:52.0585 1604 mrxsmb20 - ok
14:49:52.0663 1604 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:49:52.0663 1604 msahci - ok
14:49:52.0725 1604 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:49:52.0725 1604 msdsm - ok
14:49:52.0850 1604 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:49:52.0850 1604 Msfs - ok
14:49:52.0928 1604 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:49:52.0928 1604 mshidkmdf - ok
14:49:52.0975 1604 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:49:52.0975 1604 msisadrv - ok
14:49:53.0053 1604 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:49:53.0053 1604 MSKSSRV - ok
14:49:53.0100 1604 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:53.0100 1604 MSPCLOCK - ok
14:49:53.0193 1604 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:49:53.0193 1604 MSPQM - ok
14:49:53.0271 1604 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:49:53.0287 1604 MsRPC - ok
14:49:53.0349 1604 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:49:53.0349 1604 mssmbios - ok
14:49:53.0427 1604 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:49:53.0427 1604 MSTEE - ok
14:49:53.0521 1604 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:49:53.0521 1604 MTConfig - ok
14:49:53.0599 1604 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:49:53.0599 1604 Mup - ok
14:49:53.0708 1604 mvusbews (da52265242677e1c03b2560a03172612) C:\Windows\system32\Drivers\mvusbews.sys
14:49:53.0708 1604 mvusbews - ok
14:49:53.0786 1604 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:49:53.0786 1604 NativeWifiP - ok
14:49:53.0942 1604 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:49:53.0942 1604 NDIS - ok
14:49:54.0051 1604 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:54.0051 1604 NdisCap - ok
14:49:54.0114 1604 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:54.0129 1604 NdisTapi - ok
14:49:54.0223 1604 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:54.0223 1604 Ndisuio - ok
14:49:54.0348 1604 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:54.0348 1604 NdisWan - ok
14:49:54.0457 1604 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:49:54.0457 1604 NDProxy - ok
14:49:54.0535 1604 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:49:54.0535 1604 NetBIOS - ok
14:49:54.0613 1604 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:49:54.0613 1604 NetBT - ok
14:49:54.0909 1604 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
14:49:54.0956 1604 netw5v32 - ok
14:49:55.0050 1604 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:49:55.0050 1604 nfrd960 - ok
14:49:55.0112 1604 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:49:55.0112 1604 Npfs - ok
14:49:55.0175 1604 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:49:55.0175 1604 nsiproxy - ok
14:49:55.0331 1604 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
14:49:55.0346 1604 Ntfs - ok
14:49:55.0393 1604 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:49:55.0393 1604 Null - ok
14:49:55.0502 1604 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
14:49:55.0502 1604 nvraid - ok
14:49:55.0549 1604 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
14:49:55.0565 1604 nvstor - ok
14:49:55.0643 1604 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:49:55.0643 1604 nv_agp - ok
14:49:55.0752 1604 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:49:55.0752 1604 ohci1394 - ok
14:49:55.0892 1604 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:49:55.0892 1604 Parport - ok
14:49:56.0001 1604 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
14:49:56.0001 1604 partmgr - ok
14:49:56.0064 1604 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:49:56.0064 1604 Parvdm - ok
14:49:56.0142 1604 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:49:56.0142 1604 pci - ok
14:49:56.0220 1604 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:49:56.0220 1604 pciide - ok
14:49:56.0298 1604 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:49:56.0298 1604 pcmcia - ok
14:49:56.0376 1604 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:49:56.0376 1604 pcw - ok
14:49:56.0454 1604 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:49:56.0454 1604 PEAUTH - ok
14:49:56.0594 1604 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:49:56.0594 1604 PptpMiniport - ok
14:49:56.0672 1604 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:49:56.0672 1604 Processor - ok
14:49:56.0781 1604 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:49:56.0781 1604 Psched - ok
14:49:56.0891 1604 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:49:56.0891 1604 ql2300 - ok
14:49:56.0984 1604 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:49:56.0984 1604 ql40xx - ok
14:49:57.0062 1604 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:49:57.0062 1604 QWAVEdrv - ok
14:49:57.0125 1604 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:49:57.0125 1604 RasAcd - ok
14:49:57.0218 1604 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:57.0218 1604 RasAgileVpn - ok
14:49:57.0265 1604 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:57.0265 1604 Rasl2tp - ok
14:49:57.0359 1604 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:57.0359 1604 RasPppoe - ok
14:49:57.0452 1604 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:49:57.0452 1604 RasSstp - ok
14:49:57.0546 1604 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:49:57.0546 1604 rdbss - ok
14:49:57.0624 1604 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:49:57.0624 1604 rdpbus - ok
14:49:57.0702 1604 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:57.0702 1604 RDPCDD - ok
14:49:57.0811 1604 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:49:57.0811 1604 RDPDR - ok
14:49:57.0905 1604 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:49:57.0920 1604 RDPENCDD - ok
14:49:57.0983 1604 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:49:57.0983 1604 RDPREFMP - ok
14:49:58.0092 1604 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
14:49:58.0092 1604 RdpVideoMiniport - ok
14:49:58.0185 1604 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
14:49:58.0201 1604 RDPWD - ok
14:49:58.0326 1604 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:49:58.0326 1604 rdyboost - ok
14:49:58.0419 1604 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:49:58.0419 1604 rimmptsk - ok
14:49:58.0466 1604 rimsptsk (d0a35b7670aa3558eaab483f64446496) C:\Windows\system32\DRIVERS\rimsptsk.sys
14:49:58.0482 1604 rimsptsk - ok
14:49:58.0575 1604 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
14:49:58.0575 1604 rismxdp - ok
14:49:58.0716 1604 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:49:58.0716 1604 rspndr - ok
14:49:58.0825 1604 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:49:58.0825 1604 s3cap - ok
14:49:58.0965 1604 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:49:58.0965 1604 SASDIFSV - ok
14:49:59.0012 1604 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:49:59.0012 1604 SASKUTIL - ok
14:49:59.0137 1604 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:49:59.0137 1604 sbp2port - ok
14:49:59.0231 1604 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:49:59.0231 1604 scfilter - ok
14:49:59.0309 1604 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
14:49:59.0309 1604 sdbus - ok
14:49:59.0387 1604 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:49:59.0387 1604 secdrv - ok
14:49:59.0496 1604 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:49:59.0496 1604 Serenum - ok
14:49:59.0574 1604 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:49:59.0574 1604 Serial - ok
14:49:59.0652 1604 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:49:59.0652 1604 sermouse - ok
14:49:59.0730 1604 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
14:49:59.0730 1604 sffdisk - ok
14:49:59.0792 1604 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:49:59.0792 1604 sffp_mmc - ok
14:49:59.0901 1604 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:49:59.0901 1604 sffp_sd - ok
14:49:59.0964 1604 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:49:59.0964 1604 sfloppy - ok
14:50:00.0073 1604 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:50:00.0073 1604 sisagp - ok
14:50:00.0151 1604 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:50:00.0151 1604 SiSRaid2 - ok
14:50:00.0245 1604 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:50:00.0245 1604 SiSRaid4 - ok
14:50:00.0338 1604 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:50:00.0338 1604 Smb - ok
14:50:00.0463 1604 SNP2UVC (fac7b89330e20713950925050c91cd04) C:\Windows\system32\DRIVERS\snp2uvc.sys
14:50:00.0463 1604 SNP2UVC - ok
14:50:00.0557 1604 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:50:00.0557 1604 spldr - ok
14:50:00.0681 1604 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:50:00.0681 1604 srv - ok
14:50:00.0759 1604 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:50:00.0775 1604 srv2 - ok
14:50:00.0884 1604 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
14:50:00.0884 1604 SrvHsfHDA - ok
14:50:01.0009 1604 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:50:01.0025 1604 SrvHsfV92 - ok
14:50:01.0118 1604 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
14:50:01.0118 1604 SrvHsfWinac - ok
14:50:01.0196 1604 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:50:01.0196 1604 srvnet - ok
14:50:01.0321 1604 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
14:50:01.0321 1604 ssmdrv - ok
14:50:01.0446 1604 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
14:50:01.0446 1604 StarOpen - ok
14:50:01.0524 1604 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:50:01.0524 1604 stexstor - ok
14:50:01.0602 1604 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
14:50:01.0602 1604 StillCam - ok
14:50:01.0664 1604 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:50:01.0664 1604 storflt - ok
14:50:01.0758 1604 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:50:01.0758 1604 storvsc - ok
14:50:01.0851 1604 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:50:01.0851 1604 swenum - ok
14:50:01.0929 1604 Synth3dVsc - ok
14:50:02.0007 1604 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
14:50:02.0007 1604 SynTP - ok
14:50:02.0163 1604 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
14:50:02.0179 1604 Tcpip - ok
14:50:02.0304 1604 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
14:50:02.0319 1604 TCPIP6 - ok
14:50:02.0397 1604 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:50:02.0397 1604 tcpipreg - ok
14:50:02.0475 1604 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:50:02.0475 1604 TDPIPE - ok
14:50:02.0569 1604 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
14:50:02.0569 1604 TDTCP - ok
14:50:02.0631 1604 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:50:02.0647 1604 tdx - ok
14:50:02.0756 1604 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:50:02.0756 1604 TermDD - ok
14:50:02.0834 1604 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:50:02.0834 1604 tssecsrv - ok
14:50:02.0975 1604 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:50:02.0975 1604 TsUsbFlt - ok
14:50:03.0021 1604 tsusbhub - ok
14:50:03.0162 1604 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:50:03.0162 1604 tunnel - ok
14:50:03.0224 1604 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:50:03.0224 1604 uagp35 - ok
14:50:03.0333 1604 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:50:03.0333 1604 udfs - ok
14:50:03.0427 1604 UIUSys - ok
14:50:03.0552 1604 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:50:03.0552 1604 uliagpkx - ok
14:50:03.0630 1604 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
14:50:03.0630 1604 umbus - ok
14:50:03.0708 1604 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:50:03.0723 1604 UmPass - ok
14:50:03.0786 1604 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
14:50:03.0786 1604 usbccgp - ok
14:50:03.0911 1604 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:50:03.0911 1604 usbcir - ok
14:50:03.0957 1604 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
14:50:03.0957 1604 usbehci - ok
14:50:04.0067 1604 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
14:50:04.0067 1604 usbhub - ok
14:50:04.0129 1604 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
14:50:04.0129 1604 usbohci - ok
14:50:04.0223 1604 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:50:04.0223 1604 usbprint - ok
14:50:04.0348 1604 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
14:50:04.0348 1604 usbscan - ok
14:50:04.0457 1604 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:50:04.0457 1604 USBSTOR - ok
14:50:04.0535 1604 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
14:50:04.0535 1604 usbuhci - ok
14:50:04.0613 1604 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
14:50:04.0613 1604 usbvideo - ok
14:50:04.0722 1604 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:50:04.0722 1604 vdrvroot - ok
14:50:04.0800 1604 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:50:04.0800 1604 vga - ok
14:50:04.0847 1604 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:50:04.0847 1604 VgaSave - ok
14:50:04.0925 1604 VGPU - ok
14:50:05.0018 1604 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:50:05.0018 1604 vhdmp - ok
14:50:05.0143 1604 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:50:05.0143 1604 viaagp - ok
14:50:05.0221 1604 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:50:05.0221 1604 ViaC7 - ok
14:50:05.0299 1604 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:50:05.0299 1604 viaide - ok
14:50:05.0377 1604 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:50:05.0377 1604 vmbus - ok
14:50:05.0486 1604 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:50:05.0486 1604 VMBusHID - ok
14:50:05.0549 1604 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:50:05.0549 1604 volmgr - ok
14:50:05.0627 1604 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:50:05.0627 1604 volmgrx - ok
14:50:05.0736 1604 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:50:05.0736 1604 volsnap - ok
14:50:05.0876 1604 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:50:05.0876 1604 vsmraid - ok
14:50:05.0923 1604 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
14:50:05.0923 1604 vwifibus - ok
14:50:06.0017 1604 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:50:06.0017 1604 WacomPen - ok
14:50:06.0110 1604 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:50:06.0110 1604 WANARP - ok
14:50:06.0110 1604 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:50:06.0110 1604 Wanarpv6 - ok
14:50:06.0204 1604 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:50:06.0220 1604 Wd - ok
14:50:06.0344 1604 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:50:06.0344 1604 Wdf01000 - ok
14:50:06.0454 1604 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:50:06.0454 1604 WfpLwf - ok
14:50:06.0500 1604 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:50:06.0500 1604 WIMMount - ok
14:50:06.0625 1604 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:50:06.0641 1604 winachsf - ok
14:50:06.0828 1604 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
14:50:06.0828 1604 WinUsb - ok
14:50:06.0906 1604 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:50:06.0906 1604 WmiAcpi - ok
14:50:07.0000 1604 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:50:07.0000 1604 ws2ifsl - ok
14:50:07.0124 1604 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:50:07.0124 1604 WudfPf - ok
14:50:07.0265 1604 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:50:07.0265 1604 WUDFRd - ok
14:50:07.0327 1604 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys
14:50:07.0343 1604 XAudio - ok
14:50:07.0390 1604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:50:07.0436 1604 \Device\Harddisk0\DR0 - ok
14:50:07.0436 1604 Boot (0x1200) (43f2e47319ac0b8e3800249cf83d8733) \Device\Harddisk0\DR0\Partition0
14:50:07.0436 1604 \Device\Harddisk0\DR0\Partition0 - ok
14:50:07.0452 1604 Boot (0x1200) (e576ac0e98e1685c3ce21c51dc49daf4) \Device\Harddisk0\DR0\Partition1
14:50:07.0452 1604 \Device\Harddisk0\DR0\Partition1 - ok
14:50:07.0452 1604 ============================================================
14:50:07.0452 1604 Scan finished
14:50:07.0452 1604 ============================================================
14:50:07.0468 2736 Detected object count: 0
14:50:07.0468 2736 Actual detected object count: 0
14:57:24.0502 2552 Deinitialize success

Fix button is disabled

ASWMBR

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-25 14:58:27
-----------------------------
14:58:27.066 OS Version: Windows 6.1.7601 Service Pack 1
14:58:27.066 Number of processors: 2 586 0xE08
14:58:27.066 ComputerName: MIKE-PC UserName: Mike
14:58:27.674 Initialize success
14:59:06.444 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
14:59:06.459 Disk 0 Vendor: FUJITSU_MHV2100BH_PL 892C Size: 95396MB BusType: 11
14:59:08.487 Disk 0 MBR read successfully
14:59:08.487 Disk 0 MBR scan
14:59:08.487 Disk 0 Windows 7 default MBR code
14:59:08.487 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 80025 MB offset 63
14:59:08.518 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15368 MB offset 163893248
14:59:08.534 Disk 0 scanning sectors +195366912
14:59:08.612 Disk 0 scanning C:\Windows\system32\drivers
14:59:16.240 Service scanning
14:59:17.722 Modules scanning
14:59:29.500 Scan finished successfully
15:03:28.134 Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
15:03:28.134 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"

Malwarebytes

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122503

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

12/26/2011 12:52:48 PM
mbam-log-2011-12-26 (12-52-48).txt

Scan type: Quick scan
Objects scanned: 185634
Time elapsed: 5 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL

OTL logfile created on: 12/25/2011 3:15:33 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mike\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.38% Memory free
3.98 Gb Paging File | 2.93 Gb Available in Paging File | 73.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78.15 Gb Total Space | 28.54 Gb Free Space | 36.51% Space Free | Partition Type: NTFS
Drive F: | 15.01 Gb Total Space | 14.92 Gb Free Space | 99.40% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/25 14:40:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2011/06/28 21:21:04 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011/06/28 21:21:04 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/03/28 15:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 15:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 07:17:46 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
PRC - [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/07 06:16:28 | 000,411,192 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011/12/07 06:16:27 | 003,767,864 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011/12/07 06:14:56 | 000,122,952 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011/12/07 06:14:55 | 000,222,280 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011/12/07 06:14:53 | 001,746,504 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011/12/07 02:22:33 | 008,593,056 | ---- | M] () -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011/03/02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/12/14 01:44:08 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/06/28 21:21:04 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/06/28 21:21:04 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/22 13:20:13 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/07 16:08:56 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2011/05/06 23:41:53 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/03/28 15:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/05/11 14:58:04 | 000,247,352 | ---- | M] (HP) [On_Demand | Stopped] -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe -- (HPM1210RcvFaxSrvc)
SRV - [2010/04/29 20:11:48 | 000,099,896 | ---- | M] (HP) [Disabled | Stopped] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService)
SRV - [2010/03/10 01:10:38 | 000,086,016 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/15 10:13:50 | 000,136,192 | ---- | M] (HP) [On_Demand | Stopped] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/12/11 14:12:06 | 000,537,520 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/28 21:21:07 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 21:21:07 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/06/10 10:10:31 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/28 18:49:50 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mvusbews.sys -- (mvusbews)
DRV - [2010/04/28 18:49:50 | 000,013,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPM1210FAX.sys -- (HP1210FAX)
DRV - [2010/02/24 23:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/04/29 06:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2008/03/03 04:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/07/10 05:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/14 16:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/07/06 09:28:58 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2005/12/22 16:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 19:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 8B F0 85 05 C2 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.gmail.com"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/22 14:15:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/22 14:15:19 | 000,000,000 | ---D | M]

[2011/05/07 20:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2011/12/19 23:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\68r2z81d.default\extensions
[2011/11/21 11:37:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\68r2z81d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/01 15:24:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/02 00:58:19 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/18 11:25:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/11/01 15:24:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\68R2Z81D.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/04/14 11:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 13:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Skype Extension = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Gmail = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2011/12/25 14:34:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\Windows\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECFB6B3E-9795-4A2E-A66A-874DA12BAAD9}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/25 11:05:46 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/25 15:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/25 15:07:30 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/25 15:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/25 15:05:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Mike\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/25 14:41:24 | 004,757,312 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Mike\Desktop\procexp.exe
[2011/12/25 14:41:19 | 004,393,920 | ---- | C] (Piriform Ltd) -- C:\Users\Mike\Desktop\spsetup114.exe
[2011/12/25 14:41:05 | 000,061,440 | ---- | C] ( ) -- C:\Users\Mike\Desktop\VEW.exe
[2011/12/25 14:40:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011/12/25 14:38:34 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Mike\Desktop\aswMBR.exe
[2011/12/25 14:38:23 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2011/12/25 14:36:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/25 14:36:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/12/25 14:36:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\temp
[2011/12/25 14:24:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/25 14:24:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/25 14:24:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/25 14:24:36 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/25 14:24:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/25 14:23:18 | 004,351,768 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\ComboFix.exe
[2011/12/24 16:29:06 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\TFC.exe
[2011/12/24 12:03:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Turkey
[2011/12/23 00:23:16 | 000,000,000 | ---D | C] -- C:\Boot
[2011/12/22 21:48:50 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Users\Mike\Desktop\ccsetup313.exe
[2011/12/20 18:52:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/20 18:52:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/20 18:52:09 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/20 18:52:07 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/20 18:51:53 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/12/20 18:51:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/20 18:51:52 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/20 18:51:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/20 18:51:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/20 18:49:38 | 003,912,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/20 18:49:37 | 003,967,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/20 17:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCleaner Memory Optimizer
[2011/12/20 17:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinCleaner Memory Optimizer
[2011/12/20 14:21:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/20 14:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/12/20 14:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/12/20 14:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/12/18 15:25:14 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2011/12/18 15:25:14 | 000,318,976 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2011/12/18 15:25:11 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2011/12/18 15:25:11 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2011/12/18 15:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2011/12/04 11:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011/12/04 11:22:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Samsung
[2011/12/04 10:52:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2011/12/04 10:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3
[2011/12/04 10:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011/05/08 23:32:57 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnp2uvc.dll
[2011/05/07 20:10:09 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/05/07 20:10:09 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/05/07 20:10:09 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/05/07 20:10:09 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/05/07 20:10:09 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/05/07 20:10:09 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/05/07 20:10:08 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/05/07 20:10:08 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/05/07 20:10:08 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2011/05/07 20:10:07 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/05/07 20:10:07 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/05/07 20:10:07 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/05/07 20:10:07 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe

========== Files - Modified Within 30 Days ==========

[2011/12/25 15:18:25 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/25 15:18:25 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/25 15:06:03 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Mike\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/25 15:03:28 | 000,000,512 | ---- | M] () -- C:\Users\Mike\Desktop\MBR.dat
[2011/12/25 14:56:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/25 14:56:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/25 14:41:44 | 004,757,312 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Mike\Desktop\procexp.exe
[2011/12/25 14:41:36 | 004,393,920 | ---- | M] (Piriform Ltd) -- C:\Users\Mike\Desktop\spsetup114.exe
[2011/12/25 14:41:03 | 000,061,440 | ---- | M] ( ) -- C:\Users\Mike\Desktop\VEW.exe
[2011/12/25 14:40:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011/12/25 14:38:48 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Mike\Desktop\aswMBR.exe
[2011/12/25 14:38:23 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2011/12/25 14:34:13 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/12/25 14:23:19 | 004,351,768 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\ComboFix.exe
[2011/12/25 14:21:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000UA.job
[2011/12/25 10:04:50 | 000,659,818 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/25 10:04:50 | 000,120,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/25 09:48:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/25 09:48:04 | 1602,789,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/24 22:13:38 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000Core.job
[2011/12/24 16:29:03 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\TFC.exe
[2011/12/24 01:51:11 | 000,007,605 | ---- | M] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2011/12/23 00:18:45 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/12/22 21:53:53 | 000,395,875 | ---- | M] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/12/22 21:53:36 | 000,329,455 | ---- | M] () -- C:\Users\Mike\Desktop\1.jpg
[2011/12/22 21:48:54 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Users\Mike\Desktop\ccsetup313.exe
[2011/12/22 20:46:34 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/12/22 20:46:34 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/12/20 19:24:33 | 003,927,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/19 15:51:39 | 000,000,132 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/12/05 11:38:36 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2011/11/26 15:03:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2011/12/25 15:03:28 | 000,000,512 | ---- | C] () -- C:\Users\Mike\Desktop\MBR.dat
[2011/12/25 14:24:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/25 14:24:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/25 14:24:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/25 14:24:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/25 14:24:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/22 21:53:55 | 000,395,875 | ---- | C] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/12/22 21:52:57 | 000,329,455 | ---- | C] () -- C:\Users\Mike\Desktop\1.jpg
[2011/12/22 21:24:09 | 1602,789,376 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/22 20:58:43 | 000,250,048 | RHS- | C] () -- C:\ntldr
[2011/12/22 20:46:33 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/12/22 20:46:33 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/12/20 12:28:55 | 000,007,605 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2011/12/04 10:56:41 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011/12/04 10:52:18 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2011/11/26 15:03:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/27 10:43:50 | 001,167,360 | ---- | C] () -- C:\Windows\System32\HPM1210SM.exe
[2011/06/27 10:43:50 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL
[2011/06/27 10:43:50 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL
[2011/06/27 10:38:16 | 000,013,824 | ---- | C] () -- C:\Windows\System32\drivers\HPM1210FAX.sys
[2011/06/27 10:38:11 | 000,176,128 | ---- | C] () -- C:\Windows\System32\m1210nwia.dll
[2011/06/27 10:38:11 | 000,167,936 | ---- | C] () -- C:\Windows\System32\m1210wia.dll
[2011/06/27 10:38:11 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll
[2011/06/27 10:38:04 | 000,046,592 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll
[2011/05/21 11:46:25 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/05/21 11:44:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/05/21 10:48:04 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/19 01:57:06 | 000,000,132 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/05/08 23:37:29 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011/05/08 23:32:57 | 000,102,400 | ---- | C] () -- C:\Windows\HPWebcam.exe
[2011/05/08 23:32:57 | 000,047,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011/05/08 23:29:32 | 000,138,752 | ---- | C] () -- C:\Windows\VM303Uninst64.exe
[2011/05/08 23:29:32 | 000,073,728 | ---- | C] () -- C:\Windows\VMInstNT.exe
[2011/05/08 23:29:32 | 000,069,632 | ---- | C] () -- C:\Windows\VMInst64.exe
[2011/05/08 23:29:31 | 000,040,960 | ---- | C] () -- C:\Windows\VM303UninstNT.exe
[2011/05/08 23:29:30 | 000,040,960 | ---- | C] () -- C:\Windows\VM303Uninst.exe
[2011/05/08 23:29:30 | 000,032,768 | ---- | C] () -- C:\Windows\VMInst.exe
[2011/05/07 20:10:09 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011/05/06 00:43:25 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2011/05/06 00:43:25 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2011/05/06 00:43:25 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2011/05/06 00:43:24 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2011/05/06 00:43:23 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2010/01/28 14:55:34 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 003,927,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,659,818 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,120,714 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/05 22:34:34 | 000,192,512 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v4670.dll
[2006/03/09 15:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/06 18:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

< End of report >

Extras.txt
OTL Extras logfile created on: 12/25/2011 3:15:33 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mike\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.38% Memory free
3.98 Gb Paging File | 2.93 Gb Available in Paging File | 73.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78.15 Gb Total Space | 28.54 Gb Free Space | 36.51% Space Free | Partition Type: NTFS
Drive F: | 15.01 Gb Total Space | 14.92 Gb Free Space | 99.40% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
.scr [@ = AutoCADScriptFile] -- C:\Windows\System32\notepad.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D24952-1219-406D-9281-B0DA28C8AFD1}" = Maxwell for Rhinoceros 4
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FA6376A-3120-45DA-8686-96DEFC8A0513}" = HP LaserJet Toolbox
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 29
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{33FA361C-6545-4490-945C-1B869370489D}" = HP LaserJet Professional M1210 MFP Series Toolbox
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Pavilion Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_920" = Adobe Acrobat 9.2.0 - CPSID_50026
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{B2BC4969-2DE3-499A-9A3D-1B7C34ED12C3}" = HP Webcam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D57F1897-D0F5-4E5F-99BA-80815B43283A}" = Rhinoceros 4.0 SR4
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{FA3AFC80-05A5-45A6-BD6E-92641BF93129}" = HP LaserJet Professional M1210 MFP Series Fax Installer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"AutoCAD 2008 - English" = AutoCAD 2008 - English
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DWG TrueView 2012" = DWG TrueView 2012
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Easy Burner_is1" = Free Easy Burner V 4.4.1
"GLVIEW3" = OpenGL Extensions Viewer 3.0
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"Lexmark 2400 Series" = Lexmark 2400 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Maxwell" = Maxwell
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"pepakura_designer3en" = Pepakura Designer 3
"PROSet" = Intel® Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp
"WinCleanerMemOptimizer_is1" = WinCleaner Memory Optimizer Version 5.2
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/22/2011 7:48:05 PM | Computer Name = Mike-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x00000000.

Error - 12/22/2011 7:48:09 PM | Computer Name = Mike-PC | Source = System Restore | ID = 8210
Description =

Error - 12/24/2011 12:33:49 AM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/24/2011 12:33:53 AM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 12/24/2011 2:30:33 AM | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x995c70c0 Faulting process id:
0x42c Faulting application start time: 0x01ccc205836df6f5 Faulting application path:
C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: unknown Report
Id: c7d71c9d-2df8-11e1-b48a-99ce1175210a

Error - 12/25/2011 12:05:02 AM | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Faulting application name: winlogon.exe, version: 6.1.7601.17514,
time stamp: 0x4ce79517 Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0xc0000005 Fault offset: 0x000303a0 Faulting
process id: 0x224 Faulting application start time: 0x01ccc25399c1c2f8 Faulting application
path: C:\Windows\system32\winlogon.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 9e57ac36-2ead-11e1-addb-b747d0963c00

Error - 12/25/2011 1:11:34 PM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/25/2011 1:11:40 PM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 12/25/2011 1:58:08 PM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/25/2011 1:58:12 PM | Computer Name = Mike-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

[ Media Center Events ]
Error - 6/30/2011 10:30:12 AM | Computer Name = Mike-PC | Source = MCUpdate | ID = 0
Description = 10:30:11 AM - Error connecting to the internet. 10:30:12 AM - Unable
to contact server..

Error - 7/5/2011 8:49:35 AM | Computer Name = Mike-PC | Source = MCUpdate | ID = 0
Description = 7:49:34 AM - Error connecting to the internet. 7:49:35 AM - Unable
to contact server..

[ System Events ]
Error - 12/24/2011 3:01:49 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 12/24/2011 3:01:49 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 12/24/2011 3:01:49 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 12/25/2011 12:10:54 AM | Computer Name = Mike-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:06:09 PM on ?12/?24/?2011 was unexpected.

Error - 12/25/2011 1:24:09 PM | Computer Name = Mike-PC | Source = BROWSER | ID = 8032
Description =

Error - 12/25/2011 3:25:31 PM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7034
Description = The XAudioService service terminated unexpectedly. It has done this
1 time(s).

Error - 12/25/2011 3:25:58 PM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 12/25/2011 3:30:42 PM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 12/25/2011 3:34:16 PM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 12/25/2011 3:39:30 PM | Computer Name = Mike-PC | Source = DCOM | ID = 10010
Description =


< End of report >

Drivers
dtsoftbus01.sys c:\windows\system32\drivers 6/10/2011

VEW.txt
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/12/2011 12:16:17 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/12/2011 6:36:35 AM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume1\Program Files\Winamp\winamp.exe with process id 3044 stopped the removal or ejection for the device USB\VID_0951&PID_1603\89900000000000006CB02B1A.

Log: 'System' Date/Time: 25/12/2011 10:22:42 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 25/12/2011 8:48:48 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 26/12/2011 12:17:04 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/12/2011 6:24:17 AM
Type: Error Category: 0
Event: 63 Source: SideBySide
Activation context generation failed for "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Log: 'Application' Date/Time: 26/12/2011 6:24:13 AM
Type: Error Category: 0
Event: 33 Source: SideBySide
Activation context generation failed for "C:\Program Files\Autodesk\Composite 2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/12/2011 2:40:09 AM
Type: Warning Category: 0
Event: 4105 Source: Microsoft-Windows-Winlogon
Windows is in Notification period.

Log: 'Application' Date/Time: 25/12/2011 9:58:37 PM
Type: Warning Category: 0
Event: 4105 Source: Microsoft-Windows-Winlogon
Windows is in Notification period.

Log: 'Application' Date/Time: 25/12/2011 8:48:30 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-47317104-1131505794-3654478910-1000:
Process 668 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-47317104-1131505794-3654478910-1000



Speccy
Summary
Operating System
MS Windows 7 Ultimate 32-bit SP1
CPU
Intel Core Duo T2250 @ 1.73GHz 41 °C
Yonah 65nm Technology
RAM
2.00 GB Dual-Channel DDR2 @ 266MHz (4-4-4-12)
Motherboard
Quanta 30BB (U2E1) 39 °C
Graphics
Generic PnP Monitor ([email protected])
Mobile Intel® 945 Express Chipset Family
Mobile Intel® 945 Express Chipset Family
Hard Drives
98GB FUJITSU MHV2100BH PL ATA Device (SATA) 45 °C
Optical Drives
DTSoftBusCd00
Optiarc DVD RW AD-7581A ATA Device
Audio
Conexant High Definition Audio
Operating System
MS Windows 7 Ultimate 32-bit SP1
Installation Date: 07 May 2011, 02:51
Serial Number:
Windows Security Center
Firewall Enabled
Windows Update
AutoUpdate Notify prior to download
Windows Defender
Windows Defender Enabled
Environment Variables
USERPROFILE C:\Users\Mike
SystemRoot C:\Windows
User Variables
MAXWELL_ROOT C:\Program Files\Next Limit\Maxwell
TEMP C:\Users\Mike\AppData\Local\Temp
TMP C:\Users\Mike\AppData\Local\Temp
Machine Variables
3DSMAX_2011_PATH C:\Program Files\Autodesk\3ds Max 2011\
CLASSPATH .;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
MAXWELL_ROOT C:\Program Files\Next Limit\Maxwell
NUMBER_OF_PROCESSORS 2
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files\Autodesk\Backburner
C:\Program Files\Common Files\Autodesk Shared
C:\Program Files\QuickTime\QTSystem
C:\Program Files\Samsung\Samsung PC Studio 3
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
PROCESSOR_IDENTIFIER x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL 6
PROCESSOR_REVISION 0e08
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
QTJAVA C:\Program Files\Java\jre6\lib\ext\QTJava.zip
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
Battery
AC line Online
Battery full time Unknown
Battery Charge % 100 %
Battery State High
Amount of time remaining (sec) Unknown
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) Never
Turn Off Hard Disk after: (On Battery Power) 10 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 5 min
Screen saver Enabled
Uptime
Current Session
Current Time 12/26/2011 12:35:53 PM
Current Uptime 20729 sec (0 d, 05 h, 45 m, 29 s)
Last Boot Time 12/26/2011 6:50:24 AM
TimeZone
TimeZone GMT -5 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
GoogleUpdateTaskMachineUA 12/26/2011 12:56 PM;Every 1 hour(s) from 2:56 PM for 24 hour(s) every day, starting 10/24/2011
GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000UA 12/26/2011 1:21 PM;Every 1 hour(s) from 6:21 PM for 24 hour(s) every day, starting 10/14/2011
GoogleUpdateTaskMachineCore 12/26/2011 2:56 PM;Run at user logon
GoogleUpdateTaskUserS-1-5-21-47317104-1131505794-3654478910-1000Core 12/26/2011 6:21 PM;At 6:21 PM every day, starting 10/14/2011
Process List
audiodg.exe
Process ID 296
avgnt.exe
Process ID 3284
User Mike
Domain Mike-PC
Path C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Memory Usage 2.43 MB
Peak Memory Usage 145 MB
avguard.exe
Process ID 1724
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avguard.exe
Memory Usage 15 MB
Peak Memory Usage 127 MB
avshadow.exe
Process ID 1916
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
Memory Usage 2.76 MB
Peak Memory Usage 3.29 MB
avwebgrd.exe
Process ID 2268
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
Memory Usage 5.93 MB
Peak Memory Usage 8.37 MB
chrome.exe
Process ID 3964
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 45 MB
Peak Memory Usage 45 MB
chrome.exe
Process ID 3792
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 49 MB
Peak Memory Usage 59 MB
chrome.exe
Process ID 3788
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 14 MB
Peak Memory Usage 18 MB
chrome.exe
Process ID 4048
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
chrome.exe
Process ID 2616
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 52 MB
Peak Memory Usage 64 MB
chrome.exe
Process ID 3560
User Mike
Domain Mike-PC
Path C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
Memory Usage 55 MB
Peak Memory Usage 65 MB
conhost.exe
Process ID 1924
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\conhost.exe
Memory Usage 1.77 MB
Peak Memory Usage 2.13 MB
csrss.exe
Process ID 408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 3.83 MB
Peak Memory Usage 4.08 MB
csrss.exe
Process ID 472
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 9.17 MB
Peak Memory Usage 18 MB
dwm.exe
Process ID 3128
User Mike
Domain Mike-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 28 MB
Peak Memory Usage 46 MB
explorer.exe
Process ID 3152
User Mike
Domain Mike-PC
Path C:\Windows\Explorer.EXE
Memory Usage 56 MB
Peak Memory Usage 65 MB
lsass.exe
Process ID 532
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 6.21 MB
Peak Memory Usage 6.80 MB
lsm.exe
Process ID 540
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 2.88 MB
Peak Memory Usage 3.00 MB
notepad.exe
Process ID 2808
User Mike
Domain Mike-PC
Path C:\Windows\system32\notepad.exe
Memory Usage 6.24 MB
Peak Memory Usage 6.27 MB
rundll32.exe
Process ID 3012
User Mike
Domain Mike-PC
Path C:\Windows\system32\rundll32.exe
Memory Usage 5.36 MB
Peak Memory Usage 5.39 MB
sched.exe
Process ID 1384
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Avira\AntiVir Desktop\sched.exe
Memory Usage 872 KB
Peak Memory Usage 7.26 MB
services.exe
Process ID 516
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 6.17 MB
Peak Memory Usage 12 MB
slui.exe
Process ID 2732
User Mike
Domain Mike-PC
Path C:\Windows\System32\slui.exe
Memory Usage 8.56 MB
Peak Memory Usage 9.01 MB
smss.exe
Process ID 264
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 648 KB
Peak Memory Usage 844 KB
speccy.exe
Process ID 3432
User Mike
Domain Mike-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
spoolsv.exe
Process ID 1348
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 8.95 MB
Peak Memory Usage 15 MB
sppsvc.exe
Process ID 276
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\sppsvc.exe
Memory Usage 6.09 MB
Peak Memory Usage 6.84 MB
svchost.exe
Process ID 1704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.70 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 2412
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.21 MB
Peak Memory Usage 9.36 MB
svchost.exe
Process ID 2496
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.24 MB
Peak Memory Usage 4.71 MB
svchost.exe
Process ID 1404
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 34 MB
svchost.exe
Process ID 1212
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 768
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.92 MB
Peak Memory Usage 99 MB
svchost.exe
Process ID 1096
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 932
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 27 MB
Peak Memory Usage 97 MB
svchost.exe
Process ID 904
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 73 MB
Peak Memory Usage 86 MB
svchost.exe
Process ID 772
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.98 MB
Peak Memory Usage 6.36 MB
svchost.exe
Process ID 836
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 640
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.38 MB
Peak Memory Usage 7.12 MB
svchost.exe
Process ID 2652
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 1.63 MB
Peak Memory Usage 1.63 MB
syntpenh.exe
Process ID 3248
User Mike
Domain Mike-PC
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 7.24 MB
Peak Memory Usage 8.40 MB
syntphelper.exe
Process ID 3524
User Mike
Domain Mike-PC
Path C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Memory Usage 2.40 MB
Peak Memory Usage 2.40 MB
system
Process ID 4
system idle process
Process ID 0
taskhost.exe
Process ID 1500
User Mike
Domain Mike-PC
Path C:\Windows\system32\taskhost.exe
Memory Usage 6.55 MB
Peak Memory Usage 6.81 MB
wininit.exe
Process ID 460
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 2.88 MB
Peak Memory Usage 3.36 MB
winlogon.exe
Process ID 676
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 3.75 MB
Peak Memory Usage 6.09 MB
wmiprvse.exe
Process ID 1232
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 6.78 MB
Peak Memory Usage 6.78 MB
wmpnetwk.exe
Process ID 3620
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 5.14 MB
Peak Memory Usage 9.23 MB
xaudio.exe
Process ID 456
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DRIVERS\xaudio.exe
Memory Usage 1.95 MB
Peak Memory Usage 2.32 MB
Hotfixes
12/21/2011 Security Update for Windows 7 (KB2588516)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2618444)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/21/2011 Security Update for Windows 7 (KB2620704)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Security Update for Windows 7 (KB2639417)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
12/21/2011 Security Update for Windows 7 (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Update for Windows 7 (KB2633952)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
12/21/2011 Security Update for Windows 7 (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Windows Malicious Software Removal Tool - December 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/21/2011 Security Update for Windows 7 (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2011 Update for Windows 7 (KB2641690)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
12/21/2011 Security Update for Windows 7 (KB2633171)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/20/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2539636)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
11/1/2011 Security Update for Windows 7 (KB2503665)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows 7 (KB2556532)
A security issue has been identified that could allow an authenticated
local attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
11/1/2011 Update for Windows 7 (KB2552343)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2416472)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2518869)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
11/1/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2487367)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows 7 (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Update for Windows 7 (KB2570791)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
11/1/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2539635)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2563894)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
11/1/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2572077)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows 7 (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
11/1/2011 Windows Malicious Software Removal Tool - October 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/1/2011 Security Update for Windows 7 (KB2567053)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
11/1/2011 Update Rollup for ActiveX Killbits for Windows 7 (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
11/1/2011 Security Update for Windows 7 (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Windows 7 (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2572078)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2586448)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/1/2011 Hewlett-Packard Development Company, L.P. - Other hardware - HP Quick Launch Buttons
Hewlett-Packard Development Company, L.P. Other hardware software
update released in January, 2011
11/1/2011 Security Update for Windows 7 (KB2560656)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Internet Explorer 8 for Windows 7 (KB2544521)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/1/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
11/1/2011 Update for Windows 7 (KB2616676)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
5/24/2011 Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2446710)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
5/22/2011 Ricoh Company driver update for Ricoh xD-Picture Card Controller
This driver was provided by Ricoh Company for support of Ricoh
xD-Picture Card Controller
5/22/2011 Hewlett-Packard Development Company, L.P. - Other hardware - HP Hotkey Device
Hewlett-Packard Development Company, L.P. Other hardware software
update released in February, 2010
5/21/2011 Windows 7 Service Pack 1 (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
5/21/2011 Windows Internet Explorer 9 for Windows 7
Windows Internet Explorer 9 delivers web sites and applications
that look and perform like native PC applications through the
power of Windows.

Fast: Internet Explorer 9 is all-around fast.
Designed to take full advantage of your PC’s hardware through
Windows, Internet Explorer 9 delivers graphically rich and immersive
experiences that are as fast and responsive as native applications
installed on your PC.

Clean: Internet Explorer puts the focus
on the Web sites you love with a clean look and increased viewing
area that makes your Web sites shine. Intuitive and seamless
integration with Windows 7 provides one-click access to Web applications
pinned directly to your Taskbar.

Trusted: Internet Explorer
is the trusted way to the Web because it has a robust set of
built-in security, privacy and reliability technologies that
keep you safer and your browsing experience uninterrupted.


Interoperable: Support for HTML5 and modern Web standards architected
to take advantage of the GPU means that the same mark-up not
only works across the Web, but runs faster and delivers a richer
experience through Windows and Internet Explorer 9.
5/13/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1631.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/13/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/13/2011 Update for Windows 7 (KB2533552)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
5/12/2011 Update for Windows 7 (KB2534366)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/11/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/10/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1349.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/10/2011 Intel Corporation - Display - Mobile Intel® 945 Express Chipset Family
Intel Corporation Display software update released in September,
2009
5/9/2011 Windows 7 Service Pack 1 (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
5/8/2011 Windows Internet Explorer 9 for Windows 7
Windows Internet Explorer 9 delivers web sites and applications
that look and perform like native PC applications through the
power of Windows.

Fast: Internet Explorer 9 is all-around fast.
Designed to take full advantage of your PC’s hardware through
Windows, Internet Explorer 9 delivers graphically rich and immersive
experiences that are as fast and responsive as native applications
installed on your PC.

Clean: Internet Explorer puts the focus
on the Web sites you love with a clean look and increased viewing
area that makes your Web sites shine. Intuitive and seamless
integration with Windows 7 provides one-click access to Web applications
pinned directly to your Taskbar.

Trusted: Internet Explorer
is the trusted way to the Web because it has a robust set of
built-in security, privacy and reliability technologies that
keep you safer and your browsing experience uninterrupted.


Interoperable: Support for HTML5 and modern Web standards architected
to take advantage of the GPU means that the same mark-up not
only works across the Web, but runs faster and delivers a richer
experience through Windows and Internet Explorer 9.
5/7/2011 Update for Windows 7 (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
5/7/2011 Security Update for Windows 7 (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB978886)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB983590)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB975467)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
5/7/2011 Security Update for Windows 7 (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB2508272)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
5/7/2011 Intel - Network - Intel® PRO/100 VE Network Connection
Intel Network software update released in December, 2007
5/7/2011 Security Update for Windows 7 (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Windows 7 (KB976902)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
5/7/2011 Security Update for Windows 7 (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Microsoft .NET Framework 3.5 SP1 Update for Windows 7 x86 (KB982526)
This update addresses a set of known issues of the Microsoft
.NET Framework 3.5 Service Pack 1. After you install this item,
you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Windows 7 (KB977074)
This is a reliability update. This update resolves some reliability
issues in Windows 7. By applying this update, you can achieve
better reliability in various scenarios. After you install this
item, you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2497640)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Windows 7 (KB2443685)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
5/7/2011 Cumulative Update for Media Center for Windows 7 (KB2284742)
Install this update to resolve issues with Media Center for Windows
7. For a complete listing of the issues that are included in
this cumulative update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
5/7/2011 Intel Corporation - Display - Mobile Intel® 945 Express Chipset Family
Intel Corporation Display software update released in September,
2009
5/7/2011 Security Update for Windows 7 (KB2207566)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
5/7/2011 Security Update for Windows 7 (KB2305420)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB974571)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/7/2011 Update for Windows 7 (KB980408)
Install this update to resolve reliability issues with Windows
7 and Server 2008 R2. For complete details of this update, see
the Knowledge Base Article. After you install this item, you
may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB982799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2079403)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2425227)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/7/2011 Ricoh Company driver update for Ricoh xD-Picture Card Controller
This driver was provided by Ricoh Company for support of Ricoh
xD-Picture Card Controller
5/7/2011 Security Update for Windows 7 (KB2419640)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Windows 7 (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
5/7/2011 Update for Windows 7 (KB974431)
This is a reliability update. This update resolves some reliability
issues in Windows 7. By applying this update, you can achieve
better reliability in various scenarios. After you install this
item, you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB2446709)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
5/7/2011 Security Update for Windows 7 (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2506223)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB977165)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/7/2011 Security Update for Windows 7 (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2385678)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Hewlett-Packard Development Company, L.P. - Other hardware - HP Hotkey Device
Hewlett-Packard Development Company, L.P. Other hardware software
update released in February, 2010
5/7/2011 Security Update for Windows 7 (KB2286198)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2483614)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2503658)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
5/7/2011 Security Update for Microsoft .NET Framework 3.5.1 and Windows 7 x86 (KB2416471)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
5/7/2011 Update for Windows 7 (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
5/7/2011 Security Update for Windows 7 (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2281679)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2442962)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Rights Management Services Client for Windows 7 (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
5/7/2011 CXT - Network - HDAUDIO Soft Data Fax Modem with SmartCP
CXT Network software update released in August, 2007
5/7/2011 Security Update for Windows 7 (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Synaptics - Input - Synaptics PS/2 Port TouchPad
Synaptics Input software update released in March, 2008
5/7/2011 Conexant - Audio - Conexant High Definition Audio
Conexant Audio software update released in May, 2008
5/7/2011 Security Update for Windows 7 (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Security Update for Windows 7 (KB979688)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/7/2011 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2447568)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
5/7/2011 Definition Update for Windows Defender - KB915597 (Definition 1.103.1139.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
5/7/2011 Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 x86 (KB979916)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
System Folders
Path for burning CD C:\Users\Mike\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Mike\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Mike\Desktop
Physical Desktop C:\Users\Mike\Desktop
User Favorites C:\Users\Mike\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Mike\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Mike\AppData\Local
Windows directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
Genuine Intel® CPU T2250 @ 1.73GHz
Genuine Intel® CPU T2250 @ 1.73GHz
ACPI Thermal Zone
ACPI Power Button
ACPI Sleep Button
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
ACPI Lid
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
Mobile Intel® 945GM/GU/PM/GMS/940GML/943GML and Intel® 945GT Express Processor to DRAM Controller - 27A0
Mobile Intel® 945 Express Chipset Family
Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Motherboard resources
Mobile Intel® 945 Express Chipset Family
Generic PnP Monitor
High Definition Audio Controller
Conexant High Definition Audio
HDAUDIO Soft Data Fax Modem with SmartCP
Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Intel® PRO/Wireless 3945ABG Network Connection
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
USB Root Hub
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
USB Root Hub
USB Composite Device
USB Input Device
HID Keyboard Device
USB Input Device
HID-compliant mouse
HID-compliant consumer control device
HID-compliant device
HID-compliant device
USB Input Device
HID-compliant device
HID-compliant device
HID-compliant device
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
USB Root Hub
Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
USB Root Hub
Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
USB Root Hub
HP Pavilion Webcam
Intel® 82801 PCI Bridge - 2448
Ricoh 1394 OHCI Compliant Host Controller
SDA Standard Compliant SD Host Controller
Ricoh MMC Host Controller
Ricoh Memory Stick Host Controller
Ricoh xD-Picture Card Controller
Intel® PRO/100 VE Network Connection
Intel® 82801GBM (ICH7-M/U) LPC Interface Controller - 27B9
Microsoft ACPI-Compliant Embedded Controller
Direct memory access controller
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
Motherboard resources
System CMOS/real time clock
System timer
Synaptics PS/2 Port TouchPad
HP Quick Launch Buttons
HID-compliant device
HID Keyboard Device
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Keyboard Filter
Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF
ATA Channel 0
Optiarc DVD RW AD-7581A ATA Device
Standard AHCI 1.0 Serial ATA Controller
ATA Channel 2
ATA Channel 0
FUJITSU MHV2100BH PL ATA Device
Services
Running Akamai NetSession Interface
Running Application Experience
Running Application Information
Running Avira AntiVir Guard
Running Avira AntiVir Scheduler
Running Avira AntiVir WebGuard
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Provider
Running Human Interface Device Access
Running IP Helper
Running IPsec Policy Agent
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Offline Files
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Protection
Running SPP Notification Service
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Running XAudioService
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe SwitchBoard
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped ASP.NET State Service
Stopped Autodesk Licensing Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped BranchCache
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Com4QLBEx
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped FLEXnet Licensing Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HP LaserJet Professional M1210 MFP Series Receive Fax Service
Stopped HP LaserJet Service
Stopped HP SI Service
Stopped hpqwmiex
Stopped IKE and AuthIP IPsec Keying Modules
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped LightScribeService Direct Disc Labeling Service
Stopped Link-Layer Topology Discovery Mapper
Stopped lxcr_device
Stopped Media Center Extender Service
Stopped mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped Pml Driver HPZ12
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped SAS Core Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Image Acquisition (WIA)
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Search
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped WWAN AutoConfig
CPU
Intel Core Duo T2250
Cores 2
Threads 2
Name Intel Core Duo T2250
Code Name Yonah
Package Socket 479 mPGA
Technology 65nm
Specification Genuine Intel® CPU T2250 @ 1.73GHz
Family 6
Extended Family 6
Model E
Extended Model E
Stepping 8
Revision C0
Instructions MMX, SSE, SSE2, SSE3
Virtualization Unsupported
Hyperthreading Not supported
Bus Speed 133.0 MHz
Rated Bus Speed 532.2 MHz
Stock Core Speed 1733 MHz
Stock Bus Speed 133 MHz
Average Temperature 41 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2048 KBytes
Core 0
Core Speed 1729.6 MHz
Multiplier x 6.0
Bus Speed 133.0 MHz
Rated Bus Speed 532.2 MHz
Temperature 42 °C
Thread 1
APIC ID 0
Core 1
Core Speed 1729.6 MHz
Multiplier x 6.0
Bus Speed 133.0 MHz
Rated Bus Speed 532.2 MHz
Temperature 39 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 266.1 MHz
CAS# Latency (CL) 4 clocks
RAS# to CAS# Delay (tRCD) 4 clocks
RAS# Precharge (tRP) 4 clocks
Cycle Time (tRAS) 12 clocks
Bank Cycle Time (tRC) 16 clocks
Physical Memory
Memory Usage 46 %
Total Physical 1.99 GB
Available Physical 1.06 GB
Total Virtual 3.98 GB
Available Virtual 2.82 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Qimonda
Max Bandwidth PC2-5300 (333 MHz)
Part Number 64T128021HDL3SB
Serial Number 0118B313
Week/year 41 / 06
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Qimonda
Max Bandwidth PC2-5300 (333 MHz)
Part Number 64T128021HDL3SB
Serial Number 02005F10
Week/year 42 / 06
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Quanta
Model 30BB (U2E1)
Version Rev 1
Chipset Vendor Intel
Chipset Model i945GM
Chipset Revision 03
Southbridge Vendor Intel
Southbridge Model 82801GHM (ICH7-M/U)
Southbridge Revision B0
System Temperature 39 °C
BIOS
Brand Hewlett-Packard
Version F.05
Date 10/02/2006
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 64 bit
Slot Designation PCI Express Slot 1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 64 bit
Slot Designation PCI Express Slot 2
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 64 bit
Slot Designation PCI Express Slot 3
Slot Number 2
Graphics
Monitor
Name Generic PnP Monitor on Mobile Intel 945 Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x770 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Mobile Intel® 945 Express Chipset Family
Memory 256 MB
Memory type 2
Driver version 8.15.10.1930
Mobile Intel® 945 Express Chipset Family
Memory type 2
Driver version 8.15.10.1930
OpenGL
Version 1.4.0 - Build 8.14.10.1930
Vendor Intel
Renderer Intel 945GM
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 16
GL_MAX_TEXTURE_SIZE 2048
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_blend_color
GL_EXT_abgr
GL_EXT_texture3D
GL_EXT_clip_volume_hint
GL_EXT_compiled_vertex_array
GL_EXT_cull_vertex
GL_SGIS_texture_edge_clamp
GL_SGIS_generate_mipmap
GL_EXT_draw_range_elements
GL_SGIS_texture_lod
GL_EXT_rescale_normal
GL_EXT_packed_pixels
GL_EXT_separate_specular_color
GL_ARB_multitexture
GL_EXT_texture_env_combine
GL_EXT_bgra
GL_EXT_blend_func_separate
GL_EXT_secondary_color
GL_EXT_fog_coord
GL_EXT_texture_env_add
GL_ARB_texture_cube_map
GL_ARB_transpose_matrix
GL_ARB_texture_env_add
GL_IBM_texture_mirrored_repeat
GL_EXT_multi_draw_arrays
GL_NV_blend_square
GL_ARB_texture_compression
GL_3DFX_texture_compression_FXT1
GL_EXT_texture_filter_anisotropic
GL_ARB_texture_border_clamp
GL_ARB_point_parameters
GL_ARB_texture_env_combine
GL_ARB_texture_env_dot3
GL_ARB_texture_env_crossbar
GL_EXT_texture_compression_s3tc
GL_ARB_shadow
GL_ARB_window_pos
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_ARB_vertex_program
GL_ARB_fragment_program
GL_EXT_stencil_two_side
GL_ARB_vertex_buffer_object
GL_EXT_texture_lod_bias
GL_NV_texgen_reflection
GL_ARB_depth_texture
GL_WIN_swap_hint
GLU Extensions
GL_EXT_bgra
Hard Drives
FUJITSU MHV2100BH PL ATA Device
Manufacturer Unknown manufacturer
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA/ATAPI-7
LBA Size 48-bit LBA
Power On Count 4859 times
Power On Time 556.8 days
Features S.M.A.R.T., APM
Transfer Mode SATA I
Interface SATA
Capacity 98GB
Real size 100,030,242,816 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (100 worst) Data 0000027479
02 Throughput Performance 100 (100) Data 00019F0000
03 Spin-Up Time 100 (100) Data 0000000001
04 Start/Stop Count 098 (098) Data 0000001808
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000525
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 074 (074) Data 0000003432
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 00000012FB
C0 Power-off Retract Count 100 (100) Data 0000000047
C1 Load/Unload Cycle Count 089 (089) Data 0000038286
C2 Temperature 100 (100) Data 000005002C
C3 Hardware ECC Recovered 100 (100) Data 0000000D53
C4 Reallocation Event Count 100 (100) Data 001B340000
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (100) Data 0000002E80
Temperature 45 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number F81BE1CE
Size 78GB
Used Space 50GB (64%)
Free Space 28.5GB (36%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter F:
File System NTFS
Volume Serial Number 0E2E4C10
Size 15.0GB
Used Space 92MB (1%)
Free Space 14.9GB (99%)
Optical Drives
DTSoftBusCd00
Media Type DVD-ROM
Name DTSoftBusCd00
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
Status OK
Optiarc DVD RW AD-7581A ATA Device
Media Type DVD Writer
Name Optiarc DVD RW AD-7581A ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 0
Status OK
Audio
Sound Card
Conexant High Definition Audio
Playback Devices
SPDIF Interface (Conexant High Definition Audio)
Speakers (Conexant High Definition Audio) (default)
Recording Device
Microphone (Conexant High Definition Audio)
Peripherals
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Device Kind Keyboard
Device Name Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Location plugged into keyboard port
Driver
Date 4-21-2009
Version 6.5.1.2
File C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
File C:\Windows\system32\DRIVERS\wdfcoinstaller01005.dll
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Location HP Quick Launch Buttons
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Location plugged into PS/2 mouse port
Driver
Date 3-27-2008
Version 11.0.7.0
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\SynTPCo4.dll
File C:\Windows\system32\WdfCoInstaller01000.dll
HP LaserJet Professional M1210 MFP Series
Device Kind Camera/scanner
Device Name HP LaserJet Professional M1210 MFP Series
Driver
Date 3-31-2010
Version 1.0.1.19178
File C:\Windows\system32\m1210nwia.dll
File C:\Windows\twain_32\hpm1210nf\m1210.ds
File C:\Windows\system32\drivers\serscan.sys
HP Pavilion Webcam
Device Kind Camera/scanner
Device Name HP Pavilion Webcam
Vendor Unknown
Location Port_#0004.Hub_#0005
Driver
Date 7-6-2006
Version 5.7.7.0
File C:\Windows\system32\drivers\sncduvc.sys
File C:\Windows\system32\drivers\snp2uvc.sys
File C:\Windows\system32\vsnp2uvc.dll
Printers
Adobe PDF
Printer Port Documents\*.pdf
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 1200 * 1200 dpi Color
Status Unknown
Driver
Driver Name Adobe PDF Converter (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL
Bullzip PDF Printer (Default Printer)
Printer Port BULLZIP
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Bullzip PDF Printer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\FXSDRV.DLL
HP Designjet 500 24 by HP
Printer Port LPT1:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 4294967293 dpi Color
Status Unknown
Driver
Driver Name HP Designjet 500 24 by HP (v6.07)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\hpltdrv7.dll
HP Designjet 500 24 by HP (Copy 1)
Printer Port USB002
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 4294967293 dpi Color
Status Unknown
Driver
Driver Name HP Designjet 500 24 by HP (v6.07)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\hpltdrv7.dll
HP LaserJet Professional M1217nfw MFP
Printer Port USB003
Print Processor HPM1210PrintProc
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet Professional M1217nfw MFP (v0.03)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\hpm1210sd.dll
HP Universal Printing PS
Printer Port IP_192.168.2.7
Print Processor hpzpp07s
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status The printer is offline
Driver
Driver Name HP Universal Printing PS (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL
Lexmark 2400 Series
Printer Port USB001
Print Processor Lexmark 2400 Series Print Processor
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Lexmark 2400 Series (v4.1410)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\lxcrdr5c.dll
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.0.100
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 192.168.0.1
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 208.120.88.224
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name MIKE-PC
DNS Name Mike-PC
Domain Name Mike-PC
Remote Desktop
Console
State Active
Domain Mike-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (Odizzle)
SSID Odizzle
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network WEP cipher algorithm with a cipher key of any length
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Disabled
Adapters List
Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.0.100
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Network Shares
Users C:\Users
Current TCP Connections
C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe (3560)
Local 192.168.0.100:49247 ESTABLISHED Remote 74.125.113.83:443 (Querying... ) (HTTPS)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 192.168.0.100:139 (NetBIOS session service) LISTEN
Local [00:00:00:00:00:00:00:00]:445 LISTEN
Local [00:00:00:00:00:00:00:00]:5357 LISTEN
avwebgrd.exe (2268)
Local 0.0.0.0:44080 LISTEN
Local 0.0.0.0:44081 LISTEN
lsass.exe (532)
Local 0.0.0.0:49157 LISTEN
Local [00:00:00:00:00:00:00:00]:49157 LISTEN
services.exe (516)
Local 0.0.0.0:49162 LISTEN
Local [00:00:00:00:00:00:00:00]:49162 LISTEN
svchost.exe (772)
Local 0.0.0.0:135 (DCE) LISTEN
Local [00:00:00:00:00:00:00:00]:135 LISTEN
svchost.exe (836)
Local 0.0.0.0:49153 LISTEN
Local [00:00:00:00:00:00:00:00]:49153 LISTEN
svchost.exe (932)
Local 0.0.0.0:49154 LISTEN
Local [00:00:00:00:00:00:00:00]:49154 LISTEN
wininit.exe (460)
Local 0.0.0.0:49152 LISTEN
Local [00:00:00:00:00:00:00:00]:49152 LISTEN


Process Explorer

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 47.83 0 K 24 K
chrome.exe 3964 17.95 40,376 K 45,808 K Google Chrome Google Inc.
procexp.exe 2608 11.49 15,612 K 31,556 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 3128 5.15 40,056 K 31,488 K Desktop Window Manager Microsoft Corporation
System 4 5.05 48 K 1,088 K
WmiPrvSE.exe 2060 3.75 4,220 K 7,628 K WMI Provider Host Microsoft Corporation
svchost.exe 932 2.42 28,344 K 31,452 K Host Process for Windows Services Microsoft Corporation
Interrupts n/a 1.86 0 K 0 K Hardware Interrupts and DPCs
svchost.exe 1704 1.61 4,960 K 8,140 K Host Process for Windows Services Microsoft Corporation
Speccy.exe 3432 1.28 30,796 K 41,176 K Speccy Piriform Ltd
WmiPrvSE.exe 2028 0.50 19,268 K 23,952 K WMI Provider Host Microsoft Corporation
csrss.exe 472 0.23 5,508 K 9,744 K Client Server Runtime Process Microsoft Corporation
chrome.exe 3560 0.22 35,040 K 55,932 K Google Chrome Google Inc.
explorer.exe 3152 0.19 33,980 K 58,460 K Windows Explorer Microsoft Corporation
svchost.exe 772 0.09 3,480 K 6,404 K Host Process for Windows Services Microsoft Corporation
WmiApSrv.exe 2588 0.08 1,528 K 4,624 K WMI Performance Reverse Adapter Microsoft Corporation
chrome.exe 2616 0.06 40,720 K 53,428 K Google Chrome Google Inc.
svchost.exe 640 0.06 3,256 K 6,916 K Host Process for Windows Services Microsoft Corporation
avgnt.exe 3284 0.05 5,948 K 2,680 K Antivirus System Tray Tool Avira GmbH
svchost.exe 1212 0.04 13,080 K 12,072 K Host Process for Windows Services Microsoft Corporation
lsass.exe 532 0.03 3,292 K 6,568 K Local Security Authority Process Microsoft Corporation
svchost.exe 836 0.03 15,888 K 14,588 K Host Process for Windows Services Microsoft Corporation
chrome.exe 3792 0.02 37,564 K 50,960 K Google Chrome Google Inc.
svchost.exe 1096 0.01 6,764 K 12,380 K Host Process for Windows Services Microsoft Corporation
slui.exe 2732 < 0.01 2,400 K 8,824 K Windows Activation Client Microsoft Corporation
SynTPEnh.exe 3248 < 0.01 2,544 K 7,576 K Synaptics TouchPad Enhancements Synaptics, Inc.
spoolsv.exe 1348 < 0.01 8,676 K 9,848 K Spooler SubSystem App Microsoft Corporation
avguard.exe 1724 < 0.01 124,164 K 20,416 K Antivirus On-Access Service Avira GmbH
XAudio.exe 456 680 K 2,160 K Modem Audio Service Conexant Systems, Inc.
wmpnetwk.exe 3620 3,412 K 5,504 K Windows Media Player Network Sharing Service Microsoft Corporation
WmiPrvSE.exe 1232 8,692 K 15,028 K WMI Provider Host Microsoft Corporation
winlogon.exe 676 1,772 K 4,180 K Windows Logon Application Microsoft Corporation
wininit.exe 460 904 K 3,008 K Windows Start-Up Application Microsoft Corporation
taskhost.exe 1500 7,088 K 6,848 K Host Process for Windows Tasks Microsoft Corporation
SynTPHelper.exe 3524 596 K 2,492 K Synaptics Pointing Device Helper Synaptics, Inc.
svchost.exe 1404 10,096 K 11,420 K Host Process for Windows Services Microsoft Corporation
svchost.exe 904 69,540 K 74,824 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2412 4,368 K 8,512 K Host Process for Windows Services Microsoft Corporation
svchost.exe 768 61,668 K 6,612 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2496 1,908 K 4,464 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2652 1,692 K 5,372 K Host Process for Windows Services Microsoft Corporation
sppsvc.exe 276 2,140 K 6,352 K Microsoft Software Protection Platform Service Microsoft Corporation
smss.exe 264 264 K 780 K Windows Session Manager Microsoft Corporation
services.exe 516 4,696 K 6,444 K Services and Controller app Microsoft Corporation
sched.exe 1384 3,488 K 1,292 K Antivirus Scheduler Avira GmbH
rundll32.exe 3012 4,840 K 5,524 K Windows host process (Rundll32) Microsoft Corporation
notepad.exe 2808 1,148 K 6,424 K Notepad Microsoft Corporation
lsm.exe 540 1,460 K 3,108 K Local Session Manager Service Microsoft Corporation
csrss.exe 408 2,708 K 4,120 K Client Server Runtime Process Microsoft Corporation
conhost.exe 1924 496 K 1,996 K Console Window Host Microsoft Corporation
chrome.exe 3788 8,068 K 14,708 K Google Chrome Google Inc.
chrome.exe 4048 9,172 K 18,780 K Google Chrome Google Inc.
avwebgrd.exe 2268 3,228 K 6,236 K AntiVir WebGuard Service Avira GmbH
avshadow.exe 1916 944 K 2,924 K AntiVir shadow copy service Avira GmbH
audiodg.exe 296 15,212 K 14,208 K Windows Audio Device Graph Isolation Microsoft Corporation
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
Your copy of Windows seems to think it is not activated.

Open Windows Activation by clicking the Start button Picture of the Start button, right-clicking Computer, clicking Properties, and then clicking Activate Windows now.‌

If Windows detects an Internet connection, click Activate Windows online now. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Type your Windows 7 product key when prompted, click Next, and then follow the instructions. (Key should be on a sticker on your computer somewhere)

If that doesn't work then Download and Save MGADiag.exe from
go.microsoft.com/fwlink/?linkid=52012
Right click on it and Run As Admin. Copy and paste the report it gives you.

If it does work, Clear the Events: Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Then Run VEW again as before.

Also in either case:
Run Process Explorer as before but this time close all programs especially Chrome. Then save the log as before and copy and paste it.
  • 0

#5
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Turns out I have a pirated copy of Windows 7. This laptop originally came with XP but 7 was installed the last time the computer was reformatted.

How does this affect the troubleshooting?
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
You have about 30 days before it will shutdown then the only thing you can do with it is activate.

I know MS claims that Win 7 will run on PCs built for XP but I am not convinced especially not with only 2 GB of RAM. I don't see anything in your logs that would cause it to run slowly so there is really nothing else we can do. We are not supposed to work on pirated software anyway. I would go back to whoever formatted it for you and have them put a legal XP back on.
  • 0

#7
Noob88

Noob88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts
Ok, I will try to get my legal copy of XP back on and hopefully this memory problem will go away.

Thanks so much for your time RKinner, I really appreciate it!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP