Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

virus is resisting all attempts to kill


  • Please log in to reply

#1
1nv1s

1nv1s

    New Member

  • Member
  • Pip
  • 7 posts
Hi guys

I'm hoping one of you is up for a challenge, three weeks to the day I have been battling with this one and my white flag is definitely up.
I now know I need help.
It all started with an unexpected crash of my kaspersky while doing an upgrade from 2011 to 2013.
I guess the virus had been sitting there waiting for the opportunity.
progressively the virus over the next few days turned off mouse support cd/dvd and networking of any kind including ftp
it doesn't seem to care about usb 3.0 so I do have the ability to use usb stick and usb drives to pass files and programs back and forwards.
so far I have tried malware bytes, msse, combofix, gmer, drweb, and numerous others.
it will not let me do a restore.
I have replaced earlier versions of the hive to no avail.
I have tried to do a repair install which so far has not been possible indeed at 4 am one morning I ended up installing a completely separate version of windows instead of doing a repair install , that will teach me not to mess with computers at ridiculous hours of the morning.

Here is my log hopefully you guys can help.

OTL logfile created on: 15/12/2012 10:18:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.37 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 82.23% Memory free
7.24 Gb Paging File | 6.72 Gb Available in Paging File | 92.78% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 588.18 Gb Free Space | 63.14% Space Free | Partition Type: NTFS
Drive E: | 59.63 Gb Total Space | 57.05 Gb Free Space | 95.67% Space Free | Partition Type: NTFS

Computer Name: USER-24DEB876B6 | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/15 10:14:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012/11/20 21:29:38 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/10/20 05:25:58 | 010,122,112 | ---- | M] (HLW Software Development GmbH) -- C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/07/27 17:57:12 | 002,163,064 | ---- | M] (Condusiv Technologies) -- C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
PRC - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
PRC - [2011/09/02 09:42:34 | 000,028,672 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\nwtray.exe
PRC - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe
PRC - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/12/07 15:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
PRC - [2010/07/09 11:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2010/07/09 11:40:14 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2010/06/09 11:41:30 | 001,726,976 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/09/17 00:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2009/09/17 00:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
PRC - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
MOD - [2011/09/02 09:42:26 | 000,262,227 | ---- | M] () -- C:\WINDOWS\system32\nwshlxnt.dll
MOD - [2011/09/02 09:39:42 | 000,110,592 | ---- | M] () -- C:\WINDOWS\system32\nls\ENGLISH\nwshlxnr.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe
MOD - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2011/03/02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/07/29 17:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Portable\Total Video Converter - HD version 3.71\TVCShellExt.dll
MOD - [2010/07/09 11:40:28 | 000,115,008 | ---- | M] () -- C:\Program Files\Nitro PDF\Professional\NPShellExtension.dll
MOD - [2010/07/04 21:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/06/09 11:41:30 | 001,726,976 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
MOD - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
MOD - [2008/08/26 12:07:18 | 000,133,632 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\Clock.dll
MOD - [2005/06/24 15:13:48 | 000,407,552 | ---- | M] () -- C:\Program Files\Extension Changer\extcontext.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2012/11/20 21:29:38 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/11/18 01:54:37 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/27 17:05:50 | 000,081,696 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HDD Regenerator\hrsrv.exe -- (hddrsrv)
SRV - [2012/10/24 17:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/20 05:25:58 | 010,122,112 | ---- | M] (HLW Software Development GmbH) [Auto | Running] -- C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe -- (itap-mobile-connect)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/27 17:57:12 | 002,163,064 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/15 10:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/09 08:30:57 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011/10/09 08:30:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/27 03:00:24 | 000,089,160 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe -- (MatLocalLicenceServer60)
SRV - [2011/09/02 09:42:30 | 000,053,339 | ---- | M] (Novell, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\cusrvc.exe -- (cusrvc)
SRV - [2011/09/01 23:10:08 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2011/08/17 18:42:58 | 000,090,168 | ---- | M] (Mentor Graphics Corporation) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2012)
SRV - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe -- (amajm2012)
SRV - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/12/07 15:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2010/07/09 11:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/07/09 11:40:14 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/09/17 06:06:00 | 001,246,496 | ---- | M] (SafeNet, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2009/09/17 00:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2009/09/17 00:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2005/09/23 06:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SANDRA)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\PciCon.sys -- (PciCon)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klmouflt.sys -- (klmouflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klim5.sys -- (klim5)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\klif.sys -- (KLIF)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\kl2.sys -- (kl2)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\kl1.sys -- (KL1)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (FNETURPX)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\user\LOCALS~1\Temp\HBCD\PCWizard\pcwiz_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2012/12/15 10:16:59 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C18D307C-83F3-4A99-9C0F-7F8DCD5BB8D7}\MpKsl9f1cdc81.sys -- (MpKsl9f1cdc81)
DRV - [2012/08/22 22:15:54 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012/07/09 14:54:56 | 000,085,328 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DKTLFSMF.sys -- (DKTLFSMF)
DRV - [2012/07/03 19:55:18 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2012/06/26 17:44:02 | 000,041,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dsu2cam.sys -- (DSU2CAM)
DRV - [2012/06/18 19:14:42 | 000,044,496 | ---- | M] (Condusiv Technologies) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt)
DRV - [2012/05/23 15:36:50 | 000,275,760 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv91xx.sys -- (mv91xx)
DRV - [2012/04/09 15:27:34 | 000,299,024 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2011/11/10 03:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/09/08 22:47:18 | 000,460,800 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2011/09/08 22:47:17 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2011/09/02 09:42:36 | 000,006,128 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwsns.sys -- (NWSNS)
DRV - [2011/09/02 09:42:34 | 000,023,232 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwsap.sys -- (NWSAP)
DRV - [2011/09/02 09:42:34 | 000,020,208 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwslp.sys -- (NWSLP)
DRV - [2011/09/02 09:42:34 | 000,018,353 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwdhcp.sys -- (NWDHCP)
DRV - [2011/09/02 09:42:34 | 000,017,664 | ---- | M] (Novell, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\NetWare\nwfilter.sys -- (NWFILTER)
DRV - [2011/09/02 09:42:34 | 000,009,297 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwhost.sys -- (NWHOST)
DRV - [2011/09/02 09:42:32 | 000,045,824 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdns.sys -- (NWDNS)
DRV - [2011/09/02 09:42:32 | 000,038,603 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nicm.sys -- (NICM)
DRV - [2011/09/02 09:42:32 | 000,029,440 | ---- | M] (Novell, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\NetWare\resmgr.sys -- (RESMGR)
DRV - [2011/09/02 09:42:30 | 000,058,496 | ---- | M] (Novell, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\NetWare\nwsipx32.sys -- (NWSIPX32)
DRV - [2011/09/02 09:42:28 | 000,185,216 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\srvloc.sys -- (SRVLOC)
DRV - [2011/09/02 09:42:26 | 000,553,216 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwfs.sys -- (NetwareWorkstation)
DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/06 18:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/06/15 08:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/05/21 20:33:10 | 000,192,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xhcdrv.sys -- (xhcdrv)
DRV - [2010/09/30 12:59:16 | 000,141,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/09/30 12:59:16 | 000,061,824 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2010/06/22 17:01:52 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/02/09 04:56:10 | 000,222,248 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2009/11/19 13:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/09/17 16:01:18 | 000,579,840 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009/09/17 16:00:38 | 000,543,744 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009/08/19 12:05:56 | 000,100,368 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/27 00:49:22 | 000,019,456 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bfturbov.sys -- (bfturbov)
DRV - [2009/06/18 17:04:20 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/06/09 23:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 18:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/04/01 05:33:32 | 000,163,712 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio)
DRV - [2005/01/25 15:45:50 | 000,035,107 | ---- | M] (Winternals) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VDiskBus.sys -- (vdiskbus)
DRV - [2003/04/30 15:59:40 | 000,259,528 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Nuvision.sys -- (NuVision)
DRV - [2002/12/16 18:11:02 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb)
DRV - [2002/12/16 18:11:02 | 000,009,949 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\SENTINEL.HLP -- (Sentinel)
DRV - [2002/01/12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)
DRV - [2001/08/17 13:05:48 | 000,314,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrO21.sys -- (PhilCam8116)
DRV - [2001/08/17 12:49:42 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.google.co.uk/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT2481032.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.0.1227P.314153
FF - prefs.js..extensions.enabledAddons: [email protected]:1.1.22
FF - prefs.js..extensions.enabledAddons: [email protected]:3.8.0
FF - prefs.js..extensions.enabledAddons: [email protected]:4.58
FF - prefs.js..keyword.URL: "http://search.yahoo...._1-ya-bs-rp&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/09/22 07:16:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/17 11:29:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/09/07 13:02:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2012/12/09 06:51:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions
[2012/01/10 09:48:05 | 000,000,000 | ---D | M] (Adobe BrowserLab for Firebug) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/12/09 06:51:54 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/21 04:52:33 | 000,234,741 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 12:21:38 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 12:21:48 | 000,251,282 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 11:42:18 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\searchplugins\conduit.xml
[2012/12/01 10:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/08 22:13:54 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak
[2011/09/08 22:13:51 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak
[2010/09/30 12:28:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/24 17:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 17:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/17 12:21:26 | 000,128,264 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\testlog.txt
[2012/10/24 17:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/11 18:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - homepage: http://www.google.co.uk/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: New Tab Redirect = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ffnkmhhiondoojnmkkpebhfmeeloahpe\1.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/08 08:17:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [StartupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP File not found
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\StartupFaster [2012/11/10 17:48:52 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\StartupFaster [2012/11/10 17:48:52 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to WebSite-Watcher - C:\Documents and Settings\user\Application Data\aignes\WebSite-Watcher\config\settings\wswie.htm ()
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - Reg Error: Key error. File not found
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Key error. File not found
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {042134DD-BB44-43FC-A74F-B80FBD465925} http://210.68.70.226...e/xWebView4.cab (xWebView4 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285837009015 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341098091181 (MUWebControl Class)
O16 - DPF: {99477088-D541-4C7E-945D-9E8854469CF5} http://192.168.100.200/Topica.cab (Topica Control)
O16 - DPF: {B29FFE46-EFA5-41A7-95B3-21E6182CC5BE} http://210.68.70.226.../TOPICACamV.cab (TOPICA IPCamera Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1E4FE21-20A5-4D65-866D-E7C2BEF15CA1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E553B255-2CAE-4281-8B0D-09A7F55A2F37}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E553B255-2CAE-4281-8B0D-09A7F55A2F37}: NameServer = 158.152.1.43,158.152.1.58
O18 - Protocol\Handler\dae {A6781FA9-C199-4FF3-803D-C181484BB4E0} - C:\Program Files\Right Hemisphere\Deep Access Explorer\PreviewHandler32.dll (Right Hemisphere)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (NWGINA.DLL) - C:\WINDOWS\System32\nwgina.dll (Novell, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/09 11:00:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/15 17:39:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2012/12/15 09:26:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2012/12/14 10:51:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/12/14 10:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/12/14 08:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/12/14 08:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\MFAData
[2012/12/14 08:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Avg2013
[2012/12/14 07:36:00 | 000,019,456 | ---- | C] (BUFFALO INC.) -- C:\WINDOWS\System32\drivers\bfturbov.sys
[2012/12/14 07:00:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.2
[2012/12/13 20:50:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.1
[2012/12/10 13:00:02 | 000,000,000 | ---D | C] -- C:\WINDOWS.0
[2012/12/02 10:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\MICE
[2012/12/02 10:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\MICE
[2012/12/02 00:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Mouse
[2012/12/01 16:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2012/12/01 11:02:55 | 000,000,000 | ---D | C] -- C:\kavremover
[2012/12/01 09:34:00 | 000,074,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klflt.sys
[2012/12/01 09:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
[2012/11/27 09:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached_files
[2012/11/27 01:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\GlarySoft
[2012/11/23 08:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NetSetMan
[2012/11/23 08:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\NetSetMan
[2012/11/22 17:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry Finder
[2012/11/22 17:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\AceLogix
[2012/11/22 17:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\DCSoft
[2012/11/22 17:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\DCSoft
[2012/11/20 21:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/11/20 21:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/11/19 23:38:45 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/11/19 23:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/11/19 23:33:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/18 01:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\driverview
[2012/11/17 23:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2012/11/17 18:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Registry Toolkit
[2012/11/17 18:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tools
[2012/11/17 18:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\RegTkt
[2012/11/17 12:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\toolbarcleaner
[2012/11/17 12:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2012/11/17 12:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2012/11/17 12:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Toolbar Cleaner
[2012/11/15 22:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\FixCleaner
[2012/11/15 22:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FixCleaner
[2012/11/15 22:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/15 10:22:47 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\user\Application Data\AtomicAlarmClock.ini
[2012/12/15 10:18:10 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/15 10:10:54 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/15 10:04:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/15 10:01:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/15 10:01:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/15 10:00:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/15 10:00:15 | 3623,428,096 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/14 22:50:03 | 000,000,498 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Outlook 2010.job
[2012/12/14 09:48:13 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/12/14 07:32:14 | 000,002,860 | ---- | M] () -- C:\config.xml
[2012/12/14 07:32:14 | 000,001,176 | ---- | M] () -- C:\WINDOWS\System32\RW_{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/14 07:32:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\RW_AppData.dat
[2012/12/14 05:07:46 | 000,000,401 | -HS- | M] () -- C:\boot.ini
[2012/12/11 09:49:17 | 000,526,792 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/11 09:49:17 | 000,096,648 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/11 08:13:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/08 18:12:35 | 000,096,208 | ---- | M] () -- C:\WINDOWS\System32\RW_FileType.dat
[2012/12/08 18:12:35 | 000,000,636 | ---- | M] () -- C:\WINDOWS\System32\RW_FileFlag.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{A7B93EC5-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{A7B93EC4-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{6A51049F-4A58-11E1-8101-0004763B69CB}.dat
[2012/12/08 12:10:42 | 003,851,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/08 10:37:28 | 000,000,112 | ---- | M] () -- C:\WINDOWS\System32\RW_{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/08 10:37:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\EvGr_Data{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/08 10:37:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\EvGr_Data{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/08 08:17:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/12/02 10:43:19 | 000,001,511 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MICE.lnk
[2012/12/01 17:15:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/12/01 17:15:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/12/01 16:38:19 | 001,610,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\INFCACHE.1
[2012/12/01 11:08:32 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2012/12/01 11:01:25 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\user\random.dat
[2012/12/01 10:40:06 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\user\SciTE.session
[2012/12/01 10:35:29 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE.dat
[2012/12/01 10:26:49 | 000,115,465 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012/12/01 10:26:49 | 000,097,545 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012/11/27 09:35:45 | 000,238,433 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached.htm
[2012/11/27 09:31:10 | 000,109,117 | ---- | M] () -- C:\Documents and Settings\user\My Documents\4GB(2x2GB) DDR2-667 PC2-5300 ECC Registered CL5 240-pin DIMM Memory RAM eBay.htm
[2012/11/27 09:04:16 | 001,779,322 | ---- | M] () -- C:\Documents and Settings\user\My Documents\dr memory.jpg
[2012/11/22 17:17:38 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Finder.lnk
[2012/11/22 17:17:38 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Registry Finder.lnk
[2012/11/20 21:14:50 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2012/11/20 21:14:50 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 08:35:46 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/11/20 08:34:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2012/11/19 19:40:59 | 000,279,245 | ---- | M] () -- C:\Documents and Settings\user\My Documents\19-11-2012 07-39.jpg
[2012/11/19 19:21:00 | 000,009,874 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Shipping Labels (927198141970).pdf
[2012/11/17 18:07:33 | 000,000,035 | ---- | M] () -- C:\WINDOWS\VB.MNM
[2012/11/17 17:13:47 | 000,000,023 | ---- | M] () -- C:\Documents and Settings\user\Desktop\ip.bat
[2012/11/17 16:05:42 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\user\Desktop\DEMON.bat
[2012/11/17 15:41:36 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\user\Desktop\TALK.bat
[2012/11/17 13:40:43 | 000,000,891 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Editor.lnk
[2012/11/17 13:40:43 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sothink SWF Editor.lnk
[2012/11/17 12:18:23 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Toolbar Cleaner.lnk
[2012/11/17 11:46:50 | 000,020,249 | ---- | M] () -- C:\Documents and Settings\user\Desktop\SoundPlayerHater.swf
[2012/11/17 11:30:11 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/17 11:30:11 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/16 00:05:56 | 000,007,170 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Movie3.swf
[2012/11/16 00:05:24 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Movie3.avi
[2012/11/15 23:59:18 | 017,126,419 | ---- | M] () -- C:\Documents and Settings\user\My Documents\error.swi
[2012/11/15 23:39:08 | 001,824,568 | ---- | M] () -- C:\Documents and Settings\user\My Documents\tsb_additive manufacturing comp final.pdf
[2012/11/15 22:40:10 | 000,001,852 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/14 08:50:58 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/14 08:46:27 | 000,001,917 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/12/14 08:41:00 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/12/13 20:56:28 | 000,335,029 | ---- | C] () -- C:\DPsFnshr.exe
[2012/12/11 23:14:03 | 3623,428,096 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{A7B93EC5-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{A7B93EC4-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{6A51049F-4A58-11E1-8101-0004763B69CB}.dat
[2012/12/02 10:43:19 | 000,001,511 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MICE.lnk
[2012/12/01 17:15:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/12/01 17:15:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/12/01 17:00:49 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\AtomicAlarmClock.ini
[2012/12/01 11:52:43 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\RW_{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/01 11:52:43 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\EvGr_Data{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/01 11:52:43 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\EvGr_Data{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/01 11:42:28 | 000,002,860 | ---- | C] () -- C:\config.xml
[2012/12/01 11:42:28 | 000,001,176 | ---- | C] () -- C:\WINDOWS\System32\RW_{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/01 10:32:21 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2012/11/27 09:35:42 | 000,238,433 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached.htm
[2012/11/27 09:31:09 | 000,109,117 | ---- | C] () -- C:\Documents and Settings\user\My Documents\4GB(2x2GB) DDR2-667 PC2-5300 ECC Registered CL5 240-pin DIMM Memory RAM eBay.htm
[2012/11/27 09:03:46 | 001,779,322 | ---- | C] () -- C:\Documents and Settings\user\My Documents\dr memory.jpg
[2012/11/22 17:17:38 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Finder.lnk
[2012/11/22 17:17:38 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Registry Finder.lnk
[2012/11/20 21:14:50 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2012/11/20 21:14:50 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 21:13:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/20 21:13:19 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/20 08:36:07 | 000,774,144 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2012/11/20 08:34:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012/11/19 23:38:47 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/11/19 19:39:55 | 000,279,245 | ---- | C] () -- C:\Documents and Settings\user\My Documents\19-11-2012 07-39.jpg
[2012/11/19 19:21:00 | 000,009,874 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Shipping Labels (927198141970).pdf
[2012/11/18 01:54:41 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/11/17 23:31:31 | 000,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2012/11/17 18:07:33 | 000,000,035 | ---- | C] () -- C:\WINDOWS\VB.MNM
[2012/11/17 16:44:56 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\user\Desktop\ip.bat
[2012/11/17 16:05:59 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\user\Desktop\DEMON.bat
[2012/11/17 16:05:59 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\user\Desktop\TALK.bat
[2012/11/17 13:40:43 | 000,000,891 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Editor.lnk
[2012/11/17 13:40:43 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sothink SWF Editor.lnk
[2012/11/17 12:18:23 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Toolbar Cleaner.lnk
[2012/11/17 11:46:48 | 000,020,249 | ---- | C] () -- C:\Documents and Settings\user\Desktop\SoundPlayerHater.swf
[2012/11/17 11:30:10 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/16 00:05:56 | 000,007,170 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Movie3.swf
[2012/11/16 00:05:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Movie3.avi
[2012/11/15 23:59:09 | 017,126,419 | ---- | C] () -- C:\Documents and Settings\user\My Documents\error.swi
[2012/11/15 23:39:07 | 001,824,568 | ---- | C] () -- C:\Documents and Settings\user\My Documents\tsb_additive manufacturing comp final.pdf
[2012/11/15 22:40:10 | 000,001,852 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/11/14 08:46:46 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2012/11/07 22:52:33 | 000,000,500 | ---- | C] () -- C:\WINDOWS\TUCSEN.ini
[2012/11/06 23:33:38 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2012/11/06 23:33:38 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2012/11/06 23:33:38 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2012/11/06 23:33:38 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2012/11/06 23:33:38 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2012/10/29 22:28:44 | 000,322,424 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/10/16 22:56:33 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\RW_AppData.dat
[2012/10/12 18:10:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2012/10/12 17:17:07 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Booms
[2012/10/12 17:17:07 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Bass
[2012/10/12 17:17:07 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
[2012/10/12 17:17:07 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Classical
[2012/10/12 17:15:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Breath Pad
[2012/10/12 17:15:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Bass Amp
[2012/10/12 17:15:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
[2012/10/12 17:15:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Clips
[2012/10/12 17:15:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\BookService
[2012/10/12 17:15:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Basics
[2012/10/12 17:15:54 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
[2012/10/12 17:15:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Calibrators
[2012/10/12 17:15:20 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLeo.DAT
[2012/10/12 17:15:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Desktop Pictures
[2012/10/12 17:15:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Chorus
[2012/10/12 07:04:24 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2012/09/20 17:57:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\user\Application Data\winscp.rnd
[2012/08/26 17:16:14 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\user\.deskmetrics
[2012/07/27 12:01:08 | 000,009,341 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft Excel 97-2003.EML
[2012/07/20 16:17:42 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\NVH264Decoder.dll
[2012/07/20 16:17:42 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\NVPostProc.dll
[2012/07/20 16:17:41 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\NVH264vfw.dll
[2012/07/20 11:32:11 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\Topica.ini
[2012/07/17 14:05:55 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\user\mm_backup.cfg
[2012/07/14 21:22:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\XWEBVI~1.INI
[2012/07/14 10:58:40 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\ff_realaacBC.dll
[2012/07/14 10:58:39 | 002,555,580 | ---- | C] () -- C:\WINDOWS\System32\libavcodecBC.dll
[2012/07/14 10:58:38 | 000,261,120 | ---- | C] () -- C:\WINDOWS\System32\libmplayerBC.dll
[2012/06/27 18:52:10 | 000,000,363 | ---- | C] () -- C:\WINDOWS\gotcha32.INI
[2012/06/26 17:44:02 | 000,041,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\dsu2cam.sys
[2012/06/26 16:35:57 | 000,000,065 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE_BETA.dat
[2012/06/26 16:35:57 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\user\random.dat
[2012/06/20 13:53:24 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NogaTw.INI
[2012/06/17 07:33:13 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE2.dat
[2012/06/01 00:14:28 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\user\jagexappletviewer.preferences
[2012/04/22 20:12:22 | 004,424,704 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2012/04/08 23:40:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/04/08 23:39:46 | 000,260,608 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2012/04/08 23:39:32 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2012/04/08 23:39:32 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2012/04/08 23:39:30 | 001,525,248 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2012/04/08 23:39:30 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2012/04/08 23:39:28 | 000,212,480 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2012/04/08 23:39:28 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2012/04/08 23:39:26 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2012/03/29 14:21:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2012/03/29 14:21:18 | 006,582,226 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-54.dll
[2012/03/29 14:21:18 | 001,152,365 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-54.dll
[2012/03/29 14:21:18 | 000,374,152 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2012/03/29 14:21:18 | 000,207,872 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2012/03/29 14:21:18 | 000,144,523 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-2.dll
[2012/03/11 01:02:29 | 000,056,732 | ---- | C] () -- C:\WINDOWS\RFMaxPluginUninstall.exe
[2012/02/25 08:34:53 | 000,096,208 | ---- | C] () -- C:\WINDOWS\System32\RW_FileType.dat
[2012/02/25 08:34:53 | 000,000,636 | ---- | C] () -- C:\WINDOWS\System32\RW_FileFlag.dat
[2012/02/16 23:20:24 | 000,000,263 | ---- | C] () -- C:\WINDOWS\ui_bitmapviewer.ini
[2012/02/16 23:11:30 | 000,010,920 | ---- | C] () -- C:\WINDOWS\POLYTRAN.INI
[2012/02/14 20:22:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/17 12:25:00 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/01/17 12:23:18 | 000,005,176 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/01/17 12:23:16 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/01/10 15:59:20 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/01/10 15:23:49 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/10 15:21:08 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/10 15:21:08 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/10 11:35:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\lgpi32.dll
[2012/01/07 23:19:19 | 002,300,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-343818398-725345543-1003-0.dat
[2011/12/29 14:07:50 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE1.dat
[2011/12/29 10:37:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/21 00:00:58 | 000,000,049 | -H-- | C] () -- C:\Documents and Settings\user\Application Data\eMail Extractor registration.ini
[2011/12/07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011/12/05 19:28:31 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\user\SciTE.session
[2011/11/29 23:23:18 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gem.lic
[2011/11/28 19:26:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/11/27 10:49:51 | 000,000,568 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2011/11/27 10:32:31 | 000,009,206 | ---- | C] () -- C:\WINDOWS\NTTuner.ini
[2011/11/20 08:02:33 | 000,161,781 | ---- | C] () -- C:\WINDOWS\Animated Wallpaper Maker Uninstaller.exe
[2011/11/17 06:04:39 | 000,134,650 | ---- | C] () -- C:\WINDOWS\Data Extractor Uninstaller.exe
[2011/11/16 17:18:21 | 000,000,704 | ---- | C] () -- C:\WINDOWS\IMPhenomenon.INI
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/11/08 03:26:36 | 000,584,570 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/10/26 08:44:30 | 000,004,107 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ihfeumzb.qzk
[2011/10/25 21:04:14 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE.dat
[2011/10/12 00:26:05 | 000,000,159 | RHS- | C] () -- C:\WINDOWS\CTA1STET.BIN
[2011/10/09 08:57:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2011/10/03 20:20:52 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\user\default.pls
[2011/10/03 20:15:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/12 18:10:56 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011/09/10 15:26:49 | 000,060,416 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/09 22:14:35 | 000,052,140 | ---- | C] () -- C:\WINDOWS\RFC4DPluginUninstall.exe
[2011/09/08 22:47:17 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011/09/08 22:39:02 | 000,000,136 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/09/08 22:13:38 | 000,115,465 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/09/08 22:13:38 | 000,097,545 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/09/08 14:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011/09/08 14:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011/09/08 14:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011/09/08 14:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011/09/08 14:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011/09/08 14:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011/09/08 14:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011/09/08 14:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011/09/08 13:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011/09/08 13:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011/09/07 20:10:26 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\Shortcut to mstsc.exe.lnk
[2011/09/06 11:32:54 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\Shortcut to calc.exe.lnk
[2011/09/04 15:00:14 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2011/09/04 14:59:06 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2011/09/02 19:45:48 | 000,002,568 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2011/09/02 16:10:10 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WPCMAPI.INI
[2011/09/02 15:51:47 | 000,000,090 | ---- | C] () -- C:\WINDOWS\msmail.ini
[2011/09/02 11:04:15 | 000,015,898 | ---- | C] () -- C:\WINDOWS\System32\vlmsup.exe
[2011/09/02 11:04:12 | 000,001,724 | ---- | C] () -- C:\WINDOWS\System32\vipx.exe
[2011/09/02 11:04:01 | 000,065,619 | ---- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2011/09/02 11:03:25 | 000,262,227 | ---- | C] () -- C:\WINDOWS\System32\nwshlxnt.dll
[2011/09/02 11:02:16 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\lgncon32.dll
[2011/09/02 10:40:38 | 000,002,757 | ---- | C] () -- C:\WINDOWS\System32\rdrstats.ini
[2011/09/02 10:33:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\prtwin32.dll
[2011/09/02 10:32:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\nwpsrv32.dll
[2011/09/02 10:32:15 | 000,225,356 | ---- | C] () -- C:\WINDOWS\System32\lgnwnt32.dll
[2011/09/02 10:30:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2011/09/01 23:28:39 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\user\Application Data\AtomicAlarmClock.ini
[2011/09/01 23:10:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011/09/01 23:09:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2011/07/21 14:14:05 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/06/17 14:44:28 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\G711Codec.dll
[2011/06/09 19:26:30 | 000,199,680 | ---- | C] () -- C:\WINDOWS\System32\MyAVCD.dll
[2011/06/01 19:19:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ArchiveHelper.dll
[2011/05/30 13:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\XviDvfw.dll
[2011/05/23 07:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\XviDcore.dll
[2011/03/03 11:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011/03/03 11:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011/03/03 11:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2011/01/10 00:51:55 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/30 22:27:47 | 014,454,784 | ---- | C] () -- C:\WINDOWS\System32\common_res.dll

========== ZeroAccess Check ==========

[2010/09/29 16:30:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 00:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/18 22:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/09/09 17:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Abvent
[2011/10/30 17:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altova
[2012/11/17 12:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2012/01/07 22:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2011/09/01 23:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/01/11 15:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012/05/27 23:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Capvidia
[2011/01/11 15:36:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/11/02 18:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CompeGPS
[2011/11/03 11:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Compuplast
[2012/11/11 08:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Condusiv Technologies
[2012/01/01 18:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrystalMaker Software
[2011/10/09 08:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2012/11/11 08:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
[2012/01/17 12:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/10/12 17:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2011/09/09 13:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2011/09/01 18:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2012/02/18 16:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNET
[2011/11/07 14:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FNP
[2012/09/05 18:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GNU
[2012/04/12 08:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grasssoft
[2012/11/01 12:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/01/10 11:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keyword Sniper Pro
[2012/11/02 17:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Materialise
[2012/02/14 13:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2012/12/14 08:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/11/17 06:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mirillis
[2012/10/16 23:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2011/09/26 12:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2011/11/22 21:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/11/05 00:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2012/03/08 04:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Right Hemisphere
[2011/09/02 20:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011/10/09 23:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
[2012/02/16 21:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solveering LLC
[2011/09/09 19:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2011/10/27 20:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2011/10/28 08:26:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spotmau
[2012/10/29 22:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/10/13 12:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2012/12/14 10:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/04 15:17:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\:spam: Total Media Converter
[2012/02/14 17:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transend
[2011/09/16 19:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2012/10/12 17:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2011/09/29 20:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/09/04 14:18:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A70847F9-0478-4850-BE50-19ADF5EC2299}
[2011/11/06 10:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\3Matic
[2011/09/09 17:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Abvent
[2012/11/07 18:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Abvent_Artlantis3
[2012/04/17 21:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\aignes
[2012/10/12 07:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ashampoo
[2012/01/07 22:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Autodesk
[2011/01/11 15:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG10
[2011/12/31 16:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2012/05/27 23:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Capvidia
[2012/11/02 16:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/11/11 09:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Condusiv_Technologies
[2012/01/01 18:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\CrystalMaker Software
[2011/11/03 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DassaultSystemes
[2011/10/31 12:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Digiarty
[2011/09/26 12:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Downloaded Installations
[2012/03/27 17:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EDrawings
[2012/01/11 01:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EurekaLog
[2012/11/15 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FixCleaner
[2012/11/27 01:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
[2012/09/11 06:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gnupg
[2012/02/06 23:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Grasssoft
[2012/03/15 20:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HDRLightStudio
[2011/11/24 21:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HDRsoft
[2011/12/12 22:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\headus
[2012/03/25 20:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HTC
[2011/11/01 20:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/01/20 16:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Hulubulu
[2012/01/12 23:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IBP
[2011/09/01 22:50:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\IFViewer
[2011/10/28 08:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2012/11/01 13:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IObit
[2012/08/24 07:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\iSpy
[2011/09/04 14:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Key Metric Software
[2012/11/02 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Luxology
[2012/05/27 23:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Materialise
[2011/12/24 19:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MAXON
[2011/12/21 00:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Maxprog
[2012/04/30 04:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MedCalc Software
[2012/09/23 20:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MetaQuotes
[2011/11/17 06:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mirillis
[2012/10/12 17:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nikon
[2012/11/19 19:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nitro PDF
[2012/02/14 15:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ntr
[2012/10/29 23:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Oracle
[2012/03/25 20:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Outlook
[2012/07/08 07:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Passware
[2011/11/23 19:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PE Explorer
[2011/12/13 23:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PhotoScissorsPilot
[2012/01/01 19:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Pixelplan
[2012/01/08 00:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Plexscape
[2012/03/31 09:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PolyView
[2011/09/09 20:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2011/10/09 23:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Quest3D
[2012/10/15 19:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\redsn0w
[2012/03/16 22:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Right Hemisphere
[2012/04/13 20:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\RobotSoft
[2011/12/14 22:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Scooter Software
[2011/11/08 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SimLab
[2011/11/07 12:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SOLIDCast
[2011/09/09 20:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2012/11/14 08:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SWiSH Max4
[2012/10/29 22:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SystemSpeedBooster
[2012/10/30 21:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Systweak
[2012/08/12 22:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TeamViewer
[2011/09/02 20:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall
[2012/08/18 15:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Transcend Elite
[2012/08/22 22:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TrueCrypt
[2011/09/16 19:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2012/11/10 17:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\URSoft
[2011/09/20 10:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search
[2011/09/20 20:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Search
[2011/12/05 12:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Xi
[2011/10/02 19:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Xilisoft
[2011/12/04 15:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\XMedia Recode

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/05/31 20:22:39 | 000,000,000 | ---D | M](C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国
[2012/05/31 20:22:39 | 000,000,000 | ---D | M](C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国
(C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国

========== Alternate Data Streams ==========

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
I think it was probably Kaspersky that did you in. You are the third person I've talked to who had a major problem with the upgrade on an XP.

Let's get rid of Kaspersky completely first (I see a lot of broken drivers). Get the Kaspersky Removal tool and run it per the instructions on

http://support.kaspersky.com/1464

Also I see remnants of AVG so let's get and run their removal tool too.

http://download.avg....6_2011_1184.exe



Now let's clear the event log and reboot and look to see what errors we get. That may tell us what is broken.


Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.



I would like to reset the winsock stack but that would break your Novell Client. Are you able to reinstall it?

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
FNetUrPx.sys
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp 
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



Ron
  • 0

#3
1nv1s

1nv1s

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi thanks for the help its appreciated.
I have removed KAV with Kavremover and same with AVG

Event viewer would only run in system mode.
Application mode gave a runtime error 13 Type Mismatch. i tried several times reliably gave runtime error
happy to try again after a reboot perhaps.
here is the results of system event view.

..........................................................................................................................................

Vino's Event Viewer v01c run on Windows XP in English
Report run at 16/12/2012 22:53:32

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/12/2012 08:47
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 239 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 08:47
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 07:58
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Adobe Active File Monitor V8 service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 16/12/2012 07:57
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The DNS Client service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 16/12/2012 07:57
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Diskeeper service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 16/12/2012 06:47
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 119 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 06:47
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 05:47
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 59 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 05:47
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 03:34
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 239 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 03:34
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 01:34
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 119 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 01:34
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 12:34
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 59 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 12:34
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 12:04
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 12:04
Type: error Category: 0
Event: 17 Source: W32Time
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Log: 'System' Date/Time: 16/12/2012 11:23
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time.

Log: 'System' Date/Time: 16/12/2012 10:19
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Sentinel service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 16/12/2012 09:25
Type: error Category: 0
Event: 29 Source: W32Time
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/12/2012 11:32
Type: warning Category: 0
Event: 1073 Source: USER32
The attempt to reboot USER-24DEB876B6 failed

Log: 'System' Date/Time: 16/12/2012 11:19
Type: warning Category: 0
Event: 1073 Source: USER32
The attempt to power off USER-24DEB876B6 failed

Log: 'System' Date/Time: 15/12/2012 09:19
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 09:07
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 09:07
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 07:45
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 07:07
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 04:12
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 03:45
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 03:43
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 03:25
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 03:22
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 15/12/2012 03:22
Type: warning Category: 0
Event: 1118 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:25
Type: warning Category: 0
Event: 36 Source: W32Time
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.

Log: 'System' Date/Time: 14/12/2012 11:08
Type: warning Category: 0
Event: 1116 Source: Microsoft Antimalware
The event description cannot be found.


.................................................................................................................................

Reinstalling my novell client is not a problem
i await your instructions on this.

....................................................................................................................................

The Otl Custom scans follow:

OTL logfile created on: 16/12/2012 23:12:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.37 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 82.75% Memory free
7.24 Gb Paging File | 6.85 Gb Available in Paging File | 94.67% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 586.80 Gb Free Space | 62.99% Space Free | Partition Type: NTFS
Drive E: | 59.63 Gb Total Space | 57.02 Gb Free Space | 95.63% Space Free | Partition Type: NTFS

Computer Name: USER-24DEB876B6 | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/15 10:14:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
PRC - [2012/11/20 21:29:38 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/10/20 05:25:58 | 010,122,112 | ---- | M] (HLW Software Development GmbH) -- C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe
PRC - [2012/07/27 17:57:12 | 002,163,064 | ---- | M] (Condusiv Technologies) -- C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
PRC - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
PRC - [2011/09/02 09:42:34 | 000,028,672 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\nwtray.exe
PRC - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe
PRC - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/12/07 15:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
PRC - [2010/07/09 11:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2010/07/09 11:40:14 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2010/06/09 11:41:30 | 001,726,976 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/09/17 00:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2009/09/17 00:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
PRC - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
MOD - [2011/09/02 09:42:26 | 000,262,227 | ---- | M] () -- C:\WINDOWS\system32\nwshlxnt.dll
MOD - [2011/09/02 09:39:42 | 000,110,592 | ---- | M] () -- C:\WINDOWS\system32\nls\ENGLISH\nwshlxnr.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe
MOD - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
MOD - [2011/03/02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/07/29 17:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Portable\Total Video Converter - HD version 3.71\TVCShellExt.dll
MOD - [2010/07/09 11:40:28 | 000,115,008 | ---- | M] () -- C:\Program Files\Nitro PDF\Professional\NPShellExtension.dll
MOD - [2010/07/04 21:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/06/09 11:41:30 | 001,726,976 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
MOD - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
MOD - [2008/08/26 12:07:18 | 000,133,632 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\Clock.dll
MOD - [2005/06/24 15:13:48 | 000,407,552 | ---- | M] () -- C:\Program Files\Extension Changer\extcontext.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2012/11/20 21:29:38 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/11/18 01:54:37 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/27 17:05:50 | 000,081,696 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HDD Regenerator\hrsrv.exe -- (hddrsrv)
SRV - [2012/10/24 17:50:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/20 05:25:58 | 010,122,112 | ---- | M] (HLW Software Development GmbH) [Auto | Running] -- C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe -- (itap-mobile-connect)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/27 17:57:12 | 002,163,064 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/15 10:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/09 08:30:57 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011/10/09 08:30:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/27 03:00:24 | 000,089,160 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2011/09/20 14:37:36 | 000,582,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe -- (MatLocalLicenceServer60)
SRV - [2011/09/02 09:42:30 | 000,053,339 | ---- | M] (Novell, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\cusrvc.exe -- (cusrvc)
SRV - [2011/09/01 23:10:08 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2011/08/17 18:42:58 | 000,090,168 | ---- | M] (Mentor Graphics Corporation) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2012)
SRV - [2011/05/30 22:09:00 | 000,581,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe -- (amajm2012)
SRV - [2011/05/04 13:14:38 | 000,081,408 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/12/07 15:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2010/07/09 11:40:24 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/07/09 11:40:14 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/09/17 06:06:00 | 001,246,496 | ---- | M] (SafeNet, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2009/09/17 00:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2009/09/17 00:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2005/09/23 06:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (SANDRA)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\PciCon.sys -- (PciCon)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klmouflt.sys -- (klmouflt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klim5.sys -- (klim5)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\kl2.sys -- (kl2)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\kl1.sys -- (KL1)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (FNETURPX)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\user\LOCALS~1\Temp\HBCD\PCWizard\pcwiz_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/08/22 22:15:54 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012/07/09 14:54:56 | 000,085,328 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DKTLFSMF.sys -- (DKTLFSMF)
DRV - [2012/07/03 19:55:18 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2012/06/26 17:44:02 | 000,041,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dsu2cam.sys -- (DSU2CAM)
DRV - [2012/06/18 19:14:42 | 000,044,496 | ---- | M] (Condusiv Technologies) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt)
DRV - [2012/05/23 15:36:50 | 000,275,760 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mv91xx.sys -- (mv91xx)
DRV - [2012/04/09 15:27:34 | 000,299,024 | ---- | M] (EldoS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cbfs3.sys -- (cbfs3)
DRV - [2011/11/10 03:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/09/08 22:47:18 | 000,460,800 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2011/09/08 22:47:17 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2011/09/02 09:42:36 | 000,006,128 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwsns.sys -- (NWSNS)
DRV - [2011/09/02 09:42:34 | 000,023,232 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\NetWare\nwsap.sys -- (NWSAP)
DRV - [2011/09/02 09:42:34 | 000,020,208 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwslp.sys -- (NWSLP)
DRV - [2011/09/02 09:42:34 | 000,018,353 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdhcp.sys -- (NWDHCP)
DRV - [2011/09/02 09:42:34 | 000,017,664 | ---- | M] (Novell, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\NetWare\nwfilter.sys -- (NWFILTER)
DRV - [2011/09/02 09:42:34 | 000,009,297 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwhost.sys -- (NWHOST)
DRV - [2011/09/02 09:42:32 | 000,045,824 | ---- | M] (Novell, Inc.) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\NetWare\nwdns.sys -- (NWDNS)
DRV - [2011/09/02 09:42:32 | 000,038,603 | ---- | M] (Novell, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nicm.sys -- (NICM)
DRV - [2011/09/02 09:42:32 | 000,029,440 | ---- | M] (Novell, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\NetWare\resmgr.sys -- (RESMGR)
DRV - [2011/09/02 09:42:30 | 000,058,496 | ---- | M] (Novell, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\NetWare\nwsipx32.sys -- (NWSIPX32)
DRV - [2011/09/02 09:42:28 | 000,185,216 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\srvloc.sys -- (SRVLOC)
DRV - [2011/09/02 09:42:26 | 000,553,216 | ---- | M] (Novell, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\NetWare\nwfs.sys -- (NetwareWorkstation)
DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/06 18:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/06/15 08:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/05/21 20:33:10 | 000,192,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xhcdrv.sys -- (xhcdrv)
DRV - [2010/09/30 12:59:16 | 000,141,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/09/30 12:59:16 | 000,061,824 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2010/06/22 17:01:52 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/02/09 04:56:10 | 000,222,248 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2009/11/19 13:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/09/17 16:01:18 | 000,579,840 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009/09/17 16:00:38 | 000,543,744 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009/08/19 12:05:56 | 000,100,368 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/27 00:49:22 | 000,019,456 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bfturbov.sys -- (bfturbov)
DRV - [2009/06/18 17:04:20 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/06/09 23:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 18:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/04/01 05:33:32 | 000,163,712 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio)
DRV - [2005/01/25 15:45:50 | 000,035,107 | ---- | M] (Winternals) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VDiskBus.sys -- (vdiskbus)
DRV - [2003/04/30 15:59:40 | 000,259,528 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Nuvision.sys -- (NuVision)
DRV - [2002/12/16 18:11:02 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb)
DRV - [2002/12/16 18:11:02 | 000,009,949 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\SENTINEL.HLP -- (Sentinel)
DRV - [2002/01/12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortTalk.sys -- (PortTalk)
DRV - [2001/08/17 13:05:48 | 000,314,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrO21.sys -- (PhilCam8116)
DRV - [2001/08/17 12:49:42 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.google.co.uk/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT2481032.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.0.1227P.314153
FF - prefs.js..extensions.enabledAddons: [email protected]:1.1.22
FF - prefs.js..extensions.enabledAddons: [email protected]:3.8.0
FF - prefs.js..extensions.enabledAddons: [email protected]:4.58
FF - prefs.js..keyword.URL: "http://search.yahoo...._1-ya-bs-rp&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/09/22 07:16:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/17 11:29:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/09/07 13:02:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2012/12/09 06:51:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions
[2012/01/10 09:48:05 | 000,000,000 | ---D | M] (Adobe BrowserLab for Firebug) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/12/09 06:51:54 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/21 04:52:33 | 000,234,741 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 12:21:38 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 12:21:48 | 000,251,282 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\extensions\[email protected]
[2012/11/17 11:42:18 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\5ctkasml.default\searchplugins\conduit.xml
[2012/12/01 10:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/08 22:13:54 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak
[2011/09/08 22:13:51 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak
[2010/09/30 12:28:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/24 17:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 17:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/17 12:21:26 | 000,128,264 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\testlog.txt
[2012/10/24 17:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/11 18:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - homepage: http://www.google.co.uk/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: New Tab Redirect = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ffnkmhhiondoojnmkkpebhfmeeloahpe\1.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/08 08:17:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [StartupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP File not found
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to WebSite-Watcher - C:\Documents and Settings\user\Application Data\aignes\WebSite-Watcher\config\settings\wswie.htm ()
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {042134DD-BB44-43FC-A74F-B80FBD465925} http://210.68.70.226...e/xWebView4.cab (xWebView4 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1285837009015 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341098091181 (MUWebControl Class)
O16 - DPF: {99477088-D541-4C7E-945D-9E8854469CF5} http://192.168.100.200/Topica.cab (Topica Control)
O16 - DPF: {B29FFE46-EFA5-41A7-95B3-21E6182CC5BE} http://210.68.70.226.../TOPICACamV.cab (TOPICA IPCamera Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1E4FE21-20A5-4D65-866D-E7C2BEF15CA1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E553B255-2CAE-4281-8B0D-09A7F55A2F37}: NameServer = 158.152.1.43,158.152.1.58
O18 - Protocol\Handler\dae {A6781FA9-C199-4FF3-803D-C181484BB4E0} - C:\Program Files\Right Hemisphere\Deep Access Explorer\PreviewHandler32.dll (Right Hemisphere)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (NWGINA.DLL) - C:\WINDOWS\System32\nwgina.dll (Novell, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/09 11:00:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {02631924-8B05-C288-D0E7-BECEE1FB8A7F} - NetShow
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22554B82-74F8-C3EE-6EF0-38A655327CF2} - Internet Explorer
ActiveX: {22AADFA8-CA4C-F1EB-D306-81C02EA1038C} - Internet Explorer
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {52AAE741-64A3-333D-2D22-035310E809AB} - Java (Sun)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {60AFACE5-7062-E410-667D-02888A661A18} - NetShow
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ADB5EF68-09FC-5A48-779E-5B064B3C919D} - Outlook Express
ActiveX: {BE27EC80-AD83-D966-1AA3-53D008369AF0} - Internet Explorer
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {CFAE7807-0E6D-7F83-BEA8-94D5FF1742CF} - Vector Graphics Rendering (VML)
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {D862EC74-89C1-E9FE-4F2F-4331B5E9BB8E} - Outlook Express
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Hacked With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\WINDOWS\System32\SNTI386.DLL (Rainbow Technologies, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.NTN1 - C:\WINDOWS\System32\nuvision.ax (Zoran Ltd.)
Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VP80 - vp8vfw.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/16 23:08:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2012/12/16 22:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/12/16 15:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\TuneUp Software
[2012/12/16 13:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\jv16 PowerTools 2012
[2012/12/16 13:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2012
[2012/12/16 12:27:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Registry Finder
[2012/12/16 09:54:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Point-N-Click
[2012/12/15 17:39:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware
[2012/12/15 16:07:34 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/12/15 16:03:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/12/15 16:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\NPE
[2012/12/15 16:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/12/15 09:26:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2012/12/14 10:51:56 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/12/14 09:06:34 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012/12/14 08:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\MFAData
[2012/12/14 08:20:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Avg2013
[2012/12/14 07:36:00 | 000,019,456 | ---- | C] (BUFFALO INC.) -- C:\WINDOWS\System32\drivers\bfturbov.sys
[2012/12/14 07:00:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.2
[2012/12/13 20:50:14 | 000,000,000 | ---D | C] -- C:\WINDOWS.1
[2012/12/10 13:00:02 | 000,000,000 | ---D | C] -- C:\WINDOWS.0
[2012/12/02 10:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\MICE
[2012/12/02 10:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\MICE
[2012/12/02 00:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Mouse
[2012/12/01 17:15:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll
[2012/12/01 16:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2012/12/01 11:02:55 | 000,000,000 | ---D | C] -- C:\kavremover
[2012/12/01 09:34:00 | 000,074,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klflt.sys
[2012/12/01 09:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
[2012/11/27 09:35:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached_files
[2012/11/27 01:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\GlarySoft
[2012/11/23 08:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NetSetMan
[2012/11/23 08:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\NetSetMan
[2012/11/22 17:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry Finder
[2012/11/22 17:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\AceLogix
[2012/11/22 17:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\DCSoft
[2012/11/22 17:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\DCSoft
[2012/11/20 21:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/11/20 21:30:03 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/11/20 21:30:03 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/11/20 21:29:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/11/20 21:29:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/11/20 21:29:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/11/20 21:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/11/20 08:36:07 | 001,414,440 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\ShellManager310E2D762.dll
[2012/11/19 23:38:45 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/11/19 23:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/11/19 23:33:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/18 01:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\driverview
[2012/11/17 23:31:31 | 000,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe
[2012/11/17 23:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Powertoys for Windows XP
[2012/11/17 18:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Registry Toolkit
[2012/11/17 18:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tools
[2012/11/17 18:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\RegTkt
[2012/11/17 12:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\toolbarcleaner
[2012/11/17 12:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2012/11/17 12:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2012/11/17 12:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Start Menu\Programs\Toolbar Cleaner
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/16 23:20:19 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/16 23:19:38 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\user\Application Data\AtomicAlarmClock.ini
[2012/12/16 23:04:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/16 22:50:01 | 000,000,498 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Outlook 2010.job
[2012/12/16 22:46:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/16 22:46:13 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/16 22:45:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/16 22:45:20 | 3623,428,096 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/16 13:25:00 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\user\Application Data\Windows1569_SettingsRepository.bin
[2012/12/16 13:25:00 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\90C7D912BE2316.sys
[2012/12/16 13:24:46 | 000,001,582 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2012.lnk
[2012/12/16 13:24:46 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\jv16 PowerTools 2012.lnk
[2012/12/16 08:32:04 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/12/15 10:14:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2012/12/14 07:32:14 | 000,002,860 | ---- | M] () -- C:\config.xml
[2012/12/14 07:32:14 | 000,001,176 | ---- | M] () -- C:\WINDOWS\System32\RW_{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/14 07:32:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\RW_AppData.dat
[2012/12/14 05:07:46 | 000,000,401 | -HS- | M] () -- C:\boot.ini
[2012/12/11 09:49:17 | 000,526,792 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/11 09:49:17 | 000,096,648 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/11 08:13:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/08 18:12:35 | 000,096,208 | ---- | M] () -- C:\WINDOWS\System32\RW_FileType.dat
[2012/12/08 18:12:35 | 000,000,636 | ---- | M] () -- C:\WINDOWS\System32\RW_FileFlag.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{A7B93EC5-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{A7B93EC4-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\RW_{6A51049F-4A58-11E1-8101-0004763B69CB}.dat
[2012/12/08 12:10:42 | 003,851,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/08 10:37:28 | 000,000,112 | ---- | M] () -- C:\WINDOWS\System32\RW_{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/08 10:37:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\EvGr_Data{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/08 10:37:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\EvGr_Data{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/08 08:17:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/12/02 10:43:19 | 000,001,511 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MICE.lnk
[2012/12/01 17:15:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/12/01 17:15:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/12/01 16:38:19 | 001,610,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\INFCACHE.1
[2012/12/01 11:08:32 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync
[2012/12/01 11:01:25 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\user\random.dat
[2012/12/01 10:40:06 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\user\SciTE.session
[2012/12/01 10:35:29 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE.dat
[2012/12/01 10:26:49 | 000,115,465 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012/12/01 10:26:49 | 000,097,545 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012/11/27 09:35:45 | 000,238,433 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached.htm
[2012/11/27 09:31:10 | 000,109,117 | ---- | M] () -- C:\Documents and Settings\user\My Documents\4GB(2x2GB) DDR2-667 PC2-5300 ECC Registered CL5 240-pin DIMM Memory RAM eBay.htm
[2012/11/27 09:04:16 | 001,779,322 | ---- | M] () -- C:\Documents and Settings\user\My Documents\dr memory.jpg
[2012/11/22 17:17:38 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Finder.lnk
[2012/11/22 17:17:38 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Registry Finder.lnk
[2012/11/20 21:29:39 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/11/20 21:29:37 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/11/20 21:29:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/11/20 21:29:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/11/20 21:29:37 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/11/20 21:29:36 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/11/20 21:29:36 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/11/20 21:14:50 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2012/11/20 21:14:50 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 08:35:46 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/11/20 08:34:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini
[2012/11/19 19:40:59 | 000,279,245 | ---- | M] () -- C:\Documents and Settings\user\My Documents\19-11-2012 07-39.jpg
[2012/11/19 19:21:00 | 000,009,874 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Shipping Labels (927198141970).pdf
[2012/11/18 01:54:37 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/11/18 01:54:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/11/17 18:07:33 | 000,000,035 | ---- | M] () -- C:\WINDOWS\VB.MNM
[2012/11/17 17:13:47 | 000,000,023 | ---- | M] () -- C:\Documents and Settings\user\Desktop\ip.bat
[2012/11/17 16:05:42 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\user\Desktop\DEMON.bat
[2012/11/17 15:41:36 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\user\Desktop\TALK.bat
[2012/11/17 13:40:43 | 000,000,891 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Editor.lnk
[2012/11/17 13:40:43 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sothink SWF Editor.lnk
[2012/11/17 12:18:23 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Toolbar Cleaner.lnk
[2012/11/17 11:46:50 | 000,020,249 | ---- | M] () -- C:\Documents and Settings\user\Desktop\SoundPlayerHater.swf
[2012/11/17 11:30:11 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/17 11:30:11 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/16 13:25:00 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\user\Application Data\Windows1569_SettingsRepository.bin
[2012/12/16 13:25:00 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\90C7D912BE2316.sys
[2012/12/16 13:24:46 | 000,001,582 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2012.lnk
[2012/12/16 13:24:46 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\jv16 PowerTools 2012.lnk
[2012/12/16 08:06:33 | 3623,428,096 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/14 08:46:27 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/12/13 20:56:28 | 000,335,029 | ---- | C] () -- C:\DPsFnshr.exe
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{A7B93EC5-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{A7B93EC4-4153-11E2-81A6-0004763B69CB}.dat
[2012/12/08 18:12:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\RW_{6A51049F-4A58-11E1-8101-0004763B69CB}.dat
[2012/12/02 10:43:19 | 000,001,511 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MICE.lnk
[2012/12/01 17:15:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/12/01 17:15:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/12/01 17:00:49 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\AtomicAlarmClock.ini
[2012/12/01 11:52:43 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\RW_{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/01 11:52:43 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\EvGr_Data{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/01 11:52:43 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\EvGr_Data{181E0F2E-286A-11E2-8181-0004763B69CB}.dat
[2012/12/01 11:42:28 | 000,002,860 | ---- | C] () -- C:\config.xml
[2012/12/01 11:42:28 | 000,001,176 | ---- | C] () -- C:\WINDOWS\System32\RW_{D7B257AE-D3A5-11E0-A956-806D6172696F}.dat
[2012/12/01 10:32:21 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync
[2012/11/27 09:35:42 | 000,238,433 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Transcend 4GB (2x2GB) DDR2-667 PC2-5300 ECC Registered Memory (RAM) 240-pin eBay-cached.htm
[2012/11/27 09:31:09 | 000,109,117 | ---- | C] () -- C:\Documents and Settings\user\My Documents\4GB(2x2GB) DDR2-667 PC2-5300 ECC Registered CL5 240-pin DIMM Memory RAM eBay.htm
[2012/11/27 09:03:46 | 001,779,322 | ---- | C] () -- C:\Documents and Settings\user\My Documents\dr memory.jpg
[2012/11/22 17:17:38 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Finder.lnk
[2012/11/22 17:17:38 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Registry Finder.lnk
[2012/11/20 21:14:50 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Google Chrome.lnk
[2012/11/20 21:14:50 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/11/20 21:13:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/20 21:13:19 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/20 08:36:07 | 000,774,144 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2012/11/20 08:34:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012/11/19 23:38:47 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/11/19 19:39:55 | 000,279,245 | ---- | C] () -- C:\Documents and Settings\user\My Documents\19-11-2012 07-39.jpg
[2012/11/19 19:21:00 | 000,009,874 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Shipping Labels (927198141970).pdf
[2012/11/18 01:54:41 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/11/17 23:31:31 | 000,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2012/11/17 18:07:33 | 000,000,035 | ---- | C] () -- C:\WINDOWS\VB.MNM
[2012/11/17 16:44:56 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\user\Desktop\ip.bat
[2012/11/17 16:05:59 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\user\Desktop\DEMON.bat
[2012/11/17 16:05:59 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\user\Desktop\TALK.bat
[2012/11/17 13:40:43 | 000,000,891 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink SWF Editor.lnk
[2012/11/17 13:40:43 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sothink SWF Editor.lnk
[2012/11/17 12:18:23 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Toolbar Cleaner.lnk
[2012/11/17 11:46:48 | 000,020,249 | ---- | C] () -- C:\Documents and Settings\user\Desktop\SoundPlayerHater.swf
[2012/11/17 11:30:10 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/14 08:46:46 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2012/11/07 22:52:33 | 000,000,500 | ---- | C] () -- C:\WINDOWS\TUCSEN.ini
[2012/11/06 23:33:38 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2012/11/06 23:33:38 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2012/11/06 23:33:38 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2012/11/06 23:33:38 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2012/11/06 23:33:38 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2012/10/29 22:28:44 | 000,322,424 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/10/16 22:56:33 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\RW_AppData.dat
[2012/10/12 18:10:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2012/10/12 17:17:07 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Booms
[2012/10/12 17:17:07 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Bass
[2012/10/12 17:17:07 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
[2012/10/12 17:17:07 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Classical
[2012/10/12 17:15:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Breath Pad
[2012/10/12 17:15:55 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Bass Amp
[2012/10/12 17:15:55 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
[2012/10/12 17:15:55 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Clips
[2012/10/12 17:15:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\BookService
[2012/10/12 17:15:54 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Basics
[2012/10/12 17:15:54 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
[2012/10/12 17:15:20 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\user\Application Data\Calibrators
[2012/10/12 17:15:20 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLeo.DAT
[2012/10/12 17:15:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Desktop Pictures
[2012/10/12 17:15:20 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Chorus
[2012/10/12 07:04:24 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2012/09/20 17:57:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\user\Application Data\winscp.rnd
[2012/08/26 17:16:14 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\user\.deskmetrics
[2012/07/27 12:01:08 | 000,009,341 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft Excel 97-2003.EML
[2012/07/20 16:17:42 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\NVH264Decoder.dll
[2012/07/20 16:17:42 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\NVPostProc.dll
[2012/07/20 16:17:41 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\NVH264vfw.dll
[2012/07/20 11:32:11 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\Topica.ini
[2012/07/17 14:05:55 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\user\mm_backup.cfg
[2012/07/14 21:22:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\XWEBVI~1.INI
[2012/07/14 10:58:40 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\ff_realaacBC.dll
[2012/07/14 10:58:39 | 002,555,580 | ---- | C] () -- C:\WINDOWS\System32\libavcodecBC.dll
[2012/07/14 10:58:38 | 000,261,120 | ---- | C] () -- C:\WINDOWS\System32\libmplayerBC.dll
[2012/06/27 18:52:10 | 000,000,363 | ---- | C] () -- C:\WINDOWS\gotcha32.INI
[2012/06/26 17:44:02 | 000,041,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\dsu2cam.sys
[2012/06/26 16:35:57 | 000,000,065 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE_BETA.dat
[2012/06/26 16:35:57 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\user\random.dat
[2012/06/20 13:53:24 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NogaTw.INI
[2012/06/17 07:33:13 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE2.dat
[2012/06/01 00:14:28 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\user\jagexappletviewer.preferences
[2012/04/22 20:12:22 | 004,424,704 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2012/04/08 23:40:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/04/08 23:39:46 | 000,260,608 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2012/04/08 23:39:32 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2012/04/08 23:39:32 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2012/04/08 23:39:30 | 001,525,248 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2012/04/08 23:39:30 | 000,146,944 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2012/04/08 23:39:28 | 000,212,480 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2012/04/08 23:39:28 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2012/04/08 23:39:26 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2012/03/29 14:21:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2012/03/29 14:21:18 | 006,582,226 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-54.dll
[2012/03/29 14:21:18 | 001,152,365 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-54.dll
[2012/03/29 14:21:18 | 000,374,152 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2012/03/29 14:21:18 | 000,207,872 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-51.dll
[2012/03/29 14:21:18 | 000,144,523 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-2.dll
[2012/03/11 01:02:29 | 000,056,732 | ---- | C] () -- C:\WINDOWS\RFMaxPluginUninstall.exe
[2012/02/25 08:34:53 | 000,096,208 | ---- | C] () -- C:\WINDOWS\System32\RW_FileType.dat
[2012/02/25 08:34:53 | 000,000,636 | ---- | C] () -- C:\WINDOWS\System32\RW_FileFlag.dat
[2012/02/16 23:20:24 | 000,000,263 | ---- | C] () -- C:\WINDOWS\ui_bitmapviewer.ini
[2012/02/16 23:11:30 | 000,010,920 | ---- | C] () -- C:\WINDOWS\POLYTRAN.INI
[2012/02/14 20:22:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/17 12:25:00 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012/01/17 12:23:18 | 000,005,176 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012/01/17 12:23:16 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012/01/10 15:59:20 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/01/10 15:23:49 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/10 15:21:08 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/10 15:21:08 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/10 11:35:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\lgpi32.dll
[2012/01/07 23:19:19 | 002,300,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-343818398-725345543-1003-0.dat
[2011/12/29 14:07:50 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE1.dat
[2011/12/29 10:37:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/21 00:00:58 | 000,000,049 | -H-- | C] () -- C:\Documents and Settings\user\Application Data\eMail Extractor registration.ini
[2011/12/07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011/12/05 19:28:31 | 000,000,363 | ---- | C] () -- C:\Documents and Settings\user\SciTE.session
[2011/11/29 23:23:18 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gem.lic
[2011/11/28 19:26:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/11/27 10:49:51 | 000,000,568 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2011/11/27 10:32:31 | 000,009,206 | ---- | C] () -- C:\WINDOWS\NTTuner.ini
[2011/11/20 08:02:33 | 000,161,781 | ---- | C] () -- C:\WINDOWS\Animated Wallpaper Maker Uninstaller.exe
[2011/11/17 06:04:39 | 000,134,650 | ---- | C] () -- C:\WINDOWS\Data Extractor Uninstaller.exe
[2011/11/16 17:18:21 | 000,000,704 | ---- | C] () -- C:\WINDOWS\IMPhenomenon.INI
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/11/08 03:26:36 | 000,584,570 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/10/26 08:44:30 | 000,004,107 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ihfeumzb.qzk
[2011/10/25 21:04:14 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\user\jagex_cl_runescape_LIVE.dat
[2011/10/12 00:26:05 | 000,000,159 | RHS- | C] () -- C:\WINDOWS\CTA1STET.BIN
[2011/10/09 08:57:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2011/10/03 20:20:52 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\user\default.pls
[2011/10/03 20:15:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/09/12 18:10:56 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011/09/10 15:26:49 | 000,060,416 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/09 22:14:35 | 000,052,140 | ---- | C] () -- C:\WINDOWS\RFC4DPluginUninstall.exe
[2011/09/08 22:47:17 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011/09/08 22:39:02 | 000,000,136 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/09/08 22:13:38 | 000,115,465 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011/09/08 22:13:38 | 000,097,545 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011/09/08 14:00:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011/09/08 14:00:48 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011/09/08 14:00:42 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011/09/08 14:00:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011/09/08 14:00:34 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011/09/08 14:00:24 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011/09/08 14:00:10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011/09/08 14:00:06 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011/09/08 13:59:54 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011/09/08 13:59:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2011/09/07 20:10:26 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\Shortcut to mstsc.exe.lnk
[2011/09/06 11:32:54 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\Shortcut to calc.exe.lnk
[2011/09/04 15:00:14 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2011/09/04 14:59:06 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2011/09/02 19:45:48 | 000,002,568 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2011/09/02 16:10:10 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WPCMAPI.INI
[2011/09/02 15:51:47 | 000,000,090 | ---- | C] () -- C:\WINDOWS\msmail.ini
[2011/09/02 11:04:15 | 000,015,898 | ---- | C] () -- C:\WINDOWS\System32\vlmsup.exe
[2011/09/02 11:04:12 | 000,001,724 | ---- | C] () -- C:\WINDOWS\System32\vipx.exe
[2011/09/02 11:04:01 | 000,065,619 | ---- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2011/09/02 11:03:25 | 000,262,227 | ---- | C] () -- C:\WINDOWS\System32\nwshlxnt.dll
[2011/09/02 11:02:16 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\lgncon32.dll
[2011/09/02 10:40:38 | 000,002,757 | ---- | C] () -- C:\WINDOWS\System32\rdrstats.ini
[2011/09/02 10:33:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\prtwin32.dll
[2011/09/02 10:32:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\nwpsrv32.dll
[2011/09/02 10:32:15 | 000,225,356 | ---- | C] () -- C:\WINDOWS\System32\lgnwnt32.dll
[2011/09/02 10:30:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2011/09/01 23:28:39 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\user\Application Data\AtomicAlarmClock.ini
[2011/09/01 23:10:34 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011/09/01 23:09:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2011/07/21 14:14:05 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/06/17 14:44:28 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\G711Codec.dll
[2011/06/09 19:26:30 | 000,199,680 | ---- | C] () -- C:\WINDOWS\System32\MyAVCD.dll
[2011/06/01 19:19:46 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ArchiveHelper.dll
[2011/05/30 13:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\XviDvfw.dll
[2011/05/23 07:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\XviDcore.dll
[2011/03/03 11:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011/03/03 11:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011/03/03 11:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2011/01/10 00:51:55 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/12/30 22:27:47 | 014,454,784 | ---- | C] () -- C:\WINDOWS\System32\common_res.dll

========== ZeroAccess Check ==========

[2010/09/29 16:30:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 00:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: Hitachi HDS5C1010CLA382
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Removable media other than\tfloppy
Interface type: USB
Media Type: Removable media other than\tfloppy
Model: SanDisk Extreme USB Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: HTC Android Phone USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 932.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 60.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #1, Partition #1
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 0.00MB
Starting Offset: 64023224832
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >
[2010/06/15 18:15:11 | 000,335,029 | ---- | M] () -- C:\DPsFnshr.exe

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >
[2010/06/15 18:15:11 | 000,335,029 | ---- | M] () -- C:\DPsFnshr.exe

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2011/11/06 10:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\3Matic
[2011/09/09 17:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Abvent
[2012/11/07 18:41:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Abvent_Artlantis3
[2012/11/02 16:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Adobe
[2012/04/17 21:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\aignes
[2012/11/11 08:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Apple Computer
[2012/10/12 17:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ArcSoft
[2012/10/12 07:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ashampoo
[2010/09/29 16:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ATI
[2012/01/07 22:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Autodesk
[2011/01/11 15:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG10
[2011/12/31 16:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2012/10/12 21:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVS4YOU
[2012/05/27 23:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Capvidia
[2012/11/02 16:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/11/11 09:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Condusiv_Technologies
[2011/09/16 19:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Corel
[2012/01/01 18:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\CrystalMaker Software
[2011/11/03 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DassaultSystemes
[2011/10/31 12:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Digiarty
[2011/09/26 12:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Downloaded Installations
[2012/03/27 17:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EDrawings
[2012/12/16 11:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EurekaLog
[2012/11/15 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FixCleaner
[2012/11/27 01:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GlarySoft
[2012/09/11 06:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gnupg
[2011/09/14 21:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Google
[2012/02/06 23:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Grasssoft
[2012/03/15 20:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HDRLightStudio
[2011/11/24 21:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HDRsoft
[2011/12/12 22:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\headus
[2011/09/02 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Help
[2012/03/25 20:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HTC
[2011/11/01 20:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/01/20 16:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Hulubulu
[2012/01/12 23:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IBP
[2010/04/09 11:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Identities
[2011/09/01 22:50:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user\Application Data\IFViewer
[2011/10/28 08:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2011/10/24 13:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InstallShield
[2012/11/01 13:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IObit
[2012/08/24 07:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\iSpy
[2011/09/04 14:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Key Metric Software
[2012/11/02 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Luxology
[2010/09/30 11:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Macromedia
[2011/09/06 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2012/05/27 23:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Materialise
[2011/12/24 19:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MAXON
[2011/12/21 00:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Maxprog
[2012/04/30 04:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MedCalc Software
[2012/09/23 20:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MetaQuotes
[2012/10/27 14:32:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user\Application Data\Microsoft
[2011/11/17 06:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mirillis
[2011/09/07 08:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla
[2011/10/03 19:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nero
[2012/10/12 17:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nikon
[2012/11/19 19:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Nitro PDF
[2012/02/14 15:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ntr
[2012/01/11 08:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\NVIDIA
[2012/10/29 23:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Oracle
[2012/03/25 20:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Outlook
[2012/07/08 07:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Passware
[2011/11/23 19:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PE Explorer
[2011/12/13 23:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PhotoScissorsPilot
[2012/01/01 19:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Pixelplan
[2012/01/08 00:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Plexscape
[2012/12/16 09:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Point-N-Click
[2012/03/31 09:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PolyView
[2011/09/09 20:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2011/10/09 23:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Quest3D
[2011/10/27 11:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Real
[2012/10/15 19:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\redsn0w
[2012/03/16 22:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Right Hemisphere
[2012/04/13 20:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\RobotSoft
[2011/12/14 22:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Scooter Software
[2012/10/30 15:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Share-to-Web Upload Folder
[2011/11/08 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SimLab
[2012/11/01 13:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Skype
[2011/11/07 12:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SOLIDCast
[2012/11/06 06:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SolidWorks
[2011/10/09 11:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SolidWorks 2012
[2011/09/09 20:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2011/01/11 15:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sun
[2012/11/14 08:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SWiSH Max4
[2012/10/29 22:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SystemSpeedBooster
[2012/10/30 21:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Systweak
[2012/08/12 22:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TeamViewer
[2011/09/02 20:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall
[2012/08/18 15:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Transcend Elite
[2012/08/22 22:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TrueCrypt
[2012/12/16 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TuneUp Software
[2011/09/16 19:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2012/11/10 17:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\URSoft
[2012/10/05 21:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\vlc
[2011/09/20 10:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search
[2011/09/20 20:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Search
[2011/09/01 22:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\WinRAR
[2011/12/05 12:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Xi
[2011/10/02 19:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Xilisoft
[2011/12/04 15:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\XMedia Recode

< MD5 for: ATAPI.SYS >
[2011/09/14 12:23:30 | 017,787,832 | ---- | M] () .cab file -- C:\WINDOWS.1\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 12:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\DOWNLOADS\system32\dllcache\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\DOWNLOADS\system32\drivers\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\DOWNLOADS\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\DOWNLOADS\system32\ReinstallBackups\0026\DriverFiles\i386\atapi.sys
[2008/04/13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\symbols\atapi.sys\4802539D17900\atapi.sys
[2008/04/13 21:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS.1\system32\drivers\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0026\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\symbols\atapi.sys\41107B4D17480\atapi.sys
[2004/08/04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/14 00:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\DOWNLOADS\system32\csrss.exe
[2008/04/14 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS.1\system32\csrss.exe
[2008/04/14 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS.1\system32\dllcache\csrss.exe
[2008/04/14 00:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/14 00:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2008/04/14 00:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\dllcache\csrss.exe
[2004/08/04 12:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2011/09/14 12:15:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=2BB75B7F548D82A099125D0C5971DE7D -- C:\WINDOWS.1\explorer.exe
[2011/09/14 12:15:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=2BB75B7F548D82A099125D0C5971DE7D -- C:\WINDOWS.1\system32\dllcache\explorer.exe
[2004/08/04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2008/06/20 17:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 17:36:11 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2004/08/04 12:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
[2008/06/20 17:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 17:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\DOWNLOADS\system32\dllcache\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\DOWNLOADS\system32\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\ERDNT\cache\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 16:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/14 00:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748_1$\mswsock.dll
[2008/04/14 00:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2011/09/14 12:16:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS.1\system32\dllcache\mswsock.dll
[2011/09/14 12:16:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS.1\system32\mswsock.dll
[2008/06/20 17:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 17:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NWPROVAU.DLL >
[2008/04/14 00:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\DOWNLOADS\system32\nwprovau.dll
[2008/04/14 12:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS.1\system32\dllcache\nwprovau.dll
[2008/04/14 12:00:00 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS.1\system32\nwprovau.dll
[2008/04/14 00:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/14 00:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\dllcache\nwprovau.dll
[2008/04/14 00:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
[2004/08/04 12:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll

< MD5 for: PNRPNSP.DLL >
[2004/08/04 12:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
[2008/04/14 00:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\DOWNLOADS\system32\pnrpnsp.dll
[2008/04/14 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS.1\system32\dllcache\pnrpnsp.dll
[2008/04/14 12:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS.1\system32\pnrpnsp.dll
[2008/04/14 00:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/14 00:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
[2008/04/14 00:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll

< MD5 for: RSVPSP.DLL >
[2008/04/14 00:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\DOWNLOADS\system32\rsvpsp.dll
[2008/04/14 12:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS.1\system32\dllcache\rsvpsp.dll
[2008/04/14 12:00:00 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS.1\system32\rsvpsp.dll
[2008/04/14 00:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
[2008/04/14 00:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\dllcache\rsvpsp.dll
[2008/04/14 00:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\rsvpsp.dll
[2004/08/04 12:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) MD5=90491683ABD587C702B16F181AB0D99D -- C:\WINDOWS\$NtServicePackUninstall$\rsvpsp.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 11:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 00:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572_1$\services.exe
[2008/04/14 00:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 17:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 10:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\DOWNLOADS\system32\dllcache\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\DOWNLOADS\system32\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 11:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2011/09/14 12:17:08 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=C519E15665CD89A91AD383FCE3CB556A -- C:\WINDOWS.1\system32\dllcache\services.exe
[2011/09/14 12:17:08 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=C519E15665CD89A91AD383FCE3CB556A -- C:\WINDOWS.1\system32\services.exe
[2004/08/04 12:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\DOWNLOADS\system32\svchost.exe
[2008/04/14 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS.1\system32\dllcache\svchost.exe
[2008/04/14 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS.1\system32\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 00:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USER32.DLL >
[2008/04/14 00:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\DOWNLOADS\system32\user32.dll
[2008/04/14 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS.1\system32\dllcache\user32.dll
[2008/04/14 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS.1\system32\user32.dll
[2008/04/14 00:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ERDNT\cache\user32.dll
[2008/04/14 00:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 00:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\dllcache\user32.dll
[2008/04/14 00:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[2004/08/04 12:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\DOWNLOADS\system32\userinit.exe
[2008/04/14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS.1\system32\dllcache\userinit.exe
[2008/04/14 12:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS.1\system32\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 00:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2011/09/14 12:17:37 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=53A8857723277B1D6D5EE60A9F85B117 -- C:\WINDOWS.1\system32\dllcache\winlogon.exe
[2011/09/14 12:17:37 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=53A8857723277B1D6D5EE60A9F85B117 -- C:\WINDOWS.1\system32\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\DOWNLOADS\system32\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 00:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINRNR.DLL >
[2004/08/04 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
[2008/04/14 00:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\DOWNLOADS\system32\winrnr.dll
[2008/04/14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS.1\system32\dllcache\winrnr.dll
[2008/04/14 12:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS.1\system32\winrnr.dll
[2008/04/14 00:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/14 00:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\dllcache\winrnr.dll
[2008/04/14 00:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/09/14 12:18:37 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/09/14 12:18:37 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/10/24 17:50:58 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/10/24 17:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/11/28 03:43:18 | 001,242,728 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/09/14 12:18:37 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/09/14 12:18:37 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

========== Files - Unicode (All) ==========
[2012/05/31 20:22:39 | 000,000,000 | ---D | M](C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国
[2012/05/31 20:22:39 | 000,000,000 | ---D | M](C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国
(C:\Documents and Settings\user\Local Settings\Application Data\????) -- C:\Documents and Settings\user\Local Settings\Application Data\微软中国

========== Alternate Data Streams ==========

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >

................................................................................................................................................


OTL Extras logfile created on: 16/12/2012 23:12:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.37 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 82.75% Memory free
7.24 Gb Paging File | 6.85 Gb Available in Paging File | 94.67% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 586.80 Gb Free Space | 62.99% Space Free | Partition Type: NTFS
Drive E: | 59.63 Gb Total Space | 57.02 Gb Free Space | 95.63% Space Free | Partition Type: NTFS

Computer Name: USER-24DEB876B6 | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = getdiz.TxtDocument] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.scr [@ = DWGTrueViewScriptFile] -- C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with Corel PaintShop Pro X4] -- "c:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SPEEDbitVideoConverter] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"54545:TCP" = 54545:TCP:*:Enabled:ElcomSoft Distributed Agents TCP Port
"54546:TCP" = 54546:TCP:*:Enabled:ElcomSoft Distributed Password Recovery Console TCP Port

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"2799:UDP" = 2799:UDP:*:Enabled:Altova License Metering Port (UDP)
"2799:TCP" = 2799:TCP:*:Enabled:Altova License Metering Port (TCP)
"54545:TCP" = 54545:TCP:*:Enabled:ElcomSoft Distributed Agents TCP Port
"54546:TCP" = 54546:TCP:*:Enabled:ElcomSoft Distributed Password Recovery Console TCP Port
"10777:UDP" = 10777:UDP:LocalSubNet:Enabled:Passware Kit Enterprise 10.3
"12455:UDP" = 12455:UDP:*:Enabled:iTap

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\FlashFXP 4\FlashFXP.exe" = C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (OpenSight Software, LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\FlashFXP 4\FlashFXP.exe" = C:\Program Files\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (OpenSight Software, LLC)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\KMSEmulator.exe" = C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator -- ()
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server -- (SafeNet, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Autodesk\Backburner\monitor.exe" = C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\manager.exe" = C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\server.exe" = C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe" = C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2010 32-bit -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe" = C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe:*:Enabled:mental ray satellite server for Autodesk 3ds Max 2010 32-bit -- ()
"C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe" = C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe:*:Enabled:mental ray satellite for Autodesk 3ds Max 2010 32-bit -- (mental images GmbH)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Topica\IP Utility\IP Utility.exe" = C:\Program Files\Topica\IP Utility\IP Utility.exe:*:Enabled:IP Utility -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Oracle Corporation)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{00580795-581C-4587-B9F2-37320D7AB37F}" = Corel PaintShop Pro X4
"{00580795-581C-4587-B9F2-37320D7AB37F}" = ICA
"{006CAAEF-CA96-4181-AC22-FE56D61432E4}" = PSPPContent
"{00AE1A2D-7BC2-4359-A0EC-E19F36E391BB}" = Corel PaintShop Pro X4
"{00BEE329-BAAB-49FF-9B66-55E4B12B9ADD}" = IPM_PSP_COM
"{00D13418-7DDF-4D3D-A237-E297B103BB6B}" = Setup
"{00D74A7A-F7AD-4D00-ABD2-0973836292C7}" = PSPPHelp
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09879FB0-714D-11D5-899A-D7035B43CB2C}" = GOTCHA! 3.0
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1" = Sothink SWF Editor
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{117CE366-3EED-48C5-BF6A-E0F47A0E68A4}" = ShadowCopy
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{17FE8F8E-D8FA-440E-9ACF-3C51787E7225}" = FolderSizes 4
"{1935BDD9-9F57-4BF6-AE59-ED07860D33EE}_is1" = Ghost Mouse Auto Clicker 3.4
"{1AC3BE1A-A59E-48F4-82CB-DF4FBB16990C}" = Passware Kit Enterprise 10.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{207780D5-A515-4E79-B7C2-E4D32F8A6CA1}" = Eco Materials Adviser
"{22AD4914-3F08-4D1C-8DBE-0E913E09014C}" = Plex.Earth Tools 2.5 for AutoCAD
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{266597A9-1632-0000-0100-DCBF2B69166B}" = Autodesk Vault 2012 (Client) English Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{29F1345E-4DD7-487E-80E9-9E43A3ABC253}" = ASUS VGA Driver
"{2A1AB592-9FF1-486A-BB09-EEB5CF052DED}" = MatConvert 6.4.1.1
"{2DC7D62A-FF31-4A0A-B881-9C769C96318F}_is1" = Mouse Click version 1.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3315B802-84C6-47BC-907A-9B77A4646197}_is1" = SWF to AVI
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3717C4F2-7412-4793-9BB8-D73D2817B3D6}" = USB TV Device Driver
"{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}" = CCC Help English
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3FAA53B8-A5BD-40D4-BCEC-6CEC3A5A5432}" = FLOW-3D 10.0.1
"{40007E5C-19C8-4A25-AD70-A99D77D0A7DA}" = Active@ Boot Disk
"{42C7A798-CB89-4D05-82D2-FECD32863A3E}" = iTap Mobile Touchpad Receiver
"{4982D16F-7D12-4038-B38D-662623AC3C83}" = HTC Sync
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}" = Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack
"{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54551360-A7FE-46B5-B41C-62DC758242AA}" = HDD Regenerator
"{54B2F30F-8C75-472E-B82C-37CA979DEFDF}" = RH Max Module 6.5
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-A001-0409-0002-0060B0CE6BBA}" = AutoCAD 2012 - English
"{5783F2D7-A001-0409-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - English
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{58A53B98-4759-4BBE-8F2D-878CD6B18CE2}" = SolidWorks Explorer 2012 SP0
"{59877C0F-7D0A-411D-BBB1-41653216839F}" = 3-matic 6.1
"{5AC11070-A1CB-11E0-A0DC-0013D3D69929}" = Vegas Pro 10.0
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5D412B61-F3A7-42C6-9C07-29BBD3D442B1}" = AVG 2013
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{5E2FD36A-BF36-4D7A-AA49-11D6EFF941F2}" = Extrusion Calculator 6.2
"{5FECE3AC-7981-4E96-BAAE-CDDAC87073E4}" = SolidWorks Flow Simulation 2012 SP0
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{677A19B8-446D-4797-A071-977A30EAD01D}" = Winternals Administrator's Pak
"{6AC5A728-8DEC-4595-8895-DC312781A520}" = Diskeeper 12
"{6CC93102-135E-49E2-99A4-C431E671C12A}" = HP Photo and Imaging 2.0 - Scanners
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6E3D18BB-564C-452B-976E-E4E7B2D55716}" = GEM 4
"{7087A693-D9B9-11D3-B589-00105AA461DE}" = dtSearch Developer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130F0E6-654E-4391-B5DB-13B81DBC6C64}" = SolidWorks eDrawings 2012 SP0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}" = MioMore Desktop
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}" = Sentinel Protection Installer 7.6.1
"{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1" = Free Mouse Auto Clicker 2.8.2
"{7F4DD591-1632-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2012
"{7F4DD591-1632-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2012 English Language Pack
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 3.1.1.0
"{80644F00-4AA7-49E0-91B9-E006D88DF01D}_is1" = Stl2step version 1.6.7
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{8219F5E8-BD92-4296-880D-7714AFEEE791}" = Digimizer
"{82931CCC-65F4-5A50-57AD-AE6DF6B10929}" = Catalyst Control Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CADB158-BDBC-4996-BEF9-619B79B4B0D8}_is1" = 1.2
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPRO_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPRO_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJPRO_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PRJPRO_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PRJPRO_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}_Office14.PRJPRO_{18A0C151-8F8A-4B68-A960-60C464B94329}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PRJPRO_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94290D11-9ED3-4910-9FFB-63108466EFA7}" = Fresco Logic USB3.0 Host Controller
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.0
"{9A07FF70-9607-460A-A910-7EF537AD0253}_is1" = Amoyca AC1400 Version 1.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B427732-573E-4E78-B6FA-AC3E5A218BA2}" = NMAS Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0FEC9F-16B5-47B2-A044-BF366713AE58}" = iTap mobile Connect
"{9F5CC15D-BA72-431B-A676-0FE5F2513178}" = AVG 2013
"{A0A087E5-149E-EC75-F45D-3A3C04344B4A}" = Catalyst Control Center Graphics Previews Common
"{A245A0D3-7E95-4E8C-B9C5-6BCF19303E34}" = Image-Pro Plus
"{A256D627-32BF-460A-AB2C-ADCB562AB6E3}" = Nitro PDF Professional
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A379C1DD-FE65-4104-8688-3ECD189B2CFD}" = Deep Exploration 6.5
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD760448-A3D6-49d7-9B2F-F2ECA6A92ADB}" = IP Utility
"{ADDD6985-3A28-44D0-A1BA-FDD19A820491}" = SnagIt 9
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B417168C-D5CB-4D0F-BB8A-ACD41E106E9E}" = Materialise Local License Server 6
"{B46DECD1-1632-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2012 (Desktop Content)
"{B9A5A789-D491-49FB-958C-BFEC2C11BB1D}" = NMAS Challenge Response Method
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BEECCA33-C880-4648-A043-18614EE1249E}" = ATI AVIVO Codecs
"{BFD646B6-E892-4B00-B6E2-71545D92BAEA}_is1" = Automatic Mouse and Keyboard 3.3.0.8
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C3FF1930-D838-4E06-9B53-30951DAC52F1}" = GreenButton for Deep Exploration 6.5
"{C894CC24-0DEC-4340-BCC9-DD4310DF3BEC}_is1" = Able2Extract Professional 7.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC67DD84-77C6-C9F8-FA03-953F1C1C92A9}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEFC7C5F-8459-4A02-9768-D7080D282EE7}" = SimLab Composer
"{CF526A26-1632-0000-0000-02E95019B628}" = Autodesk Vault 2012 (Client)
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D25FF5C1-1632-469A-9794-69309387C193}" = Quick Uninstall Tool for Autodesk Inventor 2012
"{D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1" = Sothink SWF Quicker
"{D4714F9B-DB27-4361-81C7-09AF65FA912E}" = Hid FootSwitch V5.1
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D86BD140-E0A5-470D-BEE9-42C9D2CC1012}" = PolyTrans
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}" = ArcSoft Panorama Maker 6
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"{EAB8A41D-FABA-4569-A0A1-60A8B358D6F1}" = Autodesk Network License Manager
"{EB0696D4-2A41-40E5-B848-F148B3C4590D}" = FixCleaner
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.7.4-1)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F5CBCBE2-5F1B-4D0F-8F4E-468499BAE2DC}" = MatConvert 6.3.0.13
"{F6333AB7-7C1F-4817-9805-40E048F95C7B}_is1" = AdvancedDefrag 4.5
"{FE706200-62BF-4D25-8B34-DC31189DE902}" = SolidWorks 2012 SP0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"Abrosoft FantaMorph 5_is1" = Abrosoft FantaMorph 5.2.4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Administrative Tools" = Advanced Administrative Tools
"Advanced Exchange Recovery v3.0" = Advanced Exchange Recovery v3.0
"Advanced Renamer_is1" = Advanced Renamer
"AI RoboForm" = RoboForm 7-4-2 (All Users)
"aigneswebsitewatcher_is1" = WebSite-Watcher 2012 (12.0)
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Artlantis Studio 3" = Artlantis Studio 3.0.3
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD v.2.2.4
"Atari800Win PLus" = Atari800Win PLus 4.0
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 5.9
"Auto Clicker1.0" = Auto Clicker
"AutoCAD 2012 - English" = AutoCAD 2012 - English
"AutoCAD 2012 - English SP1" = AutoCAD 2012 - English SP1
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion for Inventor 2012 Add-in" = Autodesk Inventor Fusion for Inventor 2012 Add-in
"Autodesk Inventor Fusion plug-in for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Autodesk Inventor Professional 2012" = Autodesk Inventor Professional 2012 English
"Autodesk Moldflow Adviser 2012_is1" = Autodesk Moldflow Adviser 2012 Service Pack 1
"Autodesk Vault 2012 (Client)" = Autodesk Vault 2012 (Client)
"AutoIt Debugger" = AutoIt Debugger 0.45.1
"AutoItv3" = AutoIt v3.3.6.1
"AVG" = AVG 2013
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"AVS Document Converter_is1" = AVS Document Converter 2.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BeyondCompare3_is1" = Beyond Compare version 3.0.3
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"Cain & Abel v4.9.43" = Cain & Abel v4.9.43
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Standard) 7.9.9
"DIVXCodec" = DivX 4.11 Codec
"Driver Reviver" = Driver Reviver
"DWG TrueView 2012" = DWG TrueView 2012
"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 9.1.1 Professional
"eMail Extractor_is1" = eMail Extractor 3.4.2
"Extension Changer" = Extension Changer
"FolderSizes 4" = FolderSizes 4
"GetDiz 2.6" = GetDiz 2.6
"Google Chrome" = Google Chrome
"Google Maps Terrain Downloader_is1" = Google Maps Terrain Downloader 6.67
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Image-Pro Plus 4.5" = Image-Pro Plus 4.5
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A245A0D3-7E95-4E8C-B9C5-6BCF19303E34}" = Image-Pro Plus
"InstallShield_{D86BD140-E0A5-470D-BEE9-42C9D2CC1012}" = PolyTrans
"JBidwatcher_0" = JBidwatcher 2.5.2
"jv16 PowerTools 2011" = jv16 PowerTools 2012
"Keyword Sniper Pro_is1" = Keyword Sniper Pro v2.10.1020
"LameACM" = LameACM
"Lumion_is1" = Lumion
"Magics 12.01" = Magics 12.01
"Magics V9.54" = Magics V9.54
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MAXONFB05E576" = CINEMA 4D 13.016
"MeshLab" = MeshLab 1.3.1
"MetaTrader - Alpari UK" = MetaTrader - Alpari UK
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NetSetMan_is1" = NetSetMan 3.5.1
"NetTransport for Windows x86 Retail zoo_is1" = NetTransport 2.96a.581
"NiXPS_is1" = NiXPS Edit v2.6.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.PRJPRO" = Microsoft Project Professional 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ophcrack" = ophcrack 3.1.0
"Password Recovery Bundle 2011_is1" = Password Recovery Bundle 2011
"Photo Scissors Pilot_is1" = Photo Scissors Pilot 1.2
"PhotomatixPro41x32_is1" = Photomatix Pro version 4.1.3
"Picture Merge Genius_is1" = Picture Merge Genius 2.6
"PolyView" = PolyView 4.34
"Power Undelete Wizard v3.2 Premium Full" = Power Undelete Wizard v3.2 Premium Full
"PowerISO" = PowerISO
"Rainbow Sentinel Driver" = Sentinel System Driver
"RealFlow 2012" = RealFlow 2012
"RealFlow 5" = RealFlow 5
"RealFlowC4D" = RealFlow Plug-in for Cinema4D 11.5
"RealFlowMax" = RealFlow Plugin for 3D Studio Max
"RegEditX" = RegEditX
"Registry Finder_is1" = Registry Finder 1.3
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Registry Toolkit (Shareware)_is1" = Registry Toolkit
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"SimLab Composer" = SimLab Composer
"SolidWorks Installation Manager 20120-40000-1100-200" = SolidWorks 2012 SP0
"SolidWorks Plastics2012 R1.0 Standard" = SolidWorks Plastics
"SurfOffline" = SurfOffline (remove only)
"SWiSH Max4" = SWiSH Max4
"SystemRequirementsLab" = System Requirements Lab
"SystemSpeedBooster" = System Speed Booster
"TeamViewer 7" = TeamViewer 7
":spam: Total Media Converter_is1" = :spam: Total Media Converter 6.1.12
"Toolbar Cleaner" = Toolbar Cleaner 1.1
"Transend Migrator" = Transend Migrator
"Trellian LiveUpgrade_is1" = Trellian LiveUpgrade v2.0
"Trellian SiteSpider_is1" = Trellian SiteSpider v1.01
"UltimateDefrag" = Disktrix UltimateDefrag
"UltraISO_is1" = UltraISO Premium V9.51
"Universal Extractor_is1" = Universal Extractor 1.6.1
"Unlocker" = Unlocker 1.9.1
"Vitamin D Video_is1" = Vitamin D Video 1.4.2
"VLC media player" = VLC media player 1.1.10
"VobSub" = VobSub v2.05 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Grep_is1" = Windows Grep 2.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"winscp3_is1" = WinSCP 4.3.9
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
"XMedia Recode" = XMedia Recode 3.0.4.9
"YU2010_is1" = Your Uninstaller! 2010

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30/11/2079 07:00:32 | Computer Name = USER-24DEB876B6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 30/11/2079 07:00:33 | Computer Name = USER-24DEB876B6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 30/11/2079 07:00:33 | Computer Name = USER-24DEB876B6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 30/11/2079 07:00:33 | Computer Name = USER-24DEB876B6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 30/11/2079 07:00:33 | Computer Name = USER-24DEB876B6 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 30/11/2079 07:00:35 | Computer Name = USER-24DEB876B6 | Source = Diskeeper | ID = 5
Error - 18/11/2011 02:53:04 | Computer Name = USER-24DEB876B6 | Source = Windows
Search Service | ID = 3013

Description = The entry <C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\MY MUSIC\ITUNES\ITUNES MEDIA\MOBILE APPLICATIONS\DOWNLOAD.APP> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error - 21/11/2011 04:57:50 | Computer Name = USER-24DEB876B6 | Source = Application
Error | ID = 1000

Description = Faulting application fantamorph.exe, version 5.8.0.4, faulting module unknown, version 0.0.0.0, fault address 0x003a03a0.
Error - 24/11/2011 14:11:01 | Computer Name = USER-24DEB876B6 | Source = Application
Error | ID = 1000

Description = Faulting application acrord32.exe, version 10.1.1.33, faulting module spelling.api, version 10.1.1.33, fault address 0x0002525a.
Error - 24/11/2011 18:26:13 | Computer Name = USER-24DEB876B6 | Source = Diskeeper
| ID = 5

Error - 27/11/2011 09:02:24 | Computer Name = USER-24DEB876B6 | Source = Diskeeper | ID = 5
Error - 28/11/2011 06:00:05 | Computer Name = USER-24DEB876B6 | Source = Application
Error | ID = 1000

Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00032bf5.

Error encountered while reading event logs.

< End of report >


Thanks for any and all help you can be.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:

netsh  winsock  reset  catalog

netsh  int  ipv4  reset  %userprofile%\Desktop\reset4.log

Reboot and test your internet.


Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.



Ron
  • 0

#5
1nv1s

1nv1s

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Ron
the first netsh command comes back with: you must restart the machine to complete the reset
the second comes back with the following: command was not found.
i rebooted and could not get out on the internet and believe me i refreshed everything and couldn't do it.
i assume the lack of response to the second netsh command is the issue?


FFarbar Service Scanner Version: 10-12-2012
Ran by paul (administrator) on 17-12-2012 at 11:28:01
Running from "C:\TEMP\a1"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) kl2(11) NetBT(6) PSched(7) Tcpip(4)
0x0C0000000B0000000500000001000000020000000300000004000000080000000C0000000600000007000000090000000A000000


**** End of log ****
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
No - my fault. I gave you the Win 7 command.

It should have been

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

netsh  int  ip  reset  %userprofile%\Desktop\reset.log

then reboot

This should create a file reset.log on your desktop. Open it and copy and paste it to a reply.

Sometimes it will help to have Windows redetect the driver so if that doesn't help try:

(Start) Right click on My Computer, select Manage then Device Manager. Find the Network Adapters and click on the + in front to open up the sub entries. Right click on each sun-entry under Network Adapters and Uninstall. (Doesn't hurt to write down the names in case you need to download the drivers from the PC Maker's website. Normally you don't but with malware you never know.) Reboot and test. If it still doesn't work:

Go to the PC maker's site and download the network driver for your PC and try reinstalling it.

If that doesn't help: Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:
ipconfig  /all  >>  \junk.txt

ipconfig  /release   >>  \junk.txt 

ipconfig  /renew  >>  \junk.txt 

nslookup  att.com  >>  \junk.txt

ping  8.8.8.8    >>  \junk.txt

tracert  -d  8.8.8.8  >>  \junk.txt

That will create a file C:\junk.txt. Please open it and copy and paste it to a reply.
  • 0

#7
1nv1s

1nv1s

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
the return on the netsh command is the syntax supplied for this command is not valid.
and before you ask i checked what i typed a million squillion times....honest.
i tried it run as administrator as well and made no difference.
so no reset log im afraid.


But no matter Uninstalling the network adapters worked, i now have internet the same strategy did not work for mouse or dvd drive.
i guess that will need some more work

at least for now internet is working.

i assume as this bit is working the ipconfig\nslookup is not necessary??

frightened to reboot at the moment but we are getting somewhere.
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
If networking is working then we don't need ipconfig or the rest of the commands.

What make and model PC is this? If it has a Service Tag then give me that too.

What kind of mouse are we talking about?

When you were in Device Manager did you see any yellow or red flagged drivers? Sometimes inactive drivers are made invisible so make sure you click on View, Show Hidden Devices.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


If you want to run a really good anti-virus scan without rebooting try ESET's online scan:
Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.

This can take many hours so I like to let it run while I sleep.
  • 0

#9
1nv1s

1nv1s

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
its an HP XW6200x workstation

the service tag is not totally clear but i think it is OS: DY247AV XP

in device manager i have 2 dvd drives yellow flagged and ps2 mouse and my intellimouse explorer 3.0
i have uninstalled all and rebooted just reinstalls with yellow flag

i had a look at device manager with hidden devices shown and found the following yellow flagged
under non plug and play drivers
there were three yellow flagged FNETURPX KL2 Sentinel


My Speccy output here: followed by esetscan should i buy eset instead of kaspersky?

Summary
Operating System
Microsoft Windows XP Professional 32-bit SP3
CPU
Intel Xeon
Nocona 90nm Technology
Intel Xeon
Nocona 90nm Technology
RAM
4.00 GB Dual-Channel DDR2 @ 200MHz (3-3-3-?)
Motherboard
Hewlett-Packard 08B8h (XU1 PROCESSOR) 53 °C
Graphics
DELL ST2410 (1920x1080@60Hz)
1535MB GeForce GTX 480 (nVidia) 42 °C
Hard Drives
932GB Hitachi HDS5C1010CLA382 (SATA) 31 °C
Optical Drives
No optical disk drives detected
Audio
NVIDIA High Definition Audio
Operating System
Microsoft Windows XP Professional 32-bit SP3
Computer type: Mini Tower
Installation Date: 30 September 2010, 08:20
Serial Number: XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Windows Security Center
Firewall Enabled
Antivirus Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time 03:00
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
v1.1 SP1
Environment Variables
USERPROFILE C:\Documents and Settings\user
SystemRoot C:\WINDOWS
User Variables
TEMP C:\Documents and Settings\user\Local Settings\Temp
TMP C:\Documents and Settings\user\Local Settings\Temp
f3d_home C:\flow3d\v10.0.1\
path C:\flow3d\v10.0.1\local
f3d_version double
Machine Variables
asl.log Destination=file
CM2012DIR C:\Program Files\Common Files\Autodesk Shared\Materials\
ComSpec C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK NO
ILBDIR C:\Program Files\Common Files\Autodesk Shared\Materials\
ILLDIR C:\Program Files\Common Files\Autodesk Shared\Materials\
NUMBER_OF_PROCESSORS 4
OMP_NUM_THREADS 4
OS Windows_NT
Path C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\system32\wbem
C:\flow3d\v10.0.1\local
C:\Program Files\AMD APP\bin\x86
C:\Program Files\NVIDIA Corporation\PhysX\Common
C:\IPWin4
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
C:\PROGRA~1\DISKEE~1\DISKEE~1
C:\WINDOWS\system32\nls
C:\WINDOWS\system32\nls\ENGLISH
c:\Program Files\Common Files\Ulead Systems\MPEG
C:\WINDOWS\system32\WindowsPowerShell\v1.0
C:\Program Files\Universal Extractor
C:\Program Files\Universal Extractor\bin
C:\Program Files\Autodesk\Backburner
C:\Program Files\Common Files\Autodesk Shared
C:\PROGRA~1\CONDUS~1\DISKEE~1
C:\Program Files\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
PROCESSOR_ARCHITECTURE x86
PROCESSOR_IDENTIFIER x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL 15
PROCESSOR_REVISION 0401
PSModulePath C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
windir C:\WINDOWS
YASRT C:\Program Files\YASRTv01beta14.win32-intel\bin
AMDAPPSDKROOT C:\Program Files\AMD APP\
JAVA_HOME C:\Program Files\Java\jre6\
RF_2012_PATH C:\Program Files\Next Limit\RealFlow 2012
RF5PATH C:\Program Files\Next Limit\RealFlow 5
KEYSHOT3 C:\Documents and Settings\user\My Documents\KeyShot 3
f3d_home C:\flow3d\v10.0.1\
f3d_version double
CLASSPATH .;C:\Program Files\Java\jre7\lib\ext\QTJava.zip
QTJAVA C:\Program Files\Java\jre7\lib\ext\QTJava.zip
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Hard Disk after: (On AC Power) Never
Suspend after: (On AC Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 17/12/2012 09:55
Current Uptime 6,573 sec (0 d, 01 h, 49 m, 33 s)
Last Boot Time 17/12/2012 08:06
TimeZone
TimeZone GMT
Language English (United Kingdom)
Location United Kingdom
Format English (United Kingdom)
Currency £
Date Format dd/MM/yyyy
Time Format hh:mm
Process List
alg.exe
Process ID 2740
Path C:\WINDOWS\System32\alg.exe
Memory Usage 3.66 MB
Peak Memory Usage 3.66 MB
amajm.exe
Process ID 1652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe
Memory Usage 3.13 MB
Peak Memory Usage 3.14 MB
applemobiledeviceservice.exe
Process ID 1672
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
atomicalarmclock.exe
Process ID 208
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
Memory Usage 7.77 MB
Peak Memory Usage 7.77 MB
chrome.exe
Process ID 3660
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 71 MB
Peak Memory Usage 118 MB
chrome.exe
Process ID 3584
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 51 MB
Peak Memory Usage 61 MB
chrome.exe
Process ID 2580
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
chrome.exe
Process ID 3260
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
chrome.exe
Process ID 3024
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 20 MB
Peak Memory Usage 20 MB
chrome.exe
Process ID 2980
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 39 MB
Peak Memory Usage 39 MB
chrome.exe
Process ID 1732
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage 83 MB
Peak Memory Usage 91 MB
csrss.exe
Process ID 1112
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\csrss.exe
Memory Usage 6.13 MB
Peak Memory Usage 10 MB
ctfmon.exe
Process ID 2620
User paul
Domain USER-24DEB876B6
Path C:\WINDOWS\system32\ctfmon.exe
Memory Usage 3.99 MB
Peak Memory Usage 4.00 MB
dkservice.exe
Process ID 560
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
Memory Usage 25 MB
Peak Memory Usage 29 MB
explorer.exe
Process ID 1884
User paul
Domain USER-24DEB876B6
Path C:\WINDOWS\Explorer.EXE
Memory Usage 48 MB
Peak Memory Usage 54 MB
itapmobileconnect.exe
Process ID 2024
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe
Memory Usage 7.17 MB
Peak Memory Usage 7.18 MB
jqs.exe
Process ID 400
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Java\jre7\bin\jqs.exe
Memory Usage 1.81 MB
Peak Memory Usage 18 MB
licsrv60.exe
Process ID 580
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe
Memory Usage 9.41 MB
Peak Memory Usage 9.67 MB
lsass.exe
Process ID 1192
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\lsass.exe
Memory Usage 1.88 MB
Peak Memory Usage 7.55 MB
mdnsresponder.exe
Process ID 1764
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 3.16 MB
Peak Memory Usage 3.17 MB
mitsijm.exe
Process ID 468
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
Memory Usage 3.20 MB
Peak Memory Usage 3.21 MB
nitropdfdriverservice.exe
Process ID 1436
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
Memory Usage 2.32 MB
Peak Memory Usage 2.32 MB
nlssrv32.exe
Process ID 2072
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\NLSSRV32.EXE
Memory Usage 1.70 MB
Peak Memory Usage 1.70 MB
nvsvc32.exe
Process ID 2308
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\nvsvc32.exe
Memory Usage 6.67 MB
Peak Memory Usage 11 MB
nwtray.exe
Process ID 4072
User paul
Domain USER-24DEB876B6
Path C:\WINDOWS\system32\NWTRAY.EXE
Memory Usage 3.69 MB
Peak Memory Usage 3.69 MB
onlinecmdlinescanner.exe
Process ID 3456
User paul
Domain USER-24DEB876B6
Path C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
Memory Usage 67 MB
Peak Memory Usage 102 MB
onlinescannerapp.exe
Process ID 2344
User paul
Domain USER-24DEB876B6
Path C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
Memory Usage 9.44 MB
Peak Memory Usage 18 MB
passthrusvr.exe
Process ID 2328
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
Memory Usage 4.59 MB
Peak Memory Usage 4.60 MB
photoshopelementsfileagent.exe
Process ID 1580
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
Memory Usage 212 KB
Peak Memory Usage 4.06 MB
psiservice_2.exe
Process ID 2428
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
Memory Usage 2.17 MB
Peak Memory Usage 2.18 MB
raysat_3dsmax2010_32server.exe
Process ID 1088
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
Memory Usage 3.01 MB
Peak Memory Usage 3.02 MB
searchfilterhost.exe
Process ID 3904
Path C:\WINDOWS\system32\SearchFilterHost.exe
Memory Usage 7.34 MB
Peak Memory Usage 7.35 MB
searchindexer.exe
Process ID 976
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchIndexer.exe
Memory Usage 40 MB
Peak Memory Usage 351 MB
searchprotocolhost.exe
Process ID 2052
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\SearchProtocolHost.exe
Memory Usage 8.26 MB
Peak Memory Usage 8.45 MB
services.exe
Process ID 1180
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\services.exe
Memory Usage 6.91 MB
Peak Memory Usage 24 MB
smss.exe
Process ID 760
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 432 KB
Peak Memory Usage 2.20 MB
sntlkeyssrvr.exe
Process ID 2472
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
Memory Usage 3.59 MB
Peak Memory Usage 3.60 MB
sntlsrtsrvr.exe
Process ID 3492
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
Memory Usage 4.23 MB
Peak Memory Usage 4.23 MB
speccy.exe
Process ID 3708
User paul
Domain USER-24DEB876B6
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 29 MB
Peak Memory Usage 36 MB
spoolsv.exe
Process ID 772
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\spoolsv.exe
Memory Usage 6.22 MB
Peak Memory Usage 6.27 MB
svchost.exe
Process ID 876
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.36 MB
Peak Memory Usage 4.48 MB
svchost.exe
Process ID 1640
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 3.96 MB
Peak Memory Usage 4.07 MB
svchost.exe
Process ID 1872
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 5.11 MB
Peak Memory Usage 5.14 MB
svchost.exe
Process ID 1860
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.17 MB
Peak Memory Usage 4.21 MB
svchost.exe
Process ID 1740
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 28 MB
Peak Memory Usage 28 MB
svchost.exe
Process ID 1484
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 4.97 MB
Peak Memory Usage 4.97 MB
svchost.exe
Process ID 1408
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\svchost.exe
Memory Usage 5.15 MB
Peak Memory Usage 5.22 MB
svchost.exe
Process ID 292
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\System32\svchost.exe
Memory Usage 6.29 MB
Peak Memory Usage 6.30 MB
system
Process ID 4
Memory Usage 236 KB
Peak Memory Usage 14 MB
system idle process
Process ID 0
winlogon.exe
Process ID 1136
User SYSTEM
Domain NT AUTHORITY
Path \??\C:\WINDOWS\system32\winlogon.exe
Memory Usage 4.18 MB
Peak Memory Usage 20 MB
wmiprvse.exe
Process ID 1832
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 7.95 MB
Peak Memory Usage 8.10 MB
wmiprvse.exe
Process ID 4040
User SYSTEM
Domain NT AUTHORITY
Path C:\WINDOWS\system32\wbem\wmiprvse.exe
Memory Usage 5.06 MB
Peak Memory Usage 5.07 MB
wscntfy.exe
Process ID 2388
User paul
Domain USER-24DEB876B6
Path C:\WINDOWS\system32\wscntfy.exe
Memory Usage 2.46 MB
Peak Memory Usage 2.46 MB
wuauclt.exe
Process ID 4000
User paul
Domain USER-24DEB876B6
Path C:\WINDOWS\system32\wuauclt.exe
Memory Usage 4.28 MB
Peak Memory Usage 4.29 MB
Scheduler
17/12/2012 09:04;Every 1 hour(s) from 12:04 for 24 hour(s) every day, starting 01/01/2000 Adobe Flash Player Updater
17/12/2012 09:18;Every 1 hour(s) from 09:18 for 24 hour(s) every day, starting 20/11/2012 GoogleUpdateTaskMachineUA
17/12/2012 09:18;Run at user logon GoogleUpdateTaskMachineCore
17/12/2012 10:50;At 10:50 every day, starting 15/07/2012 Microsoft Outlook 2010
18/12/2012 08:13;At 08:13 every Tue of every week, starting 19/09/2011 AppleSoftwareUpdate
Hotfixes
16/11/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2744842)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
15/11/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2737019)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Windows Malicious Software Removal Tool - November 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
13/11/2012 Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
13/11/2012 Security Update for Windows XP (KB2727528)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2729449)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2729450)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2698023)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Security Update for Windows XP (KB2761226)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2737019)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/11/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
13/11/2012 Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Microsoft has released an update for Microsoft Outlook 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Outlook
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
13/11/2012 Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Microsoft has released an update for Microsoft SharePoint Workspace
2010 32-Bit Edition. This update provides the latest fixes to
Microsoft SharePoint Workspace 2010 32-Bit Edition. Additionally,
this update contains stability and performance improvements.
13/11/2012 Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
13/11/2012 Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
10/10/2012 Security Update for Windows XP (KB2724197)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain access to information.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
10/10/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
10/10/2012 Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
10/10/2012 Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
A security vulnerability exists in Microsoft Word 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
10/10/2012 Windows Malicious Software Removal Tool - October 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/10/2012 Update for Windows XP (KB2756822)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
10/10/2012 Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
10/10/2012 Update for Windows XP (KB2749655)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/10/2012 Update for Windows XP (KB2661254)
Install this update to keep your system up to date by increasing
the minimum level of encryption on Windows systems. After you
install this item, you may have to restart your system.
22/09/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2744842)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
19/09/2012 Skype 5.10 for Windows (KB2727727)
Skype 5.10 for Windows is now available. Updates include various
performance improvements and bugfixes.
13/09/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2736233)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
12/09/2012 Windows Malicious Software Removal Tool - September 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/09/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
15/08/2012 Security Update for Windows XP (KB2712808)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/08/2012 Security Update for Windows XP (KB2731847)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/08/2012 Windows Malicious Software Removal Tool - August 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/08/2012 Security Update for Windows XP (KB2705219)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/08/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
15/08/2012 Security Update for Microsoft Office 2007 suites (KB2687441)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
15/08/2012 Security Update for Windows XP (KB2723135)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/08/2012 Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
A security vulnerability exists in Microsoft Visio Viewer 2010
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
15/08/2012 Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
15/08/2012 Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
15/08/2012 Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
15/08/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2722913)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
15/08/2012 Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2012 Security Update for Windows XP (KB2691442)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/07/2012 Security Update for Windows XP (KB2718523)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/07/2012 Security Update for Windows XP (KB2655992)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
11/07/2012 Security Update for Windows XP (KB2719985)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/07/2012 Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2012 Windows Malicious Software Removal Tool - July 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/07/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
11/07/2012 Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2012 Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
A security vulnerability exists in Microsoft InfoPath 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2012 Security Update for Microsoft XML Core Services 4.0 Service Pack 3 (KB2721691)
A security issue has been identified in Microsoft XML Core Services
(MSXML) that could allow an attacker to compromise your Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer. Once you have installed
this item, it cannot be removed.
11/07/2012 Security Update for Windows XP (KB2698365)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/07/2012 Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11/07/2012 Update for Windows XP and Windows Server 2003 (KB2728973)
Install this update to resolve an issue which requires an update
to the untrusted certificate store on Windows systems and to
keep your systems up to date. After you install this update,
you may have to restart your system.
14/06/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
14/06/2012 Security Update for Windows XP (KB2707511)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656369)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2686827)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Windows Malicious Software Removal Tool - June 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
14/06/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656368)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2699988)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
14/06/2012 Security Update for Windows XP (KB2685939)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2686828)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
14/06/2012 Security Update for Windows XP (KB2709162)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/06/2012 Windows Update Agent 7.4.7600.226
The Windows Update Agent enables your computer to search for
and install updates from an update service. The agent can automatically
update itself as needed to communicate with the update service
when Windows searches for new updates.
05/06/2012 Update for Windows XP (KB2718704)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
23/05/2012 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
23/05/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2633880)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
23/05/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2572073)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/05/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656405)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
09/05/2012 Security Update for Windows XP (KB2659262)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604110)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2604111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Windows Malicious Software Removal Tool - May 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
09/05/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604092)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656405)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Windows XP (KB2686509)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
09/05/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2695962)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
09/05/2012 Security Update for Microsoft Office 2007 suites (KB2596672)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
09/05/2012 Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
09/05/2012 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656407)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
09/05/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2604121)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
A security vulnerability exists in Microsoft Visio Viewer 2010
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
09/05/2012 Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
A security vulnerability exists in Microsoft Excel 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
09/05/2012 Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
09/05/2012 Security Update for Windows XP (KB2676562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
09/05/2012 Security Update for Microsoft Silverlight (KB2690729)
This security update to Silverlight includes fixes outlined in
KBs 2681578 and 2690729. This update is backward compatible with
web applications built using previous versions of Silverlight.
18/04/2012 Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/04/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2675157)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
12/04/2012 Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
12/04/2012 Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Microsoft has released an update for Microsoft Outlook 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Outlook
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
12/04/2012 Security Update for Microsoft Office 2007 suites (KB2598041)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/04/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/04/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656369)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/04/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656368)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/04/2012 Windows Malicious Software Removal Tool - April 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/04/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
12/04/2012 Security Update for Windows XP (KB2653956)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/04/2012 Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
12/04/2012 Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Microsoft has released an update for Microsoft Outlook Social
Connector 2010 32-Bit Edition. This update provides the latest
fixes to Microsoft Outlook Social Connector 2010 32-Bit Edition.
Additionally, this update contains stability and performance
improvements.
15/03/2012 Security Update for Windows XP (KB2641653)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/03/2012 Windows Malicious Software Removal Tool - March 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/03/2012 Security Update for Windows XP (KB2621440)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/03/2012 Update Rollup for ActiveX Killbits for Windows XP (KB2647518)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
15/03/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
15/02/2012 Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
15/02/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2633880)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/02/2012 Windows Malicious Software Removal Tool - February 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
15/02/2012 Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
A security vulnerability exists in Microsoft Visio Viewer 2010
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
15/02/2012 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
15/02/2012 Security Update for Windows XP (KB2660465)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/02/2012 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2647516)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
15/02/2012 Security Update for Microsoft Silverlight (KB2668562)
This security update to Silverlight includes fixes outlined in
KBs 2651026 and 2668562. This update is backward compatible with
web applications built using previous versions of Silverlight.
15/02/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2633870)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
15/02/2012 Security Update for Windows XP (KB2661637)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
25/01/2012 Security Update for Windows XP (KB2585542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
12/01/2012 Security Update for Windows XP (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/01/2012 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
11/01/2012 Security Update for Windows XP (KB2646524)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/01/2012 Security Update for Windows XP (KB2631813)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/01/2012 Windows Malicious Software Removal Tool - January 2012 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/01/2012 Security Update for Windows XP (KB2598479)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/01/2012 Security Update for Windows XP (KB2603381)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/01/2012 Security Update for Windows XP (KB2584146)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
08/01/2012 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
08/01/2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
08/01/2012 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656352)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
08/01/2012 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2656351)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
18/12/2011 HP Memories Disc Creator - Software Update
HP Memories Disc Creator - Software Update
16/12/2011 Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Microsoft has released an update for Microsoft Excel 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Excel
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
16/12/2011 Security Update for Windows XP (KB2639417)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/12/2011 Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
16/12/2011 Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
16/12/2011 Security Update for Windows XP (KB2624667)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/12/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2618444)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
16/12/2011 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
16/12/2011 Windows Malicious Software Removal Tool - December 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
16/12/2011 Update for Windows XP (KB2633952)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2012. After you install this item, you
may have to restart your computer.
16/12/2011 Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
16/12/2011 Security Update for Windows XP (KB2619339)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/12/2011 Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
16/12/2011 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2618451)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
16/12/2011 Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
16/12/2011 Security Update for Windows XP (KB2620712)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/12/2011 Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
A security vulnerability exists in Microsoft PowerPoint 2010
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
16/12/2011 Security Update for Windows XP (KB2633171)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
12/11/2011 Update for Windows XP (KB2641690)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
12/11/2011 Update for Windows Media Player 11 for Windows XP (KB939683)
Install this update to improve how Windows Media Player manages
shortcuts you create and add to the Start menu pinned list. After
you install this item, you may have to restart your computer.
12/11/2011 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2572067)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
11/11/2011 Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 1.1 Service Pack 1 resolves various
issues found after the initial release of .NET Framework 1.1.
These include both security- and non-security-related issues.
After you install this item, you may have to restart your computer.
Once you have installed this item, it cannot be removed.
11/11/2011 Security Update for Windows XP (KB954154)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
10/11/2011 Security Update for Windows XP (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/11/2011 Security Update for Windows XP Service Pack 3 (KB973540)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
10/11/2011 Update for Internet Explorer 8 Compatibility View List for Windows XP (KB2598845)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
10/11/2011 Update for Root Certificates [October 2011] (KB931125)
This item updates the list of root certificates on your computer
to the list that is accepted by Microsoft as part of the Microsoft
Root Certificate Program. Adding additional root certificates
to your computer enables you to use Extended Validation (EV)
certificates in Internet Explorer 7, a greater range of security
enhanced Web browsing, encrypted e-mail, and security enhanced
code delivery. After you install this item, you may have to restart
your computer. Once you have installed this item, it cannot be
removed.
10/11/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871)
Install this update to resolve issues in Microsoft .NET Framework
4. For a complete listing of the issues that are included in
this update, see the associated Microsoft Knowledge Base article
for more information. After you install this item, you may have
to restart your computer.
10/11/2011 Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2533523)
This update addresses stability, reliability, and performance
issues in Microsoft .NET Framework 4. After you install this
item, you may have to restart your computer.
10/11/2011 Dell Inc. - Display - Dell ST2410(Digital)
Dell Inc. Display software update released in May, 2009
10/11/2011 Windows Media Player 11
Windows Media Player 11 offers great new ways to store and enjoy
digital media beyond music. It's easier than ever to access all
of your video, pictures, and recorded TV on your computer. Play
it, view it, organize it, sync it to a portable device for viewing
on the go, or share with devices around your home—all from one
place. After you install this item, you may have to restart your
computer.
10/11/2011 Broadcom - Networking - Broadcom NetXtreme Gigabit Ethernet
Broadcom Networking software update released in July, 2007
10/11/2011 Microsoft .NET Framework version 1.1
The .NET Framework is a component of the Windows operating system.
For developers, the .NET Framework makes it easy to rapidly create
powerful software that maximizes performance, scalability, opportunities
for integration, reliability, security, and the end-user experience,
while minimizing the costs of deployment and management. After
you install this item, you may have to restart your computer.
10/11/2011 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
10/11/2011 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
10/11/2011 Windows Malicious Software Removal Tool - November 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/11/2011 Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
10/11/2011 Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
10/11/2011 Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Microsoft has released an update for Microsoft OneNote 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft OneNote
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
10/11/2011 Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
10/11/2011 Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Microsoft has released an update for Microsoft Outlook 2010 32-Bit
Edition. This update provides the latest fixes to Microsoft Outlook
2010 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
08/11/2011 Security Update for Microsoft Visual C++ 2010 Redistributable Package (KB2467173)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
08/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2416472)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
08/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2539636)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2416472)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2487367)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2572078)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2416472)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2487367)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2478663)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2572078)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
07/11/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2518870)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
07/11/2011 Security Update for Microsoft Chart Controls for Microsoft .NET Framework 3.5 Service Pack 1 (KB2500170)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
Chart Controls for Microsoft .NET Framework 3.5 Service Pack
1 and gain access to information. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
18/10/2011 Service Pack 1 for Microsoft Office 2010 (KB2510690) 32-bit Edition
Service Pack 1 (SP1) for Microsoft Office 2010 (KB2510690) 32-bit
Edition contains new updates which improve security, performance,
and stability. Additionally, the SP is a roll-up of all previously
released updates.
13/10/2011 Security Update for Microsoft Silverlight (KB2617986)
This security update to Silverlight includes fixes outlined in
KBs 2604930 and 2617986. This update is backward compatible with
web applications built using previous versions of Silverlight.
13/10/2011 Security Update for Windows XP (KB2564958)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/10/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2572073)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/10/2011 Windows Malicious Software Removal Tool - October 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
13/10/2011 Security Update for Windows XP (KB2567053)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/10/2011 Security Update for Windows XP (KB2592799)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
13/10/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2586448)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
11/10/2011 Security Update for CAPICOM (KB931906)
A remote code execution vulnerability exists in Cryptographic
API Component Object Model (CAPICOM) that allows an attacker
who successfully exploits this vulnerability to take complete
control of an affected system. CAPICOM can be used as a component
of a 3rd party webpage, script or application. You can protect
your computer by installing this update from Microsoft.
10/10/2011 Update for Microsoft Office 2007 System (KB2539530)
Microsoft has released an update for Microsoft Office 2007 System.
This update provides the latest fixes to Microsoft Office 2007
System. Additionally, this update adds support for the new Indian
rupee currency symbol.
10/10/2011 Security Update for Microsoft Office 2003 Web Components for the 2007 Microsoft Office System (KB947318)
A security vulnerability exists in Microsoft Office 2003 Web
Components for the 2007 Microsoft Office System that could allow
arbitrary code to run when a maliciously modified web page is
opened. This update resolves that vulnerability.
10/10/2011 Security Update for the 2007 Microsoft Office System (KB972581)
A security vulnerability exists in the 2007 Microsoft Office
System that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves the vulnerability
so that the 2007 Microsoft Office System documents are handled
appropriately.
09/10/2011 Security Update for the 2007 Microsoft Office System (KB954326)
A security vulnerability exists in Microsoft Office system 2007
that could allow arbitrary code to run when you open a maliciously
modified file. This update resolves that vulnerability.
09/10/2011 Update for the 2007 Microsoft Office System (KB967642)
This update fixes an error that may occur when installing the
Microsoft Office suite Service Packs.
09/10/2011 Office 2003 Web Components Service Pack 1 for the 2007 Microsoft Office System
Service Pack 1 provides the latest updates to the Microsoft Office
2003 Web Components for the 2007 Microsoft Office System.
28/09/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
21/09/2011 Security Update for Windows XP (KB963093)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
20/09/2011 Security Update for Microsoft Office 2010 (KB2584066), 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Update for Microsoft OneNote 2010 (KB2493983), 32-Bit Edition
Microsoft has released an update for Microsoft Office OneNote
2010, 32-Bit Edition. This update provides fixes associated with
displaying search results. Additionally, this update provides
fixes associated with the optical character recognition (OCR),
indexing, and displaying of inserted documents.
20/09/2011 Update for Microsoft Office 2010 (KB2553092), 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010 System,
32-Bit Edition. This update decreases installation failures for
updates installed on Microsoft Office 2010 System.
20/09/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
20/09/2011 Security Update for Microsoft Office 2010 (KB2289161), 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Update for Microsoft Office 2010 (KB2523113), 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010, 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010, 32-Bit Edition. Additionally, this update adds support
for the new Indian rupee currency symbol.
20/09/2011 Update for Microsoft Office 2010 (KB2566458), 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010, 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010, 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
20/09/2011 Security Update for Microsoft InfoPath 2010 (KB2510065), 32-Bit Edition
A security vulnerability exists in Microsoft Office InfoPath
2010 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Security Update for Microsoft Word 2010 (KB2345000), 32-Bit Edition
A security vulnerability exists in Microsoft Word 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Security Update for Microsoft Excel 2010 (KB2553070), 32-Bit Edition
A security vulnerability exists in Microsoft Excel 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
Microsoft has released an update for Microsoft Office File Validation
2010, 32-bit Edition. This update provides the latest fixes to
Microsoft Office File Validation 2010, 32-bit Edition. Additionally,
this update contains stability and performance improvements.
20/09/2011 Security Update for Microsoft Office 2010 (KB2289078), 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Update for Microsoft Office 2010 (KB2202188), 32-Bit Edition
Microsoft has released an update for Microsoft Office 2010, 32-Bit
Edition. This update provides the latest fixes to Microsoft Office
2010, 32-Bit Edition. Additionally, this update contains stability
and performance improvements.
20/09/2011 Security Update for Microsoft SharePoint Workspace 2010 (KB2566445), 32-Bit Edition
A security vulnerability exists in Microsoft SharePoint Workspace
2010, 32-Bit Edition that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
20/09/2011 Security Update for Microsoft Office 2010 (KB2553096), 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Security Update for Microsoft Publisher 2010 (KB2409055), 32-Bit Edition
A security vulnerability exists in Microsoft Publisher 2010,
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
20/09/2011 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
This update provides the latest junk email and malicious links
filter definitions for Microsoft Office 2010 32-Bit Edition.
20/09/2011 Security Update for Microsoft Office 2010 (KB2553091), 32-Bit Edition
A security vulnerability exists in Microsoft Office 2010, 32-Bit
Edition that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
20/09/2011 Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)
A security issue has been identified leading to MFC application
vulnerability in DLL planting due to MFC not specifying the full
path to system/localization DLLs. You can protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
20/09/2011 Update for Outlook Social Connector 2010 (KB2583935), 32-Bit Edition
Microsoft has released an update for Microsoft Outlook Social
Connector 2010, 32-bit Edition. This update provides the latest
fixes to Microsoft Outlook Social Connector 2010, 32-bit Edition.
Additionally, this update contains stability and performance
improvements.
20/09/2011 Security Update for Microsoft PowerPoint 2010 (KB2519975), 32-Bit Edition
A security vulnerability exists in Microsoft PowerPoint 2010,
32-Bit Edition that could allow arbitrary code to run when a
maliciously modified file is opened. This update resolves that
vulnerability.
16/09/2011 Update for Windows XP (KB2616676)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
16/09/2011 Windows Malicious Software Removal Tool - September 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
16/09/2011 Security Update for Windows XP (KB2570947)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
07/09/2011 Update for Windows XP (KB2607712)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
04/09/2011 Security Update for Windows XP with Windows Media Format Runtime 9.5 and 11 (KB941569)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system using Windows
Media file formats and gain control over it. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
04/09/2011 Update for Windows Media Format 11 SDK for Windows XP (KB929399)
Install this update to resolve a metering issue with the Microsoft
Windows Media Format 11 SDK. After you install this item, you
may have to restart your computer.
04/09/2011 Security Update for Windows Media Encoder 9 Series for Windows XP and Windows Server 2003 (KB2447961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
03/09/2011 Security Update for Windows XP (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
03/09/2011 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
03/09/2011 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3 (KB978695)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
03/09/2011 Security Update for Windows XP Service Pack 3 (KB952069)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Update for Windows XP (KB2570791)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
02/09/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
02/09/2011 Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
02/09/2011 Security Update for Windows XP (KB2567680)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2536276)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2485663)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2507938)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2476490)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2503665)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Update for Windows XP (KB2524375)
Install this update to resolve an issue which requires an update
to the certificate revocation list on Windows systems and to
keep your systems certificate list up to date. After you install
this update, you may have to restart your system.
02/09/2011 Security Update for Windows XP (KB2570222)
A security issue has been identified that could allow an unauthenticated
remote attacker to cause the affected system to stop responding.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
02/09/2011 Security Update for Windows XP (KB2535512)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2412687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Cumulative Security Update for ActiveX Killbits for Windows XP (KB2508272)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
02/09/2011 Security Update for Windows XP (KB2507618)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2508429)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Windows Malicious Software Removal Tool - August 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
02/09/2011 Security Update for Windows XP (KB2506212)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2544893)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain access to
information. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
02/09/2011 Security Update for Windows XP (KB2509553)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2510531)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Update for Windows XP (KB2541763)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
02/09/2011 Security Update for Internet Explorer 8 for Windows XP (KB2544521)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Security Update for Windows XP (KB2555917)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2559049)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
02/09/2011 Security Update for Windows XP (KB2566454)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
02/09/2011 Update Rollup for ActiveX Killbits for Windows XP (KB2562937)
Security issues have been identified in ActiveX controls that
could allow an attacker to compromise a system running Microsoft
Internet Explorer and gain control over it. You can help protect
your system by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB946648)
A security issue has been identified that could allow an unauthenticated,
remote attacker to compromise a system that is running Windows
Messenger and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB2387149)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB976662)
Install this update to improve Internet Explorer 8's JSON interoperability
in conformance with the new ECMAScript, fifth edition standard.
After you install this item, you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB2259922)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2296011)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
17/03/2011 Security Update for Windows XP (KB2115168)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2485376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB975558)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2378111)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB951978)
Install this update to resolve an issue in VBScript/JScript scripts
from CScript\WScript hosts, certain built-ins may not function
correctly when Standards and Formats in Regional Settings is
changed. After you install this item, you may have to restart
your computer.
17/03/2011 Security Update for Windows XP (KB2443105)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2481109)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2440591)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2479628)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB956744)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2347290)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2483185)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB2443685)
Install this update to resolve issues caused by revised daylight
saving time and time zone laws in several countries. This update
enables your computer to automatically adjust the computer clock
on the correct date in 2011. After you install this item, you
may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB2079403)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB979687)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2121546)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB983583)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain complete control over it. You can help
protect your computer by installing this update from Microsoft.
After you install this item, you may have to restart your computer.
17/03/2011 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2482017)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
17/03/2011 Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
A security issue has been identified that could allow an attacker
to compromise your Windows-based system that is running the Microsoft
.NET Framework and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB980436)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB981322)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP3 (KB978695)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2476687)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain access to information.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
17/03/2011 Security Update for Windows XP Service Pack 3 (KB973540)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2419632)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB971029)
Install this update to restrict AutoRun entries in the AutoPlay
dialog to only CD and DVD drives. After you install this item,
you may have to restart your computer.
17/03/2011 Security Update for Windows XP (KB981332)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP Service Pack 3 (KB952069)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB981997)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Jscript 5.8 for Windows XP (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB2141007)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
17/03/2011 Security Update for Windows XP (KB2479943)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Security Update for Windows XP (KB2478971)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
17/03/2011 Update for Windows XP (KB2345886)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
17/03/2011 Security Update for Windows XP (KB982132)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/03/2011 Security Update for Windows XP (KB982665)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/03/2011 Security Update for Windows XP (KB2478960)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/03/2011 Security Update for Windows XP (KB2393802)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/03/2011 Security Update for Windows XP (KB2423089)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
16/03/2011 Security Update for Windows XP (KB2360937)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB946648)
A security issue has been identified that could allow an unauthenticated,
remote attacker to compromise a system that is running Windows
Messenger and gain access to information. You can help protect
your computer by installing this update from Microsoft. After
you install this item, you may have to restart your computer.
30/09/2010 Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB974417)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB970430)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
30/09/2010 Update for Windows XP (KB961118)
Install this update to resolve an issue in which an Inbox Printer
driver may be unsigned after you install the Microsoft .NET Framework
3.5 SP1. After you install this item, you may have to restart
your computer.
30/09/2010 Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524)
This update addresses a set of known issues of the Microsoft
.NET Framework 3.5 Service Pack 1. After you install this item,
you may have to restart your computer.
30/09/2010 Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707)
The update to .NET Framework 3.5 Service Pack 1 for the .NET
Framework Assistant 1.0 for Firefox addresses several compatibility
issues with version 1.0 of the extension.
30/09/2010 Update for Windows XP (KB971737)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
30/09/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows Server 2003 and Windows XP x86 (KB982168)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
30/09/2010 Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909)
A security issue has been identified that could allow an attacker
to tamper with digitally signed content without being detected,
when this content is being consumed by an application that makes
use of the Microsoft .NET Framework on a Windows-based system.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
30/09/2010 Update for Internet Explorer 8 Dynamic Installer Compatibility View List for Windows XP (KB2362765)
This Compatibility View List update helps make Web sites that
are designed for older browsers look better in Internet Explorer
8. When users install Internet Explorer 8, they will be given
a choice about opting-in to a list of sites that should be displayed
in Compatibility View. After you install this item, you may have
to restart Internet Explorer.
30/09/2010 Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB2183461)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Cumulative Security Update for Internet Explorer 8 Dynamic Installer for Windows XP (KB982381)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 February 2007 CardSpace Update for Windows XP (KB925720)
This update rollup for Windows includes the hotfixes for Windows
CardSpace private desktop described in KB article 925720. After
you install this item, you may have to restart your computer.
30/09/2010 Windows XP Service Pack 3 (KB936929)
Windows XP Service Pack 3 (SP3) is an update to Windows XP that
addresses key feedback from our customers and is a cumulative
update that includes all previously released updates for Windows
XP, including security updates. Windows XP SP3 contains a small
number of new updates and should not significantly change the
Windows XP experience. After you install this item, you may have
to restart your computer.
30/09/2010 Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86
Microsoft .NET Framework 3.5 Service Pack 1 is a full cumulative
update that contains many new features building incrementally
upon .NET Framework 2.0, 3.0, 3.5, and includes cumulative servicing
updates to the .NET Framework 2.0 and .NET Framework 3.0 subcomponents.
The .NET Framework 3.5 Family Update provides important application
compatibility updates. This combined Service Pack and update
is applicable to .NET versions 2.0 through 3.5.
30/09/2010 Security Update for Windows XP (KB980218)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB951376)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB952954)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB959426)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB956803)
A security issue has been identified that could allow an authenticated
local attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB960859)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB971468)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB979683)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB958869)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 2 (KB954155)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Windows Internet Explorer 7 for Windows XP
This free upgrade to Internet Explorer customers offers improvements
such as enhanced security, a cleaner look, and features to make
everyday tasks such as printing and searching the web easier.
This upgrade preserves your current home page, search settings,
favorites, and compatible toolbars, and can be uninstalled if
you decide to do so.
30/09/2010 Security Update for Windows XP (KB980232)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB981350)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB955759)
An issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB974318)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB969059)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB2229593)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB950974)
A security issue has been identified in Event System on Microsoft
Windows based systems that could allow an attacker to compromise
your Microsoft Windows-based system and gain control over it.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
30/09/2010 Security Update for Windows XP (KB978037)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB975713)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB971657)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB978338)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
30/09/2010 Security Update for Windows XP (KB960225)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
30/09/2010 Security Update for Windows XP (KB972270)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB974112)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB956572)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB956844)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB961501)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB975561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP Service Pack 2 (KB952069)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB973869)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB975025)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP Service Pack 2 (KB973540)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB952004)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB974571)
A security issue has been identified that could allow an attacker
to misrepresent a system action or behavior without the knowledge
of the user. You can help protect your system by installing this
update from Microsoft. After you install this update, you may
have to restart your system.
30/09/2010 Security Update for Windows XP (KB975560)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB973507)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB977816)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB973687)
Install this update to prevent applications from sending too
many HTTP requests while a well-known Document Type Definition
(DTD) is included. After you install this item, you may have
to restart your computer.
30/09/2010 Security Update for Windows XP (KB950762)
A security issue has been identified that could allow an unauthenticated,
remote attacker to cause the affected system to stop responding.
You can help protect your computer by installing this update
from Microsoft. After you install this item, you may have to
restart your computer.
30/09/2010 Security Update for Windows XP (KB978601)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB979559)
A security issue has been identified that could allow an authenticated
local attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB952287)
Install this update to resolve an issue in which a malfunction
or data loss occurs when using Microsoft Data Access Components
(MDAC) components on computers that are running Windows XP SP2
or XP SP3. After you install this item, you may have to restart
your computer.
30/09/2010 Security Update for Windows XP (KB973904)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB967715)
Install this update to resolve an issue in which AutoRun features
were not correctly disabled. After you install this item, you
may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB974392)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB977914)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB951748)
A security issue has been identified that could allow a remote
attacker to misrepresent a system action or behavior unbeknownst
to users on Microsoft Windows systems. You can help protect your
computer by installing this update from Microsoft. After you
install this item, you may have to restart your computer.
30/09/2010 Security Update for Jscript 5.6 for Windows XP (KB971961)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB978542)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB970238)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB979309)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP2 (KB978695)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB979482)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB978706)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB958470)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB901190)
A security issue has been identified that could allow an attacker
to remotely compromise your Windows-based system and gain control
over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have
to restart your computer.
30/09/2010 Security Update for Windows XP (KB960803)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB973815)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB975562)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB971032)
A security issue has been identified that could allow an authenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB958644)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your Microsoft Windows-based system
and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB955069)
A security issue has been identified in the way Microsoft XML
Core Services (MSXML) is handled that could allow an attacker
to compromise a computer that is running Microsoft Windows and
gain control over it. You can help protect your computer by installing
this update from Microsoft. After you install this item, you
may have to restart your computer.
30/09/2010 Security Update for Windows Media Player 9 for Windows XP SP2 (KB979402)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Security Update for Windows XP (KB956802)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Cumulative Security Update for Internet Explorer 6 for Windows XP (KB982381)
Security issues have been identified that could allow an attacker
to compromise a system that is running Microsoft Internet Explorer
and gain control over it. You can help protect your system by
installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB944338)
A security issue has been identified in VBScript and Jscript
that could allow an attacker to compromise your Microsoft Windows-based
system and gain control over it. You can help protect your computer
by installing this update from Microsoft. After you install this
item, you may have to restart your computer.
30/09/2010 Security Update for Windows XP (KB923561)
A security issue has been identified that could allow an unauthenticated
remote attacker to compromise your system and gain control over
it. You can help protect your system by installing this update
from Microsoft. After you install this update, you may have to
restart your system.
30/09/2010 Update for Windows XP (KB968389)
Install this update to help strengthen authentication credentials
in specific scenarios. After you install this item, you may have
to restart your computer.
30/09/2010 Microsoft Windows Installer 3.1
The Microsoft Windows Installer 3.1 is the application installation
and configuration service for Windows. The additional features
in version 3.1 help make creating, distributing, and managing
updates to applications easier and more efficient.
System Folders
Path for burning CD C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\CD Burning
Application Data C:\Documents and Settings\All Users\Application Data
Public Desktop C:\Documents and Settings\All Users\Desktop
Documents C:\Documents and Settings\All Users\Documents
Music C:\Documents and Settings\All Users\Documents\My Music
Pictures C:\Documents and Settings\All Users\Documents\My Pictures
Start Menu Programs C:\Documents and Settings\All Users\Start Menu\Programs
Start Menu C:\Documents and Settings\All Users\Start Menu
Startup C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Templates C:\Documents and Settings\All Users\Templates
Videos C:\Documents and Settings\All Users\Documents\My Videos
Cookies C:\Documents and Settings\user\Cookies
Desktop C:\Documents and Settings\user\Desktop
Physical Desktop C:\Documents and Settings\user\Desktop
User Favorites C:\Documents and Settings\user\Favorites
Fonts C:\WINDOWS\Fonts
Internet History C:\Documents and Settings\user\Local Settings\History
Temporary Internet Files C:\Documents and Settings\user\Local Settings\Temporary Internet Files
Local Application Data C:\Documents and Settings\user\Local Settings\Application Data
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Program Files C:\Program Files
Services
Running Adobe Active File Monitor V8
Running Alerter
Running Apple Mobile Device
Running Application Layer Gateway Service
Running Autodesk Moldflow Adviser 2012 Job Manager
Running Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager
Running Automatic Updates
Running Bonjour Service
Running COM+ Event System
Running Computer Browser
Running CryptSvc
Running DCOM Server Process Launcher
Running DHCP Client
Running Diskeeper
Running DNS Client
Running Error Reporting Service
Running Event Log
Running Extensible Authentication Protocol Service
Running Fast User Switching Compatibility
Running Help and Support
Running HID Input Service
Running Internet Pass-Through Service
Running IPSEC Services
Running iTap mobile Connect
Running Java Quick Starter
Running Materialise Local License Server 6.0
Running mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit
Running Network Connections
Running Network Location Awareness (NLA)
Running NitroPDFDriverCreatorReadSpool
Running NLS Service
Running NVIDIA Driver Helper Service
Running Plug and Play
Running Print Spooler
Running Protected Storage
Running Protexis Licensing V2
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Sentinel Keys Server
Running Sentinel Security Runtime
Running Server
Running Shell Hardware Detection
Running SSDP Discovery Service
Running System Event Notification
Running System Restore Service
Running Task Scheduler
Running Telephony
Running Terminal Services
Running Themes
Running Windows Audio
Running Windows Firewall/Internet Connection Sharing (ICS)
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Wired AutoConfig
Running Wireless Zero Configuration
Running Workstation
Stopped .NET Runtime Optimization Service v2.0.50727_X86
Stopped Adobe Flash Player Update Service
Stopped Application Management
Stopped ASP.NET State Service
Stopped Ati HotKey Poller
Stopped ATI Smart
Stopped BITS
Stopped Client Update Service for Novell
Stopped ClipBook
Stopped COM+ System Application
Stopped Distributed Link Tracking Client
Stopped Distributed Transaction Coordinator
Stopped FLEXnet Licensing Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped hddrsrv
Stopped Health Key and Certificate Management Service
Stopped HTTP SSL
Stopped IMAPI CD-Burning COM Service
Stopped Indexing Service
Stopped InstallDriver Table Manager
Stopped iPod Service
Stopped Kaspersky Anti-Virus Service
Stopped KMService
Stopped Logical Disk Manager
Stopped Logical Disk Manager Administrative Service
Stopped Messenger
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Mozilla Maintenance Service
Stopped MS Software Shadow Copy Provider
Stopped Net Logon
Stopped Net.Tcp Port Sharing Service
Stopped NetMeeting Remote Desktop Sharing
Stopped Network Access Protection Agent
Stopped Network DDE
Stopped Network DDE DSDM
Stopped Network Provisioning Service
Stopped NT LM Security Support Provider
Stopped NVIDIA Update Service Daemon
Stopped Office Source Engine
Stopped Office Software Protection Platform
Stopped Performance Logs and Alerts
Stopped Portable Media Serial Number Service
Stopped QoS RSVP
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Help Session Manager
Stopped Remote Packet Capture Protocol v.0 (experimental)
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Remote Solver for Flow Simulation 2012
Stopped Removable Storage
Stopped Routing and Remote Access
Stopped Sentinel Protection Server
Stopped Skype Updater
Stopped Smart Card
Stopped SolidWorks Licensing Service
Stopped SW Distributed TS Coordinator Service
Stopped SwitchBoard
Stopped TCP/IP NetBIOS Helper
Stopped Telnet
Stopped Uninterruptible Power Supply
Stopped Universal Plug and Play Device Host
Stopped Visual Studio 2005 Remote Debugger
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows CardSpace
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Installer
Stopped Windows Management Instrumentation Driver Extensions
Stopped Windows Media Player Network Sharing Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WMI Performance Adapter
Security Options
Accounts: Administrator account status Enabled
Accounts: Guest account status Enabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Administrators
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Enabled
Devices: Restrict floppy access to locally logged-on user only Enabled
Devices: Unsigned driver installation behavior Warn but allow installation
Domain controller: Allow server operators to schedule tasks Not defined
Domain controller: LDAP server signing requirements Not defined
Domain controller: Refuse machine account password changes Not defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Disabled
Interactive logon: Display user information when the session is locked Not defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 14 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Not defined
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of credentials or .NET Passports for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously COMNAP,COMNODE,SQL\QUERY,SPOOLSS,LLSRPC,EPMAPPER,LOCATOR,TrkWks,TrkSvr
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Control\Server Applications,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration
Network access: Shares that can be accessed anonymously COMCFG,DFS$
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Network security: Do not store LAN Manager hash value on next password change Disabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Send LM & NTLM responses
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients No minimum
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers No minimum
Recovery console: Allow automatic administrative logon Enabled
Recovery console: Allow floppy copy and access to all drives and all folders Enabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Default owner for objects created by members of the Administrators group Object creator
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
Device Tree
ACPI Multiprocessor PC
Microsoft ACPI-Compliant System
ACPI Fixed Feature Button
Intel Xeon CPU 3.60GHz
Intel Xeon CPU 3.60GHz
Intel Xeon CPU 3.60GHz
Intel Xeon CPU 3.60GHz
System board
ACPI Power Button
Microsoft Windows Management Interface for ACPI
PCI bus
Intel E7525 Memory Controller Hub - 359E
Vinyl AC'97 Codec Combo Driver (WDM)
Motherboard resources
Motherboard resources
Motherboard resources
Intel® E7525/E7520/E7320 PCI Express Root Port A0 - 3595
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
PCI standard PCI-to-PCI bridge
Renesas Electronics USB 3.0 Host Controller
Renesas Electronics USB 3.0 Root Hub
PCI standard PCI-to-PCI bridge
Marvell 91xx SATA 6G Controller
Intel® E7525/E7520/E7320 PCI Express Root Port A1 - 3596
Broadcom NetXtreme Gigabit Ethernet #3
Intel® E7525/E7520 PCI Express Root Port B0 - 3597
NVIDIA GeForce GTX 480
Plug and Play Monitor
Microsoft UAA Bus Driver for High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
Intel® 82801EB USB Universal Host Controller - 24D2
USB Root Hub
Microsoft USB IntelliMouse Explorer 3.0
Microsoft USB IntelliMouse Explorer 3.0 (IntelliPoint)
Intel® 82801EB USB Universal Host Controller - 24D4
USB Root Hub
Intel® 82801EB USB Universal Host Controller - 24D7
USB Root Hub
Intel® 82801EB USB Universal Host Controller - 24DE
USB Root Hub
Intel® 82801EB USB2 Enhanced Host Controller - 24DD
USB Root Hub
USB Mass Storage Device (TurboUSB)
PIONEER BD-RW BDR-206 USB Device
Intel® 82801 PCI Bridge - 244E
VIA VT6421 RAID Controller
3Com 3C996 10/100/1000 Server NIC
Intel® 82801EB LPC Interface Controller - 24D0
ISAPNP Read Data Port
Numeric data processor
Programmable interrupt controller
System timer
Direct memory access controller
System CMOS/real time clock
System speaker
PS/2 Compatible Mouse
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Communications Port (COM1)
Standard floppy disk controller
Advanced programmable interrupt controller
ECP Printer Port (LPT1)
Printer Port Logical Interface
Intel® 82801EB Ultra ATA Storage Controllers
Primary IDE Channel
Secondary IDE Channel
PHILIPS DVD8421
Intel® 82801EB Ultra ATA Storage Controllers
Secondary IDE Channel
Primary IDE Channel
Hitachi HDS5C1010CLA382
CPU
Intel Xeon
Cores 1
Threads 2
Name Intel Xeon
Code Name Nocona
Package Socket 604 mPGA
Technology 90nm
Specification Intel Xeon CPU 3.60GHz
Family F
Extended Family F
Model 4
Extended Model 4
Stepping 1
Revision E0
Instructions MMX, SSE, SSE2, SSE3, Intel 64
Virtualization Not supported
Hyperthreading Supported, Enabled
Fan Speed 1612 RPM
Bus Speed 200.0 MHz
Rated Bus Speed 800.0 MHz
Stock Core Speed 3600 MHz
Stock Bus Speed 200 MHz
Caches
L1 Data Cache Size 16 KBytes
L1 trace cache 12 Kµops
L2 Unified Cache Size 1024 KBytes
Core 0
Core Speed 3600.1 MHz
Multiplier x 18.0
Bus Speed 200.0 MHz
Rated Bus Speed 800.0 MHz
Thread 1
APIC ID 0
Thread 2
APIC ID 1
Intel Xeon
Cores 1
Threads 2
Name Intel Xeon
Code Name Nocona
Package Socket 604 mPGA
Technology 90nm
Specification Intel Xeon CPU 3.60GHz
Family F
Extended Family F
Model 4
Extended Model 4
Stepping 1
Revision E0
Instructions MMX, SSE, SSE2, SSE3, Intel 64
Virtualization Not supported
Hyperthreading Supported, Enabled
Fan Speed 1612 RPM
Bus Speed 200.0 MHz
Rated Bus Speed 800.0 MHz
Stock Core Speed 3600 MHz
Stock Bus Speed 200 MHz
Caches
L1 Data Cache Size 16 KBytes
L1 trace cache 12 Kµops
L2 Unified Cache Size 1024 KBytes
Core 0
Core Speed 3600.1 MHz
Multiplier x 18.0
Bus Speed 200.0 MHz
Rated Bus Speed 800.0 MHz
Thread 1
APIC ID 6
Thread 2
APIC ID 7
RAM
Memory slots
Total memory slots 5
Used memory slots 5
Free memory slots 0
Memory
Type DDR2
Size 4096 MBytes
Channels # Dual
DRAM Frequency 200.0 MHz
CAS# Latency (CL) 3 clocks
RAS# to CAS# Delay (tRCD) 3 clocks
RAS# Precharge (tRP) 3 clocks
Bank Cycle Time (tRC) 11 clocks
Physical Memory
Memory Usage 25 %
Total Physical 3.37 GB
Available Physical 2.51 GB
Total Virtual 7.24 GB
Available Virtual 6.53 GB
SPD
Number Of SPD Modules 4
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Micron Technology
Max Bandwidth PC2-3200 (200 MHz)
Part Number 18HTF12872Y-40EB3
Serial Number 8F09EA5E
Week/year 41 / 05
SPD Ext. EPP
JEDEC #2
Frequency 200.0 MHz
CAS# Latency 4.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Micron Technology
Max Bandwidth PC2-3200 (200 MHz)
Part Number 18HTF12872Y-40EB3
Serial Number 69B20C59
Week/year 13 / 06
SPD Ext. EPP
JEDEC #2
Frequency 200.0 MHz
CAS# Latency 4.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
Slot #3
Type DDR2
Size 1024 MBytes
Manufacturer Infineon
Max Bandwidth PC2-3200 (200 MHz)
Part Number 72T128000HR5A
Serial Number 0408CB13
Week/year 22 / 05
SPD Ext. EPP
JEDEC #3
Frequency 200.0 MHz
CAS# Latency 5.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #2
Frequency 200.0 MHz
CAS# Latency 4.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
Slot #4
Type DDR2
Size 1024 MBytes
Manufacturer Infineon
Max Bandwidth PC2-3200 (200 MHz)
Part Number 72T128000HR5A
Serial Number 0408CC13
Week/year 22 / 05
SPD Ext. EPP
JEDEC #3
Frequency 200.0 MHz
CAS# Latency 5.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #2
Frequency 200.0 MHz
CAS# Latency 4.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 8
tRC 11
Voltage 1.800 V
Motherboard
Manufacturer Hewlett-Packard
Model 08B8h (XU1 PROCESSOR)
Chipset Vendor Intel
Chipset Model E7525
Chipset Revision 0C
Southbridge Vendor Intel
Southbridge Model 82801EB (ICH5)
Southbridge Revision 02
System Temperature 54 °C
BIOS
Brand Hewlett-Packard
Version 786B7 v2.10
Date 09/05/2006
PCI Data
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width Unknown
Slot Designation Slot 1 (PCI Express x16)
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation Slot 2 (PCI)
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation Slot 3 (PCI)
Slot Number 2
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation Slot 4 (PCI)
Slot Number 3
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation Slot 5 (PCI)
Slot Number 4
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width Unknown
Slot Designation Slot 6 (PCI Express x4)
Slot Number 5
Graphics
Monitor
Name DELL ST2410 on NVIDIA GeForce GTX 480
Current Resolution 1920x1080 pixels
Work Resolution 1920x1050 pixels
State enabled, primary, output devices support
Monitor Width 1920
Monitor Height 1080
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce GTX 480
GPU GF100
Device ID 10DE-06C0
Revision A4
Subvendor nVidia (10DE)
Die Size 526 nm²
Release Date Mar 26, 2010
DirectX Support 11.0
OpenGL Support 5.0
Bus Interface PCI Express x16
Temperature 42 °C
GPU Clock 0 MHz
Memory Clock 1848 MHz
Driver version 6.14.13.142
BIOS Version 70.00.21.00.02
ROPs 48
Shaders 480 unified
Memory Type GDDR5
Physical Memory 1535 MB
Virtual Memory 1536 MB
Bus Width 64x6 (384 bit)
Filtering Modes 16x Anisotropic
OpenGL
Version 4.2.0
Vendor NVIDIA Corporation
Renderer GeForce GTX 480/PCIe/SSE2
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 8
GL_MAX_TEXTURE_SIZE 16384
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_AMD_multi_draw_indirect
GL_ARB_base_instance
GL_ARB_blend_func_extended
GL_ARB_color_buffer_float
GL_ARB_compatibility
GL_ARB_compressed_texture_pixel_storage
GL_ARB_conservative_depth
GL_ARB_copy_buffer
GL_ARB_depth_buffer_float
GL_ARB_depth_clamp
GL_ARB_depth_texture
GL_ARB_draw_buffers
GL_ARB_draw_buffers_blend
GL_ARB_draw_indirect
GL_ARB_draw_elements_base_vertex
GL_ARB_draw_instanced
GL_ARB_ES2_compatibility
GL_ARB_explicit_attrib_location
GL_ARB_fragment_coord_conventions
GL_ARB_fragment_program
GL_ARB_fragment_program_shadow
GL_ARB_fragment_shader
GL_ARB_framebuffer_object
GL_ARB_framebuffer_sRGB
GL_ARB_geometry_shader4
GL_ARB_get_program_binary
GL_ARB_gpu_shader5
GL_ARB_gpu_shader_fp64
GL_ARB_half_float_pixel
GL_ARB_half_float_vertex
GL_ARB_imaging
GL_ARB_instanced_arrays
GL_ARB_internalformat_query
GL_ARB_map_buffer_alignment
GL_ARB_map_buffer_range
GL_ARB_multisample
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_occlusion_query2
GL_ARB_pixel_buffer_object
GL_ARB_point_parameters
GL_ARB_point_sprite
GL_ARB_provoking_vertex
GL_ARB_robustness
GL_ARB_sample_shading
GL_ARB_sampler_objects
GL_ARB_seamless_cube_map
GL_ARB_separate_shader_objects
GL_ARB_shader_atomic_counters
GL_ARB_shader_bit_encoding
GL_ARB_shader_image_load_store
GL_ARB_shader_objects
GL_ARB_shader_precision
GL_ARB_shader_subroutine
GL_ARB_shading_language_100
GL_ARB_shading_language_420pack
GL_ARB_shading_language_include
GL_ARB_shading_language_packing
GL_ARB_shadow
GL_ARB_sync
GL_ARB_tessellation_shader
GL_ARB_texture_border_clamp
GL_ARB_texture_buffer_object
GL_ARB_texture_buffer_object_rgb32
GL_ARB_texture_compression
GL_ARB_texture_compression_bptc
GL_ARB_texture_compression_rgtc
GL_ARB_texture_cube_map
GL_ARB_texture_cube_map_array
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_crossbar
GL_ARB_texture_env_dot3
GL_ARB_texture_float
GL_ARB_texture_gather
GL_ARB_texture_mirrored_repeat
GL_ARB_texture_multisample
GL_ARB_texture_non_power_of_two
GL_ARB_texture_query_lod
GL_ARB_texture_rectangle
GL_ARB_texture_rg
GL_ARB_texture_rgb10_a2ui
GL_ARB_texture_storage
GL_ARB_texture_swizzle
GL_ARB_timer_query
GL_ARB_transform_feedback2
GL_ARB_transform_feedback3
GL_ARB_transform_feedback_instanced
GL_ARB_transpose_matrix
GL_ARB_uniform_buffer_object
GL_ARB_vertex_array_bgra
GL_ARB_vertex_array_object
GL_ARB_vertex_attrib_64bit
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_vertex_shader
GL_ARB_vertex_type_2_10_10_10_rev
GL_ARB_viewport_array
GL_ARB_window_pos
GL_ATI_draw_buffers
GL_ATI_texture_float
GL_ATI_texture_mirror_once
GL_S3_s3tc
GL_EXT_texture_env_add
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_bindable_uniform
GL_EXT_blend_color
GL_EXT_blend_equation_separate
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_compiled_vertex_array
GL_EXT_Cg_shader
GL_EXT_depth_bounds_test
GL_EXT_direct_state_access
GL_EXT_draw_buffers2
GL_EXT_draw_instanced
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_framebuffer_blit
GL_EXT_framebuffer_multisample
GL_EXTX_framebuffer_mixed_formats
GL_EXT_framebuffer_object
GL_EXT_framebuffer_sRGB
GL_EXT_geometry_shader4
GL_EXT_gpu_program_parameters
GL_EXT_gpu_shader4
GL_EXT_multi_draw_arrays
GL_EXT_packed_depth_stencil
GL_EXT_packed_float
GL_EXT_packed_pixels
GL_EXT_pixel_buffer_object
GL_EXT_point_parameters
GL_EXT_provoking_vertex
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_shader_objects
GL_EXT_separate_specular_color
GL_EXT_shader_image_load_store
GL_EXT_shadow_funcs
GL_EXT_stencil_two_side
GL_EXT_stencil_wrap
GL_EXT_texture3D
GL_EXT_texture_array
GL_EXT_texture_buffer_object
GL_EXT_texture_compression_dxt1
GL_EXT_texture_compression_latc
GL_EXT_texture_compression_rgtc
GL_EXT_texture_compression_s3tc
GL_EXT_texture_cube_map
GL_EXT_texture_edge_clamp
GL_EXT_texture_env_combine
GL_EXT_texture_env_dot3
GL_EXT_texture_filter_anisotropic
GL_EXT_texture_format_BGRA8888
GL_EXT_texture_integer
GL_EXT_texture_lod
GL_EXT_texture_lod_bias
GL_EXT_texture_mirror_clamp
GL_EXT_texture_object
GL_EXT_texture_shared_exponent
GL_EXT_texture_sRGB
GL_EXT_texture_sRGB_decode
GL_EXT_texture_storage
GL_EXT_texture_swizzle
GL_EXT_texture_type_2_10_10_10_REV
GL_EXT_timer_query
GL_EXT_transform_feedback2
GL_EXT_vertex_array
GL_EXT_vertex_array_bgra
GL_EXT_vertex_attrib_64bit
GL_EXT_import_sync_object
GL_IBM_rasterpos_clip
GL_IBM_texture_mirrored_repeat
GL_KTX_buffer_region
GL_NV_alpha_test
GL_NV_blend_minmax
GL_NV_blend_square
GL_NV_complex_primitives
GL_NV_conditional_render
GL_NV_copy_depth_to_color
GL_NV_copy_image
GL_NV_depth_buffer_float
GL_NV_depth_clamp
GL_NV_explicit_multisample
GL_NV_fbo_color_attachments
GL_NV_fence
GL_NV_float_buffer
GL_NV_fog_distance
GL_NV_fragdepth
GL_NV_fragment_program
GL_NV_fragment_program_option
GL_NV_fragment_program2
GL_NV_framebuffer_multisample_coverage
GL_NV_geometry_shader4
GL_NV_gpu_program4
GL_NV_gpu_program4_1
GL_NV_gpu_program5
GL_NV_gpu_program_fp64
GL_NV_gpu_shader5
GL_NV_half_float
GL_NV_light_max_exponent
GL_NV_multisample_coverage
GL_NV_multisample_filter_hint
GL_NV_occlusion_query
GL_NV_packed_depth_stencil
GL_NV_parameter_buffer_object
GL_NV_parameter_buffer_object2
GL_NV_path_rendering
GL_NV_pixel_data_range
GL_NV_point_sprite
GL_NV_primitive_restart
GL_NV_register_combiners
GL_NV_register_combiners2
GL_NV_shader_atomic_counters
GL_NV_shader_atomic_float
GL_NV_shader_buffer_load
GL_NV_texgen_reflection
GL_NV_texture_barrier
GL_NV_texture_compression_vtc
GL_NV_texture_env_combine4
GL_NV_texture_expand_normal
GL_NV_texture_lod_clamp
GL_NV_texture_multisample
GL_NV_texture_rectangle
GL_NV_texture_shader
GL_NV_texture_shader2
GL_NV_texture_shader3
GL_NV_transform_feedback
GL_NV_transform_feedback2
GL_NV_vertex_array_range
GL_NV_vertex_array_range2
GL_NV_vertex_attrib_integer_64bit
GL_NV_vertex_buffer_unified_memory
GL_NV_vertex_program
GL_NV_vertex_program1_1
GL_NV_vertex_program2
GL_NV_vertex_program2_option
GL_NV_vertex_program3
GL_NVX_conditional_render
GL_NVX_gpu_memory_info
GL_OES_depth24
GL_OES_depth32
GL_OES_depth_texture
GL_OES_element_index_uint
GL_OES_fbo_render_mipmap
GL_OES_get_program_binary
GL_OES_mapbuffer
GL_OES_packed_depth_stencil
GL_OES_rgb8_rgba8
GL_OES_standard_derivatives
GL_OES_texture_3D
GL_OES_texture_float
GL_OES_texture_float_linear
GL_OES_texture_half_float
GL_OES_texture_half_float_linear
GL_OES_texture_npot
GL_OES_vertex_array_object
GL_OES_vertex_half_float
GL_SGIS_generate_mipmap
GL_SGIS_texture_lod
GL_SGIX_depth_texture
GL_SGIX_shadow
GL_SUN_slice_accum
GL_WIN_swap_hint
WGL_EXT_swap_control
GL_EXT_bgra
Hard Drives
Hitachi HDS5C1010CLA382
Manufacturer Hitachi
Product Family Deskstar
Series Prefix Standard
Model Capacity For This Specific Drive 100GB
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number JC0950HX1L086H
LBA Size 48-bit LBA
Power On Count 206 times
Power On Time 471.4 days
Speed, Expressed in Revolutions Per Minute (rpm) 5700
Features S.M.A.R.T., APM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 932GB
Real size 1,000,204,886,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (100 worst) Data 0000000000
02 Throughput Performance 136 (136) Data 0000000074
03 Spin-Up Time 145 (145) Data 0000C00121
04 Start/Stop Count 100 (100) Data 00000000E0
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 133 (133) Data 0000000025
09 Power-On Hours (POH) 099 (099) Data 0000002C31
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 00000000CE
C0 Power-off Retract Count 100 (100) Data 00000000E5
C1 Load/Unload Cycle Count 100 (100) Data 00000000E5
C2 Temperature 193 (193) Data 000011001F
C4 Reallocation Event Count 100 (100) Data 0000000000
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
Temperature 31 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number 34FD88BA
Size 932GB
Used Space 345GB (38%)
Free Space 586GB (62%)
Optical Drives
No optical disk drives detected
Audio
Sound Cards
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
Vinyl AC'97 Codec Combo Driver (WDM)
Playback Device
Vinyl AC'97 Audio (WAVE)
Recording Device
Vinyl AC'97 Audio (WAVE)
Speaker Configuration
Speaker Configuration
Speaker type Stereo
Peripherals
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device Kind Keyboard
Device Name Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 7-1-2001
Version 5.1.2600.2180
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
PS/2 Compatible Mouse
Device Kind Mouse
Device Name PS/2 Compatible Mouse
Vendor Microsoft
Location plugged into PS/2 mouse port
Driver
Date 7-1-2001
Version 5.1.2600.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Microsoft USB IntelliMouse Explorer 3.0 (IntelliPoint)
Device Kind Mouse
Device Name Microsoft USB IntelliMouse Explorer 3.0 (IntelliPoint)
Vendor Microsoft
Location Location 0
Driver
Date 5-18-2011
Version 8.20.409.0
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\point32.sys
File C:\WINDOWS\system32\wdfcoinstaller01009.dll
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor SANDISK
Comment SanDisk Extreme USB Device
Location Location 0
Driver
Date 7-1-2001
Version 5.1.2535.0
File C:\WINDOWS\system32\DRIVERS\disk.sys
Printers
hp deskjet 960c (Default Printer)
Printer Port USB002
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name hp deskjet 960c (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
hp deskjet 990c
Printer Port USB001
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name hp deskjet 990c (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Nitro PDF Creator
Printer Port Nitro PDF Port:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 4294967292 dpi Color
Status Unknown
Driver
Driver Name Nitro PDF Driver (v5.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\NitroGraphics.dll
Send To OneNote 2010
Printer Port nul:
Print Processor MS_XPS
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote 2010 Driver (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
SnagIt 9
Printer Port C:\Documents and Settings\All Users\Application Data\TechSmith\SnagIt 9\PrinterPortFile
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Color
Status Unknown
Driver
Driver Name SnagIt 9 Printer (v6.00)
Driver Path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
Network
You are connected to the internet
Connected through 3Com 3C996 10/100/1000 Server NIC - Packet Scheduler Miniport
IP Address 192.168.1.2
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 78.149.82.115
Adapter Type Ethernet
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Broadcast node
Link Speed 0 Bps
Computer Name
NetBIOS Name USER-24DEB876B6
DNS Name user-24deb876b6
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Enabled
Console
State Active
Domain USER-24DEB876B6
RDP-Tcp
State Listen
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Wi-Fi not enabled
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Guest only - local users authenticate as Guest
Adapters List
Broadcom NetXtreme Gigabit Ethernet #3 - Packet Scheduler Miniport
IP Address 169.254.177.24
Subnet mask 255.255.0.0
3Com 3C996 10/100/1000 Server NIC - Packet Scheduler Miniport
IP Address 192.168.1.2
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
TEMP C:\TEMP
DOWNLOADS C:\DOWNLOADS
Current TCP Connections
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe (1088)
Local 0.0.0.0:7511 LISTEN
C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (468)
Local 0.0.0.0:20704 LISTEN
C:\Program Files\Autodesk\Moldflow Adviser 2012\bin\amajm.exe (1652)
Local 0.0.0.0:20637 LISTEN
C:\Program Files\Bonjour\mDNSResponder.exe (1764)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:1041 (Querying... )
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1672)
Local 127.0.0.1:1041 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
Local 127.0.0.1:27015 LISTEN
C:\Program Files\Common Files\Materialise\LicenseFiles6\LicSrv60.exe (580)
Local 0.0.0.0:7351 LISTEN
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (2472)
Local 0.0.0.0:7001 LISTEN
Local 0.0.0.0:7002 LISTEN
C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe (560)
Local 0.0.0.0:8256 LISTEN
Local 0.0.0.0:31038 LISTEN
C:\Program Files\Google\Chrome\Application\chrome.exe (1732)
Local 192.168.1.2:1302 ESTABLISHED Remote 173.194.67.104:80 (Querying... ) (HTTP)
Local 192.168.1.2:1303 ESTABLISHED Remote 173.194.67.104:80 (Querying... ) (HTTP)
Local 192.168.1.2:1306 ESTABLISHED Remote 173.194.41.109:443 (Querying... ) (HTTPS)
Local 192.168.1.2:1312 ESTABLISHED Remote 23.45.140.20:80 (Querying... ) (HTTP)
Local 192.168.1.2:1313 ESTABLISHED Remote 173.194.41.121:80 (Querying... ) (HTTP)
Local 192.168.1.2:1329 ESTABLISHED Remote 8.19.18.41:80 (Querying... ) (HTTP)
Local 192.168.1.2:1331 ESTABLISHED Remote 173.194.41.124:80 (Querying... ) (HTTP)
Local 192.168.1.2:1252 ESTABLISHED Remote 173.194.67.94:80 (Querying... ) (HTTP)
Local 192.168.1.2:1253 ESTABLISHED Remote 173.194.67.94:80 (Querying... ) (HTTP)
Local 192.168.1.2:1260 ESTABLISHED Remote 74.125.228.127:80 (Querying... ) (HTTP)
Local 192.168.1.2:1266 ESTABLISHED Remote 173.194.67.95:80 (Querying... ) (HTTP)
Local 192.168.1.2:1271 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1272 ESTABLISHED Remote 23.45.140.20:80 (Querying... ) (HTTP)
Local 192.168.1.2:1274 ESTABLISHED Remote 23.67.95.139:80 (Querying... ) (HTTP)
Local 192.168.1.2:1278 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1279 ESTABLISHED Remote 173.194.41.100:443 (Querying... ) (HTTPS)
Local 192.168.1.2:1284 ESTABLISHED Remote 173.194.41.110:80 (Querying... ) (HTTP)
Local 192.168.1.2:1285 ESTABLISHED Remote 23.67.95.144:80 (Querying... ) (HTTP)
Local 192.168.1.2:1289 ESTABLISHED Remote 62.24.179.223:80 (Querying... ) (HTTP)
Local 192.168.1.2:1290 ESTABLISHED Remote 173.194.41.111:443 (Querying... ) (HTTPS)
Local 192.168.1.2:1291 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1292 ESTABLISHED Remote 23.67.82.110:443 (Querying... ) (HTTPS)
Local 192.168.1.2:1297 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1298 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1299 ESTABLISHED Remote 173.194.41.109:80 (Querying... ) (HTTP)
Local 192.168.1.2:1300 ESTABLISHED Remote 173.194.41.111:80 (Querying... ) (HTTP)
C:\Program Files\Java\jre7\bin\jqs.exe (400)
Local 127.0.0.1:5152 LISTEN
C:\Program Files\Speccy\Speccy.exe (3708)
Local 192.168.1.2:1341 ESTABLISHED Remote 108.171.164.204:80 (Querying... ) (HTTP)
C:\Program Files\iTap mobile\Connect\iTapMobileConnect.exe (2024)
Local 127.0.0.1:12456 LISTEN
Local 192.168.1.2:1046 ESTABLISHED Remote 173.194.78.125:5222 (Querying... )
C:\WINDOWS\System32\alg.exe (2740)
Local 127.0.0.1:1047 LISTEN
C:\WINDOWS\system32\svchost.exe (1408)
Local 0.0.0.0:3389 LISTEN
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.2:427 LISTEN
Local 169.254.177.24:139 (NetBIOS session service) LISTEN
Local 169.254.177.24:427 LISTEN
Local 192.168.1.2:139 (NetBIOS session service) LISTEN
svchost.exe (1484)
Local 0.0.0.0:135 (DCE) LISTEN

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


The EsETscan follows:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=590c3fa5038abf4b8cf91cea6960e05b
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-17 09:37:17
# local_time=2012-12-17 09:37:17 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=37756
# found=2
# cleaned=0
# scan_time=2863
C:\Documents and Settings\All Users\Application Data\Right Hemisphere\{D4BB736B-99B6-41AA-A45C-C53694D78193}\setup.msi JS/Exploit.Pdfka.PNY trojan (unable to clean) 41AF0413C18450D307B2E4993F3944F7151CB845 I
C:\Documents and Settings\All Users\Start Menu\Programs\System Speed Booster\Help.lnk LNK/URL.B trojan (unable to clean) 97C2D98404FF023C4B6D369612A7AA7A2A0C8D7B I
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
The two files found by ESET may be false positives. I would submit them to http://virustotal.com and see what they say. If most of the big anti-virus companies say they are bad then just delete them. You can't clean a virus file which is why ESET couldn't do anything. I would also submit these two files:

C:\Documents and Settings\user\Application Data\Windows1569_SettingsRepository.bin
C:\WINDOWS\90C7D912BE2316.sys

I don't recognize them.

I would uninstall anything that touches the mouse or dvd:

Free Mouse Auto Clicker 2.8.2
Ghost Mouse Auto Clicker 3.4
Mouse Click version 1.0
Automatic Mouse and Keyboard 3.3.0.8
Auto Clicker
Microsoft IntelliPoint 8.2

DivX 4.11 Codec
Total Media Converter 6.1.12

And then all of this snake oil:

AdvancedDefrag 4.5
Registry Mechanic 7.0
Registry Toolkit
Disktrix UltimateDefrag
System Speed Booster

Then let's try downloading, saving and then installing the chipset utility:

http://h20000.www2.h...Item=wk-33590-1

I know you don't want to reboot but I think we may have had a bad spot on the hard drive so we need to check the drive:

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, then reboot. When you see the HP logo, hit the F10 to get into setup. Does it detect your CD/DVD? (Should be under Storage, Device Configuration)

Exit out of Setup and


The disk check will run and will probably take several hours to finish.

Once it finishes See if you can do this:

Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
In the navigation pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}
In the right pane, click UpperFilters.

Note You may also see an UpperFilters.bak registry entry. You do not have to remove that entry. Click UpperFilters only. If you do not see the UpperFilters registry entry, you still might have to remove the LowerFilters registry entry. To do this, go to step 7.
On the Edit menu, click Delete.
When you are prompted to confirm the deletion, click Yes.
In the right pane, click LowerFilters.

Note If you do not see the LowerFilters registry entry, unfortunately this content cannot help you any further. Go to the "Next Steps" section for information about how you can find more solutions or more help on the Microsoft Web site.
On the Edit menu, click Delete.
When you are prompted to confirm the deletion, click Yes.
Exit Registry Editor.
Restart the computer.

There is also a Microsoft Fixit which should do the same thing.

http://support.microsoft.com/kb/314060

Speccy says you are using a mouse that plugs into a round jack on the back of the PC. Is that correct? What brand of mouse is this?
  • 0

#11
1nv1s

1nv1s

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Ron

i have both my network adapters working so i have finally ftp and internet
i have an external dvd drive running now and still have usb stick support
i have managed to delete all mouse related software microsoft intellipoint was a swine but its done.
the biggest thing is no mouse support, in answer to your earlier question no i dont have a ps2 mouse, but yes there is a driver loaded with yellow marker in device manager, and no there is not a way to turn off in bios as in most systems. unfortunately.
my mouse is an intellimouse explorer 3.0

allthough my keyboard to mouse skills have never been so honed i am really hankering after mouse support if its possible.

i get the impression that the virus has left the building but the damage remains is that a fair assesment or am i being a bit premature here.

Any point in trying to reinstall kaspersky or a full eset?

Thanks for all your help by the way.
if i have learned anything from this its when your puty slows dont put more soft on to make it quicker take it off!!!!!
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
I don't really see any active malware. Just to be sure let's install the free Avast for now:


http://www.avast.com...ivirus-download

Then tonight before you go to bed (this is one long scan! ) :

Mute your speakers so it won't wake you up when windows finally comes on.

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It will take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?
I think a text version of the report is at C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\aswBoot.txt or possibly at
C:\Program Data\AVAST Software\Avast\report\aswBoot.txt.

Let's run OTL again. This time click on the All buttons under Drivers and in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

I'm wondering about your Sentinel Protection Installer 7.6.1. Do you know why you have this? There is a newer version which you might try: http://www.safenet-i...ntinel_Drivers/

If you go back into Device Manager and find the PS2 Mouse you should be able to right click on it and Disable it if you don't use it. Does XP detect the mouse when you plug it in? Go to the Control Panel, Mouse, Hardware and see if you can change it to use the correct mouse. Sometimes this will get hung with a PS2 mouse.

Were you able to check the 4 files with virustotal?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP