Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cant clean virus, or its not found? many problems

Started by karenM5757 , Apr 05 2013 12:40 PM

  • Please log in to reply

#16
RKinner
Posted 11 April 2013 - 10:44 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Combofix will probably run OK with MSE. Just may take a bit longer. You could just uninstall it and reinstall it later.
  • 0

Advertisements

#17
karenM5757
Posted 12 April 2013 - 12:56 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
i got it!
ComboFix 13-04-11.01 - karen whatever1 04/12/2013 11:39:47.2.1 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4026.1862 [GMT -7:00]
Running from: c:\users\karen whatever1\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\0.bak
.
.
((((((((((((((((((((((((( Files Created from 2013-03-12 to 2013-04-12 )))))))))))))))))))))))))))))))
.
.
2013-04-12 18:50 . 2013-04-12 18:50 -------- d-----w- c:\users\new user\AppData\Local\temp
2013-04-12 18:50 . 2013-04-12 18:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-04-12 18:50 . 2013-04-12 18:50 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-04-12 18:50 . 2013-04-12 18:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-12 05:12 . 2013-04-12 05:28 -------- d-----w- c:\users\karen whatever1\AppData\Local\CrashDumps
2013-04-12 05:08 . 2013-04-12 05:08 -------- d-----w- c:\programdata\SoftSafe
2013-04-12 01:00 . 2013-04-12 01:00 -------- d-----w- c:\users\karen whatever1\AppData\Roaming\RealNetworks
2013-04-12 00:57 . 2013-04-12 00:58 -------- d-----w- c:\program files (x86)\RealNetworks
2013-04-12 00:57 . 2013-04-12 00:57 -------- d-----w- c:\programdata\RealNetworks
2013-04-12 00:57 . 2013-04-12 00:57 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2013-04-12 00:56 . 2013-04-12 00:56 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-04-12 00:56 . 2013-04-12 00:56 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-04-12 00:53 . 2013-04-12 00:53 -------- d-----w- c:\program files (x86)\FreePriceAlerts
2013-04-12 00:53 . 2013-04-12 00:53 -------- d-----w- c:\programdata\FreePriceAlerts
2013-04-12 00:53 . 2013-04-12 05:08 -------- d-----w- c:\programdata\InstallMate
2013-04-09 22:15 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-09 22:15 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-09 22:10 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-09 22:10 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-09 22:10 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-09 22:10 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-09 22:10 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-09 22:10 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-09 22:10 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-09 00:03 . 2013-04-09 00:03 -------- d-----w- c:\program files (x86)\ESET
2013-03-24 22:48 . 2013-03-24 22:48 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-24 05:32 . 2009-12-30 17:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2013-03-24 05:23 . 2013-03-24 05:23 -------- d-----w- c:\programdata\MaagniPico
2013-03-24 05:23 . 2013-03-24 05:23 112 ----a-w- C:\prefs.js
2013-03-24 05:08 . 2013-03-24 08:36 -------- d-----w- c:\users\karen whatever1\AppData\Roaming\player
2013-03-22 19:43 . 2012-09-05 23:54 17928 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-03-22 19:43 . 2012-09-05 23:54 29704 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-03-22 19:42 . 2013-03-22 19:42 -------- d-----w- c:\program files\Common Files\Nitro PDF
2013-03-22 19:42 . 2013-03-22 19:42 -------- d-----w- c:\program files (x86)\Nitro PDF
2013-03-22 19:42 . 2013-03-22 19:42 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2013-03-19 21:45 . 2013-04-12 18:50 -------- d-----w- c:\users\karen whatever1\AppData\Local\Temp
2013-03-18 05:24 . 2013-03-18 05:24 -------- d-----w- c:\programdata\Graboid Inc
2013-03-18 05:22 . 2013-03-24 08:51 -------- d-----w- c:\program files (x86)\VideoLAN
2013-03-17 03:16 . 2013-03-17 03:16 70568 ----a-w- c:\program files (x86)\Internet Explorer\pdmproxy100.dll
2013-03-16 00:54 . 2013-04-09 06:09 -------- d-----w- c:\users\karen whatever1\AppData\Roaming\QuickScan
2013-03-16 00:32 . 2013-03-16 00:32 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-03-15 06:47 . 2013-03-15 06:47 -------- d-----w- c:\users\new user\AppData\Roaming\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-10 06:11 . 2010-09-01 23:17 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-02 10:34 . 2010-09-01 21:14 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-22 09:47 . 2010-09-06 10:35 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-03-22 09:47 . 2010-09-06 10:34 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-03-22 09:26 . 2010-09-06 10:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-03-22 09:26 . 2010-12-05 20:05 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-03-13 09:12 . 2011-01-12 06:56 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-03-13 09:11 . 2011-01-12 06:56 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-03-13 09:10 . 2010-12-05 20:06 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-03-13 09:09 . 2010-09-06 10:34 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-13 08:49 . 2012-01-28 10:51 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 08:49 . 2012-01-27 06:01 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-10 20:06 . 2013-03-10 20:06 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-10 20:06 . 2012-05-04 06:29 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-03-10 20:06 . 2010-10-26 02:46 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-12 05:45 . 2013-03-13 09:16 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 09:16 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 09:16 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 09:16 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 09:16 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 09:16 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-13 16:23 19968 ----a-w- c:\windows\system32\drivers\usb80236.sys
2013-02-12 04:12 . 2013-03-13 16:23 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-13 21:17 . 2013-02-27 11:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 11:02 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 11:02 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 11:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 11:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:02 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 11:02 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 11:02 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 11:02 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 11:02 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 11:02 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 11:02 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 11:02 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 11:02 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 11:02 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 11:02 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 11:02 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 11:02 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 11:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 11:02 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 11:02 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 11:02 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 11:02 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 11:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 11:02 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 11:02 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 11:02 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 11:02 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 11:02 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 11:02 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 11:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 11:02 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 11:02 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 11:02 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 11:02 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 11:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 11:02 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 11:02 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 11:02 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 11:02 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 11:02 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7C0A55C-300E-4193-8FB5-5DB8E6533D35}]
2012-11-06 03:42 690776 ------w- c:\program files (x86)\FreePriceAlerts\vbobho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-19 152392]
"ClearStick"="c:\program files (x86)\Clearwire\ClearStick\ClearStick64.exe" [2012-01-09 101888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-11-22 2127896]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-04-12 295512]
.
c:\users\karen whatever1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"QuickLaunchEnabled"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"NPSStartup"=
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R2 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-02 1255736]
R3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314_64.sys [2011-06-07 389664]
R3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr_64.sys [2011-06-07 67360]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2011-06-23 35840]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-04-09 47616]
R3 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-10-02 786976]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe [2009-10-17 1039872]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\drivers\usb80236.sys [2013-02-12 19968]
R3 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
R4 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R4 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-09-05 216072]
R4 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-12-21 68896]
R4 PasscapeLoader64;Passcape 64-bit Loader Service;h:\wpr\loader64.exe [x]
R4 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-04-09 290816]
R4 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-09-02 216064]
R4 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R4 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R4 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R4 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 WprPasscapeLoader;WPR Passcape Loader Service;h:\wpr\loader.exe [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2013-03-16 56016]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-11-22 166424]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-09-04 158240]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-03-06 39056]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - NisDrv
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 07:28 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-27 08:49]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-08 09:45]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-08 09:45]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-382808121-4162746689-1787036098-1000Core.job
- c:\users\karen whatever1\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 03:28]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-382808121-4162746689-1787036098-1000UA.job
- c:\users\karen whatever1\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 03:28]
.
2013-04-12 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-04-12 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
2013-04-08 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-03-28 17:54]
.
2013-04-12 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30]
.
2013-04-09 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-10-25 21:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-03 358912]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-09-04 221728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-03 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-03 380928]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://searchou.com/?affil=7&uid=d20f739d-9442-11e2-9ef4-001f1699175e
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearchAssistant =
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{9056C828-04FA-4518-B67C-A3B198B3C305}: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{DE9F0A9B-B95D-4B3C-87F9-AEB72EB155B7}: DhcpNameServer = 192.168.14.1 66.233.170.12 64.13.115.12
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{3D8C4102-F73D-4fb2-96A1-264BF5D98DB6} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{30421E54-3B57-4E5B-947C-9B6BEEA57683} - (no file)
ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-SP_008a99b9 - c:\program files (x86)\MagniPic\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-12 11:53:54
ComboFix-quarantined-files.txt 2013-04-12 18:53
ComboFix2.txt 2013-03-25 06:31
.
Pre-Run: 179,425,259,520 bytes free
Post-Run: 179,291,246,592 bytes free
.
- - End Of File - - 9EC4BFAA2E542B2F28889BAC3B0BB237
  • 0

#18
RKinner
Posted 12 April 2013 - 06:23 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Per Combofix you have two services running which most people do not.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc

Which translate to:

IIS Admin Service
Application Host Helper Service

Do you know why these are running? If not I would go into Services and right click on each and select Properties then change the Startup Type to Disabled. Apply and then stop the service. Once you have done that create a Process Explorer log as before and post it.
  • 0

#19
karenM5757
Posted 12 April 2013 - 11:33 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
i cant find the issvcreg one in services.
You know someone else put a porn virus my laptop before this, it disabled all my services I couldn't do anything at all or get them working. I found a guy that posted all services in a file and i replaced mine with it. maybe that has something to do with it.
I think my hard drive is going bad now i hear a rattle. Im going to have to buy one it looks like. I was hoping to avoid the work of getting all this stuff off , its a time thing but..................

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
procexp64.exe 29.08 30,704 K 54,164 K 3532 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
System Idle Process 20.28 0 K 24 K 0
audiodg.exe 15.79 21,428 K 21,660 K 5208 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 8.86 57,028 K 48,424 K 684 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
tixati.exe 8.62 53,288 K 60,440 K 5380 (No signature was present in the subject)
Interrupts 7.54 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 3.44 3,920 K 9,008 K 804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System 2.29 108 K 308 K 4
csrss.exe 1.96 2,664 K 27,492 K 972 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.50 13,104 K 14,644 K 732 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
PSUAMain.exe 0.29 4,808 K 480 K 4776 PSUAMain Panda Security, S.L. (Verified) Panda Security S.L
svchost.exe 0.28 20,588 K 23,020 K 1028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.25 115,824 K 132,404 K 5696 Google Chrome Google Inc. (Verified) Google Inc
explorer.exe 0.21 53,256 K 80,480 K 2796 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.17 34,404 K 54,504 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.12 102,204 K 117,688 K 700 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.06 11,532 K 13,552 K 5476 Google Chrome Google Inc. (Verified) Google Inc
services.exe 0.05 6,404 K 13,384 K 464 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.04 2,044 K 4,788 K 904 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.04 5,200 K 13,376 K 472 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
googletalkplugin.exe 0.03 11,040 K 15,812 K 4188 Google Talk Plugin Google (Verified) Google Inc
svchost.exe 0.02 12,404 K 21,036 K 1204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.01 72,380 K 66,272 K 1812 Google Chrome Google Inc. (Verified) Google Inc
SearchIndexer.exe 0.01 46,524 K 32,724 K 4668 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 4,476 K 8,404 K 516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PSANHost.exe 0.01 74,980 K 13,156 K 2468 Application Host Service Panda Security, S.L. (Verified) Panda Security S.L
svchost.exe 0.01 15,360 K 18,328 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 9,316 K 18,044 K 1432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 12,392 K 16,168 K 2572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SMSvcHost.exe < 0.01 34,324 K 24,004 K 3172 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 4,320 K 4,976 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IntuitUpdateService.exe < 0.01 20,624 K 6,804 K 4840 Intuit Update Service Intuit Inc. (Verified) Intuit
svchost.exe < 0.01 113,624 K 125,764 K 1152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
igfxtray.exe < 0.01 1,784 K 5,712 K 4532 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
dllhost.exe < 0.01 2,032 K 6,688 K 3836 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,516 K 6,380 K 4716 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 1,448 K 5,072 K 4960 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,444 K 6,860 K 236 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,300 K 4,200 K 964 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
vds.exe 1,372 K 5,020 K 2972 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,396 K 5,088 K 4448 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UI0Detect.exe 2,080 K 6,608 K 4772 Interactive services detection Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,628 K 18,472 K 1708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,260 K 9,752 K 3024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 37,096 K 26,944 K 3120 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,236 K 4,212 K 2896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,624 K 5,220 K 2872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,240 K 3,900 K 2812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,156 K 7,092 K 1360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,284 K 4,308 K 2188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,104 K 5,480 K 1820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,088 K 3,240 K 2348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,344 K 4,228 K 2156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 748 K 2,412 K 3100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,280 K 13,972 K 1800 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
snmptrap.exe 1,312 K 4,092 K 228 SNMP Trap Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 1,040 K 772 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
rndlresolversvc.exe 1,036 K 3,860 K 2736 (Verified) RealNetworks
realsched.exe 1,808 K 660 K 4816 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
RAVCpl64.exe 8,220 K 10,404 K 3788 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PSUAService.exe 5,868 K 372 K 2704 PSUAService Panda Security, S.L. (Verified) Panda Security S.L
procexp.exe 2,288 K 7,476 K 1672 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PLFSetI.exe 1,728 K 6,804 K 3096 DefaultSettingEXE MFC Application (No signature was present in the subject)
perfhost.exe 644 K 2,440 K 2644 x86 Performance Counter Host Microsoft Corporation (Verified) Microsoft Windows
ODDPWRSvc.exe 1,788 K 6,116 K 2540 ODDPwr service Acer Incorporated (Verified) Acer Incorporated
ODDPWR.exe 1,748 K 5,712 K 1376 ODDPWR Acer Incorporated (Verified) Acer Incorporated
msdtc.exe 3,380 K 7,460 K 2404 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,740 K 5,096 K 2116 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2,324 K 4,188 K 492 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
Locator.exe 580 K 1,872 K 2784 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 1,008 K 4,248 K 4936 Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
ipoint.exe 8,252 K 16,612 K 4260 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
igfxsrvc.exe 1,668 K 5,556 K 4144 igfxsrvc Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 1,592 K 5,600 K 2552 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
IDriverT.exe 2,732 K 8,716 K 2284 IDriverT Module Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
IAANTmon.exe 2,000 K 6,064 K 4760 RAID Monitor Intel Corporation (Verified) Intel Corporation
hkcmd.exe 1,720 K 5,628 K 4764 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
dllhost.exe 7,344 K 11,196 K 5152 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 1,260 K 4,596 K 4900 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ClearStick64.exe 1,060 K 3,828 K 4524 (No signature was present in the subject)
chrome.exe 41,852 K 50,612 K 4152 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 30,936 K 41,476 K 2456 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4,076 K 7,984 K 3212 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3,944 K 8,448 K 6032 Google Chrome Google Inc. (Verified) Google Inc
BingDesktopUpdater.exe 1,164 K 3,952 K 2088 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
aspnet_state.exe 1,988 K 5,308 K 1896 Microsoft ASP.NET State Server Microsoft Corporation (Verified) Microsoft Corporation
armsvc.exe 1,124 K 3,824 K 1236 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,268 K 4,556 K 1992 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
  • 0

#20
RKinner
Posted 12 April 2013 - 11:56 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
If the hard drive is getting noisy then it's time to back up everything you want to keep.

Interrupts 7.54 0 K 0 K n/a Hardware Interrupts and DPCs

This is way too high. Normally it's around 1. On a laptop it can be caused by a bad battery. On as desktop it's probably a bad driver.


Download Save and Run the program by right clicking and Run As Admin. File, Save, to your desktop, Save As Type: Text, autoruns.txt, OK

Attach the file to your next post.

Let's also run

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#21
karenM5757
Posted 14 April 2013 - 06:24 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AppSetup" "" "" ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup" "" "" ""
"HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon" "" "" ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" "" "" ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Shutdown" "" "" ""
"HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logoff" "" "" ""
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logoff" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Shutdown" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Shutdown" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell" "" "" ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Shell" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" "" "" ""
"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ODDPwr" "ODDPWR" "Acer Incorporated" "c:\program files\acer\optical drive power management\oddpwr.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PLFSetI" "DefaultSettingEXE MFC Application" "" "c:\windows\plfseti.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
X "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "ClearStick" "" "" "c:\program files (x86)\clearwire\clearstick\clearstick64.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
X "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "PSUAMain" "PSUAMain" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuamain.exe"
X "PWRISOVM.EXE" "PowerISO Virtual Drive Manager" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisovm.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SweetIM" "" "" "File not found: C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceEx" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma Loader.exe.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "HP Digital Imaging Monitor.lnk" "" "" "File not found: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\karen whatever1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
X "Adobe Gamma.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load" "" "" ""
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeUpdater" "Adobe Updater" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\updater\adobeupdater.exe"
+ "LightScribe Control Panel" "" "" "File not found: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "PandaRunOnce" "" "" "c:\users\karen whatever1\downloads\pandacloudantivirus.exe"
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Runonce" "" "" ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunonceEx" "" "" ""
"HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
"HKCU\SOFTWARE\Classes\Protocols\Filter" "" "" ""
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
"HKCU\SOFTWARE\Classes\Protocols\Handler" "" "" ""
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\26.0.1410.64\installer\chrmstp.exe"
"HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" "" "" ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AutorunsDisabled" "" "" ""
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
X "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "PuranDefrag" "Shell Context Menu Handler" "Puran Software" "c:\windows\system32\purandefrag.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKCU\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers" "" "" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers" "" "" ""
"HKCU\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers" "" "" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers" "" "" ""
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
"HKCU\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
"HKCU\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
"HKCU\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "AutorunsDisabled" "" "" ""
X "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\program files\vs revo group\revo uninstaller pro\ruext.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKCU\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
"HKCU\Software\Classes\Folder\ShellEx\ExtShellFolderViews" "" "" ""
"HKLM\Software\Classes\Folder\ShellEx\ExtShellFolderViews" "" "" ""
"HKCU\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
"HKCU\Software\Microsoft\Ctf\LangBarAddin" "" "" ""
"HKLM\Software\Microsoft\Ctf\LangBarAddin" "" "" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKCU\Software\Microsoft\Internet Explorer\Explorer Bars" "" "" ""
"HKLM\Software\Microsoft\Internet Explorer\Explorer Bars" "" "" ""
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars" "" "" ""
"HKCU\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\PvrScheduleTask" "" "" ""
+ "\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
X "\Microsoft\Windows\User Profile Service\HiveUploadTask" "" "" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "" "" ""
X "\ProtectedSearch\Protected Search" "" "" ""
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe LM Service" "AdobeLM Service" "Adobe Systems" "c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer powersmart manager\epowersvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "IntuitUpdateService" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "lxdx_device" "Printer Communication System" " " "c:\windows\system32\lxdxcoms.exe"
+ "NanoServiceMain" "Panda Cloud Antivirus Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psanhost.exe"
X "NitroDriverReadSpool2" "Nitro PDF Driver Read Spool 2" "Nitro PDF Software" "c:\program files\common files\nitro pdf\professional\7.0\nitropdfdriverservice2x64.exe"
X "nlsX86cc" "Nalpeiron Licensing Service" "Nalpeiron Ltd." "c:\windows\syswow64\nlssrv32.exe"
+ "ODDPwrSvc" "Acer ODD Power Service" "Acer Incorporated" "c:\program files\acer\optical drive power management\oddpwrsvc.exe"
X "PasscapeLoader64" "" "" "File not found: H:\WPR\loader64.exe"
+ "PSUAService" "Panda Product Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuaservice.exe"
X "PuranDefrag" "Puran Defrag Service" "Puran Software" "c:\windows\system32\purandefrags.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
X "WprPasscapeLoader" "" "" "File not found: H:\WPR\loader.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bcm" "Beceem Communications Inc. WiMAX driver" "Beceem communications pvt ltd." "c:\windows\system32\drivers\drxvi314_64.sys"
+ "bcmbusctr" "Beceem Communications Inc. WiMAX driver" "Beceem communications pvt ltd." "c:\windows\system32\drivers\bcmbusctr_64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BVRPMPR5a64" "BVRP NDIS 5.0 MPR Protocol Driver" "Avanquest Software" "c:\windows\system32\drivers\bvrpmpr5a64.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "" "" "File not found: C:\Windows\TEMP\cpuz135\cpuz135_x64.sys"
X "cpuz136" "" "" "File not found: C:\Windows\TEMP\cpuz136\cpuz136_x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "fsbts" "F-Secure Boot Time Scanner (filter) for Windows XP/Vista 64-bit" "F-Secure Corporation" "c:\windows\system32\drivers\fsbts.sys"
X "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
X "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "Lavasoft Kernexplorer" "" "" "File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys"
X "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
X "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
X "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
X "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
X "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
X "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
X "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NNSALPC" "Application Layer Protocol Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsalpc.sys"
+ "NNSHTTP" "Http Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttp.sys"
+ "NNSHTTPS" "Https Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttps.sys"
+ "NNSIDS" "Intrusion Detection System" "Panda Security, S.L." "c:\windows\system32\drivers\nnsids.sys"
+ "NNSNAHSL" "Network Activity Hook Server LightWeight Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\nnsnahsl.sys"
+ "NNSPICC" "Process Info Colorizer Client" "Panda Security, S.L." "c:\windows\system32\drivers\nnspicc.sys"
+ "NNSPOP3" "Pop3 Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnspop3.sys"
+ "NNSPROT" "Network Protector" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprot.sys"
+ "NNSPRV" "Network Provider" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprv.sys"
+ "NNSSMTP" "Smtp Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnssmtp.sys"
+ "NNSSTRM" "Streamer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsstrm.sys"
+ "NNSTLSC" "Transport Layer Session Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnstlsc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
X "PCTINDIS5X64" "" "" "File not found: C:\Windows\system32\PCTINDIS5X64.SYS"
+ "PSINAflt" "PSINAflt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinaflt.sys"
+ "PSINFile" "PSINFile Mini-Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinfile.sys"
+ "PSINKNC" "PSINKNC Kernel Controller for Vista64" "Panda Security, S.L." "c:\windows\system32\drivers\psinknc.sys"
+ "PSINProc" "PSINProc Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinproc.sys"
+ "PSINProt" "PSINProt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinprot.sys"
+ "PSKMAD" "Panda Kernel Memory Access Driver (x64)" "Panda Security, S.L." "c:\windows\system32\drivers\pskmad.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
X "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
X "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
X "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
X "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
X "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
X "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
X "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
X "TFsExDisk" "TFsExDisk" "Teruten Inc" "c:\windows\system32\drivers\tfsexdisk.sys"
X "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
X "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
X "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
X "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
+ "vidc.YV12" "" "" "c:\windows\system32\xvidvfw.dll"
"HKCU\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.aacacm" "AAC ACM Codec" "fccHandler" "c:\windows\syswow64\aacacm.acm"
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\syswow64\ac3acm.acm"
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.avis" "ffdshow Audio Decoder" "" "c:\windows\syswow64\ff_acm.acm"
+ "msacm.l3pacm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\syswow64\lameacm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\syswow64\lagarith.dll"
+ "VIDC.X264" "" "" "c:\windows\syswow64\x264vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKCU\Software\Classes\Filter" "" "" ""
"HKLM\Software\Classes\Filter" "" "" ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "_ VSO Preview Filter" "Video preview filter" "VSO Software SARL" "c:\program files (x86)\vso\common\vsovprev.ax"
+ "AC3File" "" "" "c:\program files (x86)\win7codecs\filters\ac3file.ax"
+ "Aspect Ratio Resizer 16x9" "Aspect Ratio Converter" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\aspectratioconverter16x9.ax"
+ "Aspect Ratio Resizer 4x3" "Aspect Ratio Converter" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\aspectratioconverter4x3.ax"
+ "CoreVorbis Audio Decoder" "CoreVorbis" "-" "c:\program files (x86)\win7codecs\filters\corevorbis.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\win7codecs\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\windows\syswow64\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\windows\syswow64\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\win7codecs\filters\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\win7codecs\filters\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\win7codecs\filters\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\win7codecs\filters\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\win7codecs\filters\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\win7codecs\filters\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\win7codecs\filters\splitter.ax"
+ "Honestech VCD/SVCD Encoder" "honest technology, VCD/SVCD encoder" "honest technology" "c:\windows\syswow64\htvcdsvcd.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\win7codecs\filters\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\win7codecs\filters\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\win7codecs\filters\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\win7codecs\filters\lavvideo.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\dtsac3source.ax"
+ "MPC Matroska Source" "Matroska Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\matroskasplitter.ax"
+ "MPC Matroska Splitter" "Matroska Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\matroskasplitter.ax"
+ "MPC Ogg Source" "Ogg Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\oggsplitter.ax"
+ "MPC Ogg Splitter" "Ogg Splitter" "MPC-HC Team" "c:\program files (x86)\win7codecs\filters\oggsplitter.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\030625\mvvanalyse.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\win7codecs\filters\ndparser.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\win7codecs\filters\ndparser.ax"
+ "RadLight OptimFROG DirectShow Filter" "RLOFRDec" "RadLight" "c:\program files (x86)\win7codecs\filters\rlofrdec.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\win7codecs\filters\vp7dec.ax"
+ "Xiph.Org Native FLAC Decoder" "" "" "c:\program files (x86)\win7codecs\filters\dsfnativeflacsource.dll"
"HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\SetupExecute" "" "" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\Execute" "" "" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\S0InitialCommand" "" "" ""
"HKLM\System\CurrentControlSet\Control\ServiceControlManagerExtension" "" "" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" ""
"HKLM\Software\Microsoft\Command Processor\Autorun" "" "" ""
"HKLM\Software\Wow6432Node\Microsoft\Command Processor\Autorun" "" "" ""
"HKCU\Software\Microsoft\Command Processor\Autorun" "" "" ""
"HKCU\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)" "" "" ""
"HKLM\SOFTWARE\Classes\Exefile\Shell\Open\Command\(Default)" "" "" ""
"HKLM\Software\Classes\.exe" "" "" ""
"HKCU\Software\Classes\.exe" "" "" ""
"HKLM\Software\Classes\.cmd" "" "" ""
"HKCU\Software\Classes\.cmd" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GinaDLL" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" "" "" ""
"HKCU\SOFTWARE\Policies\Microsoft\Windows\Control Panel\Desktop\Scrnsave.exe" "" "" ""
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
"HKLM\System\CurrentControlSet\Control\BootVerificationProgram\ImagePath" "" "" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SaveDumpStart" "" "" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64" "" "" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
X "3600-4600 Series Port" "Printer Communication System" " " "c:\windows\system32\lxdxlmpm.dll"
+ "HP 8811 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8811lm.dll"
X "hpf3l092.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l092.dll"
+ "hpfll70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpfll70v.dll"
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
X "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
+ "Nitro PDF Port Monitor" "Windows NT Nitro Print PDF Interface Driver" "Nitro PDF Software" "c:\windows\system32\nitrolocalmon2.dll"
X "Nitro PDF Port Monitor" "Windows NT Nitro Print PDF Interface Driver" "Nitro PDF Software" "c:\windows\system32\nitrolocalmon2.dll"
X "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
X "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages" "" "" ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
"C:\Users\karen whatever1\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget"
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\karen whatever1\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"


Summary
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
CPU
Intel Pentium SU2700 @ 1.30GHz 48 °C
Penryn 45nm Technology
RAM
4.00GB Dual-Channel DDR3 @ 399MHz (6-6-6-15)
Motherboard
Acer Aspire 5810T (CPU) 48 °C
Graphics
LP156WH3-TLA1 (1366x768@60Hz)
Mobile Intel 4 Series Express Chipset Family (Acer Incorporated [ALI])
Mobile Intel 4 Series Express Chipset Family (Acer Incorporated [ALI])
Hard Drives
298GB Hitachi HTS725032A9A364 (SATA) 33 °C
Optical Drives
TSSTcorp CDDVDW TS-U633A
Audio
Realtek High Definition Audio
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
Computer type: Other
Installation Date : 9/1/2010 1:42:22 PM

Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Enabled
Firewall
Firewall Enabled
Display Name Cloud Antivirus Firewall
Antivirus
Antivirus Enabled
Display Name Panda Cloud Antivirus
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 10.0.9200.16540
PowerShell
Version 3.0
Java
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre6\bin\java.exe
Version 6.0
Update 32
Build 05
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 17
Build 02
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 4
Build 20
Environment Variables
USERPROFILE C:\Users\karen whatever1
SystemRoot C:\Windows
User Variables
TEMP C:\Users\karen whatever1\AppData\Local\Temp
TMP C:\Users\karen whatever1\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 1
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Adobe\AGL
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin
C:\Program Files (x86)\HP\Digital Imaging\bin
C:\Program Files (x86)\HP\Digital Imaging\bin\Qt\Qt 4.3.3
C:\Program Files (x86)\QuickTime\QTSystem
%systemroot%\System32\WindowsPowerShell\v1.0
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
PROCESSOR_LEVEL 6
PROCESSOR_REVISION 170a
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
CLASSPATH .;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
QTJAVA C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
Battery
AC Line Online
Battery Charge % 100 %
Battery State High
Remaining Battery Time Unknown
Power Profile
Active power scheme Balanced
Hibernation Disabled
Turn Off Monitor after: (On AC Power) 180 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 15 min
Turn Off Hard Disk after: (On Battery Power) 15 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 20 min
Screen saver Disabled
Uptime
Current Session
Current Time 4/14/2013 5:23:48 PM
Current Uptime 61,385 sec (0 d, 17 h, 03 m, 05 s)
Last Boot Time 4/14/2013 12:20:43 AM
TimeZone
TimeZone GMT -8:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
No tasks currently running
Process List
alg.exe
Process ID 1896
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\alg.exe
Memory Usage 4.43 MB
Peak Memory Usage 4.51 MB
armsvc.exe
Process ID 1500
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 3.73 MB
Peak Memory Usage 3.77 MB
aspnet_state.exe
Process ID 1220
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
Memory Usage 5.18 MB
Peak Memory Usage 5.22 MB
audiodg.exe
Process ID 1304
BingDesktopUpdater.exe
Process ID 2092
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
Memory Usage 3.87 MB
Peak Memory Usage 3.90 MB
chrome.exe
Process ID 5232
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 105 MB
Peak Memory Usage 140 MB
chrome.exe
Process ID 6028
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 8.21 MB
Peak Memory Usage 8.28 MB
chrome.exe
Process ID 6264
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 83 MB
Peak Memory Usage 114 MB
chrome.exe
Process ID 6640
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 163 MB
Peak Memory Usage 178 MB
chrome.exe
Process ID 5584
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 37 MB
Peak Memory Usage 37 MB
chrome.exe
Process ID 4452
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 59 MB
Peak Memory Usage 84 MB
chrome.exe
Process ID 5604
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 39 MB
Peak Memory Usage 48 MB
chrome.exe
Process ID 5176
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 51 MB
Peak Memory Usage 65 MB
ClearStick64.exe
Process ID 4740
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Clearwire\ClearStick\ClearStick64.exe
Memory Usage 3.81 MB
Peak Memory Usage 3.82 MB
csrss.exe
Process ID 980
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.69 MB
Peak Memory Usage 4.70 MB
csrss.exe
Process ID 484
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 19 MB
Peak Memory Usage 34 MB
dllhost.exe
Process ID 4224
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DllHost.exe
Memory Usage 6.51 MB
Peak Memory Usage 6.63 MB
dllhost.exe
Process ID 2024
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\DllHost.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
dllhost.exe
Process ID 4600
User karen whatever1
Domain karenwhatever1
Path C:\Windows\SysWOW64\DllHost.exe
Memory Usage 4.61 MB
Peak Memory Usage 4.63 MB
dwm.exe
Process ID 4064
User karen whatever1
Domain karenwhatever1
Path C:\Windows\system32\Dwm.exe
Memory Usage 45 MB
Peak Memory Usage 64 MB
explorer.exe
Process ID 4088
User karen whatever1
Domain karenwhatever1
Path C:\Windows\Explorer.EXE
Memory Usage 78 MB
Peak Memory Usage 83 MB
googletalkplugin.exe
Process ID 3580
User karen whatever1
Domain karenwhatever1
Path C:\Users\karen whatever1\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
Memory Usage 15 MB
Peak Memory Usage 17 MB
GoogleUpdate.exe
Process ID 776
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Memory Usage 676 KB
Peak Memory Usage 5.93 MB
hkcmd.exe
Process ID 3564
User karen whatever1
Domain karenwhatever1
Path C:\Windows\System32\hkcmd.exe
Memory Usage 6.19 MB
Peak Memory Usage 6.20 MB
IAANTmon.exe
Process ID 5780
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
Memory Usage 5.95 MB
Peak Memory Usage 7.25 MB
IDriverT.exe
Process ID 2328
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
Memory Usage 8.55 MB
Peak Memory Usage 8.64 MB
igfxpers.exe
Process ID 3792
User karen whatever1
Domain karenwhatever1
Path C:\Windows\System32\igfxpers.exe
Memory Usage 6.30 MB
Peak Memory Usage 6.36 MB
igfxsrvc.exe
Process ID 3968
User karen whatever1
Domain karenwhatever1
Path C:\Windows\system32\igfxsrvc.exe
Memory Usage 6.29 MB
Peak Memory Usage 6.33 MB
igfxtray.exe
Process ID 3900
User karen whatever1
Domain karenwhatever1
Path C:\Windows\System32\igfxtray.exe
Memory Usage 6.34 MB
Peak Memory Usage 6.39 MB
IntuitUpdateService.exe
Process ID 2080
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
Memory Usage 1.63 MB
Peak Memory Usage 25 MB
ipoint.exe
Process ID 4036
User karen whatever1
Domain karenwhatever1
Path C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
jusched.exe
Process ID 4668
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Memory Usage 4.16 MB
Peak Memory Usage 4.19 MB
Locator.exe
Process ID 2864
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\locator.exe
Memory Usage 1.84 MB
Peak Memory Usage 1.86 MB
lsass.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
lsm.exe
Process ID 604
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.61 MB
Peak Memory Usage 4.61 MB
mDNSResponder.exe
Process ID 2128
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 5.15 MB
Peak Memory Usage 5.15 MB
msdtc.exe
Process ID 2484
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\msdtc.exe
Memory Usage 7.27 MB
Peak Memory Usage 7.50 MB
ODDPWR.exe
Process ID 3796
User karen whatever1
Domain karenwhatever1
Path C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
Memory Usage 6.36 MB
Peak Memory Usage 6.40 MB
ODDPWRSvc.exe
Process ID 2644
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
Memory Usage 6.11 MB
Peak Memory Usage 6.27 MB
perfhost.exe
Process ID 2744
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\SysWow64\perfhost.exe
Memory Usage 2.39 MB
Peak Memory Usage 2.42 MB
PLFSetI.exe
Process ID 3784
User karen whatever1
Domain karenwhatever1
Path C:\Windows\PLFSetI.exe
Memory Usage 6.38 MB
Peak Memory Usage 6.48 MB
PSANHost.exe
Process ID 2544
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
Memory Usage 19 MB
Peak Memory Usage 73 MB
PSUAMain.exe
Process ID 4884
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
Memory Usage 468 KB
Peak Memory Usage 12 MB
PSUAService.exe
Process ID 2796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
Memory Usage 360 KB
Peak Memory Usage 12 MB
RAVCpl64.exe
Process ID 3728
User karen whatever1
Domain karenwhatever1
Path C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Memory Usage 10 MB
Peak Memory Usage 14 MB
realsched.exe
Process ID 4632
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
Memory Usage 516 KB
Peak Memory Usage 5.58 MB
rndlresolversvc.exe
Process ID 2836
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
Memory Usage 3.77 MB
Peak Memory Usage 3.80 MB
SearchFilterHost.exe
Process ID 6564
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.39 MB
Peak Memory Usage 7.43 MB
SearchIndexer.exe
Process ID 4496
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 58 MB
Peak Memory Usage 100 MB
SearchProtocolHost.exe
Process ID 6312
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
services.exe
Process ID 588
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 10 MB
Peak Memory Usage 15 MB
smss.exe
Process ID 844
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.02 MB
Peak Memory Usage 1.05 MB
SMSvcHost.exe
Process ID 3172
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
Memory Usage 23 MB
Peak Memory Usage 24 MB
snmptrap.exe
Process ID 4400
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\snmptrap.exe
Memory Usage 4.00 MB
Peak Memory Usage 4.03 MB
Speccy64.exe
Process ID 2416
User karen whatever1
Domain karenwhatever1
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 33 MB
Peak Memory Usage 34 MB
splwow64.exe
Process ID 5772
User karen whatever1
Domain karenwhatever1
Path C:\Windows\splwow64.exe
Memory Usage 6.93 MB
Peak Memory Usage 8.91 MB
spoolsv.exe
Process ID 1832
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 18 MB
Peak Memory Usage 34 MB
svchost.exe
Process ID 2672
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 2908
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.78 MB
Peak Memory Usage 4.03 MB
svchost.exe
Process ID 2968
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.49 MB
Peak Memory Usage 5.51 MB
svchost.exe
Process ID 1536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.52 MB
Peak Memory Usage 9.58 MB
svchost.exe
Process ID 5088
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.35 MB
Peak Memory Usage 5.38 MB
svchost.exe
Process ID 3104
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 2.36 MB
Peak Memory Usage 2.38 MB
svchost.exe
Process ID 3124
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 27 MB
Peak Memory Usage 55 MB
svchost.exe
Process ID 2700
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.72 MB
Peak Memory Usage 8.22 MB
svchost.exe
Process ID 992
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.36 MB
Peak Memory Usage 9.78 MB
svchost.exe
Process ID 600
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.20 MB
Peak Memory Usage 9.27 MB
svchost.exe
Process ID 1060
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 24 MB
svchost.exe
Process ID 1144
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 149 MB
Peak Memory Usage 179 MB
svchost.exe
Process ID 1236
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
svchost.exe
Process ID 1268
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 59 MB
Peak Memory Usage 410 MB
svchost.exe
Process ID 1352
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1392
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.77 MB
Peak Memory Usage 6.78 MB
svchost.exe
Process ID 1476
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1740
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 48 MB
svchost.exe
Process ID 2160
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.14 MB
Peak Memory Usage 4.17 MB
svchost.exe
Process ID 2440
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.19 MB
Peak Memory Usage 3.20 MB
System
Process ID 4
System Idle Process
Process ID 0
taskhost.exe
Process ID 2312
User karen whatever1
Domain karenwhatever1
Path C:\Windows\system32\taskhost.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
tixati.exe
Process ID 5288
User karen whatever1
Domain karenwhatever1
Path C:\Program Files (x86)\tixati\tixati.exe
Memory Usage 26 MB
Peak Memory Usage 27 MB
unsecapp.exe
Process ID 4080
User karen whatever1
Domain karenwhatever1
Path C:\Windows\system32\wbem\unsecapp.exe
Memory Usage 5.19 MB
Peak Memory Usage 5.19 MB
vds.exe
Process ID 3056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\vds.exe
Memory Usage 4.89 MB
Peak Memory Usage 4.94 MB
wininit.exe
Process ID 476
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.09 MB
Peak Memory Usage 4.17 MB
winlogon.exe
Process ID 544
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 6.72 MB
Peak Memory Usage 7.82 MB
WmiApSrv.exe
Process ID 5368
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 4.98 MB
Peak Memory Usage 5.02 MB
WmiPrvSE.exe
Process ID 4348
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 6.41 MB
Peak Memory Usage 6.50 MB
WmiPrvSE.exe
Process ID 4564
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
Hotfixes
4/13/2013 Definition Update for Windows Defender - KB915597 (Definition 1.147.1685.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/11/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1653.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/10/2013 Security Update for Windows 7 for x64-based Systems (KB2813347)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Windows Malicious Software Removal Tool x64 - April 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/10/2013 Security Update for Windows 7 for x64-based Systems (KB2808735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Security Update for Windows 7 for x64-based Systems (KB2823324)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Update for Windows 7 for x64-based Systems (KB2823180)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/10/2013 Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Update for Windows 7 for x64-based Systems (KB2799926)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/10/2013 Security Update for Windows 7 for x64-based Systems (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/10/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
4/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1446.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/8/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1339.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/7/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1246.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/5/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1169.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/4/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.1059.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.989.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.950.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.841.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.812.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/31/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.779.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/31/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.779.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/30/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.733.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/28/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.658.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.598.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.582.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/26/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.475.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/24/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.375.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/23/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.336.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/22/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.272.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/21/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.178.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.94.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.147.81.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/19/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.2105.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/18/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.2029.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/17/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.2004.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/17/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.2003.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/17/2013 Internet Explorer 10 for Windows 7 for x64-based Systems
Internet Explorer 10 is fast and fluid, and lets your websites
shine and perform just like native apps on your PC.
Internet
Explorer 10. Fast and fluid for Windows 7.
• Fast. Internet
Explorer 10 harnesses the untapped power of your PC, delivering
pages full of vivid graphics, smoother video, and interactive
content.
• Easy. Experience the web the way you want to with
pinned sites, built-in Spellcheck, and seamless integration with
your PC running Windows 7.
• Safer. Improved features like SmartScreen
Filter and Tracking Protection let you be more aware of threats
to your PC and your privacy.
3/16/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1939.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/15/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1912.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/14/2013 Security Update for Windows 7 for x64-based Systems (KB2807986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
3/13/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1753.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/13/2013 Windows Malicious Software Removal Tool x64 - March 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/13/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
3/13/2013 Update for Windows 7 for x64-based Systems (KB2791765)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
3/13/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2809289)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
3/13/2013 Security Update for Microsoft Silverlight (KB2814124)
This security update to Silverlight includes fixes outlined in
KB 2814124. This update is backward compatible with web applications
built using previous versions of Silverlight.
3/12/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1647.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/11/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1516.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1490.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1483.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/9/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1424.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/7/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1321.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/6/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1212.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/5/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.1035.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.963.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/2/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.871.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/28/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.750.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/27/2013 Platform Update for Windows 7 x64-Edition (KB2670838)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.576.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/25/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.492.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/25/2013 Update for Microsoft Security Essentials - KB2804527 (4.2.223.1)
This package will update Microsoft Security Essentials client
on the user's machine.
2/24/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.417.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/23/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.373.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/22/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.294.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.145.97.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/19/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2558.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/18/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2510.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/17/2013 Security Update for Windows 7 for x64-based Systems (KB2799494)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Security Update for Windows 7 for x64-based Systems (KB2778344)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Windows Malicious Software Removal Tool x64 - February 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/17/2013 Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
2/17/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
2/17/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Security Update for Windows 7 for x64-based Systems (KB2790113)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/17/2013 Security Update for Windows 7 for x64-based Systems (KB2790655)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
2/17/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2792100)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/16/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2461.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/15/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2383.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/15/2013 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2294.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/14/2013 Security Update for Windows 7 for x64-based Systems (KB2799494)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Security Update for Windows 7 for x64-based Systems (KB2778344)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Windows Malicious Software Removal Tool x64 - February 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
2/14/2013 Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Microsoft has released an update for Microsoft Office 2010 64-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 64-Bit Edition. Additionally, this update contains stability
and performance improvements.
2/14/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
2/14/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Security Update for Windows 7 for x64-based Systems (KB2790113)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
2/14/2013 Security Update for Windows 7 for x64-based Systems (KB2790655)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
2/14/2013 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2792100)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
2/13/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2208.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/12/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2135.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/11/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.2011.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1965.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/8/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1894.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/7/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1804.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/6/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1696.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/5/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1611.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/4/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1490.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/3/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1429.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
2/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1366.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/31/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1237.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/30/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1115.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/28/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1007.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/27/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.944.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/25/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.856.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/24/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.681.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/22/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.502.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/21/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.381.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/20/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.376.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/18/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.256.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/17/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.109.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/16/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.25.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/14/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3882.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/13/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3820.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/12/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3784.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/12/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3781.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/10/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3534.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/9/2013 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
1/9/2013 Security Update for Windows 7 for x64-based Systems (KB2769369)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Windows Malicious Software Removal Tool x64 - January 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
1/9/2013 Security Update for Windows 7 for x64-based Systems (KB2757638)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Security Update for Windows 7 for x64-based Systems (KB2785220)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
1/9/2013 Update for Windows 7 for x64-based Systems (KB2786400)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
1/9/2013 Update for Windows 7 for x64-based Systems (KB2773072)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
1/9/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2736428)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
1/9/2013 Update for Windows 7 for x64-based Systems (KB2726535)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
1/9/2013 Update for Windows 7 for x64-based Systems (KB2786081)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
1/9/2013 Security Update for Windows 7 for x64-based Systems (KB2778930)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
1/9/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
1/8/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3419.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/6/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3266.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/4/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.3155.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/2/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2973.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
1/1/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2917.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/31/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2849.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/30/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2817.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/29/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2741.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/28/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2679.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/26/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2595.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/25/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2563.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/24/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2500.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/23/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2472.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/22/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2418.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/21/2012 Security Update for Windows 7 for x64-based Systems (KB2753842)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/21/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2347.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/20/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2246.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/18/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2122.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/17/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.2024.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/16/2012 Windows Management Framework 3.0 for Windows 7 for x64-based Systems (KB2506143)
Windows Management Framework 3.0 provides updated management
functionality for Windows 7 and Windows Server 2008 R2. Windows
Management Framework 3.0 includes Windows PowerShell 3.0, WMI,
and WinRM 3.0, along with other management features.
12/16/2012 Windows Malicious Software Removal Tool x64 - December 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/16/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1974.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/15/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1918.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1785.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/12/2012 Update for Windows 7 for x64-based Systems (KB2779562)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
12/12/2012 Security Update for Windows 7 for x64-based Systems (KB2779030)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/12/2012 Security Update for Windows 7 for x64-based Systems (KB2753842)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/12/2012 Security Update for Windows 7 for x64-based Systems (KB2758857)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/12/2012 Security Update for Windows 7 for x64-based Systems (KB2770660)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/12/2012 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2761465)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/12/2012 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 64-Bit Edition.
12/11/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1593.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/10/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1493.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1455.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/9/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1444.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/6/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1243.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/4/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.141.1057.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/28/2012 Update for Windows 7 for x64-based Systems (KB2762895)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
System Folders
Path for burning CD C:\Users\karen whatever1\AppData\Local\Microsoft\Windows\Burn\Burn1
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\karen whatever1\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\karen whatever1\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\karen whatever1\Desktop
Physical Desktop C:\Users\karen whatever1\Desktop
User Favorites C:\Users\karen whatever1\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\karen whatever1\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\karen whatever1\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\karen whatever1\AppData\Local
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Services
Running Acer ODD Power Service
Running Adaptive Brightness
Running Adobe Acrobat Update Service
Running Application Experience
Running Application Identity
Running Application Information
Running Application Layer Gateway Service
Running Application Management
Running ASP.NET State Service
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bing Desktop Update service
Running Bluetooth Support Service
Running Bonjour Service
Running BranchCache
Running Certificate Propagation
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Credential Manager
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running Distributed Transaction Coordinator
Running DNS Client
Running Encrypting File System (EFS)
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running Health Key and Certificate Management
Running HomeGroup Listener
Running HomeGroup Provider
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running InstallDriver Table Manager
Running Intel Matrix Storage Event Monitor
Running Internet Connection Sharing (ICS)
Running Intuit Update Service
Running IP Helper
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running Media Center Extender Service
Running Microsoft iSCSI Initiator Service
Running Multimedia Class Scheduler
Running Net.Pipe Listener Adapter
Running Net.Tcp Listener Adapter
Running Net.Tcp Port Sharing Service
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Offline Files
Running Panda Cloud Antivirus Service
Running Panda Product Service
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Performance Counter DLL Host
Running Performance Logs & Alerts
Running Plug and Play
Running PnP-X IP Bus Enumerator
Running PNRP Machine Name Publication Service
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Problem Reports and Solutions Control Panel Support
Running Program Compatibility Assistant Service
Running Protected Storage
Running Quality Windows Audio Video Experience
Running RealNetworks Downloader Resolver Service
Running Remote Access Auto Connection Manager
Running Remote Access Connection Manager
Running Remote Desktop Services
Running Remote Desktop Services UserMode Port Redirector
Running Remote Procedure Call (RPC)
Running Remote Procedure Call (RPC) Locator
Running Routing and Remote Access
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Smart Card
Running SNMP Trap
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running Thread Ordering Server
Running UPnP Device Host
Running User Profile Service
Running Virtual Disk
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Backup
Running Windows Connect Now - Config Registrar
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Collector
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Process Activation Service
Running Windows Remote Management (WS-Management)
Running Windows Search
Running Windows Update
Running Wired AutoConfig
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Running World Wide Web Publishing Service
Running WWAN AutoConfig
Stopped Acer ePower Service
Stopped ActiveX Installer (AxInstSV)
Stopped Adobe Flash Player Update Service
Stopped Adobe LM Service
Stopped Application Host Helper Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped COM+ System Application
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Fax
Stopped FLEXnet Licensing Service
Stopped Google Software Updater
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped HP Network Devices Support
Stopped hpqcxs08
Stopped Interactive Services Detection
Stopped iPod Service
Stopped LightScribeService Direct Disc Labeling Service
Stopped Link-Layer Topology Discovery Mapper
Stopped lxdx_device
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Nalpeiron Licensing Service
Stopped Net.Msmq Listener Adapter
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped NitroPDFDriverCreatorReadSpool2
Stopped Office 64 Source Engine
Stopped Office Software Protection Platform
Stopped Parental Controls
Stopped Passcape 64-bit Loader Service
Stopped PuranDefrag
Stopped Remote Desktop Configuration
Stopped Remote Registry
Stopped Simple TCP/IP Services
Stopped Smart Card Removal Policy
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped TPM Base Services
Stopped Volume Shadow Copy
Stopped Windows Activation Technologies Service
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Installer
Stopped Windows Live Family Safety Service
Stopped Windows Live ID Sign-in Assistant
Stopped Windows Live Mesh remote connections service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped WPR Passcape Loader Service
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Enabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
Genuine Intel CPU U2700 @ 1.30GHz
ACPI Thermal Zone
ACPI Thermal Zone
ACPI Lid
ACPI Sleep Button
ACPI Fixed Feature Button
PCI bus
Mobile Intel 4 Series Chipset Processor to DRAM Controller - 2A40
Mobile Intel 4 Series Express Chipset Family
Intel 82801 PCI Bridge - 2448
Intel ICH9 Family SMBus Controller - 2930
Intel ICH9 Family Thermal Subsystem - 2932
Microsoft Windows Management Interface for ACPI
Mobile Intel® 4 Series Express Chipset Family
Generic PnP Monitor
Intel® ICH9 Family USB Universal Host Controller - 2937
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2938
USB Root Hub
Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
USB Root Hub
High Definition Audio Controller
Realtek High Definition Audio
High Definition Audio Device
Intel® ICH9 Family PCI Express Root Port 1 - 2940
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Intel® ICH9 Family PCI Express Root Port 2 - 2942
Atheros AR5B91 Wireless Network Adapter
Intel® ICH9 Family USB Universal Host Controller - 2934
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2935
USB Root Hub
USB Input Device
HID-compliant mouse
Intel® ICH9 Family USB Universal Host Controller - 2936
USB Root Hub
Intel® ICH9 Family USB Universal Host Controller - 2939
USB Root Hub
Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
USB Root Hub
USB Composite Device
HD Video WebCam
USB Composite Device
HP Deskjet 1000 J110 series (REST)
USB Printing Support
HP Deskjet 1000 J110 series
Intel® ICH9M-E LPC Interface Controller - 2917
Motherboard resources
Direct memory access controller
System CMOS/real time clock
High precision event timer
Programmable interrupt controller
Numeric data processor
System timer
Intel 82802 Firmware Hub Device
Standard PS/2 Keyboard
Synaptics PS/2 Port TouchPad
Microsoft ACPI-Compliant Embedded Controller
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
Intel® ICH9M-E/M SATA AHCI Controller
Hitachi HTS725032A9A364
TSSTcorp CDDVDW TS-U633A
CPU
Intel Pentium SU2700
Cores 1
Threads 1
Name Intel Pentium SU2700
Code Name Penryn
Package Socket P (478)
Technology 45nm
Specification Genuine Intel CPU U2700 @ 1.30GHz
Family 6
Extended Family 6
Model 7
Extended Model 17
Stepping A
Revision R0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, Intel 64
Virtualization Not supported
Hyperthreading Not supported
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Stock Core Speed 1300 MHz
Stock Bus Speed 200 MHz
Average Temperature 48 °C
Caches
L1 Data Cache Size 32 KBytes
L1 Instructions Cache Size 32 KBytes
L2 Unified Cache Size 2048 KBytes
Core 0
Core Speed 1197.0 MHz
Multiplier x 6.0
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Temperature 48 °C
Thread 1
APIC ID 0
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 4096 MBytes
Channels # Dual
DRAM Frequency 399.0 MHz
CAS# Latency (CL) 6 clocks
RAS# to CAS# Delay (tRCD) 6 clocks
RAS# Precharge (tRP) 6 clocks
Cycle Time (tRAS) 15 clocks
Physical Memory
Memory Usage 52 %
Total Physical 3.93 GB
Available Physical 1.88 GB
Total Virtual 6.86 GB
Available Virtual 4.51 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Micron Technology
Max Bandwidth PC3-10700 (667 MHz)
Part Number 16JTF25664HZ-1G4G1
Serial Number FD843C6D
Week/year 28 / 12
SPD Ext. EPP
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 28
tRC 38
Voltage 1.500 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 25
tRC 34
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1.500 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Elpida
Max Bandwidth PC3-8500F (533 MHz)
Part Number EBJ21UE8BBS0-AE-F
Serial Number 51FC775F
Week/year 10 / 09
SPD Ext. EPP
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 23
tRC 31
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.500 V
Motherboard
Manufacturer Acer
Model Aspire 5810T (CPU)
Version V1.06.
Chipset Vendor Intel
Chipset Model GS45
Chipset Revision 07
Southbridge Vendor Intel
Southbridge Model 82801IM (ICH9-M)
Southbridge Revision 03
System Temperature 48 °C
BIOS
Brand INSYDE
Version V1.06.
Date 4/6/2009
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J6B2
Slot Number 0
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J6B1
Slot Number 1
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J6C2
Slot Number 2
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J7B1
Slot Number 3
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J8B3
Slot Number 4
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width Unknown
Slot Designation J8D1
Slot Number 5
Graphics
Monitor
Name LP156WH3-TLA1 on Mobile Intel 4 Series Express Chipset Family
Current Resolution 1366x768 pixels
Work Resolution 1366x738 pixels
State Enabled, Primary
Monitor Width 1366
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Mobile Intel 4 Series Express Chipset Family
Device ID 8086-2A42
Revision 8
Subvendor Acer Incorporated [ALI] (1025)
Current Performance Level Level 1
Driver version 8.15.10.1892
Count of performance levels : 1
Level 1
Mobile Intel 4 Series Express Chipset Family
Device ID 8086-2A43
Revision 8
Subvendor Acer Incorporated [ALI] (1025)
Current Performance Level Level 1
Driver version 8.15.10.1892
Count of performance levels : 1
Level 1
OpenGL
Version 2.1.0 - Build 8.15.10.1892
Vendor Intel
Renderer Mobile Intel 4 Series Express Chipset Family
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 16
GL_MAX_TEXTURE_SIZE 4096
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_blend_color
GL_EXT_abgr
GL_EXT_texture3D
GL_EXT_clip_volume_hint
GL_EXT_compiled_vertex_array
GL_SGIS_texture_edge_clamp
GL_SGIS_generate_mipmap
GL_EXT_draw_range_elements
GL_SGIS_texture_lod
GL_EXT_rescale_normal
GL_EXT_packed_pixels
GL_EXT_separate_specular_color
GL_ARB_multitexture
GL_EXT_texture_env_combine
GL_EXT_bgra
GL_EXT_blend_func_separate
GL_EXT_secondary_color
GL_EXT_fog_coord
GL_EXT_texture_env_add
GL_ARB_texture_cube_map
GL_ARB_transpose_matrix
GL_ARB_texture_env_add
GL_IBM_texture_mirrored_repeat
GL_EXT_multi_draw_arrays
GL_NV_blend_square
GL_ARB_texture_compression
GL_3DFX_texture_compression_FXT1
GL_EXT_texture_filter_anisotropic
GL_ARB_texture_border_clamp
GL_ARB_point_parameters
GL_ARB_texture_env_combine
GL_ARB_texture_env_dot3
GL_ARB_texture_env_crossbar
GL_EXT_texture_compression_s3tc
GL_ARB_shadow
GL_ARB_window_pos
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_ARB_vertex_program
GL_EXT_texture_rectangle
GL_ARB_fragment_program
GL_EXT_stencil_two_side
GL_ATI_separate_stencil
GL_ARB_vertex_buffer_object
GL_EXT_texture_lod_bias
GL_ARB_occlusion_query
GL_ARB_fragment_shader
GL_ARB_shader_objects
GL_ARB_shading_language_100
GL_ARB_texture_non_power_of_two
GL_ARB_vertex_shader
GL_NV_texgen_reflection
GL_ARB_point_sprite
GL_EXT_blend_equation_separate
GL_ARB_depth_texture
GL_ARB_texture_rectangle
GL_ARB_draw_buffers
GL_ARB_pixel_buffer_object
GL_WIN_swap_hint
GL_EXT_framebuffer_object
GL_EXT_texture_sRGB
GL_ARB_color_buffer_float
GL_ARB_half_float_pixel
GL_ARB_texture_float
GL_NV_conditional_render
GL_EXT_texture_swizzle
GL_EXT_bgra
Hard Drives
Hitachi HTS725032A9A364
Manufacturer Hitachi
Product Family Travelstar
Series Prefix Standard
Model Capacity For This Specific Drive 320GB
Heads 16
Cylinders 16,383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number 100711PCKC00VPKHTJWK
LBA Size 48-bit LBA
Power On Count 2991 times
Power On Time 433.5 days
Speed, Expressed in Revolutions Per Minute (rpm) 7200
Features S.M.A.R.T., APM, AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 298 GB
Real size 320,072,933,376 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (100) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 161 (161) Data 0000000002
04 Start/Stop Count 098 (098) Data 0000000D36
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 077 (077) Data 00000028A5
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 099 (099) Data 0000000BAF
BF G-sense error rate 100 (100) Data 0000000000
C0 Power-off Retract Count 100 (100) Data 00000000AF
C1 Load/Unload Cycle Count 063 (063) Data 000005BCBA
C2 Temperature 166 (166) Data 00000D0021
C4 Reallocation Event Count 100 (100) Data 0000000000
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
DF Load/Unload Retry Count 100 (100) Data 0000000000
Temperature 33 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 100 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number EA320253
Size 298 GB
Used Space 133 GB (45%)
Free Space 165 GB (55%)
Optical Drives
TSSTcorp CDDVDW TS-U633A
Media Type UNKNOWN
Name TSSTcorp CDDVDW TS-U633A
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager User Config FALSE
DriveIntegrity TRUE
Media Loaded FALSE
Status Error
Transfer Rate 3310 KB/S
Audio
Sound Cards
High Definition Audio Device
Realtek High Definition Audio
Playback Devices
Speakers (Realtek High Definition Audio) (default)
Realtek Digital Output (Realtek High Definition Audio)
Recording Device
Microphone (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Vendor Synaptics
Location plugged into PS/2 mouse port
Driver
Date 6-18-2009
Version 13.2.2.0
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\fx04.wav
File C:\Program Files\Synaptics\SynTP\SynAcer.exe
File C:\Program Files\Synaptics\SynTP\SynAcerCpl.cpl
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynFlickLR.mpg
File C:\Windows\SysWOW64\SynCOM.dll
File C:\Windows\SysWOW64\SynCtrl.dll
File C:\Windows\SysWOW64\SynTPCOM.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\SynTPCo4.dll
File C:\Windows\system32\WdfCoInstaller01009.dll
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Unknown
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
HP Deskjet 1000 J110 series
Device Kind Printer
Device Name HP Deskjet 1000 J110 series
Vendor HP
Location USB Printing Support
Driver
Date 9-12-2012
Version 9.84.0.1189
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpdj_2050_04.gpd
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\HPMACRONAMES.gpd
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpvpl09.ini
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpdj_2050_04_n.inx
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpvpldrv09.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpvplui09.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpfime51.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpvplres09.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\copyright.txt
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpinksts8811LM.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\hpinksts8811.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\unidrv.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\unidrvui.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\unires.dll
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\unidrv.hlp
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\locale.gpd
File C:\Windows\system32\spool\DRIVERS\x64\{067410DC-FFC2-4521-AB59-D6D0132358C4}\stdnames.gpd
File C:\Windows\system32\hpinkcoi8811.dll
File C:\Windows\system32\hpinkins8811.exe
File C:\Windows\system32\hpinksts8811LM.dll
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Unknown
Comment HD Video WebCam
Location 0000.001d.0007.005.000.000.000.000.000
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\drivers\usbvideo.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
HP Deskjet 1000 J110 series (Default Printer)
Printer Port USB001
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 300 dpi Color
Status Unknown
Driver
Driver Name HP Deskjet 1000 J110 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Nitro PDF Creator 2
Printer Port Nitro PDF Port:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 4294967292 dpi Color
Status Unknown
Driver
Driver Name Nitro PDF Driver 2 (v5.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\NitroGraphics2.dll
Send To OneNote 2010
Printer Port nul:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote 2010 Driver (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are not connected to the internet
Computer Name
NetBIOS Name KARENWHATEVER1
DNS Name karenwhatever1
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain karenwhatever1
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (WiFiRSU_24)
SSID WiFiRSU_24
Frequency 2452000 kHz
Channel Number 9
Name WiFiRSU_24
Signal Strength/Quality 100
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Atheros AR5B91 Wireless Network Adapter
IP Address 192.168.15.22
Subnet mask 255.255.255.0
Gateway server 192.168.15.1
Network Shares
Users C:\Users
E E:\
C C:\
  • 0

#22
RKinner
Posted 15 April 2013 - 12:24 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Appears this is a laptop so shut it down, remove the main battery and then power it up again. Run Process Explorer as before and post the log.

If interrupts is still high then boot into Safe Mode and run Process Explorer again.


(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode. Login with your usual login.) You will need to reboot before you can post.
  • 0

#23
karenM5757
Posted 15 April 2013 - 02:49 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
procexp64.exe 35.51 29,536 K 53,996 K 5384 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
mcGlidHost.exe 28.53 27,728 K 22,868 K 5660 Windows Media Center In-band Guide Loader Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 14.21 0 K 24 K 0
SearchProtocolHost.exe 8.23 2,296 K 7,752 K 6272 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
System 1.96 188 K 3,860 K 4
iexplore.exe 1.51 160,000 K 184,708 K 6008 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 1.49 42,228 K 24,488 K 2412 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
PSANHost.exe 1.48 63,512 K 22,408 K 1608 Application Host Service Panda Security, S.L. (Verified) Panda Security S.L
csrss.exe 1.01 2,316 K 9,876 K 484 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.99 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 0.89 97,808 K 109,376 K 1184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.83 5,456 K 13,624 K 592 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.66 4,016 K 9,076 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ehrecvr.exe 0.40 3,332 K 8,948 K 7120 Windows Media Center Receiver Service Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.39 14,288 K 15,852 K 2420 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.31 5,056 K 8,960 K 596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.23 37,636 K 24,484 K 2100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.19 6,776 K 10,632 K 572 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.18 36,548 K 55,888 K 2440 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
recordingmanager.exe 0.18 2,272 K 8,328 K 6124 RealDownloader RealNetworks, Inc. (Verified) RealNetworks
SearchIndexer.exe 0.14 35,740 K 14,464 K 4536 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
mcupdate.exe 0.14 43,216 K 49,852 K 6960 Windows Media Center Store Update Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.13 15,348 K 17,960 K 1360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe 0.13 146,348 K 165,548 K 5516 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.11 2,132 K 4,924 K 980 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.09 30,684 K 52,100 K 1276 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ehsched.exe 0.04 1,516 K 5,136 K 2344 Windows Media Center Scheduler Service Microsoft Corporation (Verified) Microsoft Windows
PSUAMain.exe 0.04 4,744 K 432 K 3372 PSUAMain Panda Security, S.L. (Verified) Panda Security S.L
svchost.exe 0.03 9,472 K 18,068 K 1472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 11,748 K 20,912 K 1244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ehrec.exe 0.02 36,480 K 32,112 K 892 Windows Media Center Host Module Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe 0.02 13,636 K 30,908 K 1636 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 11,780 K 15,380 K 3176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 2,324 K 5,464 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 21,872 K 23,740 K 1072 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SMSvcHost.exe < 0.01 34,328 K 24,000 K 2852 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 4,340 K 4,936 K 3264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe < 0.01 1,544 K 4,516 K 4052 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,648 K 6,772 K 4180 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 1,440 K 4,852 K 2928 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,440 K 6,824 K 552 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,284 K 4,188 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
vds.exe 1,376 K 5,016 K 3928 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,388 K 5,012 K 3916 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UI0Detect.exe 2,076 K 6,604 K 5636 Interactive services detection Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,608 K 5,304 K 6016 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,232 K 3,896 K 3684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,232 K 4,196 K 3864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,640 K 5,236 K 3836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,308 K 18,520 K 1752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,276 K 4,300 K 2176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 740 K 2,404 K 3000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,164 K 9,620 K 3976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,092 K 3,244 K 2368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,348 K 4,236 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,104 K 5,472 K 5404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,132 K 15,280 K 1844 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
snmptrap.exe 1,316 K 4,088 K 4600 SNMP Trap Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 1,032 K 844 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
rndlresolversvc.exe 1,036 K 3,824 K 3564 (Verified) RealNetworks
realsched.exe 1,760 K 668 K 3064 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
RAVCpl64.exe 9,776 K 11,284 K 2600 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PSUAService.exe 5,852 K 380 K 3496 PSUAService Panda Security, S.L. (Verified) Panda Security S.L
procexp.exe 2,284 K 7,424 K 1920 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PLFSetI.exe 1,712 K 6,760 K 2608 DefaultSettingEXE MFC Application (No signature was present in the subject)
perfhost.exe 640 K 2,416 K 3336 x86 Performance Counter Host Microsoft Corporation (Verified) Microsoft Windows
OSE.EXE 996 K 2,868 K 828 Office Source Engine Microsoft Corporation (Verified) Microsoft Corporation
ODDPWRSvc.exe 1,792 K 6,076 K 3084 ODDPwr service Acer Incorporated (Verified) Acer Incorporated
ODDPWR.exe 1,728 K 5,760 K 2624 ODDPWR Acer Incorporated (Verified) Acer Incorporated
msiexec.exe 1,792 K 5,668 K 2204 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
msdtc.exe 3,408 K 7,480 K 2448 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,716 K 5,072 K 2104 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2,260 K 4,040 K 600 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
Locator.exe 580 K 1,876 K 3612 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 1,016 K 4,248 K 1160 Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
ipoint.exe 8,232 K 16,312 K 2636 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
IntuitUpdateService.exe 19,408 K 5,940 K 2356 Intuit Update Service Intuit Inc. (Verified) Intuit
igfxtray.exe 1,780 K 5,804 K 2644 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxsrvc.exe 1,700 K 5,676 K 2772 igfxsrvc Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 1,596 K 5,736 K 2616 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
IDriverT.exe 2,744 K 8,800 K 2860 IDriverT Module Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
IAANTmon.exe 1,944 K 5,960 K 5264 RAID Monitor Intel Corporation (Verified) Intel Corporation
hkcmd.exe 1,712 K 5,708 K 2652 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
GoogleUpdate.exe 1,872 K 764 K 4316 Google Installer Google Inc. (Verified) Google Inc
ehtray.exe 2,080 K 2,048 K 5136 Windows Media Center Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2,040 K 6,696 K 5688 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 7,380 K 11,136 K 3952 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 1,252 K 4,572 K 5072 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ClearStick64.exe 1,060 K 3,836 K 2376 (No signature was present in the subject)
BingDesktopUpdater.exe 1,156 K 3,924 K 2076 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
aspnet_state.exe 1,980 K 5,272 K 1944 Microsoft ASP.NET State Server Microsoft Corporation (Verified) Microsoft Corporation
armsvc.exe 1,128 K 3,804 K 1324 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,252 K 4,528 K 1680 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
  • 0

#24
karenM5757
Posted 15 April 2013 - 02:56 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
it went to 0.99 when i removed the battery . does that mean the battery is messed up? i bought it several months ago.
  • 0

#25
RKinner
Posted 15 April 2013 - 03:29 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I guess the best way to tell is to put it back in and see if Interrupts goes high again.

I am still seeing a problem caused by windows media center. Try following the instructions here:

http://www.hack7mc.c...dia-center.html

Then reboot and run a new Process Explorer log.
  • 0

Advertisements

#26
karenM5757
Posted 18 April 2013 - 12:01 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
ok i put battery in and here is the report
i also noticed the media player was back on after i stopped it
maybe i am not finding all of its processes?

thank you so very much for your help and im looking for a hard drive now to.
karen



Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 24.76 0 K 24 K 0
procexp64.exe 44.11 30,976 K 50,796 K 2136 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
dwm.exe 9.68 41,644 K 25,368 K 3780 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 2.59 0 K 0 K n/a Hardware Interrupts and DPCs
explorer.exe 8.64 32,780 K 50,152 K 3788 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 2.38 2,468 K 10,412 K 484 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.26 94,344 K 86,508 K 2372 Google Chrome Google Inc. (Verified) Google Inc
PSUAMain.exe 0.49 4,740 K 708 K 4684 PSUAMain Panda Security, S.L. (Verified) Panda Security S.L
System 0.64 180 K 3,060 K 4
chrome.exe 0.13 73,568 K 86,796 K 3960 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.04 8,524 K 16,864 K 1464 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.05 11,444 K 12,540 K 4212 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.02 37,320 K 58,716 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 15,204 K 18,424 K 1352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.30 36,140 K 15,288 K 5108 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
aspnet_state.exe 0.05 2,012 K 5,316 K 1996 Microsoft ASP.NET State Server Microsoft Corporation (Verified) Microsoft Corporation
WmiPrvSE.exe 0.07 20,968 K 27,288 K 2556 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
ipoint.exe 1.32 8,256 K 16,316 K 3384 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
googletalkplugin.exe 0.03 10,980 K 15,588 K 1440 Google Talk Plugin Google (Verified) Google Inc
svchost.exe 12,128 K 15,756 K 2648 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 36,872 K 29,500 K 3168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 10,756 K 19,428 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PSANHost.exe 3.30 68,136 K 21,752 K 2500 Application Host Service Panda Security, S.L. (Verified) Panda Security S.L
IntuitUpdateService.exe 20,480 K 744 K 3560 Intuit Update Service Intuit Inc. (Verified) Intuit
taskhost.exe 0.02 8,084 K 10,240 K 3696 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SMSvcHost.exe 0.01 34,332 K 24,016 K 3292 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.01 4,332 K 5,052 K 2716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 0.01 1,480 K 5,112 K 1844 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 111,820 K 125,036 K 1176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.02 61,528 K 51,788 K 4500 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 0.01 2,120 K 4,888 K 980 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,632 K 18,432 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 1,268 K 4,588 K 2220 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
alg.exe 1,264 K 4,552 K 1928 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,280 K 4,312 K 2200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2,040 K 6,692 K 3956 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,648 K 6,480 K 4276 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,444 K 6,856 K 552 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,304 K 4,212 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
vds.exe 1,376 K 5,016 K 2280 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,384 K 5,040 K 4120 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UI0Detect.exe 2,088 K 6,680 K 3060 Interactive services detection Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,624 K 5,212 K 5196 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,384 K 8,304 K 908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,972 K 9,280 K 988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 20,000 K 23,308 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,112 K 5,492 K 3244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,188 K 9,744 K 2420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,100 K 3,256 K 2384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,352 K 4,248 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,424 K 6,576 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 740 K 2,408 K 3148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,236 K 4,212 K 3068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,624 K 5,232 K 3044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,244 K 3,896 K 2952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,864 K 15,548 K 1832 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
snmptrap.exe 1,320 K 4,096 K 2352 SNMP Trap Microsoft Corporation (Verified) Microsoft Windows
smss.exe 368 K 1,040 K 844 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,520 K 10,376 K 588 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
rndlresolversvc.exe 1,044 K 3,876 K 2856 (Verified) RealNetworks
realsched.exe 0.96 1,788 K 424 K 4516 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
RAVCpl64.exe 9,828 K 11,288 K 4088 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PSUAService.exe 5,912 K 2,900 K 2828 PSUAService Panda Security, S.L. (Verified) Panda Security S.L
procexp.exe 2,292 K 7,544 K 6132 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PLFSetI.exe 1,736 K 6,776 K 3192 DefaultSettingEXE MFC Application (No signature was present in the subject)
perfhost.exe 644 K 2,440 K 2752 x86 Performance Counter Host Microsoft Corporation (Verified) Microsoft Windows
OSE.EXE 1,004 K 2,880 K 3468 Office Source Engine Microsoft Corporation (Verified) Microsoft Corporation
ODDPWRSvc.exe 1,788 K 6,120 K 2580 ODDPwr service Acer Incorporated (Verified) Acer Incorporated
ODDPWR.exe 1,728 K 5,784 K 3620 ODDPWR Acer Incorporated (Verified) Acer Incorporated
msdtc.exe 3,420 K 7,496 K 2448 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,716 K 5,044 K 2116 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2,284 K 4,080 K 604 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.08 5,160 K 13,212 K 596 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
Locator.exe 584 K 1,880 K 2892 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 1,012 K 4,256 K 4544 Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
igfxtray.exe 1,796 K 5,816 K 4004 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxsrvc.exe 1,692 K 5,696 K 4000 igfxsrvc Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 1,596 K 5,740 K 3640 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
IDriverT.exe 2,736 K 8,784 K 2312 IDriverT Module Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
IAANTmon.exe 1,916 K 5,980 K 3624 RAID Monitor Intel Corporation (Verified) Intel Corporation
hkcmd.exe 1,724 K 5,752 K 3164 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
GoogleUpdate.exe 1,892 K 1,264 K 2208 Google Installer Google Inc. (Verified) Google Inc
dllhost.exe 7,344 K 11,148 K 4476 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ClearStick64.exe 1,076 K 3,812 K 4612 (No signature was present in the subject)
chrome.exe 33,440 K 39,332 K 3512 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3,944 K 8,316 K 2864 Google Chrome Google Inc. (Verified) Google Inc
BingDesktopUpdater.exe 1,160 K 3,952 K 2088 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
audiodg.exe 16,612 K 16,920 K 1332 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1,128 K 3,832 K 1500 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
  • 0

#27
RKinner
Posted 18 April 2013 - 02:34 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
This is not looking good for the battery. Let's take it out until we find what else is causing the problem.

I see a lot of explorer.exe CPU usage so let's
download ShellExView.

http://www.nirsoft.n...s/shexview.html

You will need the one near the bottom of the page where it says:
Download ShellExView for x64

You will need to save it then right click on it and Extract all before you can run the .exe file by right clicking and Run As Admin.


Once you get it running look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led (just below File). This will disable everything that Microsoft did not put there.

Reboot and run a new Process Explorer log.
  • 0

#28
karenM5757
Posted 18 April 2013 - 03:03 PM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
battery out new log

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 36.26 0 K 24 K 0
svchost.exe 23.83 36,276 K 50,100 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 15.62 26,792 K 47,608 K 2268 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
svchost.exe 6.30 83,156 K 95,516 K 1144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Interrupts 3.09 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 2.39 15,468 K 17,752 K 1356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 2.18 33,092 K 50,576 K 3516 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
System 1.42 180 K 3,080 K 4
svchost.exe 1.13 19,856 K 23,184 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.08 4,556 K 8,472 K 828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 1.06 39,400 K 22,768 K 3444 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.94 11,060 K 19,764 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.92 14,516 K 19,760 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.63 11,328 K 15,032 K 2588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.60 3,944 K 8,964 K 988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.55 2,400 K 11,672 K 484 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
PSANHost.exe 0.53 61,832 K 16,264 K 2500 Application Host Service Panda Security, S.L. (Verified) Panda Security S.L
services.exe 0.44 6,384 K 10,268 K 572 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.41 4,752 K 12,380 K 580 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.18 34,568 K 9,888 K 5008 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.15 8,836 K 17,204 K 1480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PSUAMain.exe 0.06 4,860 K 1,524 K 4504 PSUAMain Panda Security, S.L. (Verified) Panda Security S.L
lsm.exe 0.04 2,300 K 4,104 K 588 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.04 2,116 K 4,868 K 980 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 0.04 2,260 K 5,052 K 2776 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.03 2,228 K 5,404 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IntuitUpdateService.exe 0.03 21,568 K 5,100 K 5432 Intuit Update Service Intuit Inc. (Verified) Intuit
audiodg.exe 0.01 16,844 K 16,980 K 1328 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
SMSvcHost.exe 0.01 36,460 K 24,140 K 3400 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.01 4,396 K 5,972 K 2636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
snmptrap.exe < 0.01 1,352 K 4,096 K 5724 SNMP Trap Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,804 K 7,076 K 2128 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 1,464 K 4,856 K 5956 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,532 K 6,860 K 552 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,304 K 4,224 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
wbengine.exe 1,588 K 5,572 K 3076 Microsoft® Block Level Backup Engine Service EXE Microsoft Corporation (Verified) Microsoft Windows
vds.exe 1,384 K 5,032 K 2260 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,432 K 4,988 K 2984 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UI0Detect.exe 2,116 K 6,692 K 5732 Interactive services detection Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 8,348 K 10,540 K 3420 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,640 K 5,196 K 3620 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,692 K 5,296 K 4816 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,500 K 4,524 K 3684 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 37,148 K 34,300 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 740 K 2,420 K 3188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,408 K 4,284 K 2140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,264 K 9,736 K 2536 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,128 K 5,512 K 4912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,620 K 5,228 K 3032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,604 K 4,528 K 1876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,188 K 7,744 K 1636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,284 K 4,312 K 2184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,100 K 3,264 K 2404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,240 K 4,036 K 2948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,248 K 4,228 K 3056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sppsvc.exe 2,312 K 8,104 K 4304 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,120 K 14,624 K 1832 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 1,048 K 844 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 1,508 K 4,580 K 4208 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
rndlresolversvc.exe 1,092 K 3,868 K 2828 (Verified) RealNetworks
realsched.exe 1,824 K 488 K 4360 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
RAVCpl64.exe 10,416 K 11,356 K 3880 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PSUAService.exe 5,936 K 6,828 K 2808 PSUAService Panda Security, S.L. (Verified) Panda Security S.L
procexp.exe 2,348 K 7,456 K 3200 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PLFSetI.exe 1,776 K 6,852 K 3900 DefaultSettingEXE MFC Application (No signature was present in the subject)
perfhost.exe 648 K 2,424 K 2700 x86 Performance Counter Host Microsoft Corporation (Verified) Microsoft Windows
OSE.EXE 1,024 K 2,852 K 5692 Office Source Engine Microsoft Corporation (Verified) Microsoft Corporation
ODDPWRSvc.exe 1,816 K 6,156 K 2560 ODDPwr service Acer Incorporated (Verified) Acer Incorporated
ODDPWR.exe 1,776 K 5,836 K 3960 ODDPWR Acer Incorporated (Verified) Acer Incorporated
msiexec.exe 1,824 K 5,692 K 2472 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
msdtc.exe 3,480 K 7,556 K 2448 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,704 K 5,076 K 2112 Bonjour Service Apple Inc. (Verified) Apple Inc.
Locator.exe 584 K 1,888 K 2864 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 1,068 K 4,268 K 4372 Java™ Update Scheduler Sun Microsystems, Inc. (Verified) Oracle America
ipoint.exe 8,276 K 16,336 K 3988 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
igfxtray.exe 1,840 K 5,840 K 4056 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxsrvc.exe 1,728 K 5,684 K 4020 igfxsrvc Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
igfxpers.exe 1,632 K 5,708 K 3936 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
IDriverT.exe 2,788 K 8,716 K 2340 IDriverT Module Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
IAANTmon.exe 1,948 K 5,904 K 5240 RAID Monitor Intel Corporation (Verified) Intel Corporation
hkcmd.exe 1,756 K 5,784 K 3164 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
GoogleUpdate.exe 1,856 K 696 K 5140 Google Installer Google Inc. (Verified) Google Inc
dllhost.exe 7,460 K 11,232 K 2872 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2,204 K 6,772 K 4564 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ClearStick64.exe 1,092 K 3,852 K 4404 (No signature was present in the subject)
BingDesktopUpdater.exe 1,212 K 3,984 K 2084 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
aspnet_state.exe 2,016 K 5,320 K 1220 Microsoft ASP.NET State Server Microsoft Corporation (Verified) Microsoft Corporation
armsvc.exe 1,176 K 3,844 K 1320 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,264 K 4,564 K 1784 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
  • 0

#29
RKinner
Posted 18 April 2013 - 05:52 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Looking better for the battery since it is now worse than without it.
Run msconfig

(See: http://www.netsquirr...onfig_win7.html)

Under Startup, uncheck everything and Apply. Under Services, uncheck everything and Apply. Reboot. Minimize msconfig when it comes up. Run Process Explorer and make a new log. You may have to go back into msconfig and check Normal Startup and reboot in order to get back on line.

If using msconfig gives us a much higher System Idle then something you unchecked is the culprit. Go back in and try it with half of the services checked and see if the problem returns. The idea is to isolate it down to single process. Tedious I know but we don't have any really good way to do this.
  • 0

#30
karenM5757
Posted 21 April 2013 - 12:37 AM

karenM5757

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
im lost a bit, this is all start up dsabled then ran proexp here it is.
battery us still out, do i put it back yet?
now what next?

thank you my friend


Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 38.38 0 K 24 K 0
procexp64.exe 43.14 26,940 K 48,356 K 4920 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts 3.62 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 10.62 49,344 K 27,672 K 3148 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.34 35,224 K 49,296 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.90 11,516 K 15,288 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1.57 1,792 K 9,044 K 484 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
System 0.83 228 K 5,368 K 4
explorer.exe 0.32 31,084 K 50,948 K 3176 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,684 K 10,456 K 572 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 0.06 2,028 K 6,884 K 4224 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.13 8,920 K 17,264 K 1480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,208 K 8,124 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 2,180 K 4,960 K 980 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,032 K 9,092 K 896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.03 6,804 K 11,192 K 2304 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 34,512 K 9,804 K 2780 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 10,828 K 19,528 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PSANHost.exe 0.01 58,164 K 23,776 K 2520 Application Host Service Panda Security, S.L. (Verified) Panda Security S.L
svchost.exe 15,168 K 17,684 K 1356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 36,728 K 26,408 K 3500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SMSvcHost.exe < 0.01 34,432 K 24,104 K 3604 SMSvcHost.exe Microsoft Corporation (Verified) Microsoft Corporation
IntuitUpdateService.exe < 0.01 21,744 K 5,488 K 4744 Intuit Update Service Intuit Inc. (Verified) Intuit
svchost.exe 0.01 4,416 K 5,856 K 2660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 75,072 K 85,332 K 1144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,076 K 19,268 K 1744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
msdtc.exe 3,412 K 7,472 K 2460 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows
ODDPWRSvc.exe 1,648 K 5,320 K 2572 ODDPwr service Acer Incorporated (Verified) Acer Incorporated
IDriverT.exe 2,788 K 8,736 K 2372 IDriverT Module Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
WmiPrvSE.exe 2,664 K 6,528 K 4008 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 1,472 K 4,868 K 4620 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,524 K 6,856 K 552 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,292 K 4,220 K 476 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
wbengine.exe 1,592 K 5,584 K 3300 Microsoft® Block Level Backup Engine Service EXE Microsoft Corporation (Verified) Microsoft Windows
vds.exe 1,364 K 5,024 K 3080 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows
UI0Detect.exe 2,108 K 6,688 K 2540 Interactive services detection Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,624 K 5,260 K 1132 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,444 K 4,540 K 3632 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,624 K 5,240 K 3416 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 22,032 K 23,644 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,280 K 4,308 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,116 K 5,496 K 1052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,240 K 4,016 K 2952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,176 K 9,616 K 3168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,232 K 4,204 K 2296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,180 K 7,740 K 1212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,332 K 5,492 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 744 K 2,420 K 3480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,400 K 4,268 K 2132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,636 K 5,220 K 1428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,084 K 3,252 K 2424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sppsvc.exe 2,400 K 8,208 K 4016 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,012 K 14,508 K 1836 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
snmptrap.exe 1,340 K 4,108 K 4292 SNMP Trap Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 1,044 K 844 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 1,496 K 4,624 K 4376 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
rndlresolversvc.exe 1,084 K 3,868 K 2864 (Verified) RealNetworks
PSUAService.exe 5,852 K 1,508 K 2828 PSUAService Panda Security, S.L. (Verified) Panda Security S.L
procexp.exe 2,344 K 7,536 K 4780 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
perfhost.exe 640 K 2,412 K 2740 x86 Performance Counter Host Microsoft Corporation (Verified) Microsoft Windows
OSE.EXE 1,056 K 2,908 K 1920 Office Source Engine Microsoft Corporation (Verified) Microsoft Corporation
msiexec.exe 1,808 K 5,664 K 2496 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,628 K 5,028 K 2104 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2,200 K 4,016 K 588 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 4,640 K 12,244 K 580 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
Locator.exe 584 K 1,892 K 2904 Rpc Locator Microsoft Corporation (Verified) Microsoft Windows
IAANTmon.exe 1,992 K 5,932 K 4416 RAID Monitor Intel Corporation (Verified) Intel Corporation
GoogleUpdate.exe 1,932 K 1,388 K 4476 Google Installer Google Inc. (Verified) Google Inc
dllhost.exe 2,144 K 6,764 K 4288 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 9,492 K 13,256 K 4996 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
BingDesktopUpdater.exe 1,220 K 3,980 K 2064 Bing Desktop updating service Microsoft Corp. (Verified) Microsoft Corporation
audiodg.exe 16,688 K 16,892 K 1328 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
aspnet_state.exe 2,012 K 5,292 K 1772 Microsoft ASP.NET State Server Microsoft Corporation (Verified) Microsoft Corporation
armsvc.exe 1,176 K 3,836 K 1252 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,260 K 4,548 K 1640 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP