Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Volume Dirty, computer restart, chkdsk finds nothing wrong


  • Please log in to reply

#1
Olisellana

Olisellana

    Member

  • Member
  • PipPip
  • 14 posts
Problem with a computer that a friend gave me. I would like to get it running like a champ again :D. so I have this issue that when I start windows, it will state that volume is dirty, I then run chkdsk by opening cmd prompt, type chkdsk c: /f /r then tell it to scan on next restart. Then I reset the computer. Chkdsk reports nothing is wrong with the drive. Therefore, I start windows back up. After the restart I do an inquire of dirty on c: and results are great. However, I will start running programs and such and some programs that I open up states that the volume is dirty and the application can't run.

I have a TB HDD with 2 partitions. one is for storage and the other is for Windows 8 operating system. Any help with this issue would be most appreciated. I am almost to the point of reformat or going to buy a new HDD but I figured why not let the professionals here try to see if they can fix it without spending a lot of money. OTL scan is below. I don't have Windows 8 CD so I would have to go and buy a copy to reformat and that is expensive as well. If there is any programs or anything that you see I shouldn't have please have them removed as well. Thank you so much for your time.

OTL logfile created on: 4/22/2013 10:26:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christopher\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

12.00 Gb Total Physical Memory | 9.48 Gb Available Physical Memory | 79.03% Memory free
24.00 Gb Paging File | 20.98 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.05 Gb Total Space | 50.08 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive E: | 831.11 Gb Total Space | 773.47 Gb Free Space | 93.07% Space Free | Partition Type: exFAT
Drive K: | 1.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: CHRIS-PC | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/22 10:26:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Downloads\OTL.exe
PRC - [2013/04/21 22:26:43 | 004,295,312 | ---- | M] (H.D.S. Hungary) -- C:\Program Files (x86)\DEKSI Hard Disk Manager\hdsentinel.exe
PRC - [2013/04/11 08:28:08 | 002,730,784 | ---- | M] (Conduit) -- C:\Users\Christopher\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/04/09 02:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/04/05 13:25:26 | 004,688,896 | ---- | M] () -- C:\Program Files (x86)\VodBurner\vodburner.exe
PRC - [2013/04/04 16:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/03/30 10:20:01 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/02/28 14:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/02/26 01:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 02:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 02:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 02:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 02:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 02:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 02:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/04/05 13:25:26 | 004,688,896 | ---- | M] () -- C:\Program Files (x86)\VodBurner\vodburner.exe
MOD - [2013/03/29 09:17:06 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2013/03/13 14:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 17:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/28 14:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2013/02/02 02:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 19:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 17:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 22:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 03:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 00:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 00:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 21:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/02/26 01:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/02 04:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 04:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 04:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/21 09:32:54 | 002,477,840 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/02/18 10:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/02/02 05:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 01:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/28 19:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 17:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/08 02:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 02:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 01:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 01:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 01:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 01:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 01:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/25 20:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/25 20:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/02 08:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2009/07/31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WRfiltv.sys -- (WRfiltv)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wdcsam64.sys -- (WDC_SAM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-0025228E51B1}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...8A-BA49DA2D35E1
IE - HKCU\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-0025228E51B1}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/04/07 22:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/07 22:06:04 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...=CT3289847&UM=2
CHR - default_search_provider: suggest_url = http://suggest.searc...4526500111&UM=2
CHR - homepage: http://search.condui...4526500111&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Docs = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: WhiteSmoke New = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.15.2.523_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Utopia Detailed Menu = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbgibkggekkelfmddlplmhhlfhjdikk\1.1_0\
CHR - Extension: Google Docs = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: WhiteSmoke New = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.15.2.523_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Utopia Detailed Menu = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbgibkggekkelfmddlplmhhlfhjdikk\1.1_0\

O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WhiteSmoke New Toolbar) - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Christopher\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Utopia Angel] C:\Utopia\Angel\Angel.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Christopher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FE8985F-0E72-4E67-B004-D87C051D1BC0}: DhcpNameServer = 24.220.0.10 24.220.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B41D6C61-D0F8-4884-A619-B837912CCB0F}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1a616e9e-96e1-11e2-be66-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1a616e9e-96e1-11e2-be66-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{b6d3ffd4-9a29-11e2-be6f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{b6d3ffd4-9a29-11e2-be6f-0025228e51b1}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{f9d7e418-a86a-11e2-be8f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d7e418-a86a-11e2-be8f-0025228e51b1}\Shell\AutoRun\command - "" = "D:\MotoCastSetup.exe" -a
O33 - MountPoints2\{f9d7e448-a86a-11e2-be8f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d7e448-a86a-11e2-be8f-0025228e51b1}\Shell\AutoRun\command - "" = "N:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/22 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Malwarebytes
[2013/04/22 10:15:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/22 10:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/22 10:15:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/22 10:15:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/21 22:57:33 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\VodBurner
[2013/04/21 22:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VodBurner
[2013/04/21 22:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VodBurner
[2013/04/21 22:28:25 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Hard Disk Sentinel
[2013/04/21 22:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEKSI Hard Disk Manager
[2013/04/21 22:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DEKSI Hard Disk Manager
[2013/04/21 22:23:13 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\SwvUpdater
[2013/04/21 22:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/04/21 22:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_New
[2013/04/21 22:22:56 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Conduit
[2013/04/21 22:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/04/21 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\SearchProtect
[2013/04/21 22:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flobo Hard Disk Repair
[2013/04/21 22:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flobo Hard Disk Repair
[2013/04/21 22:22:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\CRE
[2013/04/21 21:33:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\language
[2013/04/21 14:20:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2013/04/21 14:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2013/04/21 14:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/04/20 23:26:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\HonorbuddyMeshes
[2013/04/20 23:09:47 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\TSVNCache
[2013/04/20 22:49:28 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Curse Advertising
[2013/04/20 22:38:44 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\TortoiseSVN
[2013/04/20 22:38:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Subversion
[2013/04/20 22:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
[2013/04/20 22:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
[2013/04/20 22:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
[2013/04/20 22:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2013/04/20 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2013/04/20 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Deployment
[2013/04/20 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Apps
[2013/04/20 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/04/20 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/04/20 22:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/04/20 22:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/04/20 21:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLeft 3
[2013/04/20 21:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeLeft3
[2013/04/20 21:06:49 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\NesterSoft
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013/04/20 20:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/04/18 15:06:26 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Yahoo!
[2013/04/18 14:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2013/04/18 14:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/04/18 14:51:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013/04/10 06:41:08 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\mIRC
[2013/04/10 06:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013/04/10 06:41:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2013/04/07 22:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/04/07 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Programs
[2013/04/07 22:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2013/04/06 19:33:12 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My Cheat Tables
[2013/04/06 19:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013/04/06 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2013/04/01 21:37:18 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\Pictures
[2013/03/31 21:54:54 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Dropbox
[2013/03/31 21:53:53 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/03/31 21:52:04 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2013/03/31 14:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest
[2013/03/31 14:36:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\temp
[2013/03/31 14:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PassMark
[2013/03/31 14:36:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\PassMark
[2013/03/31 14:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\BurnInTest
[2013/03/31 14:31:55 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\NVIDIA
[2013/03/31 14:31:36 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\JAM Software
[2013/03/31 14:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
[2013/03/31 14:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JAM Software
[2013/03/31 13:49:36 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\ImgBurn
[2013/03/31 13:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/03/31 13:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/03/31 13:34:59 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2013/03/31 13:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013/03/31 13:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/31 13:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/31 13:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/31 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Google
[2013/03/31 13:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/31 12:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2013/03/31 12:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013/03/31 12:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013/03/30 12:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/30 12:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/30 12:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/30 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/03/30 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2013/03/30 10:20:22 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My RoboForm Data
[2013/03/30 10:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2013/03/27 12:04:55 | 000,106,496 | ---- | C] (windowsforum.kr) -- C:\Windows\SysNative\SLCHook.dll
[2013/03/27 12:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/27 09:33:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/03/27 08:20:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/27 08:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utopia Angel
[2013/03/27 08:15:45 | 000,000,000 | ---D | C] -- C:\Utopia
[2013/03/27 08:08:38 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\uTorrent
[2013/03/27 08:06:18 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Macromedia
[2013/03/27 08:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/03/27 08:04:41 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/03/27 08:04:41 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/03/27 08:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/27 08:04:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/03/27 08:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Searches
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/27 07:59:42 | 000,000,000 | -H-D | C] -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/27 07:59:39 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Adobe
[2013/03/27 07:59:38 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Contacts
[2013/03/27 07:59:02 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2013/03/27 07:58:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\VirtualStore
[2013/03/27 07:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013/03/27 07:58:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Packages
[2013/03/27 07:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/27 07:58:27 | 000,000,000 | --SD | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Videos
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Saved Games
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Pictures
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Music
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Links
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Favorites
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Downloads
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Documents
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Desktop
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\Temporary Internet Files
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Templates
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Start Menu
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\SendTo
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Recent
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\PrintHood
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\NetHood
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Videos
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Pictures
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Music
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\My Documents
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Local Settings
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\History
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Cookies
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Application Data
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\Application Data
[2013/03/27 07:58:27 | 000,000,000 | -H-D | C] -- C:\Users\Christopher\AppData
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Temp
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Microsoft
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/27 07:23:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/03/27 07:21:11 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/27 07:20:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2013/04/22 10:29:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/22 10:15:53 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 10:04:27 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/22 10:04:27 | 000,718,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/22 10:04:27 | 000,132,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/22 10:02:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/22 10:01:44 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013/04/22 10:01:09 | 000,000,048 | ---- | M] () -- C:\Users\Christopher\Documents\dovodprep.bat
[2013/04/22 10:00:51 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/22 10:00:12 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/04/22 10:00:04 | 828,441,511 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/22 10:00:01 | 1717,346,302 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/21 22:24:46 | 000,001,048 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:24:46 | 000,001,024 | ---- | M] () -- C:\Users\Christopher\Desktop\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:23:08 | 000,000,009 | ---- | M] () -- C:\END
[2013/04/21 22:22:35 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Flobo Hard Disk Repair.lnk
[2013/04/21 21:33:55 | 000,655,872 | ---- | M] () -- C:\Users\Christopher\Desktop\checkDisk.exe
[2013/04/21 14:20:48 | 000,000,909 | ---- | M] () -- C:\Users\Christopher\Desktop\Ventrilo.lnk
[2013/04/21 14:20:48 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/04/21 07:46:55 | 000,000,810 | ---- | M] () -- C:\Users\Christopher\Desktop\Honorbuddy - Shortcut.lnk
[2013/04/21 07:46:41 | 000,000,822 | ---- | M] () -- C:\Users\Christopher\Desktop\Wow - Shortcut.lnk
[2013/04/20 22:24:07 | 000,000,000 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013/04/20 22:24:01 | 000,000,318 | ---- | M] () -- C:\Users\Christopher\Desktop\Curse Client.appref-ms
[2013/04/20 21:06:50 | 000,001,046 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk
[2013/04/20 21:06:50 | 000,001,010 | ---- | M] () -- C:\Users\Christopher\Desktop\TimeLeft.lnk
[2013/04/18 14:58:36 | 000,281,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/18 14:52:57 | 000,001,157 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/04/18 14:52:57 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/04/10 06:41:08 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/04/10 01:29:13 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/06 19:33:09 | 000,001,081 | ---- | M] () -- C:\Users\Christopher\Desktop\Cheat Engine.lnk
[2013/04/06 07:16:28 | 000,001,055 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/06 07:16:06 | 000,001,035 | ---- | M] () -- C:\Users\Christopher\Desktop\Dropbox.lnk
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/31 14:36:29 | 000,000,795 | ---- | M] () -- C:\Users\Christopher\Desktop\BurnInTest.lnk
[2013/03/31 13:44:29 | 001,193,984 | ---- | M] () -- C:\Users\Christopher\Desktop\Memtest86-4.2.0.iso
[2013/03/31 13:43:39 | 000,001,885 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/03/31 13:43:39 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/31 13:33:56 | 000,000,816 | ---- | M] () -- C:\Users\Christopher\Desktop\033113-17484-01.dmp - Shortcut.lnk
[2013/03/31 13:24:31 | 000,002,275 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/31 13:19:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/31 12:03:07 | 000,002,140 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2013/03/31 12:00:25 | 000,001,098 | ---- | M] () -- C:\Users\Christopher\Desktop\EVEREST Home Edition.lnk
[2013/03/27 12:04:24 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/03/27 08:15:49 | 000,000,705 | ---- | M] () -- C:\Users\Christopher\Desktop\Utopia Angel.lnk
[2013/03/27 08:09:18 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013/03/27 08:09:18 | 000,000,837 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/03/27 08:05:31 | 000,001,420 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/27 07:22:17 | 000,040,858 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/27 07:22:17 | 000,040,858 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/27 07:21:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf

========== Files Created - No Company Name ==========

[2013/04/22 10:15:53 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 10:00:04 | 828,441,511 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/04/21 22:57:03 | 000,000,048 | ---- | C] () -- C:\Users\Christopher\Documents\dovodprep.bat
[2013/04/21 22:24:46 | 000,001,048 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:24:46 | 000,001,024 | ---- | C] () -- C:\Users\Christopher\Desktop\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:23:14 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2013/04/21 22:22:35 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Flobo Hard Disk Repair.lnk
[2013/04/21 22:22:15 | 000,000,009 | ---- | C] () -- C:\END
[2013/04/21 14:20:48 | 000,000,909 | ---- | C] () -- C:\Users\Christopher\Desktop\Ventrilo.lnk
[2013/04/21 14:20:47 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/04/21 07:46:55 | 000,000,810 | ---- | C] () -- C:\Users\Christopher\Desktop\Honorbuddy - Shortcut.lnk
[2013/04/21 07:46:41 | 000,000,822 | ---- | C] () -- C:\Users\Christopher\Desktop\Wow - Shortcut.lnk
[2013/04/20 22:24:07 | 000,000,000 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013/04/20 22:24:01 | 000,000,318 | ---- | C] () -- C:\Users\Christopher\Desktop\Curse Client.appref-ms
[2013/04/20 21:06:50 | 000,001,046 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk
[2013/04/20 21:06:50 | 000,001,010 | ---- | C] () -- C:\Users\Christopher\Desktop\TimeLeft.lnk
[2013/04/18 14:58:21 | 000,281,088 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/18 14:52:57 | 000,001,157 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/04/18 14:52:57 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/04/12 06:46:15 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/04/10 06:41:08 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/04/06 19:33:09 | 000,001,081 | ---- | C] () -- C:\Users\Christopher\Desktop\Cheat Engine.lnk
[2013/03/31 21:54:54 | 000,001,035 | ---- | C] () -- C:\Users\Christopher\Desktop\Dropbox.lnk
[2013/03/31 21:54:17 | 000,001,055 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/31 14:36:29 | 000,000,795 | ---- | C] () -- C:\Users\Christopher\Desktop\BurnInTest.lnk
[2013/03/31 13:43:39 | 000,001,885 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/03/31 13:43:39 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/31 13:43:38 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/03/31 13:33:56 | 000,000,816 | ---- | C] () -- C:\Users\Christopher\Desktop\033113-17484-01.dmp - Shortcut.lnk
[2013/03/31 13:19:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/31 13:19:29 | 000,002,275 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/31 13:19:29 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/31 13:19:05 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/31 13:19:04 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/31 12:12:44 | 000,000,291 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
[2013/03/31 12:03:07 | 000,002,140 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2013/03/31 12:00:25 | 000,001,098 | ---- | C] () -- C:\Users\Christopher\Desktop\EVEREST Home Edition.lnk
[2013/03/28 10:59:36 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013/03/28 10:59:36 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/03/27 12:04:24 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/03/27 08:15:49 | 000,000,705 | ---- | C] () -- C:\Users\Christopher\Desktop\Utopia Angel.lnk
[2013/03/27 08:09:18 | 000,000,887 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013/03/27 08:09:18 | 000,000,837 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/03/27 08:05:31 | 000,001,420 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/27 08:05:03 | 002,953,448 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/03/27 07:59:39 | 000,001,426 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/27 07:58:27 | 000,000,352 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/27 07:58:27 | 000,000,334 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/27 07:22:57 | 1717,346,302 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/27 07:21:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/03/27 07:20:42 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012/07/26 02:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 02:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 01:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 19:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 14:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 14:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 08:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/01 20:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/02 02:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/20 22:50:07 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Curse Advertising
[2013/04/22 10:01:42 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2013/04/21 22:28:26 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Hard Disk Sentinel
[2013/03/31 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\ImgBurn
[2013/03/31 14:31:36 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\JAM Software
[2013/04/20 21:06:49 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\NesterSoft
[2013/04/21 22:28:06 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\SearchProtect
[2013/04/20 22:38:32 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Subversion
[2013/04/22 10:01:12 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 4/22/2013 10:26:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christopher\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

12.00 Gb Total Physical Memory | 9.48 Gb Available Physical Memory | 79.03% Memory free
24.00 Gb Paging File | 20.98 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.05 Gb Total Space | 50.08 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive E: | 831.11 Gb Total Space | 773.47 Gb Free Space | 93.07% Space Free | Partition Type: exFAT
Drive K: | 1.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: CHRIS-PC | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051624E6-93D1-4069-84E3-87509F44E103}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{0AFE21DF-A598-441F-A371-CEEF381CD926}" = lport=137 | protocol=17 | dir=in | app=system |
"{0BDA22E7-95DC-4686-941B-3BF03EDB0A46}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{246CCC9F-891A-45D9-B44C-91368EFA2BE9}" = lport=139 | protocol=6 | dir=in | app=system |
"{397FDC99-17FA-454D-9F87-41F35A4F322F}" = lport=445 | protocol=6 | dir=in | app=system |
"{3B375130-4043-4206-9A8C-20A456FF5337}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BECB604-A34F-43FC-A631-8CCC3AC6E98D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46CAE24C-3623-4EED-999D-B2A197A90FE8}" = lport=138 | protocol=17 | dir=in | app=system |
"{54522BDE-A65B-4FCF-8B5B-879368BF0A1C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EABEFDB-A124-418D-856D-96281BAE2105}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{607A196A-5E56-4ECC-B073-659B364026A3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76EA88C9-11B5-427D-BDBC-1F256A298CFA}" = rport=137 | protocol=17 | dir=out | app=system |
"{78BE801B-6BE0-4FEF-B82D-4DCBC83CA6DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{7ABD3A3D-4D62-44E7-9922-C515E66A3850}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A127177-FB02-42EE-8E90-DE8278CDF493}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AFB72F5-BE95-426D-9D40-751D9EF44BD2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD6712B4-0676-4102-9164-A8E9A1E5DBB8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B7407B64-BF99-4A21-BDAC-D9179938F4D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2AE211D-9BC8-432E-84FF-FF394B89FB37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CDF4717E-1FAC-4D12-91D9-CACC47FC9554}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D6B66914-9BDB-45E0-9468-E7D57ABEFEA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7A8F090-A93D-40FD-98B0-C249666EF872}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB3C8841-E970-42B1-A077-E1362E7FD4F3}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F087B56-AE00-4241-8404-9FB9CDBB6D3F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{1117C19E-0588-460B-8278-CE4B0844182B}" = dir=out | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{127F506A-AB05-4838-BF6D-3238763F188F}" = protocol=1 | dir=in | [email protected],-28543 |
"{1395B151-29FB-4A90-990F-188FDEE08A49}" = dir=out | [email protected]{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1606D576-3D5D-45CD-A6B6-8AE1C6482EB2}" = dir=out | name=onenote |
"{20161677-05AB-4C17-8304-B6704A3FA636}" = protocol=58 | dir=in | [email protected],-28545 |
"{202D2202-67D4-493B-8891-CD8BBED1B765}" = dir=out | [email protected]{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{2627BA6C-8F71-4348-BC53-7F4431D29D0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E5A2C84-99FC-423D-BAB8-3F18B006BE50}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{2FF41ED3-F267-4664-BEFC-22CDD0E2C2FC}" = protocol=6 | dir=in | app=c:\users\christopher\appdata\roaming\dropbox\bin\dropbox.exe |
"{38F11C2C-1F2B-4A88-AB8F-86F836B10783}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B03B3B4-1B7F-481B-AF67-791368DEC2D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B681FFF-5074-4AE3-9571-9D02576E8ABD}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3EDE865C-BAE8-4881-9F97-092434088584}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{42B787EC-8971-4CE5-8479-8F0C025CC58C}" = protocol=58 | dir=out | [email protected],-503 |
"{43DB6442-1B6F-4647-A768-1CB8EA8E2B54}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4460199B-7513-4329-817E-F6C31E72FC76}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4AF4FB62-9F54-4A43-AE6C-585BDD80AC80}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4DC740EB-9B62-4CD5-A4F4-232299EEE7F2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{513D599E-3FD2-4DFD-8735-A03D6B5FA9D3}" = protocol=17 | dir=in | app=c:\users\christopher\appdata\roaming\dropbox\bin\dropbox.exe |
"{5F066822-F7E5-48A5-910D-329F82FB15EA}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{60B3F4D3-2795-40C1-BBA7-08DE42DC68FA}" = dir=out | [email protected]{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{6110C2E9-3762-49C8-8BED-B7ACFA075165}" = dir=out | [email protected]{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{6619FDE4-1085-47B3-99D6-82571FD06A91}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{663F39AF-D765-4344-8CF4-4B5415D51040}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68292E15-C08B-4308-A936-A759174EC27E}" = dir=in | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6A2F7E05-B1C2-48BE-8B48-C179E4FB9E99}" = dir=in | [email protected]{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{75B7C0B7-4DBB-40E6-9783-183FBC87105D}" = protocol=58 | dir=in | app=system |
"{7BAD482F-D931-43A4-A145-6AA974F04AD3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{92804AF9-6A4C-4839-85DF-880033B5E2C2}" = dir=out | [email protected]{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{956EBAF7-FBB0-47C1-93A0-E80B86DB1323}" = dir=out | [email protected]{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{9649EEA1-7701-4C57-9083-E540F107001D}" = dir=out | [email protected]{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{97571A74-891E-4F6B-AD6A-578230695016}" = protocol=1 | dir=out | [email protected],-28544 |
"{98BB9E63-F848-409D-B21E-3D783728D46A}" = dir=out | name=netflix |
"{AD47E8BA-6B4C-471F-8FF9-7FDCCAC04E28}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B114234E-AC81-4301-98FA-9F5AF5AA6BC5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{B151ACDF-7DF3-4697-8104-6BAD1C01348F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B723DBEF-4B2F-4FFC-8695-C0D10193D010}" = protocol=6 | dir=in | app=c:\users\christopher\appdata\roaming\utorrent\utorrent.exe |
"{BC4CF58C-DC3E-4A45-B94F-B009E06C597A}" = dir=in | name=onenote |
"{BCB5F2C1-FA5A-4B4A-B42A-9F632646384D}" = dir=out | [email protected]{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{BEBF3187-A15C-42F8-9AA6-797CE84E9A8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BED3B9ED-8E49-4E5B-A067-01E9CA94E0CD}" = dir=out | [email protected]{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C8276065-C0B4-4E8E-AD6F-39CA3B5046C0}" = protocol=17 | dir=in | app=c:\users\christopher\appdata\roaming\utorrent\utorrent.exe |
"{D312AD41-3687-41C3-9681-970DA950CF0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3637233-068F-410F-B168-55CDC3274320}" = dir=out | [email protected]{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{D9BA4E17-CFA3-4DB5-9039-9DBC07D8E9A5}" = dir=out | [email protected]{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E471C721-EE05-4DB9-B051-3B112FA5B30B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E51ECF7D-88E1-4EC3-87B5-C9380408FF9A}" = protocol=58 | dir=out | [email protected],-28546 |
"{E6F03CC4-F96D-4045-B11B-559F542A386E}" = dir=out | [email protected]{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9217C9B-117A-4D40-9C48-4F3E57CD87F5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E94D8271-4D50-4CAA-A4BD-4FFDD4D1C3F3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{EA8A7C6A-82BD-44C4-B727-4C1E3F78FAD4}" = protocol=6 | dir=out | app=system |
"{EEC72B1A-3F25-417C-BE07-339A0275686C}" = dir=in | [email protected]{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{EEFC4BEA-D790-4CE7-932F-872C25B6EAF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{EF6EC872-F928-412B-BB44-0BDE0B437CAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0FA5527-E279-4C4C-8F80-11CAA8C954B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBC4932B-42A8-47D3-9509-44B9CAB63310}" = dir=out | name=toolbox for windows 8 |
"{FD6AAA4E-E0F3-4967-8DF6-52E6768AC25F}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{FDEBD910-D7AE-482E-83B3-BB0E368D802A}" = dir=out | name=gethired |
"TCP Query User{7C82905F-CF98-415D-AC28-996994095AF4}E:\honorbuddy\honorbuddy.exe" = protocol=6 | dir=in | app=e:\honorbuddy\honorbuddy.exe |
"TCP Query User{A1BA9AC9-A4AE-49AE-8E65-0D137CF56744}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{D8D88AAF-37D2-4C59-B357-83C861D80866}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{2648989E-DEA6-41C9-B48E-1E1B3152569C}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{6D39492A-7B90-4EC1-BB4A-9CB326F30F56}E:\honorbuddy\honorbuddy.exe" = protocol=17 | dir=in | app=e:\honorbuddy\honorbuddy.exe |
"UDP Query User{C7A4DD81-8FF8-4288-A926-1969474FC8BA}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{B2DCF07D-0F89-4818-8B41-50DABC1A310D}" = TortoiseSVN 1.7.12.24070 (64 bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1" = Updater By SweetPacks 2.0.0.566
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E05549B-B52F-410E-845D-5498AAAE31BE}_is1" = Flobo Hard Disk Repair 4.1
"{656957B8-41DB-4E43-AAA1-B128C2213D50}" = VodBurner
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{80F3F10B-A177-4494-93CE-98090D819093}" = Internet Explorer Toolbar 4.7 by SweetPacks
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"AI RoboForm" = RoboForm 7-8-8-5 (All Users)
"Belarc Advisor" = Belarc Advisor 8.3
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DEKSI Hard Disk Manager_is1" = DEKSI Hard Disk Manager PRO
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Google Chrome" = Google Chrome
"HeavyLoad_is1" = HeavyLoad V3.2
"ImgBurn" = ImgBurn
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"mIRC" = mIRC
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SearchProtect" = Search Protect by conduit
"TIMELEFT3_is1" = TimeLeft
"uTorrent" = µTorrent
"WhiteSmoke_New Toolbar" = WhiteSmoke New Toolbar
"World of Warcraft" = World of Warcraft
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =

Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =

Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =

Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =

Error - 4/22/2013 9:42:47 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 4/22/2013 9:42:47 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000293f0 Faulting process
id: 0x808 Faulting application start time: 0x01ce3f5869a9e708 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: 8448931e-ab52-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:

Error - 4/22/2013 10:10:02 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 4/22/2013 10:10:03 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000e353f Faulting process
id: 0x3c Faulting application start time: 0x01ce3f5f4ce53088 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: 52da4417-ab56-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:

Error - 4/22/2013 11:32:33 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 4/22/2013 11:32:34 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000e353f Faulting process
id: 0x12dc Faulting application start time: 0x01ce3f63995c45d5 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: d9e5f876-ab61-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:

[ System Events ]
Error - 4/18/2013 4:45:36 PM | Computer Name = Chris-PC | Source = DCOM | ID = 10016
Description =

Error - 4/18/2013 4:58:41 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:50:43 PM on ?4/?18/?2013 was unexpected.

Error - 4/18/2013 4:58:49 PM | Computer Name = Chris-PC | Source = BugCheck | ID = 1001
Description =

Error - 4/19/2013 12:01:43 AM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:40:44 PM on ?4/?18/?2013 was unexpected.

Error - 4/21/2013 1:54:19 AM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:21:43 PM on ?4/?20/?2013 was unexpected.

Error - 4/21/2013 1:54:20 AM | Computer Name = CHRIS-PC | Source = BugCheck | ID = 1001
Description =

Error - 4/21/2013 4:53:45 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:34:19 PM on ?4/?21/?2013 was unexpected.

Error - 4/21/2013 4:53:46 PM | Computer Name = CHRIS-PC | Source = BugCheck | ID = 1001
Description =

Error - 4/22/2013 12:00:07 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:22:12 AM on ?4/?22/?2013 was unexpected.

Error - 4/22/2013 12:00:12 PM | Computer Name = Chris-PC | Source = BugCheck | ID = 1001
Description =


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
I don't see any obvious malware tho there is some adware.


Download the adwCleaner

  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option
    Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.

Also let's try Rogue Killer:

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
    Posted Image
  • Wait for the end of the scan.
  • Copy and paste RKreport.txt located on your desktop.

Have you checked the RAM? Bad RAM can cause the disk to get dirty fast.

http://www.sevenforu...stics-tool.html



Also there was a recent Windows update which causes a similar problem:

http://support.micro....com/kb/2839011

Ron
  • 0

#3
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
# AdwCleaner v2.300 - Logfile created 04/29/2013 at 19:41:26
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Ultimate (64 bits)
# User : Chris - CHRIS-PC
# Boot Mode : Normal
# Running from : C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y5GGIAB2\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [708 octets] - [29/04/2013 19:41:26]

########## EOF - C:\AdwCleaner[S1].txt - [767 octets] ##########
  • 0

#4
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Chris [Admin rights]
Mode : Scan -- Date : 04/29/2013 19:56:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] CurseClient.exe -- C:\Users\Chris\AppData\Local\Apps\2.0\R67AA5QW.AN2\6AEZXC9O.34W\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\CurseClient.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-00M2B0 ATA Device +++++
--- User ---
[MBR] 5f97d4c85c373765d9ba22387954c8ae
[BSP] 23c17ed714fa434f87e6f85eb4a076a2 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102300 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 209717248 | Size: 851466 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_04292013_02d1956.txt >>
RKreport[1]_S_04292013_02d1956.txt
  • 0

#5
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Also the Ram check and the windows update has been completed as well with no errors on the ram check and no more updates are available for download.
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).



Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does it finish without complaining?)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.




Ron
  • 0

#7
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
would you like all of these attached as text documents or added right into this space??
  • 0

#8
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
ESet Found no Threats

Esets Log

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c1a78551ff29f44cbd1d26e25d3dd453
# engine=13731
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-01 12:39:23
# local_time=2013-04-30 06:39:23 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 0 118912213 0 0
# scanned=173497
# found=0
# cleaned=0
# scan_time=2414


Bit Defender Log


QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Tue Apr 30 18:04:12 2013
Machine ID: 70463A72



No infection found.
-------------------



Processes
---------
Angel.exe 3028 Z:\Angel.exe
NVIDIA Update Components 2496 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
OnlineCmdLineScanner.exe 5596 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
Skype 2832 C:\Program Files (x86)\Skype\Phone\Skype.exe
Skype Click to Call 1924 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
Stereo Vision Control Panel API Server 820 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Windows® Internet Explorer 1656 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 2996 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 4536 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 5088 C:\Program Files (x86)\Internet Explorer\iexplore.exe
World of Warcraft 5316 Z:\World of Warcraft\Wow.exe


Network activity
----------------
Process iexplore.exe (1656) connected on port 80 (HTTP) --> 174.129.194.204
Process Skype.exe (2832) connected on port 1406 --> 77.93.41.62
Process Skype.exe (2832) connected on port 41704 --> 189.105.104.8
Process Skype.exe (2832) connected on port 59929 --> 177.134.46.249
Process Skype.exe (2832) connected on port 40005 --> 213.199.179.161
Process Skype.exe (2832) connected on port 12350 --> 91.190.216.60
Process Skype.exe (2832) connected on port 443 (HTTP over SSL) --> 65.55.71.153
Process iexplore.exe (4536) connected on port 80 (HTTP) --> 74.63.51.103
Process iexplore.exe (4536) connected on port 80 (HTTP) --> 74.63.51.103
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 23.61.175.139
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 74.125.225.5
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 74.125.225.5
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 74.125.225.109
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 66.235.143.118
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 74.125.225.122
Process iexplore.exe (5088) connected on port 80 (HTTP) --> 74.125.227.210
Process Wow.exe (5316) connected on port 1119 --> 12.129.206.130
Process Wow.exe (5316) connected on port 3724 (World of Warcraft) --> 206.18.98.205
Process Wow.exe (5316) connected on port 3724 (World of Warcraft) --> 206.18.98.204

Process Skype.exe (2832) listens on ports: 80 (HTTP), 443 (HTTP over SSL), 19018


Autoruns and critical files
---------------------------
Adobe® Flash® Player Update Service C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Angel.exe Z:\Angel.exe
Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe
Skype C:\Program Files (x86)\Skype\Phone\Skype.exe
(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


Browser plugins
---------------
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
Microsoft® CoReXT c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Silverlight Plug-In C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
Skype Click to Call c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
Windows Live Messenger Companion c:\program files (x86)\windows live\companion\companioncore.dll
Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Missing files
-------------
File not found: Z:\setup.exe
--> Z:\autorun.inf


Scan
----
MD5: cf39a105cd553eed31e2255aff4c6742 c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 3c4c6be926a2ef0293315bbc014e477f C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
MD5: b5c09d498274262ff39647f6fa17c1e9 C:\Program Files (x86)\ESET\ESET Online Scanner\esets_apiW_a.DLL
MD5: ce0d0b11986fd2c0247ae88a59b36a6e C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
MD5: 1c82bfa19154d658e62743b98216a3a6 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: b9497c5acaea521663bffbb321dd3afa c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
MD5: e0ff893763ba82baabb869a351f0c455 C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
MD5: fd31dff0cc05bd581c2db1bb6f7ffdce C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: b32ed424fd72ffa7554f23f125f2132d C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: e4f6125ed5185f8fa37cc4f449b85526 C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: b64f1232f6fbfb6ce7fc35e1259505c6 c:\Program Files (x86)\Microsoft Security Client\MpOAv.dll
MD5: 7c986d3ead437eab009303c69d5eb883 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\agcore.dll
MD5: a5c14075b571af1c9592595be724d9d2 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
MD5: d7eff0b98c370e03d7e2593399d9b669 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 75a1232eac640b782cdd2132b5271aa8 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: f18756d6c311dbc1a1942e5e1858abfe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MD5: 5a19667a580b1ce886eaf968b9743f45 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
MD5: 6f84ab0ae812055acba9aa1cd05ab242 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MD5: 4789e020d2617046862d1790fc235ff6 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
MD5: 7e4ad8220af0b281274f9785dd53e25c C:\Program Files (x86)\Skype\Phone\Skype.exe
MD5: 5fa9a7808f1ceca8e46dbf2ff81769d2 c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 7c15061cd0372487903b07b9bb03afad C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 8513a7bb078a669e75f2adc3fb007b24 c:\program files (x86)\windows live\companion\companioncore.dll
MD5: 28ddeeec44e988657b732cf404d504cb C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
MD5: c517e5ea7cee783f3681f62d2a362e5b C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: afb5b500ad69e24ed1bc15d1161641ef C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 2bacd71123f42cea603f4e205e1ae337 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: e07dec52ff801841ba9b6878a60304fb c:\Program Files\Microsoft Security Client\MsMpEng.exe
MD5: c6e15f2f95f9c0a6098d43510b604e52 c:\Program Files\Microsoft Security Client\NisSrv.exe
MD5: 729fa7b00bef4b345caa038f2a717794 C:\Program Files\TortoiseSVN\bin\intl3_tsvn32.dll
MD5: 7b5097d99bd4ac4f74f2dfc1cc4f43ae C:\Program Files\TortoiseSVN\bin\libapr_tsvn32.dll
MD5: 881e6974902fa89de717ef83b505f877 C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn32.dll
MD5: 284f740c2054633035ede28b948765a7 C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MD5: 848f99684fab7febdf97f0f131277ad1 C:\Program Files\TortoiseSVN\bin\libsvn_tsvn32.dll
MD5: d7a087b89cf6a16145f1470ee81c4692 C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
MD5: 630966a7b7514de75c6673fbae9dbca5 C:\Program Files\TortoiseSVN\bin\TortoiseSVN32.dll
MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 0c1b2e3a897397738d9f81cd3d152af0 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
MD5: b5b2896034d8adebd79e0c281b52508f C:\Windows\AppPatch\AcGenral.DLL
MD5: ec40544db5b5e096729a10792e8e7c71 C:\Windows\AppPatch\AcSpecfc.DLL
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 7812537eb7af2eaed650f06332a805fd C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: eb7ab4d04810406731fd34538e4b9a0c C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: e8a4bbdb754f4b02d435676e1da61625 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 502d593cb5380b28973367d02a561c2a C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 3df0a5319da331d41fedcd19e7943407 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: c6d2cbbf23f941a258e4c7acd91d2c54 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 10e6e57e9969d65a204144733350cbfc C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 679566981ad21a4a97b3ebdd02b90173 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: 9d0753e3338218a16db6064792d4a104 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: c0f480030d210e00d13ff5652de09bc4 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 2ef5989079a591fc8e0e1397ad0abccf C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 070a8322a99c9896359a688c0f641e91 C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 77c06a24bbff6910fa580deee7fa6860 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: b5f32e970c316f18a2d371b0c6462493 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 663ad6d905f8243f7128a5ff253cd539 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 9366615015ae89730b120dfff84d398c C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: d8d8aace7e4adb74a2b5bcc4752d4551 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 6aff6341541922e8926b5d075b1b826f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: dd96f6365b16e75a445f5799ef4c6e36 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: 26a6d505be05d3af660f810906907b8e C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 4c94752c2f167cd5f2311bccc37700ff C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: f947fa55cb0404f107c3b96023584003 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 48c4878254c6bfe8f1bd3e70ccbed090 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: bd329655c141263797405fc26a02a53b C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: d3e8f9b8c009eb158a7d3afb159f4eeb C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 2d7c3d32691bd5f77b02f404d56b3edb C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: 62c50b99d25813365fdeb39c43d9c655 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: 2f75b73974ad36cfe84f86f766ca9fa0 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: ca79539d3d4c0ba66f0f051a5ee5e923 C:\Windows\system32\cryptnet.dll
MD5: 96c0e38905cfd788313be8e11dae3f2f C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\cryptui.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 9ff8f684bacf326082e5562f7c104a79 C:\Windows\system32\d2d1.dll
MD5: 4ff3ec04cd47dd62181894b71b004e40 C:\Windows\system32\D3D10Level9.dll
MD5: b3170ccc779b682c3341873ea60cf084 C:\Windows\system32\D3D10Warp.dll
MD5: 7acdfb4cc67f4993df0e0731576309b2 C:\Windows\system32\d3d11.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\Windows\system32\dhcpcsvc6.DLL
MD5: 5e08ac958be05247ff1539e0d1ce7905 C:\Windows\system32\DINPUT8.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 4277f5164de9b7c665bb928b9145bee0 C:\Windows\system32\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e C:\Windows\system32\dxgi.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: 8a45166cd9874463ab76b552c9c2d3ad C:\Windows\system32\IEADVPACK.DLL
MD5: 0b6118058942961d504aaea04fecb116 C:\Windows\system32\IEFRAME.dll
MD5: 90f785f7594e3af23d4392677042be9a C:\Windows\system32\IEUI.dll
MD5: b96c13b5c85ac4240fe95de115945d59 C:\Windows\system32\ImgUtil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\IPHLPAPI.DLL
MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\Windows\system32\mapi32.dll
MD5: fdba1dec4f9be4274a00b9b850c63484 C:\Windows\system32\MF.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 7069aab8536f29ed7323140973a2894b C:\Windows\system32\msdmo.dll
MD5: d017bf8d92938eeb9b3a1d1c53fda152 C:\Windows\system32\MSHTML.dll
MD5: c28a634cf127da67d566b5e14d0a0170 C:\Windows\system32\MSHTMLMedia.dll
MD5: a6c29db53eca94fa8591c5388d604b82 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c225e5307d8d4982a1687f2702c37c78 C:\Windows\system32\msls31.dll
MD5: 87e71f2a83681f41b796ca685818ef2d C:\Windows\system32\MSRATING.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\system32\MSVCP100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\system32\MSVCR100.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 21d3a18769ec2c4e56756d04e989a221 C:\Windows\System32\msxml3.dll
MD5: eaadd6e47ed2a7003ace1793b98cf63f C:\Windows\System32\msxml6.dll
MD5: bf6d6ed5fadceee885bd0144ecf1ba27 C:\Windows\system32\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\system32\NETAPI32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\Windows\System32\nlaapi.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
MD5: b40cdf97c68469b744579665091b3ace C:\Windows\system32\nvapi.dll
MD5: 9f3ede1387f95653ba7ab7aced41f724 C:\Windows\system32\nvd3dum.dll
MD5: 546b6b441954b0b2da4e3ed904ac199f C:\Windows\system32\nvwgf2um.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\oleacc.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\olepro32.dll
MD5: 487f44b08efeaf5ad087878357b9403d C:\Windows\system32\pdh.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\SAMCLI.DLL
MD5: a42e7748be906434c5fd17161d168c20 C:\Windows\system32\SCHEDCLI.DLL
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: a113afeed3159a1ed52d78cb0226006d C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 4b9e4ce667df26ada061aa81e9aa841d C:\Windows\system32\SPFILEQ.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\Windows\system32\T2EMBED.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\Windows\system32\userinit.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: 3bcecd87ab4e6743bfb45b352ad1a529 C:\Windows\system32\windowscodecs.dll
MD5: 62a6eb5771580cae445804389f3f7432 C:\Windows\system32\windowscodecsext.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: 43c9cf6825cea58f1815b7c3dbbb385c C:\Windows\System32\Wpc.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\wtsapi32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\XmlLite.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
MD5: 60d21799a4af4edce65fb98830e4b0c8 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: c68fbbf01e86cb6cf0b797748fbd6c1a C:\Windows\SysWOW64\Dxtmsft.dll
MD5: defb55d4ff094673df31fa89a8a8a2f0 C:\Windows\SysWOW64\Dxtrans.dll
MD5: 64e211e0fdfce4d186df58bb7d0503bc C:\Windows\SysWOW64\gameux.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: 0f44172a5b34e8f208cd0f209edd4a73 C:\Windows\SysWOW64\ieapfltr.dll
MD5: 0b6118058942961d504aaea04fecb116 C:\Windows\SysWOW64\ieframe.dll
MD5: b5dec0d4cbbc333ca99fe10b06d4747e C:\Windows\syswow64\iertutil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\syswow64\imm32.dll
MD5: 9b59687619b27cda24638cdc3af079fb C:\Windows\SysWOW64\jscript9.dll
MD5: ac0b6f41882fc6ed186962d770ebf1d2 C:\Windows\syswow64\kernel32.dll
MD5: e954a79d6a754a5475582caced1565e6 C:\Windows\syswow64\KERNELBASE.dll
MD5: 9d8f3b5e2facdaf0183caa834aad7171 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_169.ocx
MD5: 479901c99fa62d1c3261b7acb1228dad C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: d017bf8d92938eeb9b3a1d1c53fda152 C:\Windows\SysWOW64\mshtml.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\SysWOW64\OLEACC.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: af78f66116814fdd6677cebd73035cdd C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\Windows\syswow64\shell32.DLL
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\shlwapi.DLL
MD5: bfb26890612fb8ae8b0463ebebe84b7e C:\Windows\syswow64\SspiCli.dll
MD5: 69cb1a65b835ee6adf9e16ed6d443072 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: b7230010d97787af3d25e4c82f2b06b9 C:\Windows\syswow64\USP10.dll
MD5: 96e0f0bed5d9ebabb899d8ca83c36a7e C:\Windows\SysWOW64\vbscript.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\SysWOW64\wer.dll
MD5: cfe0cee587f9cea4c29deec6d85fc91c C:\Windows\syswow64\WININET.dll
MD5: 17448af0bba9e7ab5ec955af93f271bd C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\SysWOW64\XmlLite.dll
MD5: 5ff5e12f28725d14caa3b408848adffc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\MSVCR80.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 7717f84f483002815490033bf069dabd C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll
MD5: 8edada3732badd1e1b5dbd229b27e08b Z:\Angel.exe
MD5: 008b4404e8e107cf0f93cc44631c88da Z:\World of Warcraft\Battle.net.dll
MD5: 4003e34416ebd25e4c115d49dc15e1a7 Z:\World of Warcraft\dbghelp.dll
MD5: 2807ed490cc3aa80a561ca85f3b22fa3 Z:\World of Warcraft\Wow.exe


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 0.75 KB recvd
Scanned 339 files and modules - 34 seconds

==============================================================================

VEW System Scan Log

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 30/04/2013 6:57:13 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/05/2013 12:52:56 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01#920321111113&1#.

Log: 'System' Date/Time: 01/05/2013 12:51:34 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

===========================================================================

VEW Application Log

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 30/04/2013 6:58:09 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 01/05/2013 12:54:24 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: f24 Start Time: 01ce46064ba1d72e Termination Time: 16 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id:

Log: 'Application' Date/Time: 01/05/2013 12:50:06 AM
Type: Error Category: 0
Event: 80 Source: SideBySide
Activation context generation failed for "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
========================================================================================================================================================

Speccy Information Log

Summary
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
CPU
AMD Phenom II X6 1070T
Thuban 45nm Technology
RAM
12.0GB Dual-Channel DDR3 @ 565MHz (8-8-8-20)
Motherboard
ASRock 880GXH/USB3 (CPUSocket) 35 °C
Graphics
CVTE TV ([email protected])
2047MB GeForce GTX 550 Ti (EVGA) 36 °C
Hard Drives
932GB Western Digital WDC WD10EADS-00M2B0 ATA Device (SATA) 29 °C
Optical Drives
TSSTcorp CDDVDW SH-S223F ATA Device
Audio
Sound Blaster World of Warcraft Wireless Headset
Operating System
Microsoft Windows 7 Ultimate 64-bit SP1
Computer type: Desktop
Installation Date : 4/22/2013 9:13:59 PM
Serial Number:
Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Notify prior to download
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Enabled
Company Name Microsoft
Display Name Microsoft Security Essentials
Product Version 4.2.223.1
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 10.0.9200.16540
PowerShell
Version 2.0
Environment Variables
USERPROFILE C:\Users\Chris
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Chris\AppData\Local\Temp
TMP C:\Users\Chris\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
C:\Program Files\TortoiseSVN\bin
C:\Program Files (x86)\Windows Live\Shared
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 6
PROCESSOR_LEVEL 16
PROCESSOR_IDENTIFIER AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_REVISION 0a00
Power Profile
Active power scheme High performance
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Hard Disk after: (On AC Power) 20 min
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 4/30/2013 7:00:29 PM
Current Uptime 502 sec (0 d, 00 h, 08 m, 22 s)
Last Boot Time 4/30/2013 6:52:07 PM
TimeZone
TimeZone GMT -7:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Process List
Angel.exe
Process ID 3024
User Chris
Domain Chris-PC
Path Z:\Angel.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
audiodg.exe
Process ID 1052
c2c_service.exe
Process ID 1992
User SYSTEM
Domain NT AUTHORITY
Path C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
Memory Usage 6.35 MB
Peak Memory Usage 6.40 MB
cmd.exe
Process ID 3868
User Chris
Domain Chris-PC
Path C:\Windows\System32\cmd.exe
Memory Usage 3.17 MB
Peak Memory Usage 3.20 MB
conhost.exe
Process ID 4196
User Chris
Domain Chris-PC
Path C:\Windows\system32\conhost.exe
Memory Usage 5.47 MB
Peak Memory Usage 5.47 MB
csrss.exe
Process ID 532
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 6.59 MB
Peak Memory Usage 11 MB
csrss.exe
Process ID 444
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.47 MB
Peak Memory Usage 4.48 MB
CurseClient.exe
Process ID 3172
User Chris
Domain Chris-PC
Path C:\Users\Chris\AppData\Local\Apps\2.0\R67AA5QW.AN2\6AEZXC9O.34W\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\CurseClient.exe
Memory Usage 4.18 MB
Peak Memory Usage 98 MB
daemonu.exe
Process ID 3864
User UpdatusUser
Domain Chris-PC
Path C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
Memory Usage 8.08 MB
Peak Memory Usage 8.16 MB
dllhost.exe
Process ID 1528
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DllHost.exe
Memory Usage 7.41 MB
Peak Memory Usage 7.52 MB
dwm.exe
Process ID 1540
User Chris
Domain Chris-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 31 MB
Peak Memory Usage 36 MB
explorer.exe
Process ID 1548
User Chris
Domain Chris-PC
Path C:\Windows\Explorer.EXE
Memory Usage 63 MB
Peak Memory Usage 64 MB
iexplore.exe
Process ID 4780
User Chris
Domain Chris-PC
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 30 MB
Peak Memory Usage 35 MB
iexplore.exe
Process ID 4824
User Chris
Domain Chris-PC
Path C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Memory Usage 94 MB
Peak Memory Usage 135 MB
lsass.exe
Process ID 628
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
lsm.exe
Process ID 640
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.48 MB
Peak Memory Usage 4.49 MB
MsMpEng.exe
Process ID 964
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\Microsoft Security Client\MsMpEng.exe
Memory Usage 71 MB
Peak Memory Usage 293 MB
msseces.exe
Process ID 2696
User Chris
Domain Chris-PC
Path C:\Program Files\Microsoft Security Client\msseces.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
nvSCPAPISvr.exe
Process ID 848
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Memory Usage 5.68 MB
Peak Memory Usage 6.99 MB
nvtray.exe
Process ID 3136
User Chris
Domain Chris-PC
Path C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
nvvsvc.exe
Process ID 824
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 7.36 MB
Peak Memory Usage 7.47 MB
nvvsvc.exe
Process ID 1372
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
nvxdsync.exe
Process ID 1364
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
SearchFilterHost.exe
Process ID 4432
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.42 MB
Peak Memory Usage 7.42 MB
SearchIndexer.exe
Process ID 3204
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
SearchProtocolHost.exe
Process ID 4536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 8.84 MB
Peak Memory Usage 8.84 MB
services.exe
Process ID 572
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
sfc.exe
Process ID 1968
User Chris
Domain Chris-PC
Path C:\Windows\system32\sfc.exe
Memory Usage 5.69 MB
Peak Memory Usage 5.73 MB
smss.exe
Process ID 308
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.27 MB
Peak Memory Usage 1.32 MB
Speccy64.exe
Process ID 2576
User Chris
Domain Chris-PC
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 29 MB
Peak Memory Usage 29 MB
spoolsv.exe
Process ID 1624
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 284
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 24 MB
Peak Memory Usage 25 MB
svchost.exe
Process ID 2552
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.98 MB
Peak Memory Usage 6.32 MB
svchost.exe
Process ID 892
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.26 MB
Peak Memory Usage 8.29 MB
svchost.exe
Process ID 764
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1240
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
svchost.exe
Process ID 1080
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.29 MB
Peak Memory Usage 7.37 MB
svchost.exe
Process ID 632
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 47 MB
Peak Memory Usage 49 MB
svchost.exe
Process ID 408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 175 MB
Peak Memory Usage 177 MB
svchost.exe
Process ID 404
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1716
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 56 MB
svchost.exe
Process ID 1868
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 4092
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
System
Process ID 4
System Idle Process
Process ID 0
taskhost.exe
Process ID 1604
User Chris
Domain Chris-PC
Path C:\Windows\system32\taskhost.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
TrustedInstaller.exe
Process ID 3556
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\servicing\TrustedInstaller.exe
Memory Usage 19 MB
Peak Memory Usage 68 MB
TSVNCache.exe
Process ID 3280
User Chris
Domain Chris-PC
Path C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
Memory Usage 7.84 MB
Peak Memory Usage 8.00 MB
wininit.exe
Process ID 500
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.67 MB
Peak Memory Usage 4.75 MB
winlogon.exe
Process ID 596
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.50 MB
Peak Memory Usage 8.85 MB
WLIDSVC.EXE
Process ID 352
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 16 MB
Peak Memory Usage 16 MB
WLIDSVCM.EXE
Process ID 1900
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 3.68 MB
Peak Memory Usage 3.72 MB
WMIADAP.exe
Process ID 1420
User SYSTEM
Domain NT AUTHORITY
Path \\?\C:\Windows\system32\wbem\WMIADAP.EXE
Memory Usage 6.14 MB
Peak Memory Usage 7.42 MB
WmiApSrv.exe
Process ID 4632
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 5.35 MB
Peak Memory Usage 5.35 MB
WmiPrvSE.exe
Process ID 4256
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 19 MB
Peak Memory Usage 19 MB
WmiPrvSE.exe
Process ID 2028
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
wmpnetwk.exe
Process ID 3496
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 4.45 MB
Peak Memory Usage 28 MB
WUDFHost.exe
Process ID 2728
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 6.30 MB
Peak Memory Usage 6.33 MB
Scheduler
4/30/2013 7:31 PM; GoogleUpdateTaskMachineUA
4/30/2013 7:51 PM; Adobe Flash Player Updater
5/1/2013 4:31 PM; GoogleUpdateTaskMachineCore
Hotfixes
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2763523)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2547666)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2709981)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2574819)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Internet Explorer 10 for Windows 7 for x64-based Systems
Internet Explorer 10 is fast and fluid, and lets your websites
shine and perform just like native apps on your PC.
Internet
Explorer 10. Fast and fluid for Windows 7.
• Fast. Internet
Explorer 10 harnesses the untapped power of your PC, delivering
pages full of vivid graphics, smoother video, and interactive
content.
• Easy. Experience the web the way you want to with
pinned sites, built-in Spellcheck, and seamless integration with
your PC running Windows 7.
• Safer. Improved features like SmartScreen
Filter and Tracking Protection let you be more aware of threats
to your PC and your privacy.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2592687)
The Remote Desktop Protocol 8.0 update enables you to use the
new Remote Desktop Services features. These features are introduced
in Windows 8 and in Windows Server 2012 and are available for
computers that are running Windows 7 Service Pack 1 or Windows
Server 2008 R2 Service Pack 1. After you install this item, you
may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2719857)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2603229)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2750841)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2732059)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2791765)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2786081)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2529073)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Platform Update for Windows 7 x64-Edition (KB2670838)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Update for Windows 7 for x64-based Systems (KB982018)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656411)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/30/2013 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.149.863.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
4/30/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/30/2013 Fresco Logic - Other hardware - Fresco Logic xHCI (USB3) Root Hub
Fresco Logic Other hardware software update released in November,
2012
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2505438)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Security Update for Windows 7 for x64-based Systems (KB2840149)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/30/2013 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2729449)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Windows 7 Service Pack 1 for x64-based Systems (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
4/30/2013 Microsoft Security Essentials - KB2805304
You may not be running an anti-malware solution and this may
leave your PC vulnerable to viruses, spyware and other malicious
software. Microsoft Security Essentials is a free anti-malware
software offered to Windows users who have purchased a Genuine
copy of Windows. Microsoft Security Essentials is licensed for
use on home PCs and by small businesses with 10 or fewer PCs.
You can download alternative languages directly from www.microsoft.com/security_essentials
with the “more information” link below.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656351)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Windows Live Essentials 2011 (KB2434419)
Do more with Windows on your PC with free programs from Microsoft
for photos, movies, instant messaging, email, social networking,
and more. Get it all in one simple download.
Windows Live Essentials
includes Messenger, Photo Gallery, Mail, Movie Maker, Writer,
Family Safety, and Windows Live Mesh, plus Bing Bar, Messenger
Companion, Microsoft Outlook Hotmail Connector, Microsoft Outlook
Social Connector Provider for Windows Live Messenger, and Microsoft
Silverlight.
Installing this update will replace your Windows
Live Toolbar with Bing Bar.
4/30/2013 Fresco Logic - Other hardware - Fresco Logic xHCI (USB3) Root Hub
Fresco Logic Other hardware software update released in November,
2012
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2505438)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Security Update for Windows 7 for x64-based Systems (KB2840149)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/30/2013 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2729449)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Windows 7 Service Pack 1 for x64-based Systems (KB976932)
Windows 7 Service Pack 1 is a recommended collection of updates
and improvements to Windows that are combined into a single installable
update. The service pack can help make your computer safer and
more reliable. A typical installation will take about 30 minutes
to complete, and you will have to restart your computer about
halfway through the process.
4/30/2013 Microsoft Security Essentials - KB2805304
You may not be running an anti-malware solution and this may
leave your PC vulnerable to viruses, spyware and other malicious
software. Microsoft Security Essentials is a free anti-malware
software offered to Windows users who have purchased a Genuine
copy of Windows. Microsoft Security Essentials is licensed for
use on home PCs and by small businesses with 10 or fewer PCs.
You can download alternative languages directly from www.microsoft.com/security_essentials
with the “more information” link below.
4/30/2013 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656351)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/30/2013 Update for Windows 7 for x64-based Systems (KB2732487)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/30/2013 Windows Live Essentials 2011 (KB2434419)
Do more with Windows on your PC with free programs from Microsoft
for photos, movies, instant messaging, email, social networking,
and more. Get it all in one simple download.
Windows Live Essentials
includes Messenger, Photo Gallery, Mail, Movie Maker, Writer,
Family Safety, and Windows Live Mesh, plus Bing Bar, Messenger
Companion, Microsoft Outlook Hotmail Connector, Microsoft Outlook
Social Connector Provider for Windows Live Messenger, and Microsoft
Silverlight.
Installing this update will replace your Windows
Live Toolbar with Bing Bar.
4/29/2013 Update for Windows 7 for x64-based Systems (KB2529073)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/29/2013 Security Update for Windows 7 for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/29/2013 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2533523)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
4/29/2013 Update for Windows 7 for x64-based Systems (KB982018)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/29/2013 Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2600217)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
4/26/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.649.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/23/2013 Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670)
The Microsoft .NET Framework 4 Client Profile provides a subset
of features from the .NET Framework 4. The Client Profile is
designed to run client applications and to enable the fastest
possible deployment for Windows Presentation Foundation (WPF)
and Windows Forms technology.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2739159)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2563227)
Install this update to resolve performance and reliability issues
in Windows. By applying this update, you can achieve better performance
and responsiveness in various scenarios. For a complete listing
of the issues that are included in this update, see the associated
Microsoft Knowledge Base article for more information. After
you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2769369)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2560656)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2658846)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2387530)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2552343)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2620704)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2656410)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB980846)
Install this update to allow Windows 7 to provide a Windows Vista
context for legacy applications designed for older Windows versions.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2533552)
Install this update to enable future updates to install successfully
on all editions of Windows 7 or Windows Server 2008 R2. This
update may be required before selected future updates can be
installed. After you install this item, it cannot be removed.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2813347)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2515325)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2779562)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Windows Malicious Software Removal Tool x64 - April 2013 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2604114)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2808735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2640148)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2305420)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2547666)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2789644)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB979688)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB974431)
This is a reliability update. This update resolves some reliability
issues in Windows 7. By applying this update, you can achieve
better reliability in various scenarios. After you install this
item, you may have to restart your computer.
4/23/2013 Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)
Install this update to resolve issues caused by manifest expiration
in AD RMS enabled applications. This update will fix any existing
issues in addition to addressing any future application manifest
expirations. After you install this item, you may have to restart
any running AD RMS enabled applications.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB975467)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2729451)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2660075)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2511250)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2545698)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Microsoft driver update for Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
This driver was provided by Microsoft for support of Realtek
RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
4/23/2013 Update for Windows 7 for x64-based Systems (KB2467023)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2522422)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB977074)
This is a reliability update. This update resolves some reliability
issues in Windows 7. By applying this update, you can achieve
better reliability in various scenarios. After you install this
item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB976422)
Install this update to support Secure Digital (SD) cards that
are larger than 32 GB. After you install this item, you may have
to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2603229)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2741355)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB982799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2807986)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2667402)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2736233)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2484033)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Western Digital Technologies - Other hardware - WD SES Device
Western Digital Technologies Other hardware software update released
in January, 2011
4/23/2013 Windows Internet Explorer 9 for Windows 7 for x64-based Systems
Windows Internet Explorer 9 delivers web sites and applications
that look and perform like native PC applications through the
power of Windows.

Fast: Internet Explorer 9 is all-around fast.
Designed to take full advantage of your PC’s hardware through
Windows, Internet Explorer 9 delivers graphically rich and immersive
experiences that are as fast and responsive as native applications
installed on your PC.

Clean: Internet Explorer puts the focus
on the Web sites you love with a clean look and increased viewing
area that makes your Web sites shine. Intuitive and seamless
integration with Windows 7 provides one-click access to Web applications
pinned directly to your Taskbar.

Trusted: Internet Explorer
is the trusted way to the Web because it has a robust set of
built-in security, privacy and reliability technologies that
keep you safer and your browsing experience uninterrupted.
Interoperable: Support for HTML5 and modern Web standards architected
to take advantage of the GPU means that the same mark-up not
only works across the Web, but runs faster and delivers a richer
experience through Windows and Internet Explorer 9.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2454826)
This is a reliability update. Install this update to enable a
set of performance and functionality updates for graphics, Media
Foundation, and XPS components on Windows 7 and Windows Server
2008 R2 systems. After you install this item, you may have to
restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2757638)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2541014)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Ralink Technology, Corp. - WLAN - 802.11n Wireless LAN Card
Ralink Technology, Corp. WLAN software update released in February,
2013
4/23/2013 Update for Windows 7 for x64-based Systems (KB2709630)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2032276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB971033)
This update to Windows Activation Technologies detects activation
exploits and tampering to key Windows system files. These exploits
try to bypass regular Windows activation and are sometimes included
within counterfeit copies of Windows.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2758857)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2770660)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2785220)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2281679)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2749655)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2790113)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2736418)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected application to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2488113)
This is a reliability update. This update resolves some performance
and reliability issues in Windows. By applying this update, you
can achieve better performance and responsiveness in various
scenarios. For more information please see the Knowledge Base
article. After you install this item, you may have to restart
your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2748349)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2536275)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2786400)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2790655)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2773072)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2579686)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2756920)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2753842)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2645640)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for User-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685813)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2690533)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2743555)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2699779)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2726535)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 NVIDIA Corporation - Audio Device, Other hardware - NVIDIA High Definition Audio
NVIDIA Corporation Audio Device, Other hardware software update
released in July, 2012
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2656355)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2706045)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB980408)
Install this update to resolve reliability issues with Windows
7 and Server 2008 R2. For complete details of this update, see
the Knowledge Base Article. After you install this item, you
may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2727528)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2506014)
An issue has been identified that could allow a user with administrative
permissions to load an unsigned driver. This update resolves
that issue. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2762895)
Install this update to resolve a set of known application compatibility
issues with Windows. For a complete listing of the issues that
are included in this update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB974571)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2761217)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2532531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2483614)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2705219)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2506928)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2799926)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2732500)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2491683)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2654428)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2442962)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2729094)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2712808)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2511455)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2660649)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2813170)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2698365)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2419640)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2647753)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
4/23/2013 Update for Windows 7 for x64-based Systems (KB979538)
Install this update to prevent unexpected shutdowns or bluescreens
when you are using a USB video device. After you install this
item, you may have to restart your computer.
4/23/2013 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2742598)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Update for Windows 7 for x64-based Systems (KB2661254)
Install this update to keep your system up to date by increasing
the minimum level of encryption on Windows systems. After you
install this item, you may have to restart your system.
4/23/2013 Security Update for Windows 7 for x64-based Systems (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
4/23/2013 Definition Update for Windows Defender - KB915597 (Definition 1.149.131.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
4/23/2013 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
4/23/2013 Cumulative Update for Media Center for Windows 7 x64-based Systems (KB2284742)
Install this update to resolve issues with Media Center for Windows
7. For a complete listing of the issues that are included in
this cumulative update, see the associated Microsoft Knowledge
Base article for more information. After you install this item,
you may have to restart your computer.
4/23/2013 Microsoft .NET Framework 3.5 SP1 Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB982526)
This update addresses a set of known issues of the Microsoft
.NET Framework 3.5 Service Pack 1. After you install this item,
you may have to restart your computer.
4/23/2013 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2817183)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/23/2013 NVIDIA driver update for NVIDIA GeForce GTX 550 Ti
This driver was provided by NVIDIA for support of NVIDIA GeForce
GTX 550 Ti
4/23/2013 Fresco Logic - Other hardware, USB Controller - Fresco Logic xHCI (USB3) Controller FL1000 Series
Fresco Logic Other hardware, USB Controller software update released
in November, 2012
4/23/2013 Microsoft driver update for Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
This driver was provided by Microsoft for support of Realtek
RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
4/23/2013 Ralink Technology, Corp. - WLAN - 802.11n Wireless LAN Card
Ralink Technology, Corp. WLAN software update released in February,
2013
4/23/2013 NVIDIA Corporation - Audio Device, Other hardware - NVIDIA High Definition Audio
NVIDIA Corporation Audio Device, Other hardware software update
released in July, 2012
4/23/2013 Update for Windows 7 for x64-based Systems (KB976422)
Install this update to support Secure Digital (SD) cards that
are larger than 32 GB. After you install this item, you may have
to restart your computer.
4/23/2013 Windows Update Agent 7.6.7600.256
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
System Folders
Path for burning CD C:\Users\Chris\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Chris\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Chris\Desktop
Physical Desktop C:\Users\Chris\Desktop
User Favorites C:\Users\Chris\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Chris\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Chris\AppData\Local
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Services
Running Application Experience
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Listener
Running HomeGroup Provider
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running Microsoft Antimalware Service
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running NVIDIA Display Driver Service
Running NVIDIA Stereoscopic 3D Driver Service
Running NVIDIA Update Service Daemon
Running Offline Files
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Plug and Play
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Skype C2C Service
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running UPnP Device Host
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Modules Installer
Running Windows Search
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Flash Player Update Service
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped BranchCache
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Credential Manager
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped Google Software Updater
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Network Inspection
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Parental Controls
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Secure Socket Tunneling Protocol Service
Stopped Skype Updater
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Telephony
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Image Acquisition (WIA)
Stopped Windows Installer
Stopped Windows Live Family Safety Service
Stopped Windows Live Mesh remote connections service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped Wired AutoConfig
Stopped WWAN AutoConfig
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Disabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
AMD Phenom II X6 1075T Processor
AMD Phenom II X6 1075T Processor
AMD Phenom II X6 1075T Processor
AMD Phenom II X6 1075T Processor
AMD Phenom II X6 1075T Processor
AMD Phenom II X6 1075T Processor
System board
ACPI Power Button
Microsoft Windows Management Interface for ACPI
ACPI Fixed Feature Button
PCI bus
ATI I/O Communications Processor SMBus Controller
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
Motherboard resources
PCI standard host CPU bridge
Motherboard resources
PCI standard PCI-to-PCI bridge
NVIDIA GeForce GTX 550 Ti
Generic PnP Monitor
High Definition Audio Controller
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
PCI standard PCI-to-PCI bridge
Fresco Logic xHCI (USB3) Controller FL1000 Series
Fresco Logic xHCI (USB3) Root Hub
PCI standard PCI-to-PCI bridge
Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Standard Dual Channel PCI IDE Controller
ATA Channel 1
ATA Channel 0
TSSTcorp CDDVDW SH-S223F ATA Device
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Generic USB Hub
USB Composite Device
USB Input Device
HID Keyboard Device
USB Input Device
HID-compliant consumer control device
HID-compliant device
USB Composite Device
USB Input Device
HID-compliant mouse
USB Input Device
HID-compliant consumer control device
HID-compliant device
HID-compliant device
USB Input Device
HID Keyboard Device
HID-compliant device
Standard OpenHCD USB Host Controller
USB Root Hub
USB Composite Device
Sound Blaster World of Warcraft Wireless Headset
USB Input Device
HID-compliant consumer control device
HID-compliant device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
Generic USB SD Reader USB Device
Generic USB CF Reader USB Device
Generic USB SM Reader USB Device
Generic USB MS Reader USB Device
Standard Dual Channel PCI IDE Controller
ATA Channel 1
ATA Channel 0
WDC WD10EADS-00M2B0 ATA Device
High Definition Audio Controller
High Definition Audio Device
PCI standard ISA bridge
Programmable interrupt controller
Direct memory access controller
System timer
System CMOS/real time clock
System speaker
Numeric data processor
High precision event timer
Motherboard resources
Motherboard resources
Communications Port (COM1)
Motherboard resources
ATI I/O Communications Processor PCI Bus Controller
802.11n Wireless LAN Card
Standard OpenHCD USB Host Controller
USB Root Hub
CPU
AMD Phenom II X6 1070T
Cores 6
Threads 6
Name AMD Phenom II X6 1070T
Code Name Thuban
Package Socket AM3 (938)
Technology 45nm
Specification AMD Phenom II X6 1075T Processor
Family F
Extended Family 10
Model A
Extended Model A
Stepping 0
Revision PH-E0
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Fan Speed 3515 RPM
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Stock Core Speed 3500 MHz
Stock Bus Speed 200 MHz
Caches
L1 Data Cache Size 6 x 64 KBytes
L1 Instructions Cache Size 6 x 64 KBytes
L2 Unified Cache Size 6 x 512 KBytes
L3 Unified Cache Size 6144 KBytes
Core 0
Core Speed 3225.0 MHz
Multiplier x 15.0
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 0
Core 1
Core Speed 3225.0 MHz
Multiplier x 15.0
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 1
Core 2
Core Speed 3762.5 MHz
Multiplier x 17.5
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 2
Core 3
Core Speed 3762.5 MHz
Multiplier x 17.5
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 3
Core 4
Core Speed 3762.5 MHz
Multiplier x 17.5
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 4
Core 5
Core Speed 3225.0 MHz
Multiplier x 15.0
Bus Speed 215.0 MHz
Rated Bus Speed 2150.0 MHz
Thread 1
APIC ID 5
RAM
Memory slots
Total memory slots 4
Used memory slots 3
Free memory slots 1
Memory
Type DDR3
Size 12288 MBytes
Channels # Dual
DRAM Frequency 573.3 MHz
CAS# Latency (CL) 8 clocks
RAS# to CAS# Delay (tRCD) 8 clocks
RAS# Precharge (tRP) 8 clocks
Cycle Time (tRAS) 20 clocks
Bank Cycle Time (tRC) 27 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 17 %
Total Physical 12 GB
Available Physical 9.91 GB
Total Virtual 24 GB
Available Virtual 22 GB
SPD
Number Of SPD Modules 3
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700H (667 MHz)
Part Number CMV4GX3M1A1333C9
SPD Ext. EPP
JEDEC #3
Frequency 666.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 34
Voltage 1.500 V
JEDEC #2
Frequency 592.6 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #1
Frequency 444.4 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 23
Voltage 1.500 V
Slot #2
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700H (667 MHz)
Part Number CMZ8GX3M2A1600C9
Serial Number 0000033E
SPD Ext. EPP
XMP--2
Frequency
JEDEC #4
Frequency 666.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 592.6 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 518.5 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 444.4 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 23
Voltage 1.500 V
Slot #3
Type DDR3
Size 4096 MBytes
Manufacturer Corsair
Max Bandwidth PC3-10700H (667 MHz)
Part Number CMZ8GX3M2A1600C9
SPD Ext. EPP
XMP--2
Frequency
JEDEC #4
Frequency 666.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 34
Voltage 1.500 V
JEDEC #3
Frequency 592.6 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #2
Frequency 518.5 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 444.4 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 23
Voltage 1.500 V
Motherboard
Manufacturer ASRock
Model 880GXH/USB3 (CPUSocket)
Version To Be Filled By O.E.M.
Chipset Vendor AMD
Chipset Model 880G
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model SB700
Southbridge Revision 00
System Temperature 35 °C
BIOS
Brand American Megatrends Inc.
Version P1.20
Date 6/24/2010
Voltage
CPU CORE 1.440 V
MEMORY CONTROLLER 0.584 V
+3.3V 3.344 V
+5V 4.992 V
+12V 11.654 V
VIN5 1.696 V
VIN6 1.864 V
PCI Data
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI2
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE1
Slot Number 2
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Bus Width Unknown
Slot Designation PCIE2
Slot Number 3
Slot PCI-E
Slot Type PCI-E
Slot Usage Available
Bus Width Unknown
Slot Designation PCIE3
Slot Number 4
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI6
Slot Number 5
Graphics
Monitor
Name CVTE TV on NVIDIA GeForce GTX 550 Ti
Current Resolution 1360x768 pixels
Work Resolution 1360x728 pixels
State Enabled, Primary, Output devices support
Monitor Width 1360
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce GTX 550 Ti
GPU GF116
Device ID 10DE-1244
Revision A2
Subvendor EVGA (3842)
Current Performance Level Level 1
Current GPU Clock 50 MHz
Current Memory Clock 135 MHz
Current Shader Clock 101 MHz
Voltage 0.950 V
Die Size 238 mm˛
Release Date Mar 15, 2011
DirectX Support 11.0
OpenGL Support 5.0
Bus Interface PCI Express x16
Temperature 36 °C
Driver version 9.18.13.1106
BIOS Version 70.26.3a.00.54
ROPs 32
Shaders 192 unified
Physical Memory 2047 MB
Virtual Memory 2816 MB
Count of performance levels : 3
Level 1 - "Default"
GPU Clock 50 MHz
Memory Clock 135 MHz
Shader Clock 101 MHz
Level 2 - "2D Desktop"
GPU Clock 405 MHz
Memory Clock 324 MHz
Shader Clock 810 MHz
Level 3 - "3D Applications"
GPU Clock 972 MHz
Memory Clock 2052 MHz
Shader Clock 1944 MHz
OpenGL
Version 4.3.0
Vendor NVIDIA Corporation
Renderer GeForce GTX 550 Ti/PCIe/SSE2
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 16384
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMD_multi_draw_indirect
GL_ARB_arrays_of_arrays
GL_ARB_base_instance
GL_ARB_blend_func_extended
GL_ARB_clear_buffer_object
GL_ARB_color_buffer_float
GL_ARB_compatibility
GL_ARB_compressed_texture_pixel_storage
GL_ARB_conservative_depth
GL_ARB_compute_shader
GL_ARB_copy_buffer
GL_ARB_copy_image
GL_ARB_debug_output
GL_ARB_depth_buffer_float
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_buffers_blend
GL_ARB_draw_indirect
GL_ARB_draw_elements_base_vertex
GL_ARB_draw_instanced
GL_ARB_ES2_compatibility
GL_ARB_ES3_compatibility
GL_ARB_explicit_attrib_location
GL_ARB_explicit_uniform_location
GL_ARB_fragment_coord_conventions
GL_ARB_fragment_layer_viewport
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_no_attachments
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_geometry_shader4
GL_ARB_get_program_binary
GL_ARB_gpu_shader5
GL_ARB_gpu_shader_fp64
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_instanced_arrays
GL_ARB_internalformat_query
GL_ARB_internalformat_query2
GL_ARB_invalidate_subdata
GL_ARB_map_buffer_alignment
GL_ARB_map_buffer_range
GL_ARB_multi_draw_indirect
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_program_interface_query
GL_ARB_provoking_vertex
GL_ARB_robust_buffer_access_behavior
GL_ARB_robustness
GL_ARB_sample_shading
GL_ARB_sampler_objects
GL_ARB_seamless_cube_map
GL_ARB_separate_shader_objects
GL_ARB_shader_atomic_counters
GL_ARB_shader_bit_encoding
GL_ARB_shader_image_load_store
GL_ARB_shader_image_size
GL_ARB_shader_objects
GL_ARB_shader_precision
GL_ARB_shader_storage_buffer_object
GL_ARB_shader_subroutine
GL_ARB_shader_texture_lod
GL_ARB_shading_language_100
GL_ARB_shading_language_420pack
GL_ARB_shading_language_include
GL_ARB_shading_language_packing
GL_ARB_shadow
GL_ARB_stencil_texturing
GL_ARB_sync
GL_ARB_tessellation_shader
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_buffer_object_rgb32
GL_ARB_texture_buffer_range
GL_ARB_texture_compression
GL_ARB_texture_compression_bptc
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_cube_map_array
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_gather
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_multisample
GL_ARB_texture_non_power_of_two
GL_ARB_texture_query_levels
GL_ARB_texture_query_lod
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_rgb10_a2ui
GL_ARB_texture_storage
GL_ARB_texture_storage_multisample
GL_ARB_texture_swizzle
GL_ARB_texture_view
GL_ARB_timer_query
GL_ARB_transform_feedback2
GL_ARB_transform_feedback3
GL_ARB_transform_feedback_instanced
GL_ARB_transpose_matrix
GL_ARB_uniform_buffer_object
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_attrib_64bit
GL_ARB_vertex_attrib_binding
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_vertex_type_2_10_10_10_rev
GL_ARB_viewport_array
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_S3_s3tc
GL_EXT_texture_env_add
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_Cg_shader
GL_EXT_depth_bounds_test
GL_EXT_direct_state_access
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXTX_framebuffer_mixed_formats
GL_EXT_framebuffer_multisample_blit_scaled
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_geometry_shader4
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_shader_objects
GL_EXT_separate_specular_color
GL_EXT_shader_image_load_store
GL_EXT_shadow_funcs
GL_EXT_stencil_two_side
GL_EXT_stencil_wrap
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_dxt1
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_format_BGRA8888
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_shared_exponent
GL_EXT_texture_sRGB
GL_EXT_texture_sRGB_decode
GL_EXT_texture_storage
GL_EXT_texture_swizzle
GL_EXT_texture_type_2_10_10_10_REV
GL_EXT_timer_query
GL_EXT_transform_feedback2
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_EXT_vertex_attrib_64bit
GL_EXT_import_sync_object
GL_IBM_rasterpos_clip
GL_IBM_texture_mirrored_repeat
GL_KHR_debug
GL_KTX_buffer_region
GL_NV_alpha_test
GL_NV_blend_minmax
GL_NV_blend_square
GL_NV_complex_primitives
GL_NV_compute_program5
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_copy_image
GL_NV_depth_buffer_float
GL_NV_depth_clamp
GL_NV_draw_texture
GL_NV_ES1_1_compatibility
GL_NV_explicit_multisample
GL_NV_fbo_color_attachments
GL_NV_fence
GL_NV_float_buffer
GL_NV_fog_distance
GL_NV_fragdepth
GL_NV_fragment_program
GL_NV_fragment_program_option
GL_NV_fragment_program2
GL_NV_framebuffer_multisample_coverage
GL_NV_geometry_shader4
GL_NV_gpu_program4
GL_NV_gpu_program4_1
GL_NV_gpu_program5
GL_NV_gpu_program_fp64
GL_NV_gpu_shader5
GL_NV_half_float
GL_NV_light_max_exponent
GL_NV_multisample_coverage
GL_NV_multisample_filter_hint
GL_NV_occlusion_query
GL_NV_packed_depth_stencil
GL_NV_parameter_buffer_object
GL_NV_parameter_buffer_object2
GL_NV_path_rendering
GL_NV_pixel_data_range
GL_NV_point_sprite
GL_NV_primitive_restart
GL_NV_register_combiners
GL_NV_register_combiners2
GL_NV_shader_atomic_counters
GL_NV_shader_atomic_float
GL_NV_shader_buffer_load
GL_NV_shader_storage_buffer_object
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_NV_texture_compression_vtc
GL_NV_texture_env_combine4
GL_NV_texture_expand_normal
GL_NV_texture_lod_clamp
GL_NV_texture_multisample
GL_NV_texture_rectangle
GL_NV_texture_shader
GL_NV_texture_shader2
GL_NV_texture_shader3
GL_NV_transform_feedback
GL_NV_transform_feedback2
GL_NV_vertex_array_range
GL_NV_vertex_array_range2
GL_NV_vertex_attrib_integer_64bit
GL_NV_vertex_buffer_unified_memory
GL_NV_vertex_program
GL_NV_vertex_program1_1
GL_NV_vertex_program2
GL_NV_vertex_program2_option
GL_NV_vertex_program3
GL_NVX_conditional_render
GL_NVX_gpu_memory_info
GL_OES_compressed_paletted_texture
GL_OES_depth24
GL_OES_depth32
GL_OES_depth_texture
GL_OES_element_index_uint
GL_OES_fbo_render_mipmap
GL_OES_get_program_binary
GL_OES_mapbuffer
GL_OES_packed_depth_stencil
GL_OES_point_size_array
GL_OES_point_sprite
GL_OES_rgb8_rgba8
GL_OES_read_format
GL_OES_standard_derivatives
GL_OES_texture_3D
GL_OES_texture_float
GL_OES_texture_float_linear
GL_OES_texture_half_float
GL_OES_texture_half_float_linear
GL_OES_texture_npot
GL_OES_vertex_array_object
GL_OES_vertex_half_float
GL_SGIS_generate_mipmap
GL_SGIS_texture_lod
GL_SGIX_depth_texture
GL_SGIX_shadow
GL_SUN_slice_accum
GL_WIN_swap_hint
WGL_EXT_swap_control
GL_EXT_bgra
Hard Drives
WDC WD10EADS-00M2B0 ATA Device
Manufacturer Western Digital
Heads 16
Cylinders 16,383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number WD-WCAV5J369810
LBA Size 48-bit LBA
Power On Count 227 times
Power On Time 449.9 days
Features S.M.A.R.T., AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 932 GB
Real size 1,000,204,886,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200) Data 0000000000
03 Spin-Up Time 233 (184) Data 00000010FE
04 Start/Stop Count 100 (100) Data 0000000117
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 086 (086) Data 0000002A2E
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 00000000E3
C0 Power-off Retract Count 200 (200) Data 00000000BD
C1 Load/Unload Cycle Count 148 (148) Data 0000026972
C2 Temperature 118 (096) Data 000000001D
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000000
Temperature 29 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter B:
File System NTFS
Volume Serial Number CC3E7AB2
Size 99 MB
Used Space 28 MB (29%)
Free Space 71 MB (71%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 70463A72
Size 100 GB
Used Space 46 GB (47%)
Free Space 54 GB (53%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter Z:
File System exFAT
Volume Serial Number 00F1BD25
Size 831 GB
Used Space 28.8 GB (4%)
Free Space 803 GB (96%)
Optical Drives
TSSTcorp CDDVDW SH-S223F ATA Device
Media Type DVD Writer
Name TSSTcorp CDDVDW SH-S223F ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded TRUE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 1
Size 1.13 MB
Status OK
Volume Name CDROM
Volume Serial Number 94137306
Audio
Sound Cards
Sound Blaster World of Warcraft Wireless Headset
High Definition Audio Device
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
Playback Devices
CVTE TV-1 (2- NVIDIA High Definition Audio)
Headset (2- Sound Blaster World of Warcraft Wireless Headset) (default)
Headphones (High Definition Audio Device)
Digital Audio (S/PDIF) (High Definition Audio Device)
Recording Devices
Headset (2- Sound Blaster World of Warcraft Wireless Headset) (default)
Microphone (High Definition Audio Device)
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Sound Blaster World of Warcraft Wireless Headset
Device Kind Audio device
Device Name Sound Blaster World of Warcraft Wireless Headset
Vendor Creative Technology
Comment Sound Blaster World of Warcraft Wireless Headset
Location USB Composite Device
Driver
Date 12-9-2009
Version 1.0.15.2
File C:\Windows\system32\WRTHX64.dll
File C:\Windows\system32\WRCFX64.dll
File C:\Windows\system32\WRppld64.dll
File C:\Windows\system32\drivers\WRfiltv.sys
File C:\Windows\WRDefE.exe
File C:\Windows\WRcfg.ini
File C:\Windows\WRMCcfg.ini
File C:\Windows\system32\xfiWR.ini
File C:\Windows\SysWOW64\WRTHX32.dll
File C:\Windows\SysWOW64\WRCFX32.dll
File C:\Windows\system32\drivers\drmk.sys
File C:\Windows\system32\drivers\portcls.sys
File C:\Windows\system32\drivers\USBAUDIO.sys
File C:\Windows\system32\WRcInst.dll
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB MS Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB SD Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB SM Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor GENERIC
Comment Generic USB CF Reader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\disk.sys
USB CF Reader
Device Kind Portable Device
Device Name USB CF Reader
Vendor GENERIC
Comment F:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\WUDFRd.sys
USB MS Reader
Device Kind Portable Device
Device Name USB MS Reader
Vendor GENERIC
Comment H:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\WUDFRd.sys
USB SD Reader
Device Kind Portable Device
Device Name USB SD Reader
Vendor GENERIC
Comment E:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\WUDFRd.sys
USB SM Reader
Device Kind Portable Device
Device Name USB SM Reader
Vendor GENERIC
Comment G:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\WUDFRd.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Microsoft XPS Document Writer (Default Printer)
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
IP Address 208.107.216.155
Subnet mask 255.255.254.0
Gateway server 208.107.216.1
Preferred DNS server 24.220.0.10
Alternate DNS server 24.220.0.11
DHCP Enabled
DHCP server 10.54.1.50
External IP Address 208.107.216.155
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 252 Bps
Computer Name
NetBIOS Name CHRIS-PC
DNS Name Chris-PC
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain Chris-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 13
Wi-Fi (47d498)
SSID 47d498
Frequency 2412000 kHz
Channel Number 1
Name 47d498
Signal Strength/Quality 40
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (8a17a4)
SSID 8a17a4
Frequency 2412000 kHz
Channel Number 1
Name 8a17a4
Signal Strength/Quality 44
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (sweatpea)
SSID sweatpea
Frequency 2412000 kHz
Channel Number 1
Name sweatpea
Signal Strength/Quality 28
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (FBIsurveillance2911)
SSID FBIsurveillance2911
Frequency 2412000 kHz
Channel Number 1
Name FBIsurveillance2911
Signal Strength/Quality 30
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (a2b4)
SSID a2b4
Frequency 2412000 kHz
Channel Number 1
Name a2b4
Signal Strength/Quality 32
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (bc58)
SSID bc58
Frequency 2412000 kHz
Channel Number 1
Name bc58
Signal Strength/Quality 24
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network WEP cipher algorithm with a cipher key of any length
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (223f)
SSID 223f
Frequency 2437000 kHz
Channel Number 6
Name 223f
Signal Strength/Quality 82
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (NET87)
SSID NET87
Frequency 2452000 kHz
Channel Number 9
Name NET87
Signal Strength/Quality 36
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Rachel)
SSID Rachel
Frequency 2462000 kHz
Channel Number 11
Name Rachel
Signal Strength/Quality 36
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (PS3-9757951)
SSID PS3-9757951
Frequency 2462000 kHz
Channel Number 11
Name PS3-9757951
Signal Strength/Quality 36
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
Wi-Fi (8a68b2)
SSID 8a68b2
Frequency 2462000 kHz
Channel Number 11
Name 8a68b2
Signal Strength/Quality 52
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (ef71)
SSID ef71
Frequency 2462000 kHz
Channel Number 11
Name ef71
Signal Strength/Quality 84
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (NEWAVENGERS)
SSID NEWAVENGERS
Frequency 2462000 kHz
Channel Number 11
Name NEWAVENGERS
Signal Strength/Quality 36
Security Enabled
State The interface is not connected to any network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
802.11n Wireless LAN Card
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
IP Address 208.107.216.155
Subnet mask 255.255.254.0
Gateway server 208.107.216.1
Network Shares
Users C:\Users
Current TCP Connections
C:\Users\Chris\AppData\Local\Apps\2.0\R67AA5QW.AN2\6AEZXC9O.34W\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\CurseClient.exe (3172)
Local 127.0.0.1:49261 LISTEN
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:2869 LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:10243 LISTEN
Local 208.107.216.155:139 (NetBIOS session service) LISTEN
daemonu.exe (3864)
Local 127.0.0.1:2559 LISTEN
lsass.exe (628)
Local 0.0.0.0:49154 LISTEN
services.exe (572)
Local 0.0.0.0:49156 LISTEN
svchost.exe (284)
Local 0.0.0.0:49153 LISTEN
svchost.exe (632)
Local 0.0.0.0:49155 LISTEN
svchost.exe (892)
Local 0.0.0.0:135 (DCE) LISTEN
wininit.exe (500)
Local 0.0.0.0:49152 LISTEN
wmpnetwk.exe (3496)
Local 0.0.0.0:554 LISTEN

=========================================================================================================================================================

Procexp log

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.56 0 K 24 K 0
procexp64.exe 0.62 29,356 K 50,712 K 4812 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
Interrupts 0.35 0 K 0 K n/a Hardware Interrupts and DPCs
CurseClient.exe 0.14 135,264 K 2,616 K 3172 Curse Client Curse (No signature was present in the subject) Curse
dwm.exe 0.12 32,604 K 33,520 K 1540 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 0.07 144 K 2,024 K 4
csrss.exe 0.05 2,608 K 6,764 K 532 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
c2c_service.exe 0.02 3,328 K 6,472 K 1992 Skype C2C Service Skype Technologies S.A. (Verified) Skype Technologies SA
MsMpEng.exe 0.02 202,028 K 63,520 K 964 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
explorer.exe 0.01 36,412 K 62,552 K 1548 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
WmiApSrv.exe 0.01 2,528 K 6,472 K 4684 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 45,308 K 49,048 K 632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe < 0.01 13,132 K 30,600 K 4780 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 11,448 K 19,296 K 404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Angel.exe < 0.01 4,240 K 14,776 K 3024 (No signature was present in the subject)
taskhost.exe < 0.01 24,208 K 21,156 K 1604 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 23,080 K 20,964 K 3204 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
daemonu.exe < 0.01 3,104 K 8,280 K 3864 NVIDIA Settings Update Manager NVIDIA Corporation (Verified) NVIDIA Corporation
WLIDSVC.EXE < 0.01 8,384 K 16,704 K 352 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
svchost.exe < 0.01 17,044 K 17,384 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
services.exe < 0.01 5,604 K 12,052 K 572 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 11,664 K 14,228 K 4092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 11,240 K 5,736 K 3496 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 206,936 K 217,524 K 408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
TSVNCache.exe < 0.01 5,200 K 8,168 K 3280 TortoiseSVN status cache http://tortoisesvn.net (Verified) Stefan Kueng - Open Source Developer
nvvsvc.exe < 0.01 6,636 K 13,060 K 1372 NVIDIA Driver Helper Service, Version 311.06 NVIDIA Corporation (Verified) NVIDIA Corporation
iexplore.exe < 0.01 81,108 K 96,100 K 4824 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,384 K 4,596 K 444 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 2,468 K 6,492 K 2728 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 22,456 K 27,396 K 4256 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,808 K 3,792 K 1900 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 3,484 K 7,716 K 596 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,868 K 4,808 K 500 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 17,220 K 20,432 K 3556 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12,488 K 16,272 K 1716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 20,212 K 24,616 K 284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,848 K 13,356 K 1868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,956 K 8,584 K 892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,496 K 10,752 K 764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,504 K 7,628 K 1080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,728 K 6,144 K 2552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,308 K 12,344 K 1624 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 636 K 1,324 K 308 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 2,560 K 7,880 K 4180 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
nvxdsync.exe 9,260 K 18,420 K 1364 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 3,052 K 7,508 K 824 NVIDIA Driver Helper Service, Version 311.06 NVIDIA Corporation (Verified) NVIDIA Corporation
nvtray.exe 8,220 K 14,576 K 3136 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
nvSCPAPISvr.exe 2,652 K 5,812 K 848 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
msseces.exe 6,844 K 15,068 K 2696 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
lsm.exe 2,848 K 4,592 K 640 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 5,620 K 12,884 K 628 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 3,152 K 7,584 K 1528 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 2,116 K 5,628 K 4196 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
cmd.exe 2,336 K 3,284 K 3868 Windows Command Processor Microsoft Corporation (Verified) Microsoft Windows

--------------------------------------------------------------------------------------------------------------------------------------------------------

Also the scf /scannow states:

Windows Resource Protection did not find any integraity violations.
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
I'm not seeing anything wrong. Speccy says it's running nice and cool and the hard drive is not showing any errors. Process Explorer says it's running well with nothing hogging the CPU and the only unverified program is your curse client which I assume is the WOW updater program.

ESET is clean and so is Bitdefender tho I do wonder what Z:\ is since it didn't show in OTL.

Is it always the same program that causes the drive to be dirty?

There was one IE crash. See if it still gets dirty if you use Chrome instead of IE.
  • 0

#10
Olisellana

Olisellana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
z: is the storage drive, As I stated I had a partition on the same drive.
  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Can you isolate it down to a single program causing the problem?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP