Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't seem to do anything...


  • Please log in to reply

#1
jbcteacher

jbcteacher

    Member

  • Member
  • PipPipPip
  • 192 posts
Hi all. I have gamers for kids and something they did may have hacked our pc. I couldn't get open IE this morning, other computers cannot print to this one (our main hub). I removed suspect apps, ran CCleaner, cleaned files, ran registry cleaner (several times), ran full scan on Ad-aware, tried to run Spybot, but think something hacked that cause it wouldn't open. So here I am. Below is the OTL log. Please help!!! Thanks - Joanne


OTL logfile created on: 8/26/2012 12:59:02 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 5.40 Gb Available Physical Memory | 69.68% Memory free
15.50 Gb Paging File | 13.23 Gb Available in Paging File | 85.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1315.21 Gb Free Space | 94.13% Space Free | Partition Type: NTFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/26 12:58:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2012/08/24 18:17:43 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/08/14 20:36:16 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012/06/06 10:51:00 | 000,869,816 | ---- | M] (CallingID Ltd.) -- C:\Program Files (x86)\xfin_portal\CIDGlobalLight.exe
PRC - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012/03/22 10:55:02 | 000,166,528 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/02/08 19:50:33 | 000,738,168 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
PRC - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/08/16 11:35:36 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Upromise\UpromiseTray.exe
PRC - [2009/07/01 13:19:32 | 000,081,920 | ---- | M] (Compete Inc) -- C:\Program Files (x86)\Upromise\dca-ua.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2007/09/26 14:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/06 10:50:52 | 000,085,976 | ---- | M] () -- C:\Program Files (x86)\xfin_portal\comcastdx.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/08/16 11:35:36 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Upromise\UpromiseTray.exe
MOD - [2009/05/27 10:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 17:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/30 10:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009/03/30 10:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2009/03/30 10:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2009/03/30 10:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2009/03/30 10:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2009/03/30 10:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2009/03/30 10:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2009/03/10 03:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 12:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 04:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 04:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/14 20:36:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeacoms.exe -- (lxea_device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/26 14:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/28 20:35:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/10/02 15:30:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2009/09/25 14:13:26 | 000,205,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 06:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/08/21 22:05:05 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120824.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/21 17:03:26 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120825.007\ex64.sys -- (NAVEX15)
DRV - [2012/08/21 17:03:26 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120825.007\eng64.sys -- (NAVENG)
DRV - [2012/08/09 17:26:15 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 17:26:15 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/04 00:16:10 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120804.001_ad0\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/12/09 22:33:45 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PxHlpa64.sys -- (PxHlpa64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2233703
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.xfinit...q={searchTerms}
IE - HKCU\..\SearchScopes\{52C61032-D805-4223-B6DE-9EBF68341706}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKCU\..\SearchScopes\{749D04D3-4AC1-465C-9379-B023D3061AB7}: "URL" = http://search.condui...&ctid=CT2233703
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{D23B57BE-3C5B-46E1-8358-6CFF6EB18FBE}: "URL" = http://websearch.ask...F-3FFB3136BB96
IE - HKCU\..\SearchScopes\{DE1658D3-F47D-444F-9202-5137CDABA9A1}: "URL" = http://search.yahoo....24,17118,0,18,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Justin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/08/09 00:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_10_1 [2012/08/26 11:22:25 | 000,000,000 | ---D | M]

[2012/06/12 19:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Shop to Win) - {00B48AB6-399B-4E4E-B07E-DA47C34C453A} - C:\Program Files (x86)\Shop to Win 17\Shop to Win 17.dll (Shop To Win, LLC)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7B62F6EE-D046-11D3-9C5E-0060082627F7} https://wws2.mutualo.../TWDownload.cab (TWDownloader Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2247A93-1417-450A-A28F-2D79EDDFD666}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 12:58:33 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2012/08/26 10:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2012/08/26 10:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/08/26 09:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/26 09:58:11 | 000,000,000 | R--D | C] -- C:\Users\Justin\4Sync
[2012/08/26 09:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/26 09:55:41 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\CRE
[2012/08/26 09:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\4Sync
[2012/08/13 19:03:20 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\Microsoft Help
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/26 12:58:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2012/08/26 12:46:38 | 000,000,282 | -H-- | M] () -- C:\aaw7boot.cmd
[2012/08/26 12:40:01 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/26 12:36:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 11:29:37 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 11:29:37 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 11:22:28 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/26 11:22:28 | 000,000,416 | ---- | M] () -- C:\windows\tasks\PC Optimizer Pro64 startups.job
[2012/08/26 11:22:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/26 11:22:15 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/26 11:00:18 | 000,000,264 | ---- | M] () -- C:\windows\tasks\RGames Updater.job
[2012/08/26 09:55:52 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/24 18:17:49 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat
[2012/08/24 18:17:49 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat
[2012/08/21 17:41:45 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/19 16:43:58 | 000,116,531 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:07 | 016,216,476 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/16 16:54:18 | 000,412,624 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/12 08:57:15 | 000,050,238 | ---- | M] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/08/10 20:32:53 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/10 20:32:53 | 000,624,162 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/10 20:32:53 | 000,106,538 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/26 12:46:38 | 000,000,282 | -H-- | C] () -- C:\aaw7boot.cmd
[2012/08/26 09:55:51 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:04 | 016,216,476 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/12 08:57:33 | 000,050,238 | ---- | C] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/06/17 10:21:19 | 000,001,451 | ---- | C] () -- C:\windows\wininit.ini
[2012/06/12 19:57:06 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/04/15 10:12:59 | 000,047,616 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012/04/15 10:12:59 | 000,000,142 | ---- | C] () -- C:\windows\wpd99.drv
[2011/12/13 17:54:56 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat
[2011/12/13 17:54:56 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat
[2011/05/24 17:49:11 | 000,001,940 | ---- | C] () -- C:\Users\Justin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/08/21 19:09:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.minecraft
[2012/06/09 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.jakks.spynet
[2010/07/18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DriverFinder
[2011/10/15 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ImgBurn
[2010/08/19 13:22:12 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Leadertech
[2011/11/29 19:16:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\MusicNet
[2012/04/15 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\pdf995
[2011/01/01 10:17:42 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\PriceGong
[2010/06/24 14:43:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Skinux
[2012/04/15 10:13:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TaxCut
[2010/05/29 10:31:25 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\upromise
[2012/08/26 13:02:37 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\uTorrent
[2012/08/26 11:22:28 | 000,000,416 | ---- | M] () -- C:\windows\Tasks\PC Optimizer Pro64 startups.job
[2012/08/26 11:00:18 | 000,000,264 | ---- | M] () -- C:\windows\Tasks\RGames Updater.job
[2012/06/14 17:04:27 | 000,032,568 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
I expect that Norton ate Spybot. Please uninstall Spybot then reboot.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 31
but there may be others.

Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.




Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:Services
Abiosdsk

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2233703
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.xfinit...q={searchTerms}
IE - HKCU\..\SearchScopes\{52C61032-D805-4223-B6DE-9EBF68341706}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{749D04D3-4AC1-465C-9379-B023D3061AB7}: "URL" = http://search.condui...&ctid=CT2233703
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{D23B57BE-3C5B-46E1-8358-6CFF6EB18FBE}: "URL" = http://websearch.ask...F-3FFB3136BB96
IE - HKCU\..\SearchScopes\{DE1658D3-F47D-444F-9202-5137CDABA9A1}: "URL" = http://search.yahoo....24,17118,0,18,0
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O2 - BHO: (Shop to Win) - {00B48AB6-399B-4E4E-B07E-DA47C34C453A} - C:\Program Files (x86)\Shop to Win 17\Shop to Win 17.dll (Shop To Win, LLC)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
[2012/08/26 11:22:28 | 000,000,416 | ---- | M] () -- C:\windows\tasks\PC Optimizer Pro64 startups.job
[2012/08/26 11:00:18 | 000,000,264 | ---- | M] () -- C:\windows\tasks\RGames Updater.job
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
   
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and close all browsers. Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.


Can you now open IE? How about the 64 bit version? Does it work?

Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Copy the text in the code box:

nnetsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.


Ron
  • 0

#3
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Thanks Ron. I only got as far as running Combo Fix. After it stopper running, two pop up boxes appeared, that basically stating ie and ie 64 as items marked for deletion. I cannot use ie. I am writing this from my iPad. What should I do now?
  • 0

#4
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Thanks Ron. I only got as far as running Combo Fix. After it stopper running, two pop up boxes appeared, that basically stating ie and ie 64 as items marked for deletion. I cannot use ie. I am writing this from my iPad. What should I do now?
  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Reboot and it should clear the error.
  • 0

#6
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
OK! Here goes...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 16:30:06
-----------------------------
16:30:06.473 OS Version: Windows x64 6.1.7601 Service Pack 1
16:30:06.473 Number of processors: 4 586 0x403
16:30:06.473 ComputerName: JUSTIN-PC UserName: Justin
16:30:10.263 Initialize success
16:31:45.325 AVAST engine defs: 12082700
16:31:58.632 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:31:58.632 Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
16:31:58.647 Disk 0 MBR read successfully
16:31:58.647 Disk 0 MBR scan
16:31:58.647 Disk 0 Windows 7 default MBR code
16:31:58.647 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:31:58.663 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1430697 MB offset 206848
16:31:58.678 Disk 0 scanning C:\windows\system32\drivers
16:32:09.318 Service scanning
16:32:23.919 Modules scanning
16:32:27.133 AVAST engine scan C:\windows
16:32:29.769 AVAST engine scan C:\windows\system32
16:34:46.878 AVAST engine scan C:\windows\system32\drivers
16:34:57.205 AVAST engine scan C:\Users\Justin
16:38:40.566 AVAST engine scan C:\ProgramData
16:40:58.642 Scan finished successfully
16:42:03.725 Disk 0 MBR has been saved successfully to "C:\Users\Justin\Desktop\MBR.dat"
16:42:03.741 The log file has been saved successfully to "C:\Users\Justin\Desktop\aswMBR.txt"



ComboFix 12-08-25.04 - Justin 08/27/2012 16:56:22.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5959 [GMT -4:00]
Running from: C:\Users\Justin\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\SPL5F7E.tmp
C:\ProgramData\SPL64BD.tmp
C:\ProgramData\SPL9C50.tmp
C:\ProgramData\SPLA75D.tmp
C:\ProgramData\SPLB010.tmp
C:\Users\Justin\AppData\Roaming\PriceGong
C:\Users\Justin\AppData\Roaming\PriceGong\Data\1.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\a.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\b.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\c.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\d.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\e.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\f.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\g.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\h.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\i.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\J.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\k.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\l.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\m.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\mru.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\n.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\o.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\p.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\q.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\r.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\s.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\t.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\u.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\v.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\w.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\x.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\y.xml
C:\Users\Justin\AppData\Roaming\PriceGong\Data\z.xml


((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))


2012-08-27 21:01:01 . 2012-08-27 21:01:01 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-08-27 20:17:43 . 2012-08-27 20:17:43 -------- d-----w- C:\_OTL
2012-08-27 20:11:39 . 2012-08-27 20:11:39 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2012-08-27 20:11:21 . 2012-08-27 20:10:57 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-08-27 20:11:12 . 2012-08-27 20:10:58 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-26 14:01:17 . 2012-08-26 14:01:17 -------- d-----w- C:\ProgramData\W3i
2012-08-26 14:00:31 . 2012-08-26 15:19:43 -------- d-----w- C:\ProgramData\WeCareReminder
2012-08-26 13:59:54 . 2012-08-26 13:59:55 -------- d-----w- C:\Program Files (x86)\Free Offers from Freeze.com
2012-08-26 13:58:11 . 2012-08-26 15:03:47 -------- d-----r- C:\Users\Justin\4Sync
2012-08-26 13:55:50 . 2012-08-26 13:55:50 -------- d-----w- C:\Program Files (x86)\Conduit
2012-08-26 13:55:46 . 2012-08-26 13:55:46 -------- d-----w- C:\ProgramData\McAfee
2012-08-26 13:55:41 . 2012-08-26 13:55:41 -------- d-----w- C:\Users\Justin\AppData\Local\CRE
2012-08-26 13:55:29 . 2012-08-26 13:55:29 -------- d-----w- C:\ProgramData\4Sync
2012-08-15 23:33:49 . 2012-05-05 08:36:55 503808 ----a-w- C:\windows\system32\srcore.dll
2012-08-15 23:33:49 . 2012-05-05 07:46:52 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2012-08-15 23:33:48 . 2012-07-04 22:16:43 73216 ----a-w- C:\windows\system32\netapi32.dll
2012-08-15 23:33:48 . 2012-07-04 22:13:27 59392 ----a-w- C:\windows\system32\browcli.dll
2012-08-15 23:33:48 . 2012-07-04 22:13:27 136704 ----a-w- C:\windows\system32\browser.dll
2012-08-15 23:33:48 . 2012-07-04 21:14:34 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-08-15 23:33:45 . 2012-07-18 18:15:06 3148800 ----a-w- C:\windows\system32\win32k.sys
2012-08-15 23:33:39 . 2012-02-11 06:43:47 751104 ----a-w- C:\windows\system32\win32spl.dll
2012-08-15 23:33:39 . 2012-02-11 06:36:02 559104 ----a-w- C:\windows\system32\spoolsv.exe
2012-08-15 23:33:39 . 2012-02-11 06:36:01 67072 ----a-w- C:\windows\splwow64.exe
2012-08-15 23:33:39 . 2012-02-11 05:43:49 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-08-15 23:33:37 . 2012-05-14 05:26:34 956928 ----a-w- C:\windows\system32\localspl.dll
2012-08-13 23:03:20 . 2012-08-13 23:03:25 -------- d-----w- C:\Users\Justin\AppData\Local\Microsoft Help
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-08-27 20:10:57 . 2011-11-03 17:23:01 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-08-16 00:29:11 . 2010-04-02 16:59:07 62134624 ----a-w- C:\windows\system32\MRT.exe
2012-08-15 00:36:16 . 2012-06-10 13:38:53 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 00:36:16 . 2011-08-15 22:24:53 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 05:43:10 . 2012-07-10 21:07:19 14172672 ----a-w- C:\windows\system32\shell32.dll
2012-06-07 00:59:42 . 2012-06-07 00:59:42 1070152 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06:16 . 2012-07-10 21:07:14 2004480 ----a-w- C:\windows\system32\msxml6.dll
2012-06-06 06:06:16 . 2012-07-10 21:07:14 1881600 ----a-w- C:\windows\system32\msxml3.dll
2012-06-06 06:02:54 . 2012-07-10 21:06:55 1133568 ----a-w- C:\windows\system32\cdosys.dll
2012-06-06 05:05:52 . 2012-07-10 21:07:14 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 . 2012-07-10 21:07:13 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 . 2012-07-10 21:06:56 805376 ----a-w- C:\windows\SysWow64\cdosys.dll
2012-06-02 22:19:46 . 2012-06-21 21:39:48 38424 ----a-w- C:\windows\system32\wups.dll
2012-06-02 22:19:43 . 2012-06-21 21:40:20 2428952 ----a-w- C:\windows\system32\wuaueng.dll
2012-06-02 22:19:42 . 2012-06-21 21:40:20 57880 ----a-w- C:\windows\system32\wuauclt.exe
2012-06-02 22:19:42 . 2012-06-21 21:40:20 44056 ----a-w- C:\windows\system32\wups2.dll
2012-06-02 22:19:23 . 2012-06-21 21:39:48 701976 ----a-w- C:\windows\system32\wuapi.dll
2012-06-02 22:15:31 . 2012-06-21 21:40:20 2622464 ----a-w- C:\windows\system32\wucltux.dll
2012-06-02 22:15:08 . 2012-06-21 21:39:48 99840 ----a-w- C:\windows\system32\wudriver.dll
2012-06-02 19:19:42 . 2012-06-21 21:39:29 186752 ----a-w- C:\windows\system32\wuwebv.dll
2012-06-02 19:15:12 . 2012-06-21 21:39:29 36864 ----a-w- C:\windows\system32\wuapp.exe
2012-06-02 05:50:10 . 2012-07-10 21:07:09 458704 ----a-w- C:\windows\system32\drivers\cng.sys
2012-06-02 05:48:16 . 2012-07-10 21:07:09 95600 ----a-w- C:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48:16 . 2012-07-10 21:07:09 151920 ----a-w- C:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45:31 . 2012-07-10 21:07:09 340992 ----a-w- C:\windows\system32\schannel.dll
2012-06-02 05:44:21 . 2012-07-10 21:07:09 307200 ----a-w- C:\windows\system32\ncrypt.dll
2012-06-02 04:40:42 . 2012-07-10 21:07:09 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39 . 2012-07-10 21:07:09 225280 ----a-w- C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10 . 2012-07-10 21:07:09 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 . 2012-07-10 21:07:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ComcastAntispyClient"="C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 17:25:52 1589208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 12:41:07 37296]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 14:07:56 843712]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 13:04:54 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0\0sdnclean64.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 18:27:14 138576]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [2010-04-15 00:45:32 45736]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 00:36:16 250056]
R3 SYMNDISV;Symantec Network Filter Driver;C:\windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 11:07:05 59392]
R3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 12:06:08 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-05 01:00:20 1255736]
S0 Lbd;Lbd;C:\windows\system32\DRIVERS\Lbd.sys [2011-10-29 00:35:28 69376]
S0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 06:47:10 450680]
S0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 02:31:23 912504]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.005\BHDrvx64.sys [2012-08-21 19:10:40 1385120]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120824.001\IDSvia64.sys [2012-08-22 02:05:05 512672]
S1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2010-11-16 01:45:33 171128]
S1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 01:37:49 386168]
S2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe [2011-04-20 06:04:20 203776]
S2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 17:49:44 616408]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-05-22 21:44:08 2152720]
S2 lxea_device;lxea_device;C:\windows\system32\lxeacoms.exe [2010-04-14 19:45:36 1052328]
S2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 00:45:11 130008]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-04 15:39:14 584488]
S3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 06:44:50 9319936]
S3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys [2011-04-20 05:22:34 306176]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 21:26:15 138912]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-12-10 02:33:45 17152]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 10:34:52 539240]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 00:39:20 23040]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - WS2IFSL

Contents of the 'Scheduled Tasks' folder

2012-08-27 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 13:38:53 . 2012-08-15 00:36:16]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1

------- Supplementary Scan -------

uLocal Page = C:\windows\system32\blank.htm
uStart Page =
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
DPF: {7B62F6EE-D046-11D3-9C5E-0060082627F7} - hxxps://wws2.mutualofomaha.com/messenger/download/TWDownload.cab

- - - - ORPHANS REMOVED - - - -

Toolbar-10 - (no file)
Toolbar-10 - (no file)
WebBrowser-{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - (no file)
AddRemove-Adobe Shockwave Player - C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-uTorrent - C:\Program Files (x86)\uTorrent\uTorrent.exe
AddRemove-UnityWebPlayer - C:\Users\Justin\AppData\Local\Unity\WebPlayer\Uninstall.exe



18:44:34.0307 2632 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:44:34.0634 2632 ============================================================
18:44:34.0634 2632 Current date / time: 2012/08/29 18:44:34.0634
18:44:34.0634 2632 SystemInfo:
18:44:34.0634 2632
18:44:34.0634 2632 OS Version: 6.1.7601 ServicePack: 1.0
18:44:34.0634 2632 Product type: Workstation
18:44:34.0634 2632 ComputerName: JUSTIN-PC
18:44:34.0634 2632 UserName: Justin
18:44:34.0634 2632 Windows directory: C:\windows
18:44:34.0634 2632 System windows directory: C:\windows
18:44:34.0634 2632 Running under WOW64
18:44:34.0634 2632 Processor architecture: Intel x64
18:44:34.0634 2632 Number of processors: 4
18:44:34.0634 2632 Page size: 0x1000
18:44:34.0634 2632 Boot type: Normal boot
18:44:34.0634 2632 ============================================================
18:44:36.0257 2632 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:44:36.0272 2632 ============================================================
18:44:36.0272 2632 \Device\Harddisk0\DR0:
18:44:36.0272 2632 MBR partitions:
18:44:36.0272 2632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:44:36.0272 2632 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54B30
18:44:36.0272 2632 ============================================================
18:44:36.0319 2632 C: <-> \Device\Harddisk0\DR0\Partition2
18:44:36.0319 2632 ============================================================
18:44:36.0319 2632 Initialize success
18:44:36.0319 2632 ============================================================
18:45:08.0970 3692 ============================================================
18:45:08.0970 3692 Scan started
18:45:08.0970 3692 Mode: Manual; SigCheck; TDLFS;
18:45:08.0970 3692 ============================================================
18:45:09.0688 3692 ================ Scan system memory ========================
18:45:09.0688 3692 System memory - ok
18:45:09.0688 3692 ================ Scan services =============================
18:45:09.0781 3692 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:45:09.0828 3692 1394ohci - ok
18:45:09.0937 3692 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:45:09.0953 3692 ACDaemon - ok
18:45:09.0984 3692 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:45:10.0000 3692 ACPI - ok
18:45:10.0031 3692 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:45:10.0078 3692 AcpiPmi - ok
18:45:10.0171 3692 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:45:10.0187 3692 AdobeFlashPlayerUpdateSvc - ok
18:45:10.0234 3692 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:45:10.0249 3692 adp94xx - ok
18:45:10.0280 3692 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:45:10.0296 3692 adpahci - ok
18:45:10.0312 3692 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:45:10.0312 3692 adpu320 - ok
18:45:10.0343 3692 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:45:10.0452 3692 AeLookupSvc - ok
18:45:10.0483 3692 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:45:10.0530 3692 AFD - ok
18:45:10.0561 3692 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:45:10.0561 3692 agp440 - ok
18:45:10.0577 3692 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:45:10.0624 3692 ALG - ok
18:45:10.0639 3692 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:45:10.0655 3692 aliide - ok
18:45:10.0702 3692 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
18:45:10.0748 3692 AMD External Events Utility - ok
18:45:10.0764 3692 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:45:10.0764 3692 amdide - ok
18:45:10.0780 3692 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:45:10.0842 3692 AmdK8 - ok
18:45:11.0014 3692 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
18:45:11.0107 3692 amdkmdag - ok
18:45:11.0154 3692 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
18:45:11.0170 3692 amdkmdap - ok
18:45:11.0185 3692 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:45:11.0201 3692 AmdPPM - ok
18:45:11.0248 3692 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:45:11.0248 3692 amdsata - ok
18:45:11.0279 3692 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:45:11.0294 3692 amdsbs - ok
18:45:11.0294 3692 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:45:11.0310 3692 amdxata - ok
18:45:11.0372 3692 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
18:45:11.0388 3692 AntiSpywareService - ok
18:45:11.0419 3692 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:45:11.0466 3692 AppID - ok
18:45:11.0482 3692 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:45:11.0513 3692 AppIDSvc - ok
18:45:11.0560 3692 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:45:11.0575 3692 Appinfo - ok
18:45:11.0622 3692 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:45:11.0622 3692 Apple Mobile Device - ok
18:45:11.0653 3692 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
18:45:11.0669 3692 arc - ok
18:45:11.0684 3692 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:45:11.0700 3692 arcsas - ok
18:45:11.0716 3692 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:45:11.0747 3692 AsyncMac - ok
18:45:11.0762 3692 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:45:11.0778 3692 atapi - ok
18:45:11.0934 3692 [ 60216B0E704584DE6D5A9F59E9C34C47 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
18:45:12.0012 3692 atikmdag - ok
18:45:12.0059 3692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:45:12.0090 3692 AudioEndpointBuilder - ok
18:45:12.0106 3692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:45:12.0137 3692 AudioSrv - ok
18:45:12.0184 3692 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:45:12.0246 3692 AxInstSV - ok
18:45:12.0262 3692 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
18:45:12.0308 3692 b06bdrv - ok
18:45:12.0340 3692 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:45:12.0371 3692 b57nd60a - ok
18:45:12.0386 3692 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:45:12.0418 3692 BDESVC - ok
18:45:12.0418 3692 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:45:12.0449 3692 Beep - ok
18:45:12.0496 3692 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
18:45:12.0527 3692 BFE - ok
18:45:12.0652 3692 [ E99F59342171101EE2446D0CD1A60A8D ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.005\BHDrvx64.sys
18:45:12.0683 3692 BHDrvx64 - ok
18:45:12.0730 3692 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
18:45:12.0776 3692 BITS - ok
18:45:12.0792 3692 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:45:12.0808 3692 blbdrive - ok
18:45:12.0870 3692 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:45:12.0886 3692 Bonjour Service - ok
18:45:12.0901 3692 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:45:12.0948 3692 bowser - ok
18:45:12.0964 3692 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:45:13.0010 3692 BrFiltLo - ok
18:45:13.0026 3692 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:45:13.0026 3692 BrFiltUp - ok
18:45:13.0057 3692 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
18:45:13.0073 3692 BridgeMP - ok
18:45:13.0104 3692 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
18:45:13.0151 3692 Browser - ok
18:45:13.0166 3692 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:45:13.0213 3692 Brserid - ok
18:45:13.0229 3692 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:45:13.0244 3692 BrSerWdm - ok
18:45:13.0260 3692 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:45:13.0291 3692 BrUsbMdm - ok
18:45:13.0307 3692 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:45:13.0322 3692 BrUsbSer - ok
18:45:13.0338 3692 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:45:13.0338 3692 BTHMODEM - ok
18:45:13.0354 3692 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:45:13.0385 3692 bthserv - ok
18:45:13.0416 3692 catchme - ok
18:45:13.0447 3692 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:45:13.0494 3692 cdfs - ok
18:45:13.0525 3692 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
18:45:13.0541 3692 cdrom - ok
18:45:13.0588 3692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:45:13.0619 3692 CertPropSvc - ok
18:45:13.0634 3692 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:45:13.0650 3692 circlass - ok
18:45:13.0666 3692 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:45:13.0666 3692 CLFS - ok
18:45:13.0712 3692 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:45:13.0728 3692 clr_optimization_v2.0.50727_32 - ok
18:45:13.0759 3692 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:45:13.0775 3692 clr_optimization_v2.0.50727_64 - ok
18:45:13.0806 3692 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:45:13.0806 3692 clr_optimization_v4.0.30319_32 - ok
18:45:13.0837 3692 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:45:13.0853 3692 clr_optimization_v4.0.30319_64 - ok
18:45:13.0853 3692 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:45:13.0884 3692 CmBatt - ok
18:45:13.0884 3692 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:45:13.0900 3692 cmdide - ok
18:45:13.0915 3692 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
18:45:13.0931 3692 CNG - ok
18:45:13.0946 3692 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:45:13.0962 3692 Compbatt - ok
18:45:13.0978 3692 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:45:14.0009 3692 CompositeBus - ok
18:45:14.0009 3692 COMSysApp - ok
18:45:14.0024 3692 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:45:14.0040 3692 crcdisk - ok
18:45:14.0071 3692 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:45:14.0102 3692 CryptSvc - ok
18:45:14.0149 3692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:45:14.0196 3692 DcomLaunch - ok
18:45:14.0212 3692 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:45:14.0243 3692 defragsvc - ok
18:45:14.0305 3692 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:45:14.0336 3692 DfsC - ok
18:45:14.0352 3692 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:45:14.0399 3692 Dhcp - ok
18:45:14.0414 3692 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:45:14.0430 3692 discache - ok
18:45:14.0461 3692 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
18:45:14.0477 3692 Disk - ok
18:45:14.0508 3692 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:45:14.0555 3692 Dnscache - ok
18:45:14.0586 3692 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:45:14.0602 3692 dot3svc - ok
18:45:14.0633 3692 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:45:14.0664 3692 DPS - ok
18:45:14.0680 3692 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:45:14.0695 3692 drmkaud - ok
18:45:14.0726 3692 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:45:14.0758 3692 DXGKrnl - ok
18:45:14.0773 3692 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:45:14.0804 3692 EapHost - ok
18:45:14.0867 3692 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
18:45:14.0898 3692 ebdrv - ok
18:45:14.0976 3692 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:45:14.0992 3692 eeCtrl - ok
18:45:15.0023 3692 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:45:15.0054 3692 EFS - ok
18:45:15.0116 3692 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:45:15.0163 3692 ehRecvr - ok
18:45:15.0179 3692 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:45:15.0226 3692 ehSched - ok
18:45:15.0241 3692 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:45:15.0257 3692 elxstor - ok
18:45:15.0304 3692 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:45:15.0319 3692 EraserUtilRebootDrv - ok
18:45:15.0335 3692 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:45:15.0350 3692 ErrDev - ok
18:45:15.0382 3692 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:45:15.0413 3692 EventSystem - ok
18:45:15.0444 3692 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:45:15.0475 3692 exfat - ok
18:45:15.0506 3692 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:45:15.0522 3692 fastfat - ok
18:45:15.0569 3692 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:45:15.0600 3692 Fax - ok
18:45:15.0616 3692 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:45:15.0631 3692 fdc - ok
18:45:15.0647 3692 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:45:15.0678 3692 fdPHost - ok
18:45:15.0678 3692 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:45:15.0709 3692 FDResPub - ok
18:45:15.0725 3692 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:45:15.0740 3692 FileInfo - ok
18:45:15.0756 3692 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:45:15.0787 3692 Filetrace - ok
18:45:15.0803 3692 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:45:15.0818 3692 flpydisk - ok
18:45:15.0850 3692 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:45:15.0865 3692 FltMgr - ok
18:45:15.0896 3692 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
18:45:15.0943 3692 FontCache - ok
18:45:15.0974 3692 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:45:15.0990 3692 FontCache3.0.0.0 - ok
18:45:16.0006 3692 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:45:16.0006 3692 FsDepends - ok
18:45:16.0037 3692 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:45:16.0037 3692 Fs_Rec - ok
18:45:16.0068 3692 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:45:16.0068 3692 fvevol - ok
18:45:16.0099 3692 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:45:16.0099 3692 gagp30kx - ok
18:45:16.0130 3692 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:45:16.0130 3692 GEARAspiWDM - ok
18:45:16.0177 3692 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:45:16.0208 3692 gpsvc - ok
18:45:16.0224 3692 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:45:16.0255 3692 hcw85cir - ok
18:45:16.0286 3692 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:45:16.0302 3692 HdAudAddService - ok
18:45:16.0333 3692 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:45:16.0349 3692 HDAudBus - ok
18:45:16.0364 3692 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:45:16.0380 3692 HidBatt - ok
18:45:16.0380 3692 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:45:16.0396 3692 HidBth - ok
18:45:16.0411 3692 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:45:16.0427 3692 HidIr - ok
18:45:16.0442 3692 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
18:45:16.0458 3692 hidserv - ok
18:45:16.0489 3692 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
18:45:16.0505 3692 HidUsb - ok
18:45:16.0520 3692 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:45:16.0567 3692 hkmsvc - ok
18:45:16.0583 3692 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:45:16.0614 3692 HomeGroupListener - ok
18:45:16.0645 3692 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:45:16.0645 3692 HomeGroupProvider - ok
18:45:16.0676 3692 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:45:16.0692 3692 HpSAMD - ok
18:45:16.0723 3692 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:45:16.0770 3692 HTTP - ok
18:45:16.0770 3692 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:45:16.0786 3692 hwpolicy - ok
18:45:16.0817 3692 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:45:16.0832 3692 i8042prt - ok
18:45:16.0864 3692 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:45:16.0864 3692 iaStorV - ok
18:45:16.0910 3692 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:45:16.0926 3692 idsvc - ok
18:45:17.0051 3692 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120824.001\IDSvia64.sys
18:45:17.0066 3692 IDSVia64 - ok
18:45:17.0176 3692 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:45:17.0238 3692 igfx - ok
18:45:17.0254 3692 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:45:17.0254 3692 iirsp - ok
18:45:17.0285 3692 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:45:17.0316 3692 IKEEXT - ok
18:45:17.0363 3692 [ F04D22D7A49A1B2210DBADF0B803E870 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
18:45:17.0394 3692 IntcAzAudAddService - ok
18:45:17.0394 3692 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:45:17.0410 3692 intelide - ok
18:45:17.0410 3692 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:45:17.0441 3692 intelppm - ok
18:45:17.0456 3692 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:45:17.0488 3692 IPBusEnum - ok
18:45:17.0503 3692 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:45:17.0534 3692 IpFilterDriver - ok
18:45:17.0566 3692 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:45:17.0597 3692 iphlpsvc - ok
18:45:17.0628 3692 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:45:17.0644 3692 IPMIDRV - ok
18:45:17.0675 3692 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:45:17.0706 3692 IPNAT - ok
18:45:17.0768 3692 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:45:17.0784 3692 iPod Service - ok
18:45:17.0800 3692 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:45:17.0924 3692 IRENUM - ok
18:45:17.0956 3692 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:45:17.0971 3692 isapnp - ok
18:45:17.0987 3692 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:45:18.0002 3692 iScsiPrt - ok
18:45:18.0018 3692 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
18:45:18.0034 3692 kbdclass - ok
18:45:18.0065 3692 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:45:18.0080 3692 kbdhid - ok
18:45:18.0112 3692 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:45:18.0112 3692 KeyIso - ok
18:45:18.0143 3692 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:45:18.0158 3692 KSecDD - ok
18:45:18.0158 3692 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:45:18.0174 3692 KSecPkg - ok
18:45:18.0190 3692 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:45:18.0221 3692 ksthunk - ok
18:45:18.0236 3692 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:45:18.0268 3692 KtmRm - ok
18:45:18.0299 3692 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
18:45:18.0330 3692 LanmanServer - ok
18:45:18.0346 3692 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:45:18.0377 3692 LanmanWorkstation - ok
18:45:18.0470 3692 [ 55AFD4A9D5ED4AD40D5215CCDF4D65F3 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
18:45:18.0502 3692 Lavasoft Ad-Aware Service - ok
18:45:18.0533 3692 [ 9A7FA6371F68335FD3C3D6488BC5A9F8 ] Lavasoft Kernexplorer C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
18:45:18.0533 3692 Lavasoft Kernexplorer - ok
18:45:18.0564 3692 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\windows\system32\DRIVERS\Lbd.sys
18:45:18.0580 3692 Lbd - ok
18:45:18.0595 3692 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:45:18.0626 3692 lltdio - ok
18:45:18.0642 3692 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:45:18.0658 3692 lltdsvc - ok
18:45:18.0673 3692 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:45:18.0704 3692 lmhosts - ok
18:45:18.0736 3692 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:45:18.0751 3692 LSI_FC - ok
18:45:18.0767 3692 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:45:18.0767 3692 LSI_SAS - ok
18:45:18.0782 3692 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:45:18.0798 3692 LSI_SAS2 - ok
18:45:18.0814 3692 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:45:18.0814 3692 LSI_SCSI - ok
18:45:18.0845 3692 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:45:18.0876 3692 luafv - ok
18:45:18.0970 3692 [ 3D1516114F5B1548864D043177F992A6 ] lxeaCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
18:45:18.0985 3692 lxeaCATSCustConnectService - ok
18:45:18.0985 3692 lxea_device - ok
18:45:19.0016 3692 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:45:19.0032 3692 Mcx2Svc - ok
18:45:19.0048 3692 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:45:19.0063 3692 megasas - ok
18:45:19.0079 3692 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:45:19.0079 3692 MegaSR - ok
18:45:19.0094 3692 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:45:19.0141 3692 MMCSS - ok
18:45:19.0172 3692 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:45:19.0204 3692 Modem - ok
18:45:19.0219 3692 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:45:19.0235 3692 monitor - ok
18:45:19.0250 3692 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
18:45:19.0250 3692 mouclass - ok
18:45:19.0282 3692 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:45:19.0297 3692 mouhid - ok
18:45:19.0328 3692 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:45:19.0328 3692 mountmgr - ok
18:45:19.0360 3692 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:45:19.0375 3692 mpio - ok
18:45:19.0391 3692 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:45:19.0422 3692 mpsdrv - ok
18:45:19.0453 3692 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
18:45:19.0484 3692 MpsSvc - ok
18:45:19.0500 3692 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:45:19.0531 3692 MRxDAV - ok
18:45:19.0547 3692 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:45:19.0578 3692 mrxsmb - ok
18:45:19.0609 3692 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:45:19.0609 3692 mrxsmb10 - ok
18:45:19.0625 3692 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:45:19.0640 3692 mrxsmb20 - ok
18:45:19.0656 3692 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
18:45:19.0656 3692 msahci - ok
18:45:19.0672 3692 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:45:19.0687 3692 msdsm - ok
18:45:19.0703 3692 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:45:19.0718 3692 MSDTC - ok
18:45:19.0734 3692 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:45:19.0765 3692 Msfs - ok
18:45:19.0796 3692 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:45:19.0828 3692 mshidkmdf - ok
18:45:19.0843 3692 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:45:19.0859 3692 msisadrv - ok
18:45:19.0874 3692 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:45:19.0906 3692 MSiSCSI - ok
18:45:19.0906 3692 msiserver - ok
18:45:19.0952 3692 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:45:19.0984 3692 MSKSSRV - ok
18:45:19.0999 3692 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:45:20.0046 3692 MSPCLOCK - ok
18:45:20.0062 3692 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:45:20.0077 3692 MSPQM - ok
18:45:20.0108 3692 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:45:20.0124 3692 MsRPC - ok
18:45:20.0140 3692 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:45:20.0140 3692 mssmbios - ok
18:45:20.0155 3692 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:45:20.0186 3692 MSTEE - ok
18:45:20.0202 3692 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:45:20.0218 3692 MTConfig - ok
18:45:20.0233 3692 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\windows\system32\DRIVERS\ASACPI.sys
18:45:20.0249 3692 MTsensor - ok
18:45:20.0264 3692 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:45:20.0264 3692 Mup - ok
18:45:20.0342 3692 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
18:45:20.0358 3692 N360 - ok
18:45:20.0389 3692 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:45:20.0436 3692 napagent - ok
18:45:20.0467 3692 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:45:20.0483 3692 NativeWifiP - ok
18:45:20.0545 3692 [ 0A053F378B53E2A467A852119F91ABE1 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:45:20.0561 3692 NAUpdate - ok
18:45:20.0639 3692 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120827.001\ENG64.SYS
18:45:20.0639 3692 NAVENG - ok
18:45:20.0701 3692 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120827.001\EX64.SYS
18:45:20.0732 3692 NAVEX15 - ok
18:45:20.0764 3692 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
18:45:20.0779 3692 NDIS - ok
18:45:20.0810 3692 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:45:20.0826 3692 NdisCap - ok
18:45:20.0842 3692 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:45:20.0857 3692 NdisTapi - ok
18:45:20.0904 3692 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:45:20.0920 3692 Ndisuio - ok
18:45:20.0951 3692 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:45:20.0998 3692 NdisWan - ok
18:45:21.0013 3692 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:45:21.0029 3692 NDProxy - ok
18:45:21.0044 3692 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:45:21.0076 3692 NetBIOS - ok
18:45:21.0107 3692 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:45:21.0138 3692 NetBT - ok
18:45:21.0154 3692 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:45:21.0154 3692 Netlogon - ok
18:45:21.0200 3692 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:45:21.0247 3692 Netman - ok
18:45:21.0263 3692 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:45:21.0294 3692 netprofm - ok
18:45:21.0310 3692 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:45:21.0325 3692 NetTcpPortSharing - ok
18:45:21.0341 3692 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:45:21.0341 3692 nfrd960 - ok
18:45:21.0356 3692 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:45:21.0388 3692 NlaSvc - ok
18:45:21.0388 3692 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:45:21.0419 3692 Npfs - ok
18:45:21.0434 3692 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:45:21.0450 3692 nsi - ok
18:45:21.0466 3692 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:45:21.0497 3692 nsiproxy - ok
18:45:21.0528 3692 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:45:21.0559 3692 Ntfs - ok
18:45:21.0575 3692 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:45:21.0606 3692 Null - ok
18:45:21.0622 3692 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
18:45:21.0622 3692 nvraid - ok
18:45:21.0653 3692 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
18:45:21.0668 3692 nvstor - ok
18:45:21.0684 3692 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:45:21.0700 3692 nv_agp - ok
18:45:21.0762 3692 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:45:21.0762 3692 odserv - ok
18:45:21.0793 3692 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:45:21.0809 3692 ohci1394 - ok
18:45:21.0840 3692 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:45:21.0840 3692 ose - ok
18:45:21.0871 3692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:45:21.0918 3692 p2pimsvc - ok
18:45:21.0949 3692 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:45:21.0965 3692 p2psvc - ok
18:45:21.0996 3692 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
18:45:21.0996 3692 Parport - ok
18:45:22.0027 3692 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:45:22.0043 3692 partmgr - ok
18:45:22.0058 3692 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:45:22.0074 3692 PcaSvc - ok
18:45:22.0105 3692 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:45:22.0105 3692 pci - ok
18:45:22.0121 3692 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
18:45:22.0136 3692 pciide - ok
18:45:22.0136 3692 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:45:22.0152 3692 pcmcia - ok
18:45:22.0168 3692 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:45:22.0168 3692 pcw - ok
18:45:22.0199 3692 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:45:22.0230 3692 PEAUTH - ok
18:45:22.0292 3692 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:45:22.0308 3692 PerfHost - ok
18:45:22.0355 3692 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:45:22.0386 3692 pla - ok
18:45:22.0417 3692 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:45:22.0480 3692 PlugPlay - ok
18:45:22.0495 3692 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:45:22.0526 3692 PNRPAutoReg - ok
18:45:22.0526 3692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:45:22.0542 3692 PNRPsvc - ok
18:45:22.0542 3692 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:45:22.0573 3692 PolicyAgent - ok
18:45:22.0604 3692 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
18:45:22.0651 3692 Power - ok
18:45:22.0682 3692 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:45:22.0698 3692 PptpMiniport - ok
18:45:22.0714 3692 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
18:45:22.0745 3692 Processor - ok
18:45:22.0776 3692 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
18:45:22.0823 3692 ProfSvc - ok
18:45:22.0823 3692 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:45:22.0838 3692 ProtectedStorage - ok
18:45:22.0870 3692 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:45:22.0901 3692 Psched - ok
18:45:22.0932 3692 PxHlpa64 - ok
18:45:22.0963 3692 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:45:22.0979 3692 ql2300 - ok
18:45:23.0010 3692 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:45:23.0026 3692 ql40xx - ok
18:45:23.0041 3692 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:45:23.0057 3692 QWAVE - ok
18:45:23.0072 3692 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:45:23.0088 3692 QWAVEdrv - ok
18:45:23.0104 3692 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:45:23.0135 3692 RasAcd - ok
18:45:23.0166 3692 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:45:23.0182 3692 RasAgileVpn - ok
18:45:23.0197 3692 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:45:23.0228 3692 RasAuto - ok
18:45:23.0244 3692 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:45:23.0275 3692 Rasl2tp - ok
18:45:23.0322 3692 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:45:23.0338 3692 RasMan - ok
18:45:23.0353 3692 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:45:23.0400 3692 RasPppoe - ok
18:45:23.0416 3692 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:45:23.0431 3692 RasSstp - ok
18:45:23.0462 3692 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:45:23.0494 3692 rdbss - ok
18:45:23.0509 3692 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:45:23.0525 3692 rdpbus - ok
18:45:23.0540 3692 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:45:23.0556 3692 RDPCDD - ok
18:45:23.0572 3692 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:45:23.0618 3692 RDPENCDD - ok
18:45:23.0634 3692 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:45:23.0650 3692 RDPREFMP - ok
18:45:23.0696 3692 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:45:23.0728 3692 RDPWD - ok
18:45:23.0759 3692 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:45:23.0774 3692 rdyboost - ok
18:45:23.0790 3692 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:45:23.0837 3692 RemoteAccess - ok
18:45:23.0852 3692 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:45:23.0899 3692 RemoteRegistry - ok
18:45:23.0915 3692 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:45:23.0930 3692 RpcEptMapper - ok
18:45:23.0946 3692 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:45:23.0962 3692 RpcLocator - ok
18:45:23.0993 3692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
18:45:24.0024 3692 RpcSs - ok
18:45:24.0040 3692 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:45:24.0071 3692 rspndr - ok
18:45:24.0102 3692 [ 1D5007EDC9439182CD2B0D3158213977 ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
18:45:24.0133 3692 RTHDMIAzAudService - ok
18:45:24.0180 3692 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
18:45:24.0196 3692 RTL8167 - ok
18:45:24.0196 3692 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:45:24.0211 3692 SamSs - ok
18:45:24.0242 3692 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:45:24.0242 3692 sbp2port - ok
18:45:24.0258 3692 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:45:24.0289 3692 SCardSvr - ok
18:45:24.0305 3692 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:45:24.0336 3692 scfilter - ok
18:45:24.0398 3692 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:45:24.0430 3692 Schedule - ok
18:45:24.0476 3692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:45:24.0492 3692 SCPolicySvc - ok
18:45:24.0523 3692 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:45:24.0554 3692 SDRSVC - ok
18:45:24.0570 3692 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:45:24.0586 3692 secdrv - ok
18:45:24.0601 3692 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:45:24.0632 3692 seclogon - ok
18:45:24.0664 3692 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
18:45:24.0695 3692 SENS - ok
18:45:24.0710 3692 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:45:24.0726 3692 SensrSvc - ok
18:45:24.0742 3692 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:45:24.0773 3692 Serenum - ok
18:45:24.0788 3692 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:45:24.0788 3692 Serial - ok
18:45:24.0804 3692 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:45:24.0820 3692 sermouse - ok
18:45:24.0851 3692 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:45:24.0882 3692 SessionEnv - ok
18:45:24.0898 3692 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:45:24.0960 3692 sffdisk - ok
18:45:24.0976 3692 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:45:25.0007 3692 sffp_mmc - ok
18:45:25.0007 3692 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:45:25.0022 3692 sffp_sd - ok
18:45:25.0038 3692 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:45:25.0038 3692 sfloppy - ok
18:45:25.0069 3692 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
18:45:25.0100 3692 SharedAccess - ok
18:45:25.0132 3692 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:45:25.0163 3692 ShellHWDetection - ok
18:45:25.0194 3692 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:45:25.0194 3692 SiSRaid2 - ok
18:45:25.0225 3692 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:45:25.0225 3692 SiSRaid4 - ok
18:45:25.0256 3692 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:45:25.0303 3692 Smb - ok
18:45:25.0334 3692 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:45:25.0350 3692 SNMPTRAP - ok
18:45:25.0366 3692 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:45:25.0366 3692 spldr - ok
18:45:25.0412 3692 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
18:45:25.0506 3692 Spooler - ok
18:45:25.0584 3692 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:45:25.0631 3692 sppsvc - ok
18:45:25.0646 3692 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:45:25.0678 3692 sppuinotify - ok
18:45:25.0756 3692 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
18:45:25.0771 3692 SRTSP - ok
18:45:25.0787 3692 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
18:45:25.0787 3692 SRTSPX - ok
18:45:25.0818 3692 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:45:25.0834 3692 srv - ok
18:45:25.0880 3692 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:45:25.0880 3692 srv2 - ok
18:45:25.0896 3692 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:45:25.0912 3692 srvnet - ok
18:45:25.0943 3692 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:45:25.0990 3692 SSDPSRV - ok
18:45:25.0990 3692 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:45:26.0021 3692 SstpSvc - ok
18:45:26.0021 3692 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:45:26.0036 3692 stexstor - ok
18:45:26.0083 3692 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:45:26.0114 3692 stisvc - ok
18:45:26.0130 3692 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
18:45:26.0130 3692 swenum - ok
18:45:26.0161 3692 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:45:26.0208 3692 swprv - ok
18:45:26.0239 3692 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
18:45:26.0255 3692 SymDS - ok
18:45:26.0286 3692 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
18:45:26.0302 3692 SymEFA - ok
18:45:26.0333 3692 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
18:45:26.0333 3692 SymEvent - ok
18:45:26.0348 3692 SYMFW - ok
18:45:26.0380 3692 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
18:45:26.0380 3692 SymIRON - ok
18:45:26.0395 3692 SYMNDISV - ok
18:45:26.0411 3692 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
18:45:26.0426 3692 SymNetS - ok
18:45:26.0473 3692 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:45:26.0504 3692 SysMain - ok
18:45:26.0536 3692 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:45:26.0551 3692 TabletInputService - ok
18:45:26.0567 3692 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:45:26.0598 3692 TapiSrv - ok
18:45:26.0629 3692 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:45:26.0645 3692 TBS - ok
18:45:26.0707 3692 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:45:26.0723 3692 Tcpip - ok
18:45:26.0785 3692 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:45:26.0816 3692 TCPIP6 - ok
18:45:26.0848 3692 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:45:26.0879 3692 tcpipreg - ok
18:45:26.0894 3692 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:45:26.0941 3692 TDPIPE - ok
18:45:26.0972 3692 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:45:26.0988 3692 TDTCP - ok
18:45:27.0004 3692 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:45:27.0035 3692 tdx - ok
18:45:27.0050 3692 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
18:45:27.0066 3692 TermDD - ok
18:45:27.0097 3692 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:45:27.0128 3692 TermService - ok
18:45:27.0144 3692 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:45:27.0160 3692 Themes - ok
18:45:27.0175 3692 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:45:27.0206 3692 THREADORDER - ok
18:45:27.0222 3692 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:45:27.0253 3692 TrkWks - ok
18:45:27.0300 3692 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:45:27.0316 3692 TrustedInstaller - ok
18:45:27.0347 3692 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:45:27.0378 3692 tssecsrv - ok
18:45:27.0394 3692 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:45:27.0425 3692 TsUsbFlt - ok
18:45:27.0456 3692 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:45:27.0487 3692 tunnel - ok
18:45:27.0503 3692 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:45:27.0518 3692 uagp35 - ok
18:45:27.0550 3692 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:45:27.0581 3692 udfs - ok
18:45:27.0612 3692 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:45:27.0628 3692 UI0Detect - ok
18:45:27.0643 3692 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:45:27.0643 3692 uliagpkx - ok
18:45:27.0659 3692 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
18:45:27.0674 3692 umbus - ok
18:45:27.0706 3692 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:45:27.0721 3692 UmPass - ok
18:45:27.0737 3692 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:45:27.0768 3692 upnphost - ok
18:45:27.0799 3692 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
18:45:27.0830 3692 USBAAPL64 - ok
18:45:27.0846 3692 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\drivers\usbccgp.sys
18:45:27.0924 3692 usbccgp - ok
18:45:27.0955 3692 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:45:27.0971 3692 usbcir - ok
18:45:27.0971 3692 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:45:27.0986 3692 usbehci - ok
18:45:28.0002 3692 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:45:28.0033 3692 usbhub - ok
18:45:28.0049 3692 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
18:45:28.0064 3692 usbohci - ok
18:45:28.0096 3692 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:45:28.0096 3692 usbprint - ok
18:45:28.0127 3692 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
18:45:28.0142 3692 usbscan - ok
18:45:28.0220 3692 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:45:28.0283 3692 USBSTOR - ok
18:45:28.0345 3692 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:45:28.0361 3692 usbuhci - ok
18:45:28.0376 3692 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:45:28.0408 3692 UxSms - ok
18:45:28.0423 3692 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:45:28.0439 3692 VaultSvc - ok
18:45:28.0439 3692 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:45:28.0454 3692 vdrvroot - ok
18:45:28.0486 3692 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:45:28.0517 3692 vds - ok
18:45:28.0548 3692 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:45:28.0548 3692 vga - ok
18:45:28.0564 3692 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:45:28.0610 3692 VgaSave - ok
18:45:28.0610 3692 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:45:28.0626 3692 vhdmp - ok
18:45:28.0642 3692 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:45:28.0657 3692 viaide - ok
18:45:28.0657 3692 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:45:28.0673 3692 volmgr - ok
18:45:28.0704 3692 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:45:28.0720 3692 volmgrx - ok
18:45:28.0751 3692 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:45:28.0751 3692 volsnap - ok
18:45:28.0813 3692 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:45:28.0813 3692 vsmraid - ok
18:45:28.0891 3692 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:45:28.0954 3692 VSS - ok
18:45:28.0969 3692 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
18:45:28.0985 3692 vwifibus - ok
18:45:29.0000 3692 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:45:29.0032 3692 W32Time - ok
18:45:29.0063 3692 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:45:29.0078 3692 WacomPen - ok
18:45:29.0110 3692 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:45:29.0141 3692 WANARP - ok
18:45:29.0141 3692 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:45:29.0156 3692 Wanarpv6 - ok
18:45:29.0219 3692 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:45:29.0250 3692 WatAdminSvc - ok
18:45:29.0281 3692 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:45:29.0344 3692 wbengine - ok
18:45:29.0359 3692 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:45:29.0375 3692 WbioSrvc - ok
18:45:29.0484 3692 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:45:29.0500 3692 wcncsvc - ok
18:45:29.0500 3692 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:45:29.0546 3692 WcsPlugInService - ok
18:45:29.0546 3692 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
18:45:29.0562 3692 Wd - ok
18:45:29.0640 3692 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:45:29.0656 3692 Wdf01000 - ok
18:45:29.0687 3692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:45:30.0014 3692 WdiServiceHost - ok
18:45:30.0030 3692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:45:30.0046 3692 WdiSystemHost - ok
18:45:30.0077 3692 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:45:30.0108 3692 WebClient - ok
18:45:30.0124 3692 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:45:30.0170 3692 Wecsvc - ok
18:45:30.0186 3692 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:45:30.0233 3692 wercplsupport - ok
18:45:30.0280 3692 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:45:30.0311 3692 WerSvc - ok
18:45:30.0342 3692 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:45:30.0358 3692 WfpLwf - ok
18:45:30.0373 3692 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:45:30.0389 3692 WIMMount - ok
18:45:30.0389 3692 WinDefend - ok
18:45:30.0389 3692 WinHttpAutoProxySvc - ok
18:45:30.0498 3692 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:45:30.0545 3692 Winmgmt - ok
18:45:30.0966 3692 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
18:45:31.0075 3692 WinRM - ok
18:45:31.0231 3692 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:45:31.0247 3692 WinUsb - ok
18:45:31.0465 3692 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:45:31.0512 3692 Wlansvc - ok
18:45:31.0621 3692 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:45:31.0637 3692 WmiAcpi - ok
18:45:31.0684 3692 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:45:31.0699 3692 wmiApSrv - ok
18:45:31.0746 3692 WMPNetworkSvc - ok
18:45:31.0777 3692 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:45:31.0855 3692 WPCSvc - ok
18:45:31.0886 3692 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:45:31.0902 3692 WPDBusEnum - ok
18:45:31.0933 3692 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:45:31.0949 3692 ws2ifsl - ok
18:45:31.0996 3692 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
18:45:32.0027 3692 wscsvc - ok
18:45:32.0058 3692 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
18:45:32.0089 3692 WSDPrintDevice - ok
18:45:32.0089 3692 WSearch - ok
18:45:32.0292 3692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
18:45:32.0323 3692 wuauserv - ok
18:45:32.0354 3692 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:45:32.0386 3692 WudfPf - ok
18:45:32.0479 3692 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:45:32.0510 3692 WUDFRd - ok
18:45:32.0542 3692 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:45:32.0573 3692 wudfsvc - ok
18:45:32.0604 3692 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
18:45:32.0635 3692 WwanSvc - ok
18:45:32.0651 3692 ================ Scan global ===============================
18:45:32.0682 3692 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:45:32.0729 3692 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:45:32.0744 3692 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:45:32.0760 3692 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:45:32.0807 3692 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:45:32.0807 3692 [Global] - ok
18:45:32.0807 3692 ================ Scan MBR ==================================
18:45:32.0838 3692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:45:34.0195 3692 \Device\Harddisk0\DR0 - ok
18:45:34.0195 3692 ================ Scan VBR ==================================
18:45:34.0195 3692 [ 034A936683576E0FE89D44729A8233CF ] \Device\Harddisk0\DR0\Partition1
18:45:34.0195 3692 \Device\Harddisk0\DR0\Partition1 - ok
18:45:34.0226 3692 [ 13AD3FAA206D21F1A76CA188EACB2159 ] \Device\Harddisk0\DR0\Partition2
18:45:34.0226 3692 \Device\Harddisk0\DR0\Partition2 - ok
18:45:34.0226 3692 ============================================================
18:45:34.0226 3692 Scan finished
18:45:34.0226 3692 ============================================================
18:45:34.0226 2040 Detected object count: 0
18:45:34.0226 2040 Actual detected object count: 0
18:45:58.0063 0424 Deinitialize success


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.29.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Justin :: JUSTIN-PC [administrator]

Protection: Enabled

8/29/2012 6:57:01 PM
mbam-log-2012-08-29 (18-57-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192986
Time elapsed: 2 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Justin\Downloads\7zip_installer_1650.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Justin\Downloads\dvdburning_1289.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Justin\Downloads\FLVPlayerSetup.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

(at this point I got a reocurring ComcastAntiSpy.exe error)



OTL logfile created on: 8/29/2012 7:10:04 PM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 73.92% Memory free
15.50 Gb Paging File | 13.56 Gb Available in Paging File | 87.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1313.71 Gb Free Space | 94.03% Space Free | Partition Type: NTFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
PRC - [2012/08/24 18:17:43 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/08/14 20:36:16 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/06/06 10:51:00 | 000,869,816 | ---- | M] (CallingID Ltd.) -- C:\Program Files (x86)\xfin_portal\CIDGlobalLight.exe
PRC - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
PRC - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/06 10:50:52 | 000,085,976 | ---- | M] () -- C:\Program Files (x86)\xfin_portal\comcastdx.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/05/27 10:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 17:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/30 10:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009/03/30 10:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2009/03/30 10:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2009/03/30 10:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2009/03/30 10:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2009/03/30 10:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2009/03/30 10:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2009/03/10 03:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 12:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 04:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 04:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV - [2012/08/14 20:36:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeacoms.exe -- (lxea_device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/28 20:35:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/10/02 15:30:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2009/09/25 14:13:26 | 000,205,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 06:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/08/21 22:05:05 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120828.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/21 17:03:26 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120829.003\ex64.sys -- (NAVEX15)
DRV - [2012/08/21 17:03:26 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120829.003\eng64.sys -- (NAVENG)
DRV - [2012/08/09 17:26:15 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 17:26:15 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/06/18 20:01:14 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/12/09 22:33:45 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PxHlpa64.sys -- (PxHlpa64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D 98 9D 52 0A 85 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Justin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/08/09 00:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_12_1 [2012/08/29 19:03:37 | 000,000,000 | ---D | M]

[2012/06/12 19:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48

O1 HOSTS File: ([2012/08/27 17:03:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7B62F6EE-D046-11D3-9C5E-0060082627F7} https://wws2.mutualo.../TWDownload.cab (TWDownloader Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2247A93-1417-450A-A28F-2D79EDDFD666}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/29 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2012/08/29 18:56:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/29 18:55:08 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:42:58 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/27 17:04:00 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/27 16:55:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/27 16:55:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/27 16:55:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/27 16:55:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/08/27 16:46:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 16:45:42 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/27 16:44:46 | 004,738,846 | R--- | C] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/27 16:22:49 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:17:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/27 16:15:38 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:11:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/27 16:11:21 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/27 16:11:21 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/08/27 16:11:12 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/08/27 16:11:12 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/27 16:11:11 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/08/26 10:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2012/08/26 10:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/08/26 09:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/26 09:58:11 | 000,000,000 | R--D | C] -- C:\Users\Justin\4Sync
[2012/08/26 09:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/26 09:55:41 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\CRE
[2012/08/26 09:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\4Sync
[2012/08/15 20:32:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/15 20:32:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/15 20:32:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/15 20:32:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/15 20:32:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/15 20:32:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/15 20:32:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/15 20:32:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/15 20:32:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/15 20:32:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/15 20:32:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/15 20:32:33 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/15 20:32:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/15 19:33:49 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/15 19:33:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/15 19:33:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/15 19:33:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/15 19:33:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/15 19:33:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/15 19:33:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/15 19:33:37 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/13 19:03:20 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\Microsoft Help

========== Files - Modified Within 30 Days ==========

[2012/08/29 19:10:46 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 19:10:46 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 19:03:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/29 19:03:30 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 18:55:09 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:47:22 | 000,018,292 | ---- | M] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/29 18:42:58 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/29 18:42:06 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat
[2012/08/29 18:42:06 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat
[2012/08/27 20:51:28 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/27 17:03:55 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/08/27 16:44:52 | 004,738,846 | R--- | M] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/27 16:42:03 | 000,000,512 | ---- | M] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/27 16:29:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:10:58 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/08/27 16:10:58 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/08/27 16:10:58 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/27 16:10:57 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/27 16:10:57 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/08/27 16:10:57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/08/26 09:55:52 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:07 | 016,216,476 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/16 16:54:18 | 000,412,624 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/14 20:36:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 20:36:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/12 08:57:15 | 000,050,238 | ---- | M] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/08/10 20:32:53 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/10 20:32:53 | 000,624,162 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/10 20:32:53 | 000,106,538 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012/08/29 18:47:22 | 000,018,292 | ---- | C] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/27 16:55:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/27 16:55:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/27 16:55:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/27 16:55:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/27 16:55:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/27 16:42:03 | 000,000,512 | ---- | C] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/26 09:55:51 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:04 | 016,216,476 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/12 08:57:33 | 000,050,238 | ---- | C] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/06/17 10:21:19 | 000,001,451 | ---- | C] () -- C:\windows\wininit.ini
[2012/06/12 19:57:06 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/04/15 10:12:59 | 000,047,616 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012/04/15 10:12:59 | 000,000,142 | ---- | C] () -- C:\windows\wpd99.drv
[2011/12/13 17:54:56 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat
[2011/12/13 17:54:56 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat
[2011/05/24 17:49:11 | 000,001,940 | ---- | C] () -- C:\Users\Justin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/08/21 19:09:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.minecraft
[2012/06/09 18:05:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Adobe
[2012/01/01 10:28:21 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Apple Computer
[2010/06/24 14:37:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Arcsoft
[2012/06/09 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.jakks.spynet
[2010/07/18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DriverFinder
[2010/09/18 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Google
[2010/02/26 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Identities
[2011/10/15 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ImgBurn
[2010/06/24 14:46:23 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\KodakCredentialStore
[2010/08/19 13:22:12 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Leadertech
[2010/02/28 18:48:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Macromedia
[2012/08/29 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2009/07/14 03:44:38 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Media Center Programs
[2012/08/19 16:29:15 | 000,000,000 | --SD | M] -- C:\Users\Justin\AppData\Roaming\Microsoft
[2012/06/12 19:46:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Mozilla
[2011/11/29 19:16:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\MusicNet
[2011/10/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Nero
[2012/04/15 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\pdf995
[2010/06/24 14:43:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Skinux
[2012/04/15 10:13:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TaxCut
[2012/08/27 16:14:13 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\uTorrent
[2011/11/20 10:02:33 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\WinRAR

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >


OTL logfile created on: 8/29/2012 7:10:04 PM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 73.92% Memory free
15.50 Gb Paging File | 13.56 Gb Available in Paging File | 87.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1313.71 Gb Free Space | 94.03% Space Free | Partition Type: NTFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
PRC - [2012/08/24 18:17:43 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/08/14 20:36:16 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/06/06 10:51:00 | 000,869,816 | ---- | M] (CallingID Ltd.) -- C:\Program Files (x86)\xfin_portal\CIDGlobalLight.exe
PRC - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
PRC - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/06 10:50:52 | 000,085,976 | ---- | M] () -- C:\Program Files (x86)\xfin_portal\comcastdx.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2009/08/19 13:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2009/05/27 10:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 17:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/30 10:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009/03/30 10:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2009/03/30 10:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2009/03/30 10:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2009/03/30 10:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2009/03/30 10:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2009/03/30 10:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2009/03/10 03:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 12:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 04:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 04:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV - [2012/08/14 20:36:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/05/22 17:44:08 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeacoms.exe -- (lxea_device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/28 20:35:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/10/02 15:30:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2009/09/25 14:13:26 | 000,205,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 06:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/08/21 22:05:05 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120828.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/21 17:03:26 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120829.003\ex64.sys -- (NAVEX15)
DRV - [2012/08/21 17:03:26 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120829.003\eng64.sys -- (NAVENG)
DRV - [2012/08/09 17:26:15 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 17:26:15 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/06/18 20:01:14 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/12/09 22:33:45 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PxHlpa64.sys -- (PxHlpa64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D 98 9D 52 0A 85 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Justin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/08/09 00:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_12_1 [2012/08/29 19:03:37 | 000,000,000 | ---D | M]

[2012/06/12 19:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48

O1 HOSTS File: ([2012/08/27 17:03:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7B62F6EE-D046-11D3-9C5E-0060082627F7} https://wws2.mutualo.../TWDownload.cab (TWDownloader Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2247A93-1417-450A-A28F-2D79EDDFD666}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/29 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2012/08/29 18:56:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/29 18:55:08 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:42:58 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/27 17:04:00 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/27 16:55:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/27 16:55:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/27 16:55:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/27 16:55:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/08/27 16:46:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 16:45:42 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/27 16:44:46 | 004,738,846 | R--- | C] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/27 16:22:49 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:17:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/27 16:15:38 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:11:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/27 16:11:21 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/27 16:11:21 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/08/27 16:11:12 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/08/27 16:11:12 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/27 16:11:11 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/08/26 10:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2012/08/26 10:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/08/26 09:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/26 09:58:11 | 000,000,000 | R--D | C] -- C:\Users\Justin\4Sync
[2012/08/26 09:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/26 09:55:41 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\CRE
[2012/08/26 09:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\4Sync
[2012/08/15 20:32:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/15 20:32:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/15 20:32:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/15 20:32:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/15 20:32:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/15 20:32:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/15 20:32:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/15 20:32:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/15 20:32:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/15 20:32:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/15 20:32:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/15 20:32:33 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/15 20:32:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/15 19:33:49 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/15 19:33:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/15 19:33:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/15 19:33:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/15 19:33:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/15 19:33:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/15 19:33:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/15 19:33:37 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/13 19:03:20 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\Microsoft Help

========== Files - Modified Within 30 Days ==========

[2012/08/29 19:10:46 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 19:10:46 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 19:03:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/29 19:03:30 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 18:55:09 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:47:22 | 000,018,292 | ---- | M] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/29 18:42:58 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/29 18:42:06 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat
[2012/08/29 18:42:06 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat
[2012/08/27 20:51:28 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/27 17:03:55 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/08/27 16:44:52 | 004,738,846 | R--- | M] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/27 16:42:03 | 000,000,512 | ---- | M] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/27 16:29:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:10:58 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/08/27 16:10:58 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/08/27 16:10:58 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/27 16:10:57 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/27 16:10:57 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/08/27 16:10:57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/08/26 09:55:52 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:07 | 016,216,476 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/16 16:54:18 | 000,412,624 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/14 20:36:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 20:36:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/12 08:57:15 | 000,050,238 | ---- | M] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/08/10 20:32:53 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/10 20:32:53 | 000,624,162 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/10 20:32:53 | 000,106,538 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012/08/29 18:47:22 | 000,018,292 | ---- | C] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/27 16:55:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/27 16:55:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/27 16:55:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/27 16:55:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/27 16:55:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/27 16:42:03 | 000,000,512 | ---- | C] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/26 09:55:51 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:04 | 016,216,476 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/12 08:57:33 | 000,050,238 | ---- | C] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/06/17 10:21:19 | 000,001,451 | ---- | C] () -- C:\windows\wininit.ini
[2012/06/12 19:57:06 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/04/15 10:12:59 | 000,047,616 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012/04/15 10:12:59 | 000,000,142 | ---- | C] () -- C:\windows\wpd99.drv
[2011/12/13 17:54:56 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat
[2011/12/13 17:54:56 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat
[2011/05/24 17:49:11 | 000,001,940 | ---- | C] () -- C:\Users\Justin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/08/21 19:09:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.minecraft
[2012/06/09 18:05:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Adobe
[2012/01/01 10:28:21 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Apple Computer
[2010/06/24 14:37:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Arcsoft
[2012/06/09 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.jakks.spynet
[2010/07/18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DriverFinder
[2010/09/18 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Google
[2010/02/26 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Identities
[2011/10/15 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ImgBurn
[2010/06/24 14:46:23 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\KodakCredentialStore
[2010/08/19 13:22:12 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Leadertech
[2010/02/28 18:48:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Macromedia
[2012/08/29 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2009/07/14 03:44:38 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Media Center Programs
[2012/08/19 16:29:15 | 000,000,000 | --SD | M] -- C:\Users\Justin\AppData\Roaming\Microsoft
[2012/06/12 19:46:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Mozilla
[2011/11/29 19:16:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\MusicNet
[2011/10/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Nero
[2012/04/15 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\pdf995
[2010/06/24 14:43:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Skinux
[2012/04/15 10:13:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TaxCut
[2012/08/27 16:14:13 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\uTorrent
[2011/11/20 10:02:33 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\WinRAR

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >


Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 29/08/2012 7:43:05 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/08/2012 11:25:03 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 29/08/2012 11:24:03 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: PxHlpa64

Log: 'System' Date/Time: 29/08/2012 11:23:57 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Windows Defender service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 29/08/2012 11:23:57 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 29/08/2012 11:23:57 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Log: 'System' Date/Time: 29/08/2012 11:21:47 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




Farbar Service Scanner Version: 06-08-2012
Ran by Justin (administrator) on 29-08-2012 at 19:45:18
Running from "C:\Users\Justin\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


I hope this is all the logs you wanted. As I am typing the letters are appearing VERY slow... I will be rebooting now. Look forward to your reply
  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Combofix also says that your AdAware is an anti-virus. I see a service and a driver from them so I would uninstall it for now.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute for things to settle down.

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#8
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Here you go! I deleted ad-aware today, spybot before... what should I be using as regular scanning tools?

Thanks again for all the help.



Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 70.30 0 K 24 K
ComcastAntiSpy.exe 3624 24.91 4,672 K 27,712 K (Verified) Visicom Media Inc.
SearchProtocolHost.exe 4128 2.15 12,568 K 20,048 K Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 3564 0.91 29,236 K 49,928 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
SearchIndexer.exe 3924 0.53 41,364 K 54,172 K Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1432 0.25 25,912 K 29,320 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a 0.19 0 K 0 K Hardware Interrupts and DPCs
ccsvchst.exe 1792 0.16 23,308 K 14,180 K Symantec Service Framework Symantec Corporation (Verified) Symantec Corporation
svchost.exe 1004 0.16 145,784 K 154,932 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System 4 0.12 404 K 20,748 K
dwm.exe 1144 0.07 33,112 K 30,292 K Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 548 0.07 3,220 K 13,976 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
ACDaemon.exe 4788 0.06 3,068 K 31,152 K ArcSoft Connect Daemon ArcSoft Inc. (Verified) ArcSoft, Inc.
lsass.exe 588 0.04 7,584 K 13,012 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
ComcastAntiSpyService.exe 1548 0.02 4,540 K 33,916 K (Verified) Visicom Media Inc.
SearchFilterHost.exe 4028 0.02 3,320 K 8,260 K Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 828 0.01 4,704 K 8,416 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 3016 0.01 45,420 K 68,792 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 124 < 0.01 34,064 K 49,224 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ccsvchst.exe 3068 < 0.01 13,768 K 10,296 K Symantec Service Framework Symantec Corporation (Verified) Symantec Corporation
ezprint.exe 3692 < 0.01 8,092 K 40,692 K (Verified) Lexmark International, Inc.
AppleMobileDeviceService.exe 1580 < 0.01 3,268 K 58,256 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
taskhost.exe 2700 < 0.01 8,340 K 9,044 K Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 4704 < 0.01 3,248 K 7,428 K iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
csrss.exe 440 < 0.01 2,516 K 4,868 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 388 < 0.01 10,988 K 17,996 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1128 < 0.01 29,700 K 31,988 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1672 < 0.01 8,140 K 44,780 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 1404 < 0.01 9,952 K 19,100 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe 3216 < 0.01 3,724 K 61,704 K iTunesHelper Apple Inc. (Verified) Apple Inc.
WUDFHost.exe 3160 2,316 K 6,312 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 4000 11,680 K 5,680 K Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2328 3,280 K 6,944 K WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 732 3,200 K 7,372 K Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 512 1,688 K 4,564 K Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 4708 3,708 K 9,908 K Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 1728 8,096 K 15,484 K Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 708 4,852 K 9,692 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2276 12,064 K 14,848 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 956 22,036 K 23,972 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2560 1,916 K 5,440 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3512 2,272 K 6,364 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3212 1,692 K 4,432 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2832 2,532 K 5,940 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 296 536 K 1,184 K Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 572 5,364 K 9,148 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe 4528 8,832 K 10,980 K Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
QTTask.exe 4560 1,168 K 4,336 K QuickTime Task Apple Inc. (Unable to verify) Apple Inc.
procexp.exe 4472 2,360 K 6,552 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
NASvc.exe 4508 2,076 K 27,828 K NeroUpdate Nero AG (Verified) Nero AG
msiexec.exe 5072 9,728 K 21,904 K Windows® installer Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1628 2,368 K 5,740 K Bonjour Service Apple Inc. (Verified) Apple Inc.
mbamservice.exe 2580 104,528 K 71,224 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
mbamgui.exe 3708 2,888 K 29,844 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
lxeamon.exe 4328 6,516 K 11,340 K Printer Device Monitor (Verified) Lexmark International, Inc.
lxeacoms.exe 1736 5,140 K 11,616 K Printer Communication System (Verified) Microsoft Windows Hardware Compatibility Publisher
lsm.exe 596 2,788 K 4,396 K Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 3700 1,208 K 26,064 K Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America, Inc.
FlashUtil64_11_3_300_271_ActiveX.exe 4516 4,692 K 10,092 K Adobe® Flash® Player Installer/Uninstaller 11.3 r300 Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
dllhost.exe 2780 2,408 K 6,068 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 652 17,608 K 17,700 K Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 888 1,700 K 4,428 K AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 1264 2,528 K 6,644 K AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
AdobeARM.exe 3684 6,608 K 45,444 K Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems, Incorporated
ACService.exe 1516 1,252 K 21,532 K ArcSoft Connect Service ArcSoft Inc. (Verified) ArcSoft, Inc.



Summary
Operating System
MS Windows 7 Home Premium 64-bit SP1
CPU
AMD Phenom II X4 955 51 °C
Deneb 45nm Technology
RAM
8.00 GB Dual-Channel DDR3 @ 2666MHz (9-9-9-24)
Motherboard
MICRO-STAR INTERNATIONAL CO.,LTD 760GM -E51 (MS-7596) (CPU1) 54 °C
Graphics
Acer X173W ([email protected])
ATI Radeon 3000 Graphics (MSI)
Hard Drives
1397GB Western Digital WDC WD15EARS-00Z5B1 ATA Device (SATA) 35 °C
Optical Drives
CD-ROM Drive
Audio
Realtek High Definition Audio
Operating System
MS Windows 7 Home Premium 64-bit SP1
Computer type: Desktop
Installation Date: 26 February 2010, 15:38

Windows Security Center
User Account Control (UAC) Enabled
Notify level 1 - Rare Notify
Firewall Enabled
Antivirus Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Disabled
Environment Variables
USERPROFILE C:\Users\Justin
SystemRoot C:\windows
User Variables
TEMP C:\Users\Justin\AppData\Local\Temp
TMP C:\Users\Justin\AppData\Local\Temp
Machine Variables
ComSpec C:\windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\windows\system32
C:\windows
C:\windows\system32\wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\windows\TEMP
TMP C:\windows\TEMP
USERNAME SYSTEM
windir C:\windows
PSModulePath C:\windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 4
PROCESSOR_LEVEL 16
PROCESSOR_IDENTIFIER AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
PROCESSOR_REVISION 0403
configsetroot C:\windows\ConfigSetRoot
asl.log Destination=file
CLASSPATH .;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
QTJAVA C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 8/30/2012 9:07:13 PM
Current Uptime 994 sec (0 d, 00 h, 16 m, 34 s)
Last Boot Time 8/30/2012 8:50:39 PM
Last ShutDown Time 8/30/2012 8:47:31 PM
Uptime Statistics
First Boot Time 8/29/2012 7:23:56 PM
First Shutdown Time 8/29/2012 7:21:49 PM
Total Uptime 92349 sec (1 d, 01 h, 39 m, 09 s)
Total Downtime 335 sec (0 d, 00 h, 05 m, 35 s)
Longest Uptime 91415 sec (1 d, 01 h, 23 m, 35 s)
Longest Downtime 208 sec (0 d, 00 h, 03 m, 28 s)
Total Reboots 2
System Availability 99.64%
TimeZone
TimeZone GMT -5 Hours
Language English
Country United States
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
8/30/2012 9:36 PM; Adobe Flash Player Updater
8/30/2012 11:00 PM; RGames Updater
8/31/2012 9:32 PM; Ad-Aware Update (Weekly)
0
4818
PC Optimizer Pro64 startups
Process List
acdaemon.exe
Process ID 4788
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Memory Usage 30 MB
Peak Memory Usage 30 MB
acservice.exe
Process ID 1516
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
adobearm.exe
Process ID 3684
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Memory Usage 44 MB
Peak Memory Usage 45 MB
applemobiledeviceservice.exe
Process ID 1580
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 57 MB
Peak Memory Usage 57 MB
atieclxx.exe
Process ID 1264
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\atieclxx.exe
Memory Usage 6.49 MB
Peak Memory Usage 6.49 MB
atiesrxx.exe
Process ID 888
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\atiesrxx.exe
Memory Usage 4.32 MB
Peak Memory Usage 4.36 MB
audiodg.exe
Process ID 652
ccsvchst.exe
Process ID 1792
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
Memory Usage 19 MB
Peak Memory Usage 360 MB
ccsvchst.exe
Process ID 3068
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
Memory Usage 10 MB
Peak Memory Usage 60 MB
comcastantispy.exe
Process ID 3624
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
comcastantispyservice.exe
Process ID 1548
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
Memory Usage 33 MB
Peak Memory Usage 33 MB
csrss.exe
Process ID 440
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\csrss.exe
Memory Usage 4.68 MB
Peak Memory Usage 4.77 MB
csrss.exe
Process ID 548
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\csrss.exe
Memory Usage 12 MB
Peak Memory Usage 16 MB
dwm.exe
Process ID 1144
User Justin
Domain Justin-PC
Path C:\windows\system32\Dwm.exe
Memory Usage 31 MB
Peak Memory Usage 36 MB
explorer.exe
Process ID 3016
User Justin
Domain Justin-PC
Path C:\windows\Explorer.EXE
Memory Usage 71 MB
Peak Memory Usage 74 MB
ezprint.exe
Process ID 3692
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
Memory Usage 40 MB
Peak Memory Usage 40 MB
flashutil64_11_3_300_271_activex.exe
Process ID 4516
User Justin
Domain Justin-PC
Path C:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_ActiveX.exe
Memory Usage 9.95 MB
Peak Memory Usage 9.98 MB
ipodservice.exe
Process ID 4704
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 7.23 MB
Peak Memory Usage 7.26 MB
ituneshelper.exe
Process ID 3216
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\iTunes\iTunesHelper.exe
Memory Usage 60 MB
Peak Memory Usage 60 MB
jusched.exe
Process ID 3700
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
lsass.exe
Process ID 588
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\lsass.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
lsm.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\lsm.exe
Memory Usage 4.33 MB
Peak Memory Usage 4.33 MB
lxeacoms.exe
Process ID 1736
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\lxeacoms.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
lxeamon.exe
Process ID 4328
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
mbamgui.exe
Process ID 3708
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
Memory Usage 29 MB
Peak Memory Usage 29 MB
mbamservice.exe
Process ID 2580
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
Memory Usage 72 MB
Peak Memory Usage 174 MB
mdnsresponder.exe
Process ID 1628
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 5.60 MB
Peak Memory Usage 5.62 MB
msiexec.exe
Process ID 5072
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\msiexec.exe
Memory Usage 21 MB
Peak Memory Usage 48 MB
nasvc.exe
Process ID 4508
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Nero\Update\NASvc.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
qttask.exe
Process ID 4560
User Justin
Domain Justin-PC
Path C:\Program Files (x86)\QuickTime\QTTask.exe
Memory Usage 4.23 MB
Peak Memory Usage 4.23 MB
ravcpl64.exe
Process ID 4528
User Justin
Domain Justin-PC
Path C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Memory Usage 11 MB
Peak Memory Usage 21 MB
searchindexer.exe
Process ID 3924
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\SearchIndexer.exe
Memory Usage 50 MB
Peak Memory Usage 57 MB
searchprotocolhost.exe
Process ID 4824
User Justin
Domain Justin-PC
Path C:\windows\system32\SearchProtocolHost.exe
Memory Usage 6.42 MB
Peak Memory Usage 6.79 MB
services.exe
Process ID 572
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\services.exe
Memory Usage 9.45 MB
Peak Memory Usage 9.54 MB
smss.exe
Process ID 296
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.16 MB
Peak Memory Usage 1.19 MB
speccy64.exe
Process ID 4136
User Justin
Domain Justin-PC
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
spoolsv.exe
Process ID 1404
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\System32\spoolsv.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 124
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 51 MB
Peak Memory Usage 256 MB
svchost.exe
Process ID 388
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1128
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 31 MB
Peak Memory Usage 53 MB
svchost.exe
Process ID 1432
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 29 MB
Peak Memory Usage 58 MB
svchost.exe
Process ID 1672
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 48 MB
Peak Memory Usage 48 MB
svchost.exe
Process ID 1004
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\System32\svchost.exe
Memory Usage 159 MB
Peak Memory Usage 169 MB
svchost.exe
Process ID 2832
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 5.80 MB
Peak Memory Usage 6.10 MB
svchost.exe
Process ID 708
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 9.57 MB
Peak Memory Usage 9.96 MB
svchost.exe
Process ID 3212
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 4.24 MB
Peak Memory Usage 4.70 MB
svchost.exe
Process ID 2276
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 828
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 8.42 MB
Peak Memory Usage 8.45 MB
svchost.exe
Process ID 956
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\System32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 24 MB
svchost.exe
Process ID 3512
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\svchost.exe
Memory Usage 6.22 MB
Peak Memory Usage 6.30 MB
system
Process ID 4
system idle process
Process ID 0
taskhost.exe
Process ID 2700
User Justin
Domain Justin-PC
Path C:\windows\system32\taskhost.exe
Memory Usage 8.68 MB
Peak Memory Usage 8.97 MB
trustedinstaller.exe
Process ID 4708
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\servicing\TrustedInstaller.exe
Memory Usage 9.66 MB
Peak Memory Usage 26 MB
wininit.exe
Process ID 512
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\wininit.exe
Memory Usage 4.46 MB
Peak Memory Usage 4.53 MB
winlogon.exe
Process ID 732
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\winlogon.exe
Memory Usage 7.20 MB
Peak Memory Usage 8.35 MB
wmiapsrv.exe
Process ID 5504
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\wbem\WmiApSrv.exe
Memory Usage 6.05 MB
Peak Memory Usage 6.05 MB
wmiprvse.exe
Process ID 4996
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\wbem\wmiprvse.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
wmiprvse.exe
Process ID 6084
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\windows\system32\wbem\wmiprvse.exe
Memory Usage 8.23 MB
Peak Memory Usage 8.41 MB
wmiprvse.exe
Process ID 2328
User SYSTEM
Domain NT AUTHORITY
Path C:\windows\system32\wbem\wmiprvse.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
wmpnetwk.exe
Process ID 4000
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 6.36 MB
Peak Memory Usage 29 MB
wudfhost.exe
Process ID 3160
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\WUDFHost.exe
Memory Usage 6.16 MB
Peak Memory Usage 6.20 MB
Hotfixes
8/16/2012 Security Update for Microsoft Office 2007 suites (KB2596856)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/16/2012 Update for Windows 7 for x64-based Systems (KB2732500)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/16/2012 Update for Windows 7 for x64-based Systems (KB2729094)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/16/2012 Update for Windows 7 for x64-based Systems (KB2732487)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/16/2012 Update for Windows 7 for x64-based Systems (KB2647753)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/16/2012 Security Update for Microsoft Office 2007 suites (KB2687441)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/16/2012 Security Update for Microsoft Office 2007 suites (KB2596754)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/16/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2722913)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/16/2012 Security Update for Windows 7 for x64-based Systems (KB2705219)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/16/2012 Security Update for Microsoft Office 2007 suites (KB2596615)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
8/16/2012 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
8/16/2012 Security Update for Windows 7 for x64-based Systems (KB2731847)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/16/2012 Security Update for Windows 7 for x64-based Systems (KB2712808)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/16/2012 Windows Malicious Software Removal Tool x64 - August 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/11/2012 Security Update for Windows 7 for x64-based Systems (KB2718523)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/11/2012 Update for Microsoft Office Outlook 2007 (KB2596598)
Microsoft has released an update for Microsoft Office Outlook
2007 . This update provides the latest fixes to Microsoft Office
Outlook 2007 . Additionally, this update contains stability and
performance improvements.
7/11/2012 Security Update for Windows 7 for x64-based Systems (KB2719985)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/11/2012 Security Update for Microsoft Office 2007 suites (KB2596744)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
7/11/2012 Security Update for Windows 7 for x64-based Systems (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/11/2012 Security Update for Windows 7 for x64-based Systems (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
7/11/2012 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
7/11/2012 Windows Malicious Software Removal Tool x64 - July 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/11/2012 Security Update for Microsoft Office InfoPath 2007 (KB2596786)
A security vulnerability exists in Microsoft Office InfoPath
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
7/11/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2719177)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
7/11/2012 Security Update for Windows 7 for x64-based Systems (KB2698365)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/26/2012 ATI Technologies Inc. - Display - ATI Radeon 3000 Graphics
ATI Technologies Inc. Display software update released in April,
2011
6/26/2012 Realtek - Network - Realtek PCIe GBE Family Controller
Realtek Network software update released in June, 2011
6/21/2012 Windows Update Agent 7.6.7600.256
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
6/17/2012 Update for Windows 7 for x64-based Systems (KB2709981)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/14/2012 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
6/14/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656368)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Windows Malicious Software Removal Tool x64 - June 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/14/2012 Security Update for Windows 7 for x64-based Systems (KB2667402)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
6/14/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2686827)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2686831)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Update for Windows 7 for x64-based Systems (KB2709630)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/14/2012 Security Update for Windows 7 for x64-based Systems (KB2709715)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Security Update for Windows 7 for x64-based Systems (KB2709162)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Security Update for Windows 7 for x64-based Systems (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Update for Windows 7 for x64-based Systems (KB2699779)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/14/2012 Update for Windows 7 for x64-based Systems (KB2677070)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/14/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656373)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/14/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2699988)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/5/2012 Update for Windows 7 for x64-based Systems (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
5/12/2012 Windows Malicious Software Removal Tool x64 - May 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/12/2012 Security Update for Microsoft Office 2007 suites (KB2596880)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2658846)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Microsoft Office Excel 2007 (KB2597161)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Microsoft Office Word 2007 (KB2596917)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656405)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 Junk Email Filter with a more current definition
of which e-mail messages should be considered junk e-mail.
5/12/2012 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2695962)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
5/12/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Microsoft Office 2007 suites (KB2596672)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2690533)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Microsoft Office 2007 suites (KB2597969)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Microsoft Office 2007 suites (KB2597162)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Microsoft Office 2007 suites (KB2596792)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
5/12/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656411)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
5/12/2012 Security Update for Microsoft Silverlight (KB2690729)
This security update to Silverlight includes fixes outlined in
KBs 2681578 and 2690729. This update is backward compatible with
web applications built using previous versions of Silverlight.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2688338)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/12/2012 Security Update for Windows 7 for x64-based Systems (KB2660649)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/11/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656368)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/11/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656373)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/11/2012 Update for Microsoft Office 2007 suites (KB2598306)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
4/11/2012 Security Update for Microsoft Office 2007 suites (KB2598041)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/11/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2675157)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/11/2012 Security Update for Microsoft Office 2007 suites (KB2596871)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/11/2012 Update for Windows 7 for x64-based Systems (KB2679255)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/11/2012 Windows Malicious Software Removal Tool x64 - April 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/11/2012 Security Update for Windows 7 for x64-based Systems (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/24/2012 The 2007 Microsoft Office Suite Service Pack 3 (SP3)
Service Pack 3 provides the latest updates to the 2007 Microsoft
Office Suite. This update also applies to Microsoft Office Project,
Microsoft Office SharePoint Designer, Microsoft Office Visio,
and Visual Web Developer.
3/24/2012 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2600217)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
3/16/2012 Security Update for Windows 7 for x64-based Systems (KB2641653)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/16/2012 Security Update for Windows 7 for x64-based Systems (KB2667402)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
3/16/2012 Security Update for Windows 7 for x64-based Systems (KB2665364)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
3/16/2012 Update for Windows 7 for x64-based Systems (KB2639308)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
3/16/2012 Windows Malicious Software Removal Tool x64 - March 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/16/2012 Security Update for Windows 7 for x64-based Systems (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/16/2012 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2647518)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/16/2012 Update for Microsoft Office 2007 suites (KB2597970)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
2/15/2012 Update for Windows 7 for x64-based Systems (KB2640148)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/15/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2633870)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/15/2012 Update for Windows 7 for x64-based Systems (KB2660075)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/15/2012 Security Update for Windows 7 for x64-based Systems (KB2660465)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/15/2012 Security Update for Microsoft Silverlight (KB2668562)
This security update to Silverlight includes fixes outlined in
KBs 2651026 and 2668562. This update is backward compatible with
web applications built using previous versions of Silverlight.
2/15/2012 Security Update for Windows 7 for x64-based Systems (KB2645640)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/15/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2633873)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/15/2012 Update for Microsoft Office 2007 suites (KB2597998)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
2/15/2012 Security Update for Windows 7 for x64-based Systems (KB2654428)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/15/2012 Windows Malicious Software Removal Tool x64 - February 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/15/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2647516)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/1/2012 Security Update for Windows 7 for x64-based Systems (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
1/12/2012 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/12/2012 Security Update for Windows 7 for x64-based Systems (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/12/2012 Windows Malicious Software Removal Tool x64 - January 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/12/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656351)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/12/2012 Update for Microsoft Office 2007 suites (KB2596686)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
1/12/2012 Security Update for Windows 7 for x64-based Systems (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
1/12/2012 Security Update for Windows 7 for x64-based Systems (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/15/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2596764)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/15/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
12/15/2011 Windows Malicious Software Removal Tool x64 - December 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/15/2011 Security Update for Windows 7 for x64-based Systems (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/15/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2596912)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/15/2011 Update for Microsoft Office Excel 2007 (KB2596596)
Microsoft has released an update for Microsoft Office Excel 2007
. This update provides the latest fixes to Microsoft Office Excel
2007 . Additionally, this update contains stability and performance
improvements.
12/15/2011 Security Update for Microsoft Office Publisher 2007 (KB2596705)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/15/2011 Security Update for Microsoft Office 2007 suites (KB2596785)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/15/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2618444)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/15/2011 Update for Microsoft Office 2007 suites (KB2596651)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
12/15/2011 Security Update for Windows 7 for x64-based Systems (KB2639417)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/15/2011 Update for Microsoft Office 2007 suites (KB2596789)
Microsoft has released an update for Microsoft Office 2007 suites
. This update provides the latest fixes to Microsoft Office 2007
suites . Additionally, this update contains stability and performance
improvements.
12/15/2011 Security Update for Windows 7 for x64-based Systems (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/15/2011 Update for Windows 7 for x64-based Systems (KB2633952)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
12/13/2011 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
Microsoft has released an update for Microsoft Office File Validation
2010, 32-bit Edition. This update provides the latest fixes to
Microsoft Office File Validation 2010, 32-bit Edition. Additionally,
this update contains stability and performance improvements.
12/11/2011 Microsoft Office File Validation Add-in
Microsoft Office File Validation is a security add-in for Office
2003 and 2007. Office File Validation is used to validate that
Binary File Format files conform to the Microsoft Office File
Format. The user will be notified of possible security risks
if files fail to conform to the format.
11/13/2011 Update for Windows 7 for x64-based Systems (KB2641690)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
11/9/2011 Security Update for Windows 7 for x64-based Systems (KB2620704)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/9/2011 Security Update for Windows 7 for x64-based Systems (KB2588516)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/9/2011 Security Update for Windows 7 for x64-based Systems (KB2617657)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
11/9/2011 Windows Malicious Software Removal Tool x64 - November 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/27/2011 Update for Windows 7 for x64-based Systems (KB2603229)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/13/2011 Security Update for Microsoft Silverlight (KB2617986)
This security update to Silverlight includes fixes outlined in
KBs 2604930 and 2617986. This update is backward compatible with
web applications built using previous versions of Silverlight.
10/13/2011 Windows Malicious Software Removal Tool x64 - October 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/13/2011 Security Update for Windows 7 for x64-based Systems (KB2567053)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2572078)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2596560)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
10/13/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2586448)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/13/2011 Security Update for Windows 7 for x64-based Systems (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2572077)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/13/2011 Security Update for Windows 7 for x64-based Systems (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/28/2011 Windows Malicious Software Removal Tool x64 - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/17/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
9/17/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2533523)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
9/15/2011 Security Update for Microsoft Office 2007 System (KB2553090)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/15/2011 Security Update for Microsoft Office Excel 2007 (KB2553073)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/15/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553110)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
9/15/2011 Security Update for Windows 7 for x64-based Systems (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/15/2011 Security Update for Microsoft Office 2007 System (KB2553089)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/15/2011 Security Update for the 2007 Microsoft Office System (KB2553074)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
9/15/2011 Update for Microsoft Office Outlook 2007 (KB2583910)
Microsoft has released an update for Microsoft Office Outlook
2007. This update provides the latest fixes to Microsoft Office
Outlook 2007. Additionally, this update contains stability and
performance improvements.
9/15/2011 Security Update for Microsoft Office 2007 System (KB2584063)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
9/15/2011 Update for Windows 7 for x64-based Systems (KB2616676)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
9/15/2011 Windows Malicious Software Removal Tool x64 - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/7/2011 Update for Windows 7 for x64-based Systems (KB2607712)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
8/23/2011 Update for Windows 7 for x64-based Systems (KB2570791)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
8/17/2011 Update for Windows 7 for x64-based Systems (KB2547666)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/17/2011 Update for Windows 7 for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/17/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2539635)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/17/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/17/2011 Update for Windows 7 for x64-based Systems (KB2529073)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
8/17/2011 Update for Windows 7 for x64-based Systems (KB982018)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
8/15/2011 Microsoft Office File Validation Add-in
Microsoft Office File Validation is a security add-in for Office
2003 and 2007. Office File Validation is used to validate that
Binary File Format files conform to the Microsoft Office File
Format. The user will be notified of possible security risks
if files fail to conform to the format.
8/15/2011 Windows 7 Service Pack 1 for x64-based Systems (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
8/9/2011 Update for Windows 7 for x64-based Systems (KB2563227)
Install this update to resolve performance and reliability issues
in Windows. By applying this update, you can achieve better performance
and responsiveness in various scenarios. For a complete listing
of the issues that are included in this update, see the associated
Microsoft Knowledge Base article for more information. After
you install this item, you may have to restart your computer.
8/9/2011 Security Update for Windows 7 for x64-based Systems (KB2560656)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/9/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2586924)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
8/9/2011 Security Update for Windows 7 for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/9/2011 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
8/9/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2539634)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/9/2011 Windows Malicious Software Removal Tool x64 - August 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/9/2011 Security Update for Windows 7 for x64-based Systems (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/9/2011 Security Update for Windows 7 for x64-based Systems (KB2563894)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/9/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2539636)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
8/9/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2559049)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/9/2011 Security Update for Windows 7 for x64-based Systems (KB2556532)
A security issue has been identified that could allow an authenticated
local attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
7/17/2011 Windows Malicious Software Removal Tool x64 - July 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/17/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553975)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
7/17/2011 Security Update for Windows 7 for x64-based Systems (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/17/2011 Security Update for Windows 7 for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/17/2011 Security Update for Windows 7 for x64-based Systems (KB2555917)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/17/2011 Update for Windows 7 for x64-based Systems (KB2533623)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
7/1/2011 Update for Windows 7 for x64-based Systems (KB2552343)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
7/1/2011 Update for Windows 7 for x64-based Systems (KB2547666)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
7/1/2011 Update for Windows 7 for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/21/2011 Windows 7 Service Pack 1 for x64-based Systems (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
6/21/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/21/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/21/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/21/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2478661)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
6/17/2011 Windows Malicious Software Removal Tool x64 - June 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for Microsoft Office Excel 2007 (KB2541007)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
6/17/2011 Update for Microsoft Office 2007 System (KB2539530)
Microsoft has released an update for Microsoft Office 2007 System.
This update provides the latest fixes to Microsoft Office 2007
System. Additionally, this update adds support for the new Indian
rupee currency symbol.
6/17/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2503665)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2530548)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
6/17/2011 Security Update for Microsoft Silverlight (KB2512827)
This security update to Silverlight includes fixes outlined in
KBs 2514842 and 2512827. This update is backward compatible with
web applications built using previous versions of Silverlight.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2525694)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
6/17/2011 Update for Windows 7 for x64-based Systems (KB2488113)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/17/2011 Security Update for Windows 7 for x64-based Systems (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
6/17/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
5/26/2011 Update for Windows 7 for x64-based Systems (KB2541014)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/24/2011 Update for Windows 7 for x64-based Systems (KB2533552)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
5/11/2011 Update for Microsoft Office Outlook 2007 (KB2509470)
Microsoft has released an update for Microsoft Office Outlook
2007. This update provides the latest fixes to Microsoft Office
Outlook 2007. Additionally, this update contains stability and
performance improvements.
5/11/2011 Update for Windows 7 for x64-based Systems (KB2534366)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/11/2011 Windows Malicious Software Removal Tool x64 - May 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/11/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
5/11/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2536413)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
5/11/2011 Update for Windows 7 for x64-based Systems (KB2529073)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/27/2011 Update for Windows 7 for x64-based Systems (KB2515325)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/27/2011 Update for Windows 7 for x64-based Systems (KB2522422)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/27/2011 Update for Windows 7 for x64-based Systems (KB2492386)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
4/27/2011 Update for Windows 7 for x64-based Systems (KB982018)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/27/2011 Update for Windows 7 for x64-based Systems (KB2506928)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/27/2011 Windows Malicious Software Removal Tool x64 - April 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/20/2011 Update for Microsoft Silverlight (KB2526954)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
4/19/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2467175)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/19/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2467174)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/16/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2446709)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
4/16/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2522999)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
4/16/2011 Security Update for Microsoft Office Excel 2007 (KB2464583)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/16/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2508272)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
4/16/2011 Update for Microsoft Office 2007 System (KB2508958)
Microsoft has released an update for Microsoft Office 2007 System.
This update decreases installation failures for updates installed
on Microsoft Office 2007 System.
4/16/2011 Update for Windows 7 for x64-based Systems (KB2511250)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2506223)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2497640)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
4/16/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Microsoft Office 2007 System (KB2509488)
A security vulnerability exists in Microsoft Office 2007 System
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2503658)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/16/2011 Security Update for the 2007 Microsoft Office System (KB2466156)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
4/16/2011 Update for Windows 7 for x64-based Systems (KB2506014)
An issue has been identified that could allow a user with administrative
permissions to load an unsigned driver. This update resolves
that issue. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/16/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
A security vulnerability exists in Microsoft Office PowerPoint
Viewer 2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
4/16/2011 Windows Malicious Software Removal Tool x64 - April 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Windows 7 for x64-based Systems (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/16/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2446708)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
3/28/2011 Update for Windows 7 for x64-based Systems (KB2505438)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
3/24/2011 Update for Windows 7 for x64-based Systems (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
3/12/2011 Security Update for Windows 7 for x64-based Systems (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/12/2011 Windows Malicious Software Removal Tool x64 - March 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/12/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2508979)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
3/12/2011 Security Update for Windows 7 for x64-based Systems (KB2483614)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/9/2011 Update for Microsoft Silverlight (KB2495644)
This update to Silverlight improves security, reliability, accessibility
support, startup performance, enhances line-of-business support
and includes several fixes to better support rich internet applications.
This update is backward compatible with web applications built
using previous versions of Silverlight.
2/24/2011 Update for Windows 7 for x64-based Systems (KB2387530)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/24/2011 Update for Windows 7 for x64-based Systems (KB2484033)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/10/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2482017)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/10/2011 Security Update for Windows 7 for x64-based Systems (KB2425227)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
2/10/2011 Windows Malicious Software Removal Tool x64 - February 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/10/2011 Security Update for Windows 7 for x64-based Systems (KB2479628)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/10/2011 Update for Windows 7 for x64-based Systems (KB2467023)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/10/2011 Update for Windows 7 for x64-based Systems (KB2487426)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/10/2011 Update for Windows 7 for x64-based Systems (KB2454826)
This is a reliability update. Install this update to enable a
set of performance and functionality updates for graphics, Media
Foundation, and XPS components on Windows 7 and Windows Server
2008 R2 systems. After you install this item, you may have to
restart your computer.
2/10/2011 Security Update for Windows 7 for x64-based Systems (KB2475792)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
2/10/2011 Security Update for Windows 7 for x64-based Systems (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/10/2011 Security Update for Windows 7 for x64-based Systems (KB2485376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/10/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2492475)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
2/2/2011 Update for Windows 7 for x64-based Systems (KB976902)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
1/14/2011 Update for Windows 7 for x64-based Systems (KB2454826)
This is a reliability update. Install this update to enable a
set of performance and functionality updates for graphics, Media
Foundation, and XPS components on Windows 7 systems. After you
install this item, you may have to restart your computer.
1/14/2011 Windows Malicious Software Removal Tool x64 - January 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/14/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2483110)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
1/14/2011 Update for Microsoft Office Outlook 2007 (KB2412171)
This update provides the latest fixes related to stability and
performance improvements for Microsoft Office Outlook 2007.
1/14/2011 Security Update for Windows 7 for x64-based Systems (KB2419640)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/20/2010 Security Update for Microsoft Office 2007 System (KB2289158)
A security vulnerability exists in the 2007 Microsoft Office
System and the Compatibility Pack for the 2007 Office system
that could allow remote code execution. This update resolves
that vulnerability.
12/20/2010 Security Update for Microsoft Office Publisher 2007 (KB2284697)
A security vulnerability exists in Microsoft Office Publisher
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office Excel 2007 (KB2345035)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB2344875)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB2345043)
A security vulnerability exists in the 2007 Microsoft Office
System and the Microsoft Office Compatibility Pack that could
allow arbitrary code to run when a maliciously modified file
is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB2288621)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2413381)
A security vulnerability exists in Microsoft Office PowerPoint
Viewer 2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office Word 2007 (KB2344993)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
A security vulnerability exists in Microsoft Office Visio Viewer
2007 that could allow arbitrary code to run when a maliciously
modified web page is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office InfoPath 2007 (KB979441)
A security vulnerability exists in Microsoft Office InfoPath
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB972581)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that the 2007 Microsoft Office System documents are handled
appropriately.
12/20/2010 Security Update for Microsoft Office PowerPoint 2007 (KB982158)
A security vulnerability exists in Microsoft Office PowerPoint
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for Microsoft Office Access 2007 (KB979440)
A security vulnerability exists in Microsoft Office Access 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB976321)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB969559)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that the 2007 Microsoft Office System documents are handled
appropriately.
12/20/2010 Security Update for the 2007 Microsoft Office System (KB974234)
This update resolves a problem that can cause programs that use
the Outlook View Control with Forms 2.0, such as Microsoft Office
Outlook with Business Contact Manager, to stop functioning as
expected after Security Update for Microsoft Office Outlook 2007
(KB972363) is installed.
12/20/2010 Security Update for Microsoft Office 2007 System (KB2288931)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/20/2010 Update for the 2007 Microsoft Office System (KB2284654)
Microsoft has released an update for 2007 Microsoft Office System.
This update is an accumulation of the latest fixes, including
solutions for stability and performance with Visual Studio.
12/20/2010 Security Update for Microsoft Office Outlook 2007 (KB2288953)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/19/2010 Update for Microsoft Office PowerPoint 2007 Help (KB963669)
This update installs the latest assistance content for the Microsoft
Office PowerPoint 2007 Help file and the Office PowerPoint 2007
Developer Help file.
12/19/2010 Update for Microsoft Office Word 2007 Help (KB963665)
This update installs the latest assistance content for the Microsoft
Office Word 2007 Help file and the Office Word 2007 Developer
Help file.
12/19/2010 Update for Microsoft Office Outlook 2007 Help (KB963677)
This update installs the latest assistance content for the Microsoft
Office Outlook 2007 Help file and the Office Outlook 2007 Developer
Help file.
12/19/2010 Update for Microsoft Office Excel 2007 Help (KB963678)
This update installs the latest assistance content for the Microsoft
Office Excel 2007 Help file and the Office Excel 2007 Developer
Help file.
12/19/2010 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
Service Pack 2 provides the latest updates to the 2007 Microsoft
Office Suite. This update also applies to Microsoft Office Project,
Microsoft Office SharePoint Designer, Microsoft Expression Web,
Microsoft Office Visio, and Visual Web Developer.
12/19/2010 Update for Microsoft Office Access 2007 Help (KB963663)
This update installs the latest assistance content for the Microsoft
Office Access 2007 Help file and the Office Access 2007 Developer
Help file.
12/18/2010 Update for Microsoft Office Publisher 2007 Help (KB963667)
This update installs the latest assistance content for the Microsoft
Office Publisher 2007 Help file and the Office Publisher 2007
Developer Help file.
12/18/2010 Security Update for Microsoft Office 2007 (KB951550)
A security vulnerability exists in Microsoft Office 2007 that
could allow information disclosure. This update resolves that
issue.
12/18/2010 Security Update for the 2007 Microsoft Office System (KB951944)
A security vulnerability exists in the 2007 Microsoft Office
System and the Compatibility Pack for the 2007 Office system
that could allow remote code execution. This update resolves
that vulnerability.
12/18/2010 Update for the 2007 Microsoft Office System Help for Common Features (KB963673)
This update installs the latest assistance content for the Microsoft
Office 2007 Help file.
12/18/2010 Update for the 2007 Microsoft Office System (KB967642)
This update fixes an error that may occur when installing the
Microsoft Office suite Service Packs.
12/18/2010 Security Update for Microsoft Visual C++ 2008 Redistributable Package (KB973924)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2008 Redistributable Package and gain complete control over
it. You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
12/18/2010 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2466076)
This update provides the Junk E-mail Filter in Microsoft Office
Outlook 2007 with a more current definition of which e-mail messages
should be considered junk e-mail.
12/18/2010 Update for Microsoft Script Editor Help (KB963671)
This update installs the latest assistance content for the Microsoft
Script Editor Help file that is included with the 2007 Office
System.
12/18/2010 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB973923)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system with Microsoft Visual
C++ 2005 Service Pack 1 Redistributable Package and gain complete
control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
12/16/2010 Update for Windows 7 for x64-based Systems (KB2443685)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2305420)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2296199)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2436673)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Update for Internet Explorer for Windows 7 for x64-based Systems (KB2467659)
Install this update to resolve issues in Internet Explorer. For
a complete listing of the issues that are included in this update,
see the associated Microsoft Knowledge Base article for more
information. After you install this item, you may have to restart
your computer.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2385678)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Windows Malicious Software Removal Tool x64 - December 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Security Update for Windows 7 for x64-based Systems (KB2442962)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/16/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2416400)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/26/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2447568)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
11/9/2010 Windows Malicious Software Removal Tool x64 - November 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/30/2010 Cumulative Update for Media Center for Windows 7 x64-based Systems (KB2284742)
Install this update to resolve issues with Media Center for Windows
7. For a complete listing of the issues that are included in
this cumulative update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
10/30/2010 Update for Windows 7 for x64-based Systems (KB2388210)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
10/30/2010 Update for Windows 7 for x64-based Systems (KB2249857)
This is a reliability update. Install this update to prevent
disk corruption when hibernating or crashing using a disk drive
that is greater than or equal to two terabytes. After you install
this item, you may have to restart your computer.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB979688)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB2207566)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB2281679)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Security Update for .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2160841)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2360131)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/23/2010 Windows Malicious Software Removal Tool x64 - October 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/23/2010 Update for Windows 7 for x64-based Systems (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
10/23/2010 Security Update for Windows 7 for x64-based Systems (KB981957)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/10/2010 Security Update for Microsoft .NET Framework 3.5.1, Windows 7, and Windows Server 2008 R2 for x64-based Systems (KB2416471)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
10/4/2010 Update for Windows 7 for x64-based Systems (KB2158563)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
10/4/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2362765)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
10/4/2010 Update for Windows 7 for x64-based Systems (KB979538)
Install this update to prevent unexpected shutdowns or bluescreens
when you are using a USB video device. After you install this
item, you may have to restart your computer.
9/16/2010 Security Update for Windows 7 for x64-based Systems (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
9/16/2010 Windows Malicious Software Removal Tool x64 - September 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
9/16/2010 Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2398632)
This update (KB2398632) addresses an issue with the Internet
Explorer 8 Add-on upgrade advisor that was introduced by KB2183461:
MS10-053 - Cumulative Security update for Windows Internet Explorer
for Windows 7 and Windows Server 2008 R2. After you install this
item, you may have to restart your computer.
8/26/2010 Update for Windows 7 for x64-based Systems (KB982110)
Install this update to resolve a set of known application compatibility
issues. For complete details of this update, see the associated
Knowledge Base Article. After you install this item, you may
have to restart your computer.
8/26/2010 Update for Windows 7 for x64-based Systems (KB2272691)
Install this update to resolve issues with non-compatible applications.
For complete details of this update, see the associated Knowledge
Base Article. After you install this item, you may have to restart
your computer.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB982214)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB980436)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB983590)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB978886)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB981852)
A security issue has been identified that could allow an authenticated
local attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
8/11/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2183461)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB982799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB982664)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB2160329)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Security Update for Windows 7 for x64-based Systems (KB2079403)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
8/11/2010 Windows Malicious Software Removal Tool x64 - August 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
8/7/2010 Security Update for Windows 7 for x64-based Systems (KB2286198)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
7/18/2010 Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670)
The Microsoft .NET Framework 4 Client Profile provides a subset
of features from the .NET Framework 4. The Client Profile is
designed to run client applications and to enable the fastest
possible deployment for Windows Presentation Foundation (WPF)
and Windows Forms technology.
7/18/2010 Realtek - Network - Realtek PCIe GBE Family Controller
Realtek Network software update released in March, 2010
7/18/2010 Update for Windows 7 for x64-based Systems (KB976422)
Install this update to support Secure Digital (SD) cards that
are larger than 32 GB. After you install this item, you may have
to restart your computer.
7/18/2010 Lexmark Inkjet Drivers - Printers - Lexmark S300-S400 Series
Lexmark Inkjet Drivers Printers software update released in April,
2010
7/18/2010 Acer Incorporated - Display - Acer LCD Monitor V173W
Acer Incorporated Display software update released in February,
2008
7/17/2010 Windows Malicious Software Removal Tool x64 - July 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/17/2010 Security Update for Windows 7 for x64-based Systems (KB2032276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/24/2010 Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer. Once you have installed this item,
it cannot be removed.
6/24/2010 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
6/24/2010 Update for Windows 7 for x64-based Systems (KB980846)
Install this update to allow Windows 7 to provide a Windows Vista
context for legacy applications designed for older Windows versions.
After you install this item, you may have to restart your computer.
6/24/2010 Update for Windows 7 for x64-based Systems (KB982519)
Install this update to resolve issues with non-compatible applications.
For complete details of this update, see the associated Knowledge
Base Article. After you install this item, you may have to restart
your computer.
6/24/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB982526)
This update addresses a set of known issues of the Microsoft
.NET Framework 3.5 Service Pack 1. After you install this item,
you may have to restart your computer.
6/24/2010 Cumulative Update for Media Center for Windows 7 x64-based Systems (KB981078)
Install this update to resolve issues with Media Center for Windows
7. For a complete listing of the issues that are included in
this cumulative update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
6/13/2010 Security Update for Windows 7 for x64-based Systems (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/13/2010 Windows Malicious Software Removal Tool x64 - June 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
6/13/2010 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB980195)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
6/13/2010 Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB979916)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
6/13/2010 Security Update for Windows 7 for x64-based Systems (KB980218)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/13/2010 Security Update for Windows 7 for x64-based Systems (KB979559)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
6/13/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB982381)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
5/29/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB982632)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
5/29/2010 Update for Windows 7 for x64-based Systems (KB981793)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
5/14/2010 Security Update for Windows 7 for x64-based Systems (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
5/14/2010 Windows Malicious Software Removal Tool x64 - May 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/5/2010 Update for Windows 7 for x64-based Systems (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
4/30/2010 Update for Windows 7 for x64-based Systems (KB975496)
Install this update to resolve the issue in which a computer
stops responding during shutdown if BitLocker is enabled on the
system drive on a computer that is running Windows 7 or Windows
Server 2008 R2. After you install this item, you may have to
restart your computer.
4/30/2010 Update for Windows 7 for x64-based Systems (KB980408)
Install this update to resolve reliability issues with Windows
7 and Server 2008 R2. For complete details of this update, see
the Knowledge Base Article. After you install this item, you
may have to restart your computer.
4/14/2010 Security Update for Windows 7 for x64-based Systems (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/14/2010 Security Update for Windows 7 for x64-based Systems (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/14/2010 Security Update for Windows 7 for x64-based Systems (KB981332)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/14/2010 Windows Malicious Software Removal Tool x64 - April 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/14/2010 Security Update for Windows 7 for x64-based Systems (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/14/2010 Security Update for Windows 7 for x64-based Systems (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/2/2010 Windows Malicious Software Removal Tool x64 - March 2010 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/2/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB980182)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/26/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB980302)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
3/13/2010 Update for Windows 7 for x64-based Systems (KB976264)
Install this update to resolve issues with non-compatible applications
for Windows 7. For complete details of this update, see Knowledge
Base Article KB976264. After you install this item, you may have
to restart your computer.
3/1/2010 ATI Technologies Inc. driver update for AMD 760G
This driver was provided by ATI Technologies Inc. for support
of AMD 760G
3/1/2010 Security Update for Windows 7 for x64-based Systems (KB978251)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/1/2010 Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
3/1/2010 Security Update for Windows 7 for x64-based Systems (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/1/2010 Update for Windows 7 for x64-based Systems (KB977074)
This is a reliability update. This update resolves some reliability
issues in Windows 7. By applying this update, you can achieve
better reliability in various scenarios. After you install this
item, you may have to restart your computer.
3/1/2010 Update for Windows 7 for x64-based Systems (KB978637)
Install this update to address an issue in which program compatibility
settings are ignored and cause applications opened through another
32-bit application to exhibit Windows Vista behavior on Windows
7 x64 or Windows 2008 R2 x64/IA-64. The fix additionally prevents
the user from receiving an incorrect ‘Program Compatibility Assistant’
warning that the installation has failed while it has actually
succeeded. After you install this item, you may have to restart
your computer.
3/1/2010 Update for Windows 7 for x64-based Systems (KB979306)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2010. After you install this item, you
may have to restart your computer.
3/1/2010 Security Update for Windows 7 for x64-based Systems (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/1/2010 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB978262)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
3/1/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB978207)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/1/2010 Update for Windows 7 for x64-based Systems (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
3/1/2010 Cumulative Update for Media Center for Windows 7 x64-based Systems (KB977863)
Install this update to resolve issues with Media Center for Windows
7. For a complete listing of the issues that are included in
this cumulative update, see Microsoft Knowledge Base article
977863. After you install this item, you may have to restart
your computer.
3/1/2010 Security Update for Windows 7 for x64-based Systems (KB971468)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/1/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB978506)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
2/26/2010 Definition Update for Windows Defender - KB915597 (Definition 1.77.30.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
System Folders
Path for burning CD C:\Users\Justin\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Justin\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Justin\Desktop
Physical Desktop C:\Users\Justin\Desktop
User Favorites C:\Users\Justin\Favorites
Fonts C:\windows\Fonts
Internet History C:\Users\Justin\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Justin\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Justin\AppData\Local
Windows directory C:\windows
Windows/System C:\windows\system32
Program Files C:\Program Files
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on Not Defined
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Services
Running AMD External Events Utility
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running ArcSoft Connect Daemon
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Comcast AntiSpyware
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Listener
Running HomeGroup Provider
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running lxea_device
Running MBAMService
Running Multimedia Class Scheduler
Running Nero Update
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Norton Security Suite
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Plug and Play
Running PnP-X IP Bus Enumerator
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running UPnP Device Host
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Backup
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Installer
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Modules Installer
Running Windows Search
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Flash Player Update Service
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Credential Manager
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped Health Key and Certificate Management
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped lxeaCATSCustConnectService
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped Wired AutoConfig
Stopped WLAN AutoConfig
Stopped WWAN AutoConfig
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
AMD Phenom™ II X4 955 Processor
AMD Phenom™ II X4 955 Processor
AMD Phenom™ II X4 955 Processor
AMD Phenom™ II X4 955 Processor
System board
ACPI Power Button
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
ATI I/O Communications Processor SMBus Controller
ATI I/O Communications Processor PCI Bus Controller
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
Motherboard resources
PCI standard host CPU bridge
Motherboard resources
PCI standard PCI-to-PCI bridge
ATI Radeon 3000 Graphics
Acer LCD Monitor V173W
High Definition Audio Controller
ATI HDMI Audio
PCI standard PCI-to-PCI bridge
Realtek PCIe GBE Family Controller
Standard Dual Channel PCI IDE Controller
ATA Channel 0
WDC WD15EARS-00Z5B1 ATA Device
ATA Channel 1
CD-ROM Drive
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
USB Input Device
HID-compliant mouse
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
Generic USB SD Reader USB Device
Generic USB CF Reader USB Device
Generic USB xD/SM Reader USB Device
Generic USB MS Reader USB Device
Standard Dual Channel PCI IDE Controller
ATA Channel 0
ATA Channel 1
High Definition Audio Controller
Realtek High Definition Audio
PCI standard ISA bridge
Programmable interrupt controller
Direct memory access controller
System timer
System CMOS/real time clock
System speaker
Numeric data processor
Communications Port (COM1)
High precision event timer
Motherboard resources
Motherboard resources
Standard PS/2 Keyboard
Motherboard resources
Printer Port (LPT1)
Printer Port Logical Interface
Standard OpenHCD USB Host Controller
USB Root Hub
CPU
AMD Phenom II X4 955
Cores 4
Threads 4
Name AMD Phenom II X4 955
Code Name Deneb
Package Socket AM3 (938)
Technology 45nm
Specification AMD Phenom™ II X4 955 Processor
Family F
Extended Family 10
Model 4
Extended Model 4
Stepping 3
Revision RB-C3
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Fan Speed 4672 RPM
Bus Speed 800.1 MHz
Rated Bus Speed 8000.6 MHz
Stock Core Speed 800 MHz
Stock Bus Speed 200 MHz
Average Temperature 51 °C
Caches
L1 Data Cache Size 4 x 64 KBytes
L1 Instructions Cache Size 4 x 64 KBytes
L2 Unified Cache Size 4 x 512 KBytes
L3 Unified Cache Size 6144 KBytes
Core 0
Core Speed 12800.9 MHz
Multiplier x 16.0
Bus Speed 800.1 MHz
Rated Bus Speed 8000.6 MHz
Temperature 51 °C
Thread 1
APIC ID 0
Core 1
Core Speed 12800.9 MHz
Multiplier x 16.0
Bus Speed 800.1 MHz
Rated Bus Speed 8000.6 MHz
Temperature 51 °C
Thread 1
APIC ID 1
Core 2
Core Speed 12800.9 MHz
Multiplier x 16.0
Bus Speed 800.1 MHz
Rated Bus Speed 8000.6 MHz
Temperature 51 °C
Thread 1
APIC ID 2
Core 3
Core Speed 12800.9 MHz
Multiplier x 16.0
Bus Speed 800.1 MHz
Rated Bus Speed 8000.6 MHz
Temperature 51 °C
Thread 1
APIC ID 3
RAM
Memory slots
Total memory slots 4
Used memory slots 4
Free memory slots 0
Memory
Type DDR3
Size 8192 MBytes
Channels # Dual
DRAM Frequency 2666.9 MHz
CAS# Latency (CL) 9 clocks
RAS# to CAS# Delay (tRCD) 9 clocks
RAS# Precharge (tRP) 9 clocks
Cycle Time (tRAS) 24 clocks
Bank Cycle Time (tRC) 33 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 24 %
Total Physical 7.75 GB
Available Physical 5.87 GB
Total Virtual 15 GB
Available Virtual 14 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number 9905403-097.A00LF
Serial Number 8C0D620E
Week/year 49 / 09
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number 9905403-097.A00LF
Serial Number 0D0CCB91
Week/year 49 / 09
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #3
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number 9905403-097.A00LF
Serial Number 0E0CBE91
Week/year 49 / 09
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Slot #4
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number 9905403-097.A00LF
Serial Number 0E0CAA91
Week/year 49 / 09
SPD Ext. EPP
JEDEC #4
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
Motherboard
Manufacturer MICRO-STAR INTERNATIONAL CO.,LTD
Model 760GM -E51 (MS-7596) (CPU1)
Version 1.0
Chipset Vendor AMD
Chipset Model 780G
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model SB700
Southbridge Revision 00
System Temperature 54 °C
BIOS
Brand American Megatrends Inc.
Version V1.2B3
Date 11/17/2009
Voltage
+3.3V 3.360 V
CPU CORE 1.392 V
VIN2 2.176 V
VIN3 1.282 V
+5V 3.279 V
+12V 4.400 V
VIN6 0.560 V
VSB3V 3.360 V
CMOS BATTERY 3.280 V
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCIE1
Slot Number 2
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width 32 bit
Slot Designation PCIE2
Slot Number 3
Graphics
Monitor
Name Acer X173W on ATI Radeon 3000 Graphics
Current Resolution 1440x900 pixels
Work Resolution 1440x860 pixels
State enabled, primary, output devices support
Monitor Width 1440
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI Radeon 3000 Graphics
GPU RS780
Device ID 1002-9616
Subvendor MSI (1462)
Current Performance Level Level 1
Die Size 64 nm?
Release Date 2009
DirectX Support 10.0
DirectX Shader Model 4.0
OpenGL Support 2.0
Bios Core Clock 350.00
Bios Mem Clock 667.00
ROPs 4
Shaders 40 unified
Memory Type System
Pixel Fillrate 2.0 GPixels/s
Texture Fillrate 2.0 GTexels/s
Count of performance levels : 1
Level 1
OpenGL
Version 3.3.10750 Compatibility Profile Context
Vendor ATI Technologies Inc.
Renderer ATI Radeon 3000 Graphics
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 8192
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMDX_debug_output
GL_AMD_conservative_depth
GL_AMD_debug_output
GL_AMD_depth_clamp_separate
GL_AMD_draw_buffers_blend
GL_AMD_name_gen_delete
GL_AMD_performance_monitor
GL_AMD_sample_positions
GL_AMD_shader_stencil_export
GL_ARB_ES2_compatibility
GL_ARB_blend_func_extended
GL_ARB_color_buffer_float
GL_ARB_copy_buffer
GL_ARB_depth_buffer_float
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_buffers_blend
GL_ARB_draw_elements_base_vertex
GL_ARB_draw_instanced
GL_ARB_explicit_attrib_location
GL_ARB_fragment_coord_conventions
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_geometry_shader4
GL_ARB_get_program_binary
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_instanced_arrays
GL_ARB_map_buffer_range
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_provoking_vertex
GL_ARB_sampler_objects
GL_ARB_seamless_cube_map
GL_ARB_separate_shader_objects
GL_ARB_shader_bit_encoding
GL_ARB_shader_objects
GL_ARB_shader_precision
GL_ARB_shader_stencil_export
GL_ARB_shader_texture_lod
GL_ARB_shading_language_100
GL_ARB_shadow
GL_ARB_shadow_ambient
GL_ARB_sync
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_buffer_object_rgb32
GL_ARB_texture_compression
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_multisample
GL_ARB_texture_non_power_of_two
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_rgb10_a2ui
GL_ARB_texture_snorm
GL_ARB_timer_query
GL_ARB_transform_feedback2
GL_ARB_transform_feedback3
GL_ARB_transpose_matrix
GL_ARB_uniform_buffer_object
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_vertex_type_2_10_10_10_rev
GL_ARB_viewport_array
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_envmap_bumpmap
GL_ATI_fragment_shader
GL_ATI_meminfo
GL_ATI_separate_stencil
GL_ATI_texture_compression_3dc
GL_ATI_texture_env_combine3
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_copy_buffer
GL_EXT_copy_texture
GL_EXT_direct_state_access
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_geometry_shader4
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_histogram
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_EXT_subtexture
GL_EXT_texgen_reflection
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_rectangle
GL_EXT_texture_sRGB
GL_EXT_texture_shared_exponent
GL_EXT_texture_snorm
GL_EXT_texture_swizzle
GL_EXT_timer_query
GL_EXT_transform_feedback
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_blend_square
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_explicit_multisample
GL_NV_float_buffer
GL_NV_half_float
GL_NV_primitive_restart
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_SGIS_generate_mipmap
GL_SGIS_texture_edge_clamp
GL_SGIS_texture_lod
GL_SUN_multi_draw_arrays
GL_WIN_swap_hint
WGL_EXT_swap_control
GL_EXT_bgra
Hard Drives
WDC WD15EARS-00Z5B1 ATA Device
Manufacturer Western Digital
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number WD-WMAVU1371816
LBA Size 48-bit LBA
Power On Count 1494 times
Power On Time 71.1 days
Features S.M.A.R.T., AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 1397GB
Real size 1,500,301,910,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 0000000000
03 Spin-Up Time 182 (180) Data 00000016FB
04 Start/Stop Count 099 (099) Data 00000005D7
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 098 (098) Data 00000006AA
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 00000005D6
C0 Power-off Retract Count 200 (200) Data 0000000018
C1 Load/Unload Cycle Count 195 (195) Data 0000003D2C
C2 Temperature 115 (103) Data 0000000023
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000000
Temperature 35 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 100 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number DE850E98
Size 1397GB
Used Space 82GB (6%)
Free Space 1315GB (94%)
Optical Drives
CD-ROM Drive
Media Type DVD Writer
Name CD-ROM Drive
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 1
Status OK
Audio
Sound Cards
ATI HDMI Audio
Realtek High Definition Audio
Playback Devices
Realtek Digital Output (Realtek High Definition Audio)
Speakers (Realtek High Definition Audio) (default)
Realtek Digital Output(Optical) (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\windows\system32\DRIVERS\i8042prt.sys
File C:\windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\windows\system32\DRIVERS\mouhid.sys
File C:\windows\system32\DRIVERS\mouclass.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB CF Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB MS Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB SD Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB xD/SM Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\windows\system32\DRIVERS\disk.sys
Printers
ET0020006EF7EF
Printer Port WSD-b9ca983a-048f-4a50-be6e-b84f41bd2262.0036
Print Processor winprint
Availability Always
Priority 1
Duplex Long-edge binding
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Lexmark S300-S400 Series (v4.150)
Driver Path C:\windows\system32\spool\DRIVERS\x64\3\lxeadr.dll
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Lexmark S400 Series (Network) (Default Printer)
Share Name Lexmark S400 Series (Network)
Printer Port S300-S400_Series_6EF7EF_P1
Print Processor Lexmark S300-S400 Series Print Processor
Availability Always
Priority 1
Duplex Long-edge binding
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Lexmark S300-S400 Series (v4.150)
Driver Path C:\windows\system32\spool\DRIVERS\x64\3\lxeadr.dll
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
PDF995
Printer Port PDF995PORT
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 4294965892 dpi Color
Status Unknown
Driver
Driver Name PDF995 Printer Driver (v5.02)
Driver Path C:\windows\system32\spool\DRIVERS\x64\3\pscript5-64.dll
Network
You are connected to the internet
Connected through Realtek PCIe GBE Family Controller
IP Address 192.168.2.11
Subnet mask 255.255.255.0
Gateway server 192.168.2.1
Preferred DNS server 192.168.2.1
DHCP Enabled
DHCP server 192.168.2.1
External IP Address 69.138.126.189
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 36 kbps
Computer Name
NetBIOS Name JUSTIN-PC
DNS Name Justin-PC
Domain Name Justin-PC
Remote Desktop
Console
State Active
Domain Justin-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Simple File Sharing Disabled
Administrative Shares Enabled
Adapters List
Realtek PCIe GBE Family Controller
IP Address 192.168.2.11
Subnet mask 255.255.255.0
Gateway server 192.168.2.1
Network Shares
Users C:\Users
Lexmark S400 Series (Network) Lexmark S400 Series (Network),LocalsplOnly
Current TCP Connections
AppleMobileDeviceService.exe (1580)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:49855 (Querying... )
Local 127.0.0.1:49155 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
C:\Program Files (x86)\iTunes\iTunesHelper.exe (3216)
Local 127.0.0.1:49855 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
ComcastAntiSpyService.exe (1548)
Local 192.168.2.11:49161 ESTABLISHED Remote 96.17.76.131:80 (Querying... ) (HTTP)
Local 192.168.2.11:49162 ESTABLISHED Remote 184.51.207.125:80 (Querying... ) (HTTP)
Local 192.168.2.11:49163 ESTABLISHED Remote 23.49.56.41:80 (Querying... ) (HTTP)
Local 192.168.2.11:49165 ESTABLISHED Remote 96.17.147.90:80 (Querying... ) (HTTP)
System Process
Local 192.168.2.11:50264 TIME-WAIT Remote 74.122.202.72:80 (Querying... ) (HTTP)
Local 192.168.2.11:50080 TIME-WAIT Remote 74.125.137.139:443 (Querying... ) (HTTPS)
Local 192.168.2.11:50087 TIME-WAIT Remote 184.51.207.80:80 (Querying... ) (HTTP)
Local 192.168.2.11:50096 TIME-WAIT Remote 74.125.134.120:80 (Querying... ) (HTTP)
Local 192.168.2.11:50104 TIME-WAIT Remote 74.125.45.103:80 (Querying... ) (HTTP)
Local 192.168.2.11:50132 TIME-WAIT Remote 216.137.47.27:80 (Querying... ) (HTTP)
Local 192.168.2.11:50152 TIME-WAIT Remote 74.125.137.102:80 (Querying... ) (HTTP)
Local 192.168.2.11:50165 TIME-WAIT Remote 69.171.247.37:80 (Querying... ) (HTTP)
Local 192.168.2.11:50197 TIME-WAIT Remote 74.125.45.156:80 (Querying... ) (HTTP)
Local 192.168.2.11:50202 TIME-WAIT Remote 69.171.247.37:80 (Querying... ) (HTTP)
Local 192.168.2.11:50215 TIME-WAIT Remote 74.125.45.154:80 (Querying... ) (HTTP)
Local 192.168.2.11:50218 TIME-WAIT Remote 74.125.137.104:80 (Querying... ) (HTTP)
Local 192.168.2.11:50230 TIME-WAIT Remote 74.125.45.154:80 (Querying... ) (HTTP)
Local 192.168.2.11:50253 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50254 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50255 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50263 TIME-WAIT Remote 74.122.202.72:80 (Querying... ) (HTTP)
Local 192.168.2.11:50303 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50304 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50060 TIME-WAIT Remote 74.125.45.155:80 (Querying... ) (HTTP)
Local 192.168.2.11:50305 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50306 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50307 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50308 TIME-WAIT Remote 192.168.2.1:5432 (Querying... )
Local 192.168.2.11:50058 TIME-WAIT Remote 74.125.45.139:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:2869 LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:10243 LISTEN
Local 192.168.2.11:139 (NetBIOS session service) LISTEN
ccsvchst.exe (1792)
Local 127.0.0.1:49158 LISTEN
lsass.exe (588)
Local 0.0.0.0:49157 LISTEN
mDNSResponder.exe (1628)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:49155 (Querying... )
services.exe (572)
Local 0.0.0.0:49156 LISTEN
spoolsv.exe (1404)
Local 0.0.0.0:49160 LISTEN
svchost.exe (124)
Local 0.0.0.0:49154 LISTEN
Local 192.168.2.11:50249 ESTABLISHED Remote 65.55.53.156:443 (Querying... ) (HTTPS)
svchost.exe (828)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (956)
Local 0.0.0.0:49153 LISTEN
wininit.exe (512)
Local 0.0.0.0:49152 LISTEN
wmpnetwk.exe (4000)
Local 0.0.0.0:554 LISTEN
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Spybot is fine - just don't let it use the Teatimer or the immunize feature.

Ad-Aware is OK but you have to be careful with it since they now also include an anti-virus so you need to make sure they do not install their anti-virus at the same time.

What Process Explorer is tell me is that ComcastAntiSpy.exe is hogging the CPU and slowing everything down. It's using almost 1/4 of the CPU time.

ComcastAntiSpy.exe 3624 24.91 4,672 K 27,712 K (Verified) Visicom Media Inc.


I would uninstall it and see if things speed up. Run Process Explorer again and post the new log after you remove Comcast.

Speccy says you are running a tad hot for a desktop. May have some dust issues so open it up and clean it out.

You can uninstall Speccy and I would also uninstall Comcast Antispy. Either it's broken or it's continually running a scan.
  • 0

#10
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
OK, so use Spybot / Adaware instead of Malwarebytes? OR is there something even better. Remember I have kids that download games... We are trying to limit that, but it is difficult. Thanks SO MUCH for all of your help!!!


Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 95.16 0 K 24 K
procexp64.exe 3416 2.43 24,692 K 45,084 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts n/a 1.19 0 K 0 K Hardware Interrupts and DPCs
dwm.exe 3068 0.49 32,468 K 29,156 K Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 536 0.20 3,328 K 11,720 K (Unable to verify) (null)
System 4 0.19 172 K 1,948 K
uTorrent.exe 3404 0.12 10,000 K 16,908 K µTorrent BitTorrent, Inc. (Verified) BitTorrent Inc
svchost.exe 1588 0.06 8,732 K 16,128 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ccsvchst.exe 1708 0.06 76,992 K 19,324 K Symantec Service Framework Symantec Corporation (Verified) Symantec Corporation
explorer.exe 1472 0.03 54,212 K 64,056 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
services.exe 560 0.02 5,672 K 9,368 K (Unable to verify) (null)
reader_sl.exe 3528 0.01 1,564 K 4,388 K Adobe Acrobat SpeedLauncher Adobe Systems Incorporated (Verified) Adobe Systems, Incorporated
svchost.exe 1120 0.01 15,136 K 15,968 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 384 0.01 216,244 K 133,924 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe 1524 0.01 3,220 K 9,404 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
wmpnetwk.exe 3852 < 0.01 12,288 K 29,124 K Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 124 < 0.01 9,992 K 16,932 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 1316 < 0.01 10,112 K 19,188 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4092 < 0.01 12,100 K 14,856 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 2596 < 0.01 21,912 K 16,536 K Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 1852 < 0.01 3,444 K 8,088 K (Unable to verify) (null)
svchost.exe 1000 < 0.01 124,140 K 133,468 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 428 < 0.01 2,240 K 4,284 K (Unable to verify) (null)
svchost.exe 1384 < 0.01 25,812 K 29,940 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 3192 2,296 K 6,288 K (Unable to verify) (null)
WmiPrvSE.exe 4024 2,848 K 6,420 K (Unable to verify) (null)
winlogon.exe 704 3,328 K 7,376 K (Unable to verify) (null)
wininit.exe 504 1,700 K 4,580 K (Unable to verify) (null)
TrustedInstaller.exe 436 3,700 K 8,916 K Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 2936 3,496 K 7,612 K Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2960 2,316 K 5,992 K (Unable to verify) (null)
svchost.exe 740 4,724 K 9,476 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 820 4,080 K 7,684 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 944 18,976 K 22,032 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2396 2,548 K 5,936 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sppsvc.exe 1392 2,528 K 8,024 K Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
smss.exe 292 532 K 1,180 K (Unable to verify) (null)
SearchFilterHost.exe 216 3,028 K 6,688 K (Unable to verify) (null)
procexp.exe 2348 2,024 K 6,924 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
NASvc.exe 4064 2,056 K 6,028 K NeroUpdate Nero AG (Verified) Nero AG
mDNSResponder.exe 1548 2,220 K 5,604 K Bonjour Service Apple Inc. (Verified) Apple Inc.
mbamservice.exe 2592 105,184 K 40,660 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
mbamgui.exe 3560 2,780 K 7,468 K Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
lxeacoms.exe 1652 2,448 K 5,892 K Printer Communication System (Verified) Microsoft Windows Hardware Compatibility Publisher
lsm.exe 584 2,612 K 4,296 K (Unable to verify) (null)
lsass.exe 576 5,048 K 11,592 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 3544 1,200 K 4,272 K Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America, Inc.
dllhost.exe 4128 2,440 K 5,984 K COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ccsvchst.exe 2948 13,088 K 10,260 K (Unable to verify) (null)
audiodg.exe 408 17,856 K 17,564 K (Unable to verify) (null)
atiesrxx.exe 880 1,700 K 4,428 K AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 1272 2,536 K 6,600 K (Unable to verify) (null)
AdobeARM.exe 3536 6,732 K 16,332 K Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems, Incorporated
ACService.exe 1484 1,256 K 3,864 K ArcSoft Connect Service ArcSoft Inc. (Verified) ArcSoft, Inc.
  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
I think MalwareBytes is probably the best of the three. Spybot is quickest. I guess I would keep those two and leave off Comcast and Ad-Aware. Java is having a lot of problems right now with malware so I would uninstall it completely. If there are sites that you must use Java on then you can run Firefox with the NoScript add-on or Chrome with the ScriptNo add-on. These require you to approve a site's use of Java or Javascript the first time you visit a site so can be inconvenient but a lot safer.


Process Explorer looks much better CPU wise so I expect your PC is responding a lot better:

System Idle Process 0 95.16 0 K 24 K



This is a good number for System Idle.

But it appears that you have picked up an infection. The first time it looked at services.exe it was fine:

services.exe 572 5,364 K 9,148 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows


The second time it changed:

services.exe 560 0.02 5,672 K 9,368 K (Unable to verify) (null)


Rerun Combofix as before. Remember to pause your anti-virus and to rightclick on ComboFix and select Run As Administrator to start the program. I expect Combofix will want to update. Please allow it. Post the log when done.
  • 0

#12
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Gm! I deleted java, ran combo.... 30 minutes later, pc went to sleep. I woke it up, it is stuck on blue screen completed stage 4. Drive light flickers a little bit with a lot of gap time inbetween. Not sure what to do now. Oh... Even though I disabled malwarebytes, when I woke it up it said it discovered something.
  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Close Combofix if you haven't already. Reboot


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group and in the Drivers group then Run Scan.

You should get two logs. Please copy and paste both of them.

I'll be leaving the house shortly. Won't be back until around noon Pacific time.
  • 0

#14
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Upon reboot I got a Recycle Bin Currupt error, do you want to fix... I said yes...

Here are the logs:

OTL logfile created on: 9/2/2012 11:46:47 AM - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 81.14% Memory free
15.50 Gb Paging File | 14.01 Gb Available in Paging File | 90.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1315.54 Gb Free Space | 94.16% Space Free | Partition Type: NTFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/02/08 19:50:33 | 000,738,168 | ---- | M] (BitTorrent, Inc.) -- C:\_OTL\MovedFiles\08272012_161743\C_Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2010/01/18 15:27:42 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2009/05/27 10:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 17:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/30 10:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2009/03/30 10:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2009/03/30 10:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2009/03/30 10:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2009/03/30 10:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2009/03/30 10:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2009/03/30 10:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2009/03/10 03:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 12:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/20 04:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 04:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/14 20:36:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/14 20:45:32 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeacoms.exe -- (lxea_device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (All) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/06/02 01:50:10 | 000,458,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2012/06/02 01:48:16 | 000,151,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2012/06/02 01:48:16 | 000,095,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/04/27 23:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/03/17 03:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/17 00:57:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/10/02 15:30:34 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/08 22:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/28 23:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2011/04/28 23:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/28 23:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/26 22:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/04/26 22:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/24 23:29:26 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2011/03/24 23:29:14 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2011/03/24 23:29:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2011/03/24 23:29:04 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2011/03/24 23:29:03 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2011/03/11 02:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/11 00:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2011/02/23 00:55:04 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2010/11/20 09:34:01 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2010/11/20 09:34:01 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2010/11/20 09:34:00 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010/11/20 09:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2010/11/20 09:33:54 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2010/11/20 09:33:53 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010/11/20 09:33:48 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2010/11/20 09:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2010/11/20 09:33:45 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2010/11/20 09:33:45 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2010/11/20 09:33:44 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2010/11/20 09:33:44 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2010/11/20 09:33:44 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2010/11/20 09:33:43 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2010/11/20 09:33:36 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 09:33:34 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2010/11/20 09:33:25 | 000,982,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/11/20 09:32:46 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2010/11/20 09:28:59 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:04:09 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2010/11/20 06:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2010/11/20 06:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2010/11/20 06:52:35 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2010/11/20 06:52:34 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2010/11/20 06:52:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2010/11/20 06:52:20 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2010/11/20 06:52:20 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2010/11/20 06:52:19 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2010/11/20 06:51:50 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/11/20 06:51:48 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2010/11/20 06:50:08 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2010/11/20 06:44:56 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/11/20 06:44:37 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2010/11/20 06:44:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010/11/20 06:43:56 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2010/11/20 06:43:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2010/11/20 06:43:43 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2010/11/20 06:43:32 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2010/11/20 06:42:44 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2010/11/20 06:34:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2010/11/20 06:33:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2010/11/20 06:33:17 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010/11/20 06:14:37 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2010/11/20 06:09:59 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010/11/20 06:04:53 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2010/11/20 05:30:42 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2010/11/20 05:27:54 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2010/11/20 05:26:42 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2010/11/20 05:26:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2010/11/20 05:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 05:25:14 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2010/11/20 05:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2009/09/25 14:13:26 | 000,205,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/08/18 17:29:16 | 001,983,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)
DRV:64bit: - [2009/07/13 21:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
DRV:64bit: - [2009/07/13 21:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/13 21:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 21:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 21:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 21:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 21:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 21:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/13 21:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/13 21:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/13 21:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/13 21:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 21:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 21:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 21:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 21:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/13 21:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 21:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/13 21:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 21:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/13 21:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/13 21:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/13 21:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 21:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009/07/13 21:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 21:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/13 21:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/13 21:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/13 21:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/13 21:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 21:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/13 21:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 21:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 21:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/13 21:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 21:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 21:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/13 21:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:64bit: - [2009/07/13 21:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (BridgeMP)
DRV:64bit: - [2009/07/13 21:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/13 20:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2009/07/13 20:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/13 20:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/13 20:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 20:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2009/07/13 20:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/13 20:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/13 20:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/13 20:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/13 20:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/13 20:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/13 20:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 20:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
DRV:64bit: - [2009/07/13 20:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/13 20:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/13 20:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/13 20:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 20:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 20:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/13 20:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 20:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/07/13 20:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2009/07/13 20:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 20:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/13 20:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 20:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/13 20:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/13 20:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/13 20:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/13 20:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/13 20:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/13 20:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/13 20:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/13 20:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/13 20:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/13 20:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/13 20:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/13 20:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/13 20:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 19:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 19:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 19:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 19:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/13 19:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/13 19:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/13 19:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/13 19:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/13 19:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/13 19:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/13 19:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/13 19:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/13 19:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/13 19:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/13 19:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/10 16:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 16:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 16:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 16:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 16:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 16:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 06:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/08/21 22:05:05 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120831.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/21 17:03:26 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120901.008\ex64.sys -- (NAVEX15)
DRV - [2012/08/21 17:03:26 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120901.008\eng64.sys -- (NAVENG)
DRV - [2012/08/09 17:26:15 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 17:26:15 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/06/18 20:01:14 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120823.007\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PxHlpa64.sys -- (PxHlpa64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...id=mtmh08302012
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D 98 9D 52 0A 85 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Justin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/08/09 00:03:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_12_1 [2012/09/02 11:28:40 | 000,000,000 | ---D | M]

[2012/06/12 19:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48

O1 HOSTS File: ([2012/08/27 17:03:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{4b9bcce8-a70b-402a-a7e1-db96831ee26f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [uTorrent] C:\_OTL\MovedFiles\08272012_161743\C_Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7B62F6EE-D046-11D3-9C5E-0060082627F7} https://wws2.mutualo.../TWDownload.cab (TWDownloader Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2247A93-1417-450A-A28F-2D79EDDFD666}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/02 09:22:56 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/09/02 09:22:32 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/08/30 21:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/08/30 21:03:58 | 004,765,592 | ---- | C] (Piriform Ltd) -- C:\Users\Justin\Desktop\spsetup117.exe
[2012/08/30 20:58:38 | 002,691,192 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Justin\Desktop\procexp.exe
[2012/08/29 19:44:43 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Justin\Desktop\FSS.exe
[2012/08/29 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2012/08/29 18:56:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/29 18:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/29 18:55:08 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:42:58 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/27 17:04:00 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/27 16:55:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/27 16:55:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/27 16:55:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/27 16:46:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 16:45:42 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/27 16:44:46 | 004,742,651 | R--- | C] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/27 16:22:49 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:17:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/27 16:15:38 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:11:21 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/26 10:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2012/08/26 10:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/08/26 09:58:11 | 000,000,000 | R--D | C] -- C:\Users\Justin\4Sync
[2012/08/26 09:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 09:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/26 09:55:41 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\CRE
[2012/08/26 09:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\4Sync
[2012/08/15 20:32:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/15 20:32:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/15 20:32:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/15 20:32:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/15 20:32:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/15 20:32:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/15 20:32:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/15 20:32:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/15 20:32:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/15 20:32:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/15 20:32:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/15 20:32:33 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/15 20:32:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/15 19:33:49 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/15 19:33:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/15 19:33:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/15 19:33:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/15 19:33:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/15 19:33:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/15 19:33:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/15 19:33:37 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/13 19:03:20 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\Microsoft Help

========== Files - Modified Within 30 Days ==========

[2012/09/02 11:36:21 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 11:36:21 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 11:36:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/09/02 11:27:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/02 11:27:52 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 08:26:29 | 004,742,651 | R--- | M] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2012/08/30 21:03:58 | 004,765,592 | ---- | M] (Piriform Ltd) -- C:\Users\Justin\Desktop\spsetup117.exe
[2012/08/30 20:58:39 | 002,691,192 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Justin\Desktop\procexp.exe
[2012/08/29 19:44:58 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Justin\Desktop\FSS.exe
[2012/08/29 19:41:20 | 000,061,440 | ---- | M] ( ) -- C:\Users\Justin\Desktop\VEW.exe
[2012/08/29 18:55:09 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/29 18:47:22 | 000,018,292 | ---- | M] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/29 18:42:58 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Justin\Desktop\tdsskiller.exe
[2012/08/29 18:42:06 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat
[2012/08/29 18:42:06 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat
[2012/08/27 17:03:55 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/08/27 16:42:03 | 000,000,512 | ---- | M] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/27 16:29:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2012/08/27 16:15:38 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\otl.exe
[2012/08/27 16:10:57 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/08/27 16:10:57 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/08/26 09:55:52 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:07 | 016,216,476 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | M] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/16 16:54:18 | 000,412,624 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/14 20:36:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 20:36:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/12 08:57:15 | 000,050,238 | ---- | M] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/08/10 20:32:53 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/10 20:32:53 | 000,624,162 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/10 20:32:53 | 000,106,538 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012/08/29 19:41:20 | 000,061,440 | ---- | C] ( ) -- C:\Users\Justin\Desktop\VEW.exe
[2012/08/29 18:47:22 | 000,018,292 | ---- | C] () -- C:\Users\Justin\Desktop\malwarebytes_free.htm
[2012/08/27 16:55:17 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/27 16:55:17 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/27 16:55:17 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/27 16:55:17 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/27 16:55:17 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/27 16:42:03 | 000,000,512 | ---- | C] () -- C:\Users\Justin\Desktop\MBR.dat
[2012/08/26 09:55:51 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/19 16:43:58 | 000,116,531 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;43;58PM.PDF
[2012/08/19 16:32:04 | 000,433,282 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;32;04PM.PDF
[2012/08/19 16:22:04 | 016,216,476 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;22;04PM.PDF
[2012/08/19 16:07:19 | 001,290,363 | ---- | C] () -- C:\Users\Justin\Documents\08-19-2012 04;07;19PM.PDF
[2012/08/12 08:57:33 | 000,050,238 | ---- | C] () -- C:\Users\Justin\Desktop\couch loveseat.jpg
[2012/06/17 10:21:19 | 000,001,451 | ---- | C] () -- C:\windows\wininit.ini
[2012/06/12 19:57:06 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2012/04/15 10:12:59 | 000,047,616 | ---- | C] () -- C:\windows\SysWow64\pdf995mon64.dll
[2012/04/15 10:12:59 | 000,000,142 | ---- | C] () -- C:\windows\wpd99.drv
[2011/12/13 17:54:56 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat
[2011/12/13 17:54:56 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat
[2011/05/24 17:49:11 | 000,001,940 | ---- | C] () -- C:\Users\Justin\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD15EARS-00Z5B1 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Generic USB SD Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Generic USB CF Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Generic USB xD/SM Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Generic USB MS Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 0.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,397.00GB
Starting Offset: 105906176
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/08/21 19:09:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\.minecraft
[2012/06/09 18:05:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Adobe
[2012/01/01 10:28:21 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Apple Computer
[2010/06/24 14:37:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Arcsoft
[2012/06/09 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.jakks.spynet
[2010/07/18 15:41:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DriverFinder
[2010/09/18 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Google
[2010/02/26 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Identities
[2011/10/15 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ImgBurn
[2010/06/24 14:46:23 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\KodakCredentialStore
[2010/08/19 13:22:12 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Leadertech
[2010/02/28 18:48:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Macromedia
[2012/08/29 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2009/07/14 03:44:38 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Media Center Programs
[2012/08/29 19:19:31 | 000,000,000 | --SD | M] -- C:\Users\Justin\AppData\Roaming\Microsoft
[2012/06/12 19:46:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Mozilla
[2011/11/29 19:16:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\MusicNet
[2011/10/15 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Nero
[2012/04/15 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\pdf995
[2010/06/24 14:43:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Skinux
[2012/04/15 10:13:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TaxCut
[2012/09/02 11:47:47 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\uTorrent
[2011/11/20 10:02:33 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\WinRAR

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\windows\SysNative\csrss.exe
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009/07/13 21:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 09:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\erdnt\cache64\mswsock.dll
[2010/11/20 09:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\windows\SysNative\mswsock.dll
[2010/11/20 09:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 08:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\erdnt\cache86\mswsock.dll
[2010/11/20 08:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 08:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2009/07/13 21:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 21:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 21:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 21:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\windows\SysNative\NapiNSP.dll
[2009/07/13 21:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2009/07/13 21:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2010/11/20 08:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\SysWOW64\nlaapi.dll
[2010/11/20 08:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2010/11/20 09:27:22 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\windows\SysNative\nlaapi.dll
[2010/11/20 09:27:22 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2009/07/13 21:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 21:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 21:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 21:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\windows\SysNative\pnrpnsp.dll
[2009/07/13 21:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 21:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\windows\SysNative\PrintIsolationHost.exe
[2009/07/13 21:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USER32.DLL >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 21:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\windows\SysNative\winrnr.dll
[2009/07/13 21:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 21:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 21:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\windows\SysNative\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/17 17:46:00 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/17 17:45:59 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2011/11/10 18:19:40 | 002,388,848 | ---- | M] (Apple Inc.)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< End of report >

OTL Extras logfile created on: 9/2/2012 11:46:47 AM - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 81.14% Memory free
15.50 Gb Paging File | 14.01 Gb Available in Paging File | 90.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1315.54 Gb Free Space | 94.16% Space Free | Partition Type: NTFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\SysWow64\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\SysWow64\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E9AD3A-B827-4F6C-A11E-A8B7555EAFDA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{23F56633-B79F-4718-B1D2-CDAE3020EABE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CFDD640-B92A-495E-9133-1B9E47FA9DE1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31AB0A06-3AC0-4CAB-9799-936FD551A866}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3878D685-D3C9-467A-976F-2CC08521069C}" = rport=137 | protocol=17 | dir=out | app=system |
"{404EF8A0-6327-4BDB-BC2E-415AD59750F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{418A1AE6-2B3E-49C9-89B6-69E388E17453}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4DF473A3-EF91-47ED-8319-D9B312039ED1}" = lport=138 | protocol=17 | dir=in | app=system |
"{637025D2-463F-43E2-87FE-1A8D2051DD82}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75AD7940-4B11-4A2B-96C4-A8D3C51D00CB}" = rport=138 | protocol=17 | dir=out | app=system |
"{78A917BD-F3B6-4D9E-8F30-A9862D5055D5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7A38E33F-0C7E-47C7-9AC2-9F141E4A5D5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{82B469BC-E11F-491D-BDB7-416573E04F3E}" = lport=445 | protocol=6 | dir=in | app=system |
"{98699227-98E9-4FD7-A146-D96AF903B4D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AB51B2B-89C8-49CD-8815-5A18A65316E6}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF2A8572-0575-4ECF-974C-95E60362732C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6886444-4456-45C9-B131-59EA5C2135EC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CB59D7DA-4311-43EB-A961-9FA8A2E6E861}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE6289A1-8A95-4CA6-8374-1AA09A7370D9}" = rport=445 | protocol=6 | dir=out | app=system |
"{DC16F60A-6980-4FE4-9945-337D873C12ED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E9C4F1DE-E887-4A9D-A930-A174BD3C7738}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E9E96A86-4B4A-42D5-A674-F302BFA712CE}" = lport=139 | protocol=6 | dir=in | app=system |
"{ED243330-114F-461B-BA5A-550E2F95C9F2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE2F430C-32FA-42D6-8FB7-207B07400630}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03323FC3-7430-4E28-894B-9F342E8469D5}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{08A7126D-16A2-4DF3-B106-919674A13293}" = protocol=6 | dir=out | app=system |
"{09D4BC22-9DB7-4246-965C-FC96D8B85282}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B912EC2-CA30-4815-8475-3F3EDE0381A9}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{0E2558D7-B23E-466E-977D-63E626CD1284}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1A9F32BC-0315-4588-A985-0D13482E4AC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E17CC8D-487A-452E-ACEF-CA17425405FA}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{214CD952-FE74-47B5-90E1-EE5686C3C9C1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{399B7208-9FBC-4809-A97D-736BC88B8321}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{3ADC31FE-9257-4239-A962-3293AB38F30C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{404D9109-B628-4C3F-9518-6C3C5FDFA26D}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{4A4100F4-1BCC-4DA7-807D-95F009FB9133}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{5DEFE87D-5E76-4561-BB21-F23013854DA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F0810E3-DEA6-45A5-A9C9-E541BB19E6E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6FB13935-B2D6-44FE-A3DF-7CEA83A88ACA}" = protocol=58 | dir=in | [email protected],-28545 |
"{735F7EC7-657A-4E99-906B-EBCA9AE9FB41}" = protocol=1 | dir=in | [email protected],-28543 |
"{763C0B44-29A6-499D-AE70-526325A29BED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78495A65-1DDB-4355-A6A9-DF3C78A8B73E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7AE2AECF-2087-4D62-BF14-EFDD44626813}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F312373-2C6A-4F55-8159-EBF4210B8E77}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{83DB60AF-33A3-4D22-98E0-83675A51C251}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FBBE324-970B-422A-A496-104B28A97CAC}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{920BD844-81A7-4E1E-A8A8-5224C1516268}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A37C1DEA-53EB-4343-A149-7F8390B3D48C}" = protocol=1 | dir=out | [email protected],-28544 |
"{A6DE5245-DA26-45ED-B9D6-A1797F41E465}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A72DEC80-4731-4868-9392-218288910428}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B0195753-61DB-4442-8378-FF99EA50E83D}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{B1363479-63F5-48D9-A8F7-0050D2A3392F}" = protocol=58 | dir=in | app=system |
"{B237CC8E-96FF-4347-BDD0-3EFD70AFB2B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BCC76D91-4BA6-4241-9E0D-63E1FFC01F3C}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{C1B1C247-253E-4584-94C4-96A33B8D8441}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{C584FF4C-597C-4593-82DA-5750B46AA28A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D0E8D79C-13C7-4760-8E3C-A465A9AB9BC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E30BE759-DCC4-46BF-81C8-3A7BB448969D}" = protocol=58 | dir=out | [email protected],-503 |
"{E443D9F1-B1BA-40CF-886B-FA3EDF2DFD47}" = protocol=58 | dir=out | [email protected],-28546 |
"{E798F78A-59B5-4A4B-B34A-59F34B81AC72}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9E5EA3A-5D72-4455-A3B7-934C871CC051}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Speccy" = Speccy
"WinRAR archiver" = WinRAR 4.10 beta 3 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5B4E87F6-E666-630B-6769-DCA3774734C9}" = SpyNet Field Office
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7330262C-0A1C-4B3B-ACFF-7EEC5BF65CCF}" = H&R Block Deluxe + Efile 2011
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"com.jakks.spynet" = SpyNet Field Office
"iMesh" = iMesh
"ImgBurn" = ImgBurn
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"N360" = Norton Security Suite
"Pdf995" = Pdf995 (installed by H&R Block)
"PdfEdit995" = PdfEdit995 (installed by H&R Block)
"PROHYBRIDR" = 2007 Microsoft Office system
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"WBFS Manager 3.0" = WBFS Manager 3.0
"xfin_portal" = XFINITY Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"a87d8e93174496f4" = Club Penguin Money Maker
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/30/2012 8:51:22 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/30/2012 9:18:22 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 10:27:22 AM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 10:39:11 AM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 12:10:32 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 12:56:38 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 2:26:13 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 8/31/2012 6:21:47 PM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 9/1/2012 8:11:29 AM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

Error - 9/1/2012 8:53:08 AM | Computer Name = Justin-PC | Source = AntiSpywareService | ID = 0
Description =

[ Media Center Events ]
Error - 11/5/2011 9:54:48 AM | Computer Name = Justin-PC | Source = MCUpdate | ID = 0
Description = 9:54:48 AM - Error connecting to the internet. 9:54:48 AM - Unable
to contact server..

Error - 11/5/2011 9:54:59 AM | Computer Name = Justin-PC | Source = MCUpdate | ID = 0
Description = 9:54:53 AM - Error connecting to the internet. 9:54:53 AM - Unable
to contact server..

[ System Events ]
Error - 9/2/2012 8:18:01 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService
service to connect.

Error - 9/2/2012 8:18:01 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7000
Description = The lxeaCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 9/2/2012 8:18:01 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 9/2/2012 8:18:08 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHlpa64

Error - 9/2/2012 8:19:08 AM | Computer Name = Justin-PC | Source = DCOM | ID = 10016
Description =

Error - 9/2/2012 11:25:49 AM | Computer Name = Justin-PC | Source = DCOM | ID = 10010
Description =

Error - 9/2/2012 11:28:02 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService
service to connect.

Error - 9/2/2012 11:28:02 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7000
Description = The lxeaCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 9/2/2012 11:28:08 AM | Computer Name = Justin-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHlpa64

Error - 9/2/2012 11:29:08 AM | Computer Name = Justin-PC | Source = DCOM | ID = 10016
Description =


< End of report >


Joanne (typing very slow again) will reboot. :)
  • 0

#15
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 192 posts
Utorrent also seems to be a problem now too, as windows firewall is all of a sudden issuing a security alert for it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP